@article {18553, title = {Enabling Automated Bug Detection for IP-based Designs using High-Level Synthesis}, journal = {IEEE Design \& Test}, year = {In Press}, month = {2018}, doi = {10.1109/MDAT.2018.2824121}, author = {Fezzardi, Pietro and Pilato, Christian and Ferrandi, Fabrizio} } @conference {18595, title = {Power and Performance Optimized Hardware Classifiers for Eefficient On-device Malware Detection}, booktitle = {Cryptography and Security in Computing Systems}, year = {2019}, month = {01/2019}, publisher = {ACM}, organization = {ACM}, address = {Valencia, Spain}, author = {Wahab, Muhammad Abdul and Milosevic, Jelena and Regazzoni, Francesco and Ferrante, Alberto} } @article {18594, title = {Time, Accuracy and Power Consumption Tradeoff in Mobile Malware Detection Systems}, journal = {Computers \& Security}, volume = {82}, year = {2019}, month = {05/2019}, pages = {314-328}, chapter = {314}, issn = {01674048}, doi = {https://doi.org/10.1016/j.cose.2019.01.001}, author = {Milosevic, Jelena and Malek, Miroslaw and Ferrante, Alberto} } @inbook {18529, title = {Extinguishing Ransomware - A Hybrid Approach to Android Ransomware Detection}, booktitle = {Foundations and Practice of Security}, volume = {10723}, year = {2018}, month = {02/2018}, pages = {242-258}, publisher = {Springer International Publishing}, organization = {Springer International Publishing}, address = {Cham}, abstract = {Mobile ransomware is on the rise and effective defense from it is of utmost importance to guarantee security of mobile users{\textquoteright} data. Current solutions provided by antimalware vendors are signature-based and thus ineffective in removing ransomware and restoring the infected devices and files. Also, current state-of-the art literature offers very few solutions to effectively detecting and blocking mobile ransomware. Starting from these considerations, we propose a hybrid method able to effectively counter ransomware. The proposed method first examines applications to be used on a device prior to their installation (static approach) and then observes their behavior at runtime and identifies if the system is under attack (dynamic approach). To detect ransomware, the static detection method uses the frequency of opcodes while the dynamic detection method considers CPU usage, memory usage, network usage and system call statistics. We evaluate the performance of our hybrid detection method on a dataset that contains both ransomware and legitimate applications. Additionally, we evaluate the performance of the static and dynamic stand-alone methods for comparison. Our results show that although both static and dynamic detection methods perform well in detecting ransomware, their combination in a form of a hybrid method performs best, being able to detect ransomware with 100{\%} precision and having a false positive rate of less than 4{\%}.}, isbn = {978-3-319-75650-9}, doi = {https://doi.org/10.1007/978-3-319-75650-9_16}, author = {Ferrante, Alberto and Malek, Miroslaw and Martinelli, Fabio and Mercaldo, Francesco and Milosevic, Jelena}, editor = {Imine, Abdessamad and Fernandez, Jos{\'e} M. and Marion, Jean-Yves and Logrippo, Luigi and Garcia-Alfaro, Joaquin} } @conference {18548, title = {Panel IoT and pervasive computing: are new definitions of security and privacy needed?}, booktitle = {Malicious Software and Hardware in Internet of Things Co-located with ACM International Conference on Computing Frontiers 2018}, year = {2018}, month = {05/2018}, address = {Ischia, Naples, Italy}, author = {Ferrante, Alberto}, editor = {Palmieri, Paolo} } @conference {18585, title = {Quantum Era Challenges for Classical Computers}, booktitle = {Proceedings of the 18th International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation}, year = {2018}, publisher = {ACM}, organization = {ACM}, address = {New York, NY, USA}, isbn = {978-1-4503-6494-2}, doi = {10.1145/3229631.3264737}, url = {http://doi.acm.org/10.1145/3229631.3264737}, author = {Regazzoni, Francesco and Fowler, Austin and Polian, Ilia} } @conference {18530, title = {Time series kernel similarities for predicting Paroxysmal Atrial Fibrillation from ECGs}, booktitle = { IJCNN 2018 : International Joint Conference on Neural Networks}, year = {2018}, month = {07/2018}, publisher = {IEEE}, organization = {IEEE}, address = {Rio, Brazil}, author = {Bianchi, Filippo Maria and Livi, Lorenzo and Ferrante, Alberto and Milosevic, Jelena and Malek, Miroslaw} } @conference {18581, title = {Cross-layer Design of Reconfigurable Cyber-Physical Systems}, booktitle = {Proceedings of Design, Automation and Test in Europe (DATE) 2017}, year = {2017}, author = {Masin, Michael and Palumbo, Francesca and Myrhaug, Hans and Filho, Julio A. de Oliv and Pastena, Max and Pelcat, Maxime and Raffo, Luigi and Regazzoni, Francesco and Sanchez, Angel A. and Toffetti, Antonella and de la Torre, Eduardo and Zedda, Katiuscia} } @conference {18539, title = {Detecting changes at the sensor level in cyber-physical systems: Methodology and technological implementation}, booktitle = {2017 International Joint Conference on Neural Networks (IJCNN)}, year = {2017}, month = {May}, keywords = {actuators, adaptation mechanisms, adaptive systems, Change detection, change-point method, Computational modeling, cyber-physical systems, datastreams, fault detection and diagnosis, fault tolerant computing, ICI-based change detection test, Intelligence for Embedded and Cyber-physical Systems, Mann-Whitney change-point method, Mathematical model, model-free change detection test, Predictive models, Random variables, self-adaptive CPS, self-adaptive cyber-physical systems, self-configuration, self-healing skills, self-management, sensor acquisitions, sensor level, sensors, signal detection, Smart Sensor Networks, ST STM32 Nucleo platform, time-variant environments, Training}, doi = {10.1109/IJCNN.2017.7966066}, author = {Alippi, Cesare and D{\textquoteright}Alto, Viviana and Falchetto, Mirko and Pau, Danilo and Roveri, Manuel} } @inbook {18521, title = {Runtime Classification of Mobile Malware for Resource-constrained Devices}, booktitle = {Lecture Notes in Communications in Computer and Information Science}, volume = {764}, year = {2017}, pages = {195-215}, publisher = { Springer International Publishing AG}, organization = { Springer International Publishing AG}, doi = {https://doi.org/10.1007/978-3-319-67876-4_10}, author = {Milosevic, Jelena and Malek, Miroslaw and Ferrante, Alberto} } @conference {18488, title = {Adaptable AES implementation with power-gating support}, booktitle = {International Conference on Computing Frontiers CF{\textquoteright}16}, series = {Proceedings of the ACM International Conference on Computing Frontiers}, year = {2016}, month = {05/2016}, pages = {331-334}, publisher = {ACM Ney York, NY, USA}, organization = {ACM Ney York, NY, USA}, address = {Como, Italy}, abstract = {In this paper, we propose a reconfigurable design of the Advanced Encryption Standard capable of adapting at runtime to the requirements of the target application. Reconfiguration is achieved by activating only a specific subset of all the instantiated processing elements. Further, we explore the effectiveness of power gating and clock gating methodologies to minimize the energy consumption of the processing elements not involved in computation.}, keywords = {AES implementation, power analysis attacks, power modeling}, isbn = {978-1-4503-4128-8}, doi = {10.1145/2903150.2903488}, url = {http://doi.acm.org/10.1145/2903150.2903488}, author = {Banik, Subhadeep and Bogdanov, Andrey and Fanni, Tiziana and Sau, Carlo and Raffo, Luigi and Palumbo, Francesca and Regazzoni, Francesco} } @article {18511, title = {A Cloud to the Ground: The New Frontier of Intelligent and Autonomous Networks of Things}, journal = {IEEE Communication Magazine}, volume = {54}, issue = {12}, year = {2016}, month = {11/2016}, pages = {14 - 20}, chapter = {14}, abstract = {The Internet-of-Things (IoT) paradigm is supporting -and will support- an ever-increasing number of services and applications impacting on almost every aspect of our everyday life. The current trend is forecasting IoT to connect tens of billion objects by 2020 yielding a very-high volume of data to be acquired, transmitted and processed. IoT typically relies on Cloud Computing to process, analyze and store the data acquired by IoT entities. Unfortunately, the need to transmit all data from the information producing objects to the Cloud for a subsequent processing/analysis phase would require a large bandwidth and increase the latency in the {\textquotedblleft}decision-making process{\textquotedblright} whenever decisions/reactions must be promptly taken by the IoT units. The Fog Computing (FC) paradigm aims at addressing these problems by extending Cloud Computing towards the edge of the network. In this direction, this paper introduces a novel FC-IoT paradigm designed to move computing, storage and applications/services close to IoT objects so as to reduce communication bandwidth and energy consumption as well as {\textquotedblleft}decision-making{\textquotedblright} latency. The proposed IoT-based solution has been designed to have intelligent and autonomous IoT objects that are integrated with a FC and Fog Networking approach. The distinguishing features of the intelligent FC-IoT platform are low-latency, self-adaptation, low energy consumption and spectrum efficiency. }, doi = { 10.1109/MCOM.2016.1600541CM}, author = {Alippi, Cesare and Fantacci, Romano and Marabissi, Dania and Roveri, Manuel} } @conference {18485, title = {Evaluating the Impact of Environmental Factors on Physically Unclonable Functions}, booktitle = {International Symposium on Field-Programmable Gate Arrays FPGA 2016}, series = {Proceedings of the 2016 ACM/SIGDA}, year = {2016}, month = {02/2016}, pages = {279}, publisher = {ACM New York, NY, USA}, organization = {ACM New York, NY, USA}, address = {Monterey, CA, USA}, abstract = {Fabrication process introduces some inherent variability to the attributes of transistors (in particular length, widths, oxide thickness). As a result, every chip is physically unique. Physical uniqueness of microelectronics components can be used for multiple security applications. Physically Unclonable Functions (PUFs) are built to extract the physical uniqueness of microelectronics components and make it usable for secure applications. However, the microelectronics components used by PUFs designs suffer from external, environmental variations that impact the PUF behavior. Variations of temperature gradients during manufacturing can bias the PUF responses. Variations of temperature or thermal noise during PUF operation change the behavior of the circuit, and can introduce errors in PUF responses. Detailed knowledge of the behavior of PUFs operating over various environmental factors is needed to reliably extract and demonstrate uniqueness of the chips. In this work, we present a detailed and exhaustive analysis of the behavior of two PUF designs, a ring oscillator PUF and a timing path violation PUF. We have implemented both PUFs using FPGA fabricated by Xilinx, and analyzed their behavior while varying temperature and supply voltage. Our experiments quantify the robustness of each design, demonstrate their sensitivity to temperature and show the impact which supply voltage has on the uniqueness of the analyzed PUFs. }, isbn = {978-1-4503-3856-1}, doi = {10.1145/2847263.2847308}, url = {http://doi.acm.org/10.1145/2847263.2847308}, author = {Bellon, Sebastien and Favi, Claudio and Malek, Miroslaw and Macchetti, Marco and Regazzoni, Francesco} } @conference {18459, title = {A Friend or a Foe? Detecting Malware Using Memory and CPU Features}, booktitle = {SECRYPT 2016, 13th International Conference on Security and Cryptography}, year = {2016}, month = {07/2016}, publisher = {SciTePress Digital Library}, organization = {SciTePress Digital Library}, address = {Lisbon, Portugal}, author = {Milosevic, Jelena and Malek, Miroslaw and Ferrante, Alberto} } @conference {18461, title = {MalAware: Effective and Efficient Run-time Mobile Malware Detector}, booktitle = {The 14th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2016)}, year = {2016}, month = {08/2016}, publisher = {IEEE Computer Society Press}, organization = {IEEE Computer Society Press}, address = {Auckland, New Zealand}, author = {Milosevic, Jelena and Ferrante, Alberto and Malek, Miroslaw} } @conference {18515, title = {Spotting the Malicious Moment: Characterizing Malware Behavior Using Dynamic Features}, booktitle = {2016 11th International Conference on Availability, Reliability and Security (ARES)}, year = {2016}, month = {08/2016}, address = {Salzburg, Austria}, keywords = {Android applications, Androids, automatic mobile application analysis, dynamic features, Feature extraction, Humanoid robots, informative malware identification, invasive software, learning (artificial intelligence), local malicious behavior detection, machine learning, malicious activity, malware, malware behavior characterization, malware detection tools, mobile computing, mobile devices, Mobile handsets, monitoring, pattern classification, program diagnostics, resource usage, security, system calls, user protection}, doi = {10.1109/ARES.2016.70}, author = {Ferrante, Alberto and Mercaldo, Francesco and Milosevic, Jelena and Visaggio, Corrado Aaron}, editor = {Medvet, Eric} } @conference {18505, title = {Trojan Families Identification Using Dynamic Features and Low Complexity Classifiers}, booktitle = {24th EICAR Annual Conference 2016 "Trustworthiness in IT Security Products"}, year = {2016}, month = {10/2016}, publisher = {EICAR}, organization = {EICAR}, address = {Nuremberg, Germany}, author = {Milosevic, Jelena and Ferrante, Alberto and Malek, Miroslaw} } @conference {18385, title = {What Does the Memory Say? Towards the most indicative features for efficient malware detection}, booktitle = {CCNC 2016, The 13th Annual IEEE Consumer Communications \& Networking Conference}, year = {2016}, month = {01/2016}, publisher = {IEEE Communication Society}, organization = {IEEE Communication Society}, address = {Las Vegas, NV, USA}, author = {Milosevic, Jelena and Ferrante, Alberto and Malek, Miroslaw} } @conference {18390, title = {Can we Achieve both Privacy Protection and Efficient Malware Detection on Smartphones?}, booktitle = {1st Interdisciplinary Cyber Research Workshop 2015}, year = {2015}, month = {07/2015}, publisher = {Tallinn University of Technology}, organization = {Tallinn University of Technology}, address = {Tallin, Estona}, url = {http://cybercentre.cs.ttu.ee/wp/wp-content/uploads/2015/02/ICR_2015_proceedings.pdf}, author = {Milosevic, Jelena and Ferrante, Alberto and Malek, Miroslaw} } @conference {18477, title = {Challenges in designing trustworthy cryptographic co-processors}, booktitle = {IEEE International Symposium on Circuits and Systems (ISCAS) 2015}, year = {2015}, month = {09/2015}, pages = {2009-2012}, publisher = {IEEE}, organization = {IEEE}, address = {Lisbon, Portugal}, abstract = {Security is becoming ubiquitous in our society. However, the vulnerability of electronic devices that implement the needed cryptographic primitives has become a major issue. This paper starts by presenting a comprehensive overview of the existing attacks to cryptography implementations. Thereafter, the state-of-the-art on some of the most critical aspects of designing cryptographic co-processors are presented. This analysis starts by considering the design of asymmetrical and symmetrical cryptographic primitives, followed by the discussion on the design and online testing of True Random Number Generation. To conclude, techniques for the detection of Hardware Trojans are also discussed}, keywords = {asymmetrical cryptographic primitives, cryptography, hardware Trojan detection techniques}, issn = {0271-4302 }, doi = {10.1109/ISCAS.2015.7169070}, url = {http://dx.doi.org/10.1109/ISCAS.2015.7169070}, author = {Regazzoni, Francesco and Graves, Ricardo and Di Natale, Giorgio and Batina, Lejla and Bhasin, Shivam and Ege, Baris and Fournaris, Apostolos P. and Mentens, Nele and Picek, Stjepan and Rozic, Vladimir and Sklavos, Nicolas and Yang, Bohan} } @conference {18481, title = {Design methodologies for securing cyber-physical systems}, booktitle = {2015 International Conference on Hardware/Software Codesign and System Synthesis CODES+ISSS}, year = {2015}, month = {10/2015}, pages = {30-36}, publisher = {IEEE}, organization = {IEEE}, address = {Amsterdam, Netherlands}, abstract = {Cyber-Physical Systems (CPS) are in most cases safety- and mission-critical. Standard design techniques used for securing embedded systems are not suitable for CPS due to the restricted computation and communication budget available in the latter. In addition, the sensitivity of sensed data and the presence of actuation components further increase the security requirements of CPS. To address these issues, it is necessary to provide new design methods in which security is considered from the beginning of the whole design flow and addressed in a holistic way. In this paper, we focus on the design of secure CPS as part of the complete CPS design process, and provide insights into new requirements on platform-aware design of control components, design methodologies and architectures posed by CPS design. We start by discussing methods for the multi-disciplinary modeling, simulation, tools, and software synthesis challenges for CPS. We also present a framework for design of secure control systems for CPS, while taking into account properties of the underlying computation and communication platforms. Finally, we describe the security challenges in the computing hardware that is used in CPS}, keywords = {cyber-physical system security, design flow, embedded systems, platform-aware design, safety-critical system, security of data, sensed data sensitivity}, isbn = {978-1-4673-8321-9}, doi = {10.1109/CODESISSS.2015.7331365}, url = {http://dx.doi.org/10.1109/CODESISSS.2015.7331365}, author = {Faruque, Mohammad Abdullah A and Regazzoni, Francesco and Pajic, Miroslav} } @misc {18391, title = {A General Practitioner or a Specialist for Your Infected Smartphone?}, journal = {36th IEEE Symposium on Security and Privacy }, year = {2015}, month = {05/2015}, publisher = {IEEE Computer Society Technical Committee on Security and Privacy}, address = {San Jose, CA, USA}, abstract = {With explosive growth in the number of mobile devices, the mobile malware is rapidly spreading as well, and the number of encountered malware families is increasing. Existing solutions, which are mainly based on one malware detector running on the phone or in the cloud, are no longer effective. Main problem lies in the fact that it might be impossible to create a unique mobile malware detector that would be able to detect different malware families with high accuracy, being at the same time lightweight enough not to drain battery quickly and fast enough to give results of detection promptly. The proposed approach to mobile malware detection is analogous to general practitioner versus specialist approach to dealing with a medical problem. Similarly to a general practitioner that, based on indicative symptoms identifies potential illnesses and sends the patient to an appropriate specialist, our detection system distinguishes among symptoms representing different malware families and, once the symptoms are detected, it triggers specific analyses. A system monitoring application operates in the same way as a general practitioner. It is able to distinguish between different symptoms and trigger appropriate detection mechanisms. As an analogy to different specialists, an ensemble of detectors, each of which specifically trained for a particular malware family, is used. The main challenge of the approach is to define representative symptoms of different malware families and train detectors accordingly to them. The main goal of the poster is to foster discussion on the most representative symptoms of different malware families and to discuss initial results in this area obtained by using Malware Genome project dataset.}, keywords = {Android, feature selection, malware detection, PCA, security}, url = {http://www.ieee-security.org/TC/SP2015/posters/paper_16.pdf}, author = {Milosevic, Jelena and Ferrante, Alberto and Malek, Miroslaw} } @conference {18462, title = {Security Challenges for Hardware Designers of Mobile Systems}, booktitle = {2015 Mobile Systems Technologies Workshop (MST)}, year = {2015}, month = {May}, keywords = {cryptographic capabilities, cryptographic primitives, cryptography, hardware, hardware design flow, hardware designers, hardware trojan, Hardware Trojans, Integrated optics, malware, mobile communication, mobile computing, mobile device, mobile devices, Mobile handsets, mobile systems, Optical device fabrication, pervasive mobile devices, physical attack, physical attacks, security, security challenges, software malware, telecommunication security, Trojan horses}, doi = {10.1109/MST.2015.11}, author = {Milosevic, Jelena and Ferrante, Alberto and Regazzoni, Francesco} } @article {18049, title = {Fault-Tolerant Network Interfaces for Networks-on-Chip}, journal = {IEEE Trans. Dependable Secur. Comput.}, volume = {11}, issue = {1}, year = {2014}, month = {01/2014}, pages = {16{\textendash}29}, keywords = {fault tolerance, high-level error models, network interface, Networks-on-chip, online fault detection, reliability}, issn = {1545-5971}, doi = {10.1109/TDSC.2013.28}, author = {Fiorin, Leandro and Sami, Mariagiovanna} } @conference {18233, title = {Modeling Requirements For Security-enhanced Design of Embedded Systems}, booktitle = {ICETE SECRYPT}, year = {2014}, month = {08/2014}, publisher = {ICETE}, organization = {ICETE}, address = {Vienna, Austria}, author = {Ferrante, Alberto and Kaitovi{\'c}, Igor and Milosevic, Jelena} } @inbook {18024, title = {Modeling Responsiveness of Decentralized Service Discovery in Wireless Mesh Networks}, booktitle = {MMB \& DFT}, series = {Lecture Notes in Computer Science}, volume = {8376}, year = {2014}, pages = {88-102}, publisher = {Springer International Publishing Switzerland}, organization = {Springer International Publishing Switzerland}, abstract = {In modern service networks, discovery plays a crucial role as a layer where providing instances of a given service can be published and enumerated. Since successful discovery is mandatory for service usage, comprehensive service dependability assessment needs to incorporate the dependability of the discovery layer. This work focuses on the responsiveness of the discovery layer, the probability to operate successfully within a deadline, even in the presence of faults. It proposes a hierarchy of stochastic models for decentralized discovery and uses it to describe the discovery of a single service using three well-known discovery protocols: domain name system based service discovery (DNS-SD), simple service discovery protocol (SSDP) and service location protocol (SLP). Further, a methodology to use the model hierarchy in wireless mesh networks is introduced. Given a pair service requester and provider, a discovery protocol and a deadline, it estimates packet loss probabilities and transmission time distributions for each link on the communication paths between the pair, generates specific model instances and calculates the expected responsiveness. Finally, the paper introduces a new metric, the expected responsiveness distance d_er to estimate the maximum distance from a provider where requesters are still able to discover it with a required responsiveness. The models and their methodology are demonstrated using monitoring data from the distributed embedded systems (DES) testbed at Freie Universit{\"a}t Berlin. It is shown how the responsiveness and d_er of the protocols change depending on the position of requester and provider and the overall link quality in the network.}, keywords = {fault tolerance, Markov Models, Real time systems, Responsiveness, Service Discovery, Wireless mesh networks}, isbn = {978-3-319-05358-5}, issn = {0302-9743}, doi = {10.1007/978-3-319-05359-2_7}, url = {http://andreas-dittrich.eu/2013/12/modeling-responsiveness-of-decentralized-service-discovery-in-wireless-mesh-networks}, author = {Dittrich, Andreas and Lichtblau, Bj{\"o}rn and Rezende, Rafael and Malek, Miroslaw}, editor = {Fischbach, K. and Krieger, U. R.} } @conference {18206, title = {A Resource-optimized Approach to Efficient Early Detection of Mobile Malware}, booktitle = {3rd International Workshop on Security of Mobile Applications - IWSMA 2014}, year = {2014}, month = {09/2014}, address = {Fribourg, Switzerland}, author = {Milosevic, Jelena and Dittrich, Andreas and Ferrante, Alberto and Malek, Miroslaw} } @conference {18227, title = {Risk Assessment of Atrial Fibrillation: a Failure Prediction Approach}, booktitle = {41st Computing in Cardiology Conference (CinC)}, year = {2014}, month = {09/2014}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Cambridge, MA, USA}, abstract = {We present a methodology for identifying patients who have experienced Paroxysmal Atrial Fibrillation (PAF) among a given subjects population. Our work is intended as an initial step towards the design of an unobtrusive system for concurrent detection and monitoring of chronic cardiac conditions. Our methodology comprises two stages: off-line training and on-line analysis. During training the most significant features are selected using machine-learning methods, without relying on a manual selection based on previous knowledge. Analysis is based on two phases: feature extraction and detection of PAF patients. Light-weight algorithms are employed in the feature extraction phase, allowing the on-line implementation of this step on wearable and resource-constrained sensor nodes. The detection phase employs techniques borrowed from the field of failure prediction. While these algorithms have found extensive applications in diverse scenarios, their application to automated cardiac analysis has not been sufficiently investigated. Obtained results, in terms of performance, are comparable to similar efforts in the field. Nonetheless, the proposed method employs computationally simpler and more efficient algorithms, which are compatible with the computational constraints of state-of-the-art body sensor nodes.}, url = {http://andreas-dittrich.eu/2014/06/risk-assessment-of-atrial-fibrillation-a-failure-prediction-approach}, author = {Milosevic, Jelena and Dittrich, Andreas and Ferrante, Alberto and Malek, Miroslaw and Rojas Quiros, Camilo and Braojos, Rub{\'e}n and Ansaloni, Giovanni and Atienza, David} } @inbook {18053, title = {Towards a Reliability-aware Design Flow for Kahn Process Networks on NoC-based Multiprocessors}, booktitle = {10th Workshop on Dependability and Fault Tolerance (ARCS/VERFE{\textquoteright}14)}, series = {Lecture Notes on Computer Science}, year = {2014}, publisher = {Springer}, organization = {Springer}, address = {L{\"u}beck, Germany}, abstract = {In order to satisfy performance and low power requirements of applications, embedded systems are becoming increasingly complex and highly integrated with various types of cores. As complexity increases and CMOS technology scales down into the deep-submicron domain, the rate of hard and soft faults in such systems increases. Such trend requires the reliability aspect to be incorporated as a design goal along with the more conventional goals such as performance, cost and power. In this paper, we investigate the reliability achieved by two system-level fault tolerance techniques, namely online task remapping and N-modular redundancy. By means of an analytical model of applications represented as Kahn Process Networks running on heterogeneous multiprocessors based on Networks-on-Chip, we evaluate these techniques with respect to the obtained level of reliability (mean-time-to-failure) and the overhead in computation (execution time) and communication (amount of data transfer on the network). By presenting a reliability estimation method, we enable a reliability-aware design flow on NoC-based MPSoCs.}, keywords = {fault tolerance, kahn process networks (KPN), networks-on-chip (NoC), reliability}, author = {Derin, Onur and Fiorin, Leandro} } @conference {17578, title = {An Algorithm for Extended Dynamic Range Video in Embedded Systems}, booktitle = {SENSORNETS 2013 - 2nd International Conference on Sensor Networks}, year = {2013}, month = {02/2013}, publisher = {INSTICC}, organization = {INSTICC}, address = {Barcelona, Spain}, keywords = {embedded systems, extended dynamic range, HDR, image processing, sensor, videocamera}, author = {Ferrante, Alberto and Chelodi, Massimo and Bruschi, Francesco and Mozzetti, Valeria} } @article {18048, title = {A Configurable Monitoring Infrastructure for NoC-Based Architectures}, journal = {IEEE Transactions on Very Large Scale Integration (VLSI) Systems}, volume = {PP}, issue = {99}, year = {2013}, abstract = {In this brief, we propose a monitoring architecture for networks-on-chip that provides system information useful for designers to efficiently exploit, at design time and run-time, the system resources available in multiprocessor system-on-chip platforms. We focus on the analysis of the architectural details and design challenges of such a system, by describing powerful tools for monitoring information that can be used both at run-time for detecting dynamic changes in system behavior and at post-execution time for debugging and profiling of applications. This brief describes the design of the monitoring probes, together with the events detectable by them, and discusses an architecture for collecting, storing, and analyzing the information gathered during an application execution.}, keywords = {hardware counters, networks-on-chip (NoCs), performance monitoring, systems-on-chip (SoCs).}, issn = {1063-8210}, doi = {10.1109/TVLSI.2013.2290102}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina} } @conference {17772, title = {A Security-enhanced Design Methodology For Embedded Systems}, booktitle = { ICETE SECRYPT 2013}, year = {2013}, month = {07/2013}, publisher = {ICETE}, organization = {ICETE}, address = {Reykjavik, Iceland}, keywords = {design methodology, design space exploration, embedded systems, metric, security, security metric}, author = {Ferrante, Alberto and Milosevic, Jelena and Janjusevic, Marija} } @conference {18054, title = {STRATOS: open System for TRAcTOrs{\textquoteright} autonomous OperationS}, booktitle = {EFITA Internation Conference on Sustainable Agriculture through ICT Innovation }, year = {2013}, month = {06/2013}, publisher = {European Federation for Information Technology in Agriculture, Food and the Environment}, organization = {European Federation for Information Technology in Agriculture, Food and the Environment}, address = {Torino, Italy}, abstract = {This paper describes the objectives and final results of the STRATOS project (System for TRAcTOrs{\textquoteright} autonomous OperationS), within the framework of ICT-AGRI ERA-NET (Coordination of European Research within ICT and Robotics in Agriculture and related Environmental Issues). The main objective of the STRATOS project was the development of an open ICT hardware-software infrastructure enabling the acquisition of geo-referenced information on soil and terrain parameters. In more detail, STRATOS project target was to develop and demonstrate new functions enabled by ISOBUS technology (ISO 11783) that support a substantial improvement of the quality of the farming jobs. In particular the idea is to develop a technology based on ISOBUS compliant, wireless self-powered sensor network for the real time measurement of soil and harvester conditions. In this way, Task Controller (an ICT component defined by ISOBUS specification which supervises actively the farming job performed by the tractor) can optimize the whole tractor and implement operational modes to improve the farming job quality and safety of the overall systems. The project lasted from 1st April, 2011 to31st March, 2013, and this paper reports about the project achievements.}, keywords = {agriculture, ICT, model-driven approach, precision farming, Safety}, author = {Fantuzzi, Cesare and Gutman, Per-Olof and Kaitovi{\'c}, Igor and Larcher, Luca and Marzani, Stefano and Ruggeri, Massimiliano and Zagurskis, Valerijs} } @article {18050, title = {A system-level approach to adaptivity and fault-tolerance in NoC-based MPSoCs: The MADNESS project.}, journal = {Microprocessors and Microsystems - Embedded Hardware Design}, volume = {37}, issue = {6-7}, year = {2013}, pages = {515{\textendash}529}, doi = {10.1016/j.micpro.2013.07.007}, author = {Derin, Onur and Cannella, Emanuele and Tuveri, Giuseppe and Meloni, Paolo and Stefanov, Todor and Fiorin, Leandro and Raffo, Luigi and Sami, Mariagiovanna} } @inbook {17695, title = {Dynamic Adaptation of Security and QoS in Energy-Harvesting Sensors Nodes}, booktitle = {e-Business and Telecommunications}, series = {Communications in Computer and Information Science}, volume = {222}, year = {2012}, pages = {243-258}, publisher = {Springer}, organization = {Springer}, address = { Berlin Heidelberg}, keywords = {energy harvesting, priority, quality of service (QoS), security, wireless sensor networks}, isbn = {978-3-642-25205-1}, doi = {10.1007/978-3-642-25206-8_16}, url = {http://dx.doi.org/10.1007/978-3-642-25206-8_16}, author = {Taddeo, Antonio Vincenzo and Mura, Marcello and Ferrante, Alberto}, editor = {Obaidat, Mohammad and Tsihrintzis, George and Filipe, Joaquim} } @conference {17732, title = {Model-driven approach to design ICT infrastructure for precision farming}, booktitle = {17th IEEE Conference on Emerging Technologies and Factory Automation (ETFA)}, year = {2012}, month = {09/2012}, publisher = {IEEE Industrial Electronics Society}, organization = {IEEE Industrial Electronics Society}, address = {Krak{\'o}w, Poland}, abstract = {Design of complex systems involving a number of experts from various fields necessarily includes modeling at different levels of abstraction. Modeling is particularly important in the initial phase of a joint project when all system requirements and constraints have to be clearly defined and understood by all the partners. Once an unambiguous structural model has been achieved and components interfaces fixed, design of components can be done independently. For the initial phase, a very simplified modeling methodology based on UML that can be easily understood and applied has been proposed. The application of the methodology has been presented through the design of full structural model of the infrastructure for precision farming. Modeled infrastructure is an open ICT hardware-software solution based on ISOBUS specification, that enables partial automation of tractors increasing safety and production efficiency. Model achieved through several steps presents a mutual understanding platform between the partners. Most importantly, a precise model has been achieved without the necessity of in deep study of UML by all the partners.}, keywords = {agriculture, ICT infrastructure Design, ISOBUS, model-driven approach, precision farming, Safety, Unified Modeling Language}, isbn = {978-1-4673-4736-5}, doi = {10.1109/ETFA.2012.6489709}, author = {Kaitovi{\'c}, Igor and Rezende, Rafael and Murillo, Cristina and Fantuzzi, Cesare} } @conference {17577, title = {Security Enhanced Linux on Embedded Systems: a Hardware-accelerated Implementation}, booktitle = {17th Asia and South Pacific Design Automation Conference, ASP-DAC 2012}, year = {2012}, month = {02/2012}, address = {Sydney, Australia}, abstract = {Security Enhanced Linux implements fine-grained mandatory access control. Despite its usefulness, the overhead of implementing it on embedded devices is prohibitive. Therefore, in the past it has been proposed to accelerate SELinux by means of dedicated hardware; in this work we demonstrate the feasibility of such an approach by implementing a hardware accelerator for SELinux on a FPGA-based platform. Our implementation obtains a huge reduction in the performance overhead and energy consumption of SELinux, yet employing a limited chip area.}, keywords = {authorisation, dedicated hardware, embedded systems, energy consumption, field programmable gate arrays, fine-grained mandatory access control, FPGA-based platform, hardware accelerator, hardware-accelerated implementation, linux, performance overhead reduction, security enhanced Linux}, doi = {10.1109/ASPDAC.2012.6164960}, author = {Fiorin, Leandro and Ferrante, Alberto and Padarnitsas, Konstantinos and Regazzoni, Francesco} } @conference {18140, title = {STRATOS: Open System For Tractors{\textquoteright} Autonomous Operations}, booktitle = {5th International Conference on Automation Technology for Off-road Equipment (ATOE)}, year = {2012}, month = {07/2012}, pages = {162-187}, publisher = {International Commission of Agricultural and Biosystems Engineering (CIGR)}, organization = {International Commission of Agricultural and Biosystems Engineering (CIGR)}, address = {Valencia, Spain}, abstract = {This paper describes the objectives and preliminary results of the STRATOS project (System for TRAcTOrs{\textquoteright} autonomous OperationS), within the framework of ICT-AGRI ERA-NET (Coordination of European Research within ICT and Robotics in Agriculture and related Environmental Issues). The main objective of the STRATOS project is to develop an open ICT hardware-software infrastructure enabling the partial automation of tractors and at the same time enhancing their operational safety and production efficiency, with the positive effects of reduced accident risk and environmental impact. In more detail, STRATOS project target is to develop and demonstrate new functions enabled by ISOBUS technology (ISO 11783) that support a substantial improvement of the quality of the farming jobs. In particular the idea is to develop a technology based on ISOBUS compliant, wireless self-powered sensor network for the real time measurement of soil and harvester conditions. In this way, Task Controller (an ICT component defined by ISOBUS specification which supervises actively the farming job performed by the tractor) can optimize the whole tractor and implement operational modes to improve the farming job quality and safety of the overall systems. The project started on 1 st April, 2011, and will end the 31 st March, 2013, This paper reports about some achievement gained so far.}, keywords = {agriculture, ICT infrastructure Design, model-driven approach, precision farming, Safety}, isbn = {84-615-9654-4}, author = {Fantuzzi, Cesare and Gutman, Per-Olof and Kaitovi{\'c}, Igor and Larcher, Luca and Marzani, Stefano and Ruggeri, Massimiliano and Zagurskis, Valerijs} } @conference {17737, title = {System Adaptivity and Fault-tolerance in NoC-based MPSoCs: the MADNESS Project Approach}, booktitle = {Proceedings of the 15th EUROMICRO Conference on Digital System Design Architectures, Methods and Tools (DSD{\textquoteright}12)}, year = {2012}, month = {September 5-8}, address = {Izmir, Turkey}, abstract = {Modern embedded systems increasingly require adaptive run-time management. The system may adapt the mapping of the applications in order to accommodate the current workload conditions, to balance load for efficient resource utilization, to meet quality of service agreements, to avoid thermal hot-spots and to reduce power consumption. As the possibility of experiencing run-time faults becomes increasingly relevant with deep-sub-micron technology nodes, in the scope of the MADNESS project, we focus particularly on the problem of graceful degradation by dynamic remapping in presence of run-time faults. In this paper, we summarize the major results achieved in the MADNESS project until now regarding the system adaptivity and fault tolerant processing. We report the first results of the integration between platform level and middleware level support for adaptivity and fault tolerance. A case study demonstrates the survival ability of the platform via a low-overhead process migration mechanism and a near-optimal online remapping heuristic.}, keywords = {fault tolerance, kahn process networks (KPN), middleware, network-on-chip (NoC), process migration, system adaptivity}, doi = {http://dx.doi.org/10.1109/DSD.2012.122}, author = {Meloni, Paolo and Tuveri, Giuseppe and Raffo, Luigi and Cannella, Emanuele and Stefanov, Todor and Derin, Onur and Fiorin, Leandro and Sami, Mariagiovanna} } @inbook {141.aetherinbook.2011, title = {AETHER: Self-Adaptive Networked Entities: Autonomous Computing Elements for Future Pervasive Applications and Technologies}, booktitle = {Reconfigurable Computing: From FPGAs to Hardware/Software Codesign}, year = {2011}, pages = {149{\textendash}184}, publisher = {Springer}, organization = {Springer}, address = {New York, USA}, abstract = {The AETHER project has laid the foundation of a complete new framework for designing and programming computing resources that live in changing environments and need to re-configure their objectives in a dynamic way. This chapter contributes to a strategic research agenda in the field of self-adaptive computing systems. It brings inputs to the reconfigurable hardware community and proposes directions to go for reconfigurable hardware and research on self-adaptive computing; it tries to identify some of the most promising future technologies for reconfiguration, while pointing out the main foreseen Challenges for reconfigurable hardware. This chapter presents the main solutions the AETHER project proposed for some of the major concerns in trying to engineer a self-adaptive computing system. The text exposes the AETHER vision of self-adaptation and its requirements. It describes and discusses the proposed solutions for tackling self-adaptivity at the various levels of abstractions. It exposes how the developed technologies could be put together in a real methodology and how self-adaptation could then be used in potential applications. Finally and based on lessons learned from AETHER, we discuss open issues and research opportunities and put those in perspective along other investigations and roadmaps.}, isbn = {978-1-4614-0061-5}, author = {Gamrat, Christian and Philippe, Jean-Marc and Jesshope, Chris and Shafarenko, Alex and Bisdounis, Labros and Bondi, Umberto and Ferrante, Alberto and Cabestany, Joan and Huebner, Michael and Parsinnen, Juha and Kadlec, Jiri and Danek, Martin and Tain, Benoit and Eisenbach, Susan and Auguin, Michel and Diguet, Jean-Philippe and Lenormand, Eric and Roux, Jean-Luc}, editor = {Cardoso, Joao Manuel Pai and Huebner, Michael} } @conference {151.FiMiSa11, title = {Design of Fault Tolerant Network Interfaces for NoCs}, booktitle = {Proceedings of 14th EUROMICRO Conference on Digital System Design Architectures, Methods and Tools (DSD{\textquoteright}11)}, year = {2011}, month = {September}, address = {Oulu, Finland}, keywords = {fault tolerance, network interface, network-on-chip (NoC), system-on-chip (SoC)}, doi = {http://dx.doi.org/10.1109/DSD.2011.54}, author = {Fiorin, Leandro and Micconi, Laura and Sami, Mariagiovanna} } @inbook {18092, title = {Design Space Exploration for Run-Time Management of a Reconfigurable System for Video Streaming}, booktitle = {Multi-objective design space exploration of multiprocessor SoC architectures: the MULTICUBE approach}, year = {2011}, pages = {189-204}, publisher = {Springer}, organization = {Springer}, edition = {1}, isbn = {978-1-4419-8836-2}, author = {Mariani, Giovanni and Avasare, Prabhat and Ykman-Couvreur, Chantal and Vanmeerbeeck, Geert and Palermo, Gianluca and Silvano, Cristina and Zaccaria, Vittorio}, editor = {Silvano, Cristina and Fornaciari, William and Villar, Eugenio} } @conference {17696, title = {A Framework for Security and Workload Gradual Adaptation}, booktitle = {SECRYPT}, year = {2011}, month = {07/2011}, publisher = {ICETE}, organization = {ICETE}, address = {Seville, Spain}, author = {Taddeo, Antonio Vincenzo and Morales, Luis Germ{\'a}n Garcia and Ferrante, Alberto} } @article {18063, title = {Harvesting the potential of nano-CMOS for lightweight cryptography: An ultra-low-voltage 65 nm AES coprocessor for passive RFID tags}, journal = {Springer Journal of Cryptographic Engineering}, volume = {1}, issue = {1}, year = {2011}, author = {Hocquet, C{\'e}dric and Kamel, Dina and Regazzoni, Francesco and Legat, Jean-Didier and Flandre, Denis and Bol, David and Standaert, Fran{\c c}ois-Xavier} } @article {146.DeDiFi11.IJRC, title = {A Middleware Approach to Achieving Fault-tolerance of Kahn Process Networks on Networks-on-Chips}, journal = {International Journal of Reconfigurable Computing}, volume = {2011}, number = {Article ID 295385}, year = {2011}, note = {Selected Papers from the International Workshop on Reconfigurable Communication-centric Systems on Chips (ReCoSoC{\textquoteright} 2010)}, month = {February}, pages = {14 pages}, publisher = {Hindawi}, abstract = {Kahn process networks (KPN) is a distributed model of computation used for describing systems where streams of data are transformed by processes executing in sequence or parallel. Autonomous processes communicate through unbounded FIFO channels in absence of a global scheduler. In this work, we propose a task-aware middleware concept that allows adaptivity in KPN implemented over a Network-on-Chip (NoC). We also list our ideas on the development of a simulation platform as an initial step towards creating fault-tolerance strategies for KPNs applications running on NoCs. In doing that, we extend our SACRE (Self-adaptive Component Run-time Environment) framework by integrating it with an open source NoC simulator, Noxim. We evaluate the overhead that the middleware brings to the the total execution time and to the total amount of data transferred in the NoC. With this work, we also provide a methodology that can help in identifying the requirements and implementing fault tolerance and adaptivity support on real platforms.}, keywords = {fault tolerance, kahn process networks (KPN), middleware, network-on-chip (NoC), self-adaptivity}, issn = {1687-7195}, doi = {doi:10.1155/2011/295385}, author = {Derin, Onur and Diken, Erkan and Fiorin, Leandro} } @inbook {17734, title = {The MULTICUBE Design Flow}, booktitle = {Multi-objective Design Space Exploration of Multiprocessor SoC Architectures}, year = {2011}, pages = {3-17}, publisher = {Springer New York}, organization = {Springer New York}, isbn = {978-1-4419-8836-2}, doi = {10.1007/978-1-4419-8837-9_1}, url = {http://dx.doi.org/10.1007/978-1-4419-8837-9_1}, author = {Silvano, Cristina and Fornaciari, William and Palermo, Gianluca and Zaccaria, Vittorio and Castro, Fabrizio and Martinez, Marcos and Bocchio, Sara and Zafalon, Roberto and Avasare, Prabhat and Vanmeerbeeck, Geert and Ykman-Couvreur, Chantal and Wouters, Maryse and Kavka, Carlos and Onesti, Luka and Turco, Alessandro and Bondi, Umberto and Mariani, Giovanni and Posadas, Hector and Villar, Eugenio and Wu, Chris and Dongrui, Fan and Hao, Zhang}, editor = {Silvano, Cristina and Fornaciari, William and Villar, Eugenio} } @inbook {139.Sietal2.2011, title = {MULTICUBE: Multi-Objective Design Space Exploration of Multi-Core Architectures}, booktitle = {VLSI 2010 Annual Symposium}, volume = {105}, year = {2011}, pages = {47-63}, publisher = {Springer}, organization = {Springer}, address = {Netherlands}, abstract = {Given the increasing complexity of Chip Multi-Processors (CMPs), a wide range of architecture parameters must be explored at design time to find the best trade-off in terms of multiple competing objectives (such as energy, delay, bandwidth, area, etc.) The design space of the target architectures is huge because it should consider all possible combinations of each hardware parameter (e.g., number of processors, processor issue width, L1 and L2 cache sizes, etc.). In this complex scenario, intuition and past experience of design architects is no more a sufficient condition to converge to an optimal design of the system. Indeed, Automatic Design Space Exploration (DSE) is needed to systematically support the analysis and quantitative comparison of a large amount of design alternatives in terms of multiple competing objectives (by means of Pareto analysis). The main goal of the MULTICUBE project consists of the definition of an automatic Design Space Exploration framework to support the design of next generation many-core architectures.}, isbn = {978-94-007-1487-8}, url = {http://dx.doi.org/10.1007/978-94-007-1488-5_4}, author = {Silvano, Cristina and Fornaciari, William and Palermo, Gianluca and Zaccaria, Vittorio and Castro, Fabrizio and Martinez, Marcos and Bocchio, Sara and Zafalon, Roberto and Avasare, Prabhat and Vanmeerbeeck, Geert and Ykman-Couvreur, Chantal and Wouters, Maryse and Kavka, Carlos and Onesti, Luka and Turco, Alessandro and Bondi, Umberto and Mariani, Giovanni and Posadas, Hector and Villar, Eugenio and Wu, Chris and Dongrui, Fan and Hao, Zhang and Shibin, Tang} } @conference {148.DeKaFi11.NOCS, title = {Online Task Remapping Strategies for Fault-tolerant Network-on-Chip Multiprocessors}, booktitle = {NOCS {\textquoteright}11: Proceedings of the Fifth ACM/IEEE International Symposium on Networks-on-Chip}, year = {2011}, month = {05/2011}, pages = {1{\textendash}8}, address = {Pittsburgh, Pennsylvania, USA}, abstract = {As CMOS technology scales down into the deep submicron domain, the aspects of fault tolerance in complex Networks-on-Chip (NoCs) architectures are assuming an increasing relevance. Task remapping is a software based solution for dealing with permanent failures in processing elements in the NoC. In this work, we formulate the optimal task mapping problem for mesh-based NoC multiprocessors with deterministic routing as an integer linear programming (ILP) problem with the objective of minimizing the communication traffic in the system and the total execution time of the application. We find the optimal mappings at design time for all scenarios where single-faults occur in the processing nodes. We propose heuristics for the online task remapping problem and compare their performances with the optimal solutions.}, keywords = {adaptivity, fault tolerance, kahn process networks (KPN), mapping, network-on-chip (NoC), self-adaptivity}, doi = {http://dx.doi.org/10.1145/1999946.1999967}, author = {Derin, Onur and Kabakci, Deniz and Fiorin, Leandro} } @conference {147.TaMoFe11, title = {System Policies for Gradual Tuning of Security and Workload in Wireless Sensor Networks}, booktitle = {Proceedings of the IEEE Wireless Telecommunication Symposium (WTS)}, year = {2011}, month = {April}, address = {New York, USA}, abstract = {In wireless sensor networks (WSN) energy consumption is a key issue. Security of communications, with its demand of computational resources, as well as performances are other fundamental issues. Finding a trade-off between performance and energy consumption, yet providing an adequate level of security is very challenging. Traditional solutions for the aforementioned problem assume that the operative environment is well-known and static, thus limiting the flexibility of the system. In this paper, instead, we propose a self-adaptation mechanism for gradual adaption of security and system workload in WSNs. The adaptation process can be tuned by using specific policies both for controlling the running tasks and for customizing the behavior of the self-adaptation mechanism. The ultimate goal is to perform adaptations by maximizing system performances while satisfying power constraints. A case study, implemented on Sun SPOTs, is also presented to show how the self-adaptation mechanism works in a real sensor node.}, doi = {http://dx.doi.org/10.1109/WTS.2011.5960883}, author = {Taddeo, Antonio Vincenzo and Morales, Luis Germ{\'a}n Garcia and Ferrante, Alberto} } @conference {17740, title = {Towards an ESL design framework for adaptive and fault-tolerant MPSoCs: MADNESS or not?}, booktitle = {Embedded Systems for Real-Time Multimedia (ESTIMedia), 2011 9th IEEE Symposium on}, year = {2011}, abstract = {The MADNESS project aims at the definition of innovative system-level design methodologies for embedded MP-SoCs, extending the classic concept of design space exploration in multi-application domains to cope with high heterogeneity, technology scaling and system reliability. The main goal of the project is to provide a framework able to guide designers and researchers to the optimal composition of embedded MPSoC architectures, according to the requirements and the features of a given target application field. The proposed approach will tackle the new challenges, related to both architecture and design methodologies, arising with the technology scaling, the system reliability and the ever-growing computational needs of modern applications. The methodologies proposed with this project act at different levels of the design flow, enhancing the state-of-the art with novel features in system-level synthesis, architectural evaluation and prototyping. Support for fault resilience and efficient adaptive runtime management is introduced at hardware and middleware level, and considered by the system-level synthesis as one of the optimization factors to be taken into account. This paper presents the first stable results obtained in the MADNESS project, already demonstrating the effectiveness of the proposed methods.}, keywords = {adaptive MPSoC, adaptive runtime management, computer architecture, embedded MPSoC architectures, emulation, ESL design framework, fault resilience, fault tolerance, fault tolerant MPSoC, field programmable gate arrays, hardware, integrated circuit reliability, libraries, MADNESS project, middleware, multiprocessing systems, network synthesis, program processors, system level design methodologies, system level synthesis, system reliability, system-on-chip (SoC)}, doi = {10.1109/ESTIMedia.2011.6088518}, author = {Cannella, Emanuele and Di Gregorio, Lorenzo and Fiorin, Leandro and Lindwer, Menno and Meloni, Paolo and Neugebauer, Olaf and Pimentel, Andy} } @conference {127.TaMiFe10, title = {Gradual Adaptation of Security for Sensor Networks}, booktitle = {IEEE WoWMoM 2010: Proceedings of the IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks}, year = {2010}, month = {June 13}, address = {Montreal, Canada}, abstract = {Wireless sensor networks are composed by nodes with stringent constraints on resources. In particular, a very limited power consumption is often a key factor for this kind of devices. In this paper we describe a method for security self-adaptation tailed for wireless sensor networks. This method allows devices to adapt security of applications gradually with the goal of guaranteeing the maximum possible level of security while satisfying system constraints. A case study is also presented to show how the method works in a real wireless sensor network.}, keywords = {graceful degradation, gradual adaptation, security, sensors networks}, doi = {http://dx.doi.org/10.1109/WOWMOM.2010.5534903}, author = {Taddeo, Antonio Vincenzo and Micconi, Laura and Ferrante, Alberto} } @conference {134.FiFePaCa10, title = {Hardware-assisted Security Enhanced Linux in Embedded Systems: a Proposal}, booktitle = {Proceedings of the 5th Workshop on Embedded Systems Security (WESS{\textquoteright}2010)}, year = {2010}, month = {October 24}, address = {Scottsdale, Arizona, USA}, abstract = {As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. This is especially true for embedded systems, often operating in non-secure environments, and with limited amount of computational, storage, and communication resources available. In servers and desktop systems, Security Enhanced Linux (SELinux) is currently used as a method to enhance security by enforcing a security control based on policies that confine user programs, or processes, to the minimum amount of privileges that they require for their execution. While providing a powerful mean for enhancing security in UNIX-like systems, SELinux still remains a feature that is too heavy to be fully supported by constrained devices. In this paper, we propose a hardware architecture for enhancing security and accelerating retrieval and applications of SELinux policies in embedded processors. We describe the general ideas be hind our work, discussing motivations, advantages, and limits of the solution proposed, while suggesting the main steps needed to implement the described architecture on common embedded processors.}, keywords = {access controls, embedded systems, SELinux}, author = {Fiorin, Leandro and Ferrante, Alberto and Padarnitsas, Konstantinos and Carucci, Stefano} } @conference {136.FiPaSi10, title = {A Monitoring System for NoCs}, booktitle = {Proceedings of the Third International Workshop on Network on Chip Architectures (NoCArc{\textquoteright}2010)}, year = {2010}, month = {December}, address = {Atlanta, Georgia, USA}, abstract = {In this paper, we propose and discuss a monitoring architecture for Networks-on-Chip (NoCs) that provides system information useful for helping designers in efficiently exploiting resources available in new complex Multiprocessor System-on-Chip (MPSoC) platforms, and in understanding their behavior. We focus on the analysis of the architectural details and design challenges of such systems, by describing power- ful tools for detecting information that can be used both at run-time for detecting dynamic changes in system behavior and at post-execution time for debugging and profiling of applications. We detail the design of the probes monitoring the events and discuss an architecture for collection, storage, and analysis of information generated by them. We evaluate cost of the implementation of the system in terms of area and traffic overhead, and we present results obtained when monitoring a use-case multimedia application.}, keywords = {hardware counters, network-on-chip (NoC), performance monitoring, system-on-chip (SoC)}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina} } @conference {129.Sietal.ISVLSI11, title = {Multicube: Multi-objective design space exploration of multi-core architectures}, booktitle = {ISVLSI 2010: IEEE Annual Symposium on VLSI}, year = {2010}, month = {July}, pages = {488{\textendash}493}, address = {Lixouri, Kefalonia - Greece}, abstract = {Technology trends enable the integration of many processor cores in a System-on-Chip (SoC). In these complex architectures, several architectural parameters can be tuned to find the best trade-off in terms of multiple metrics such as energy and delay. The main goal of the MULTICUBE project consists of the definition of an automatic Design Space Exploration framework to support the design of next generation many-core architectures.}, doi = {http://dx.doi.org/10.1109/ISVLSI.2010.67}, author = {Silvano, Cristina and Fornaciari, William and Palermo, Gianluca and Zaccaria, Vittorio and Castro, Fabrizio and Martinez, Marcos and Bocchio, Sara and Zafalon, Roberto and Avasare, Prabhat and Vanmeerbeeck, Geert and Ykman-Couvreur, Chantal and Wouters, Maryse and Kavka, Carlos and Onesti, Luka and Turco, Alessandro and Bondi, Umberto and Mariani, Giovanni and Posadas, Hector and Villar, Eugenio and Wu, Chris and Dongrui, Fan and Hao, Zhang and Shibin, Tang} } @conference {128.Taddeo2010c, title = {QoS and Security in Energy-harvesting Wireless Sensor Networks}, booktitle = {Proceedings of ICETE SECRYPT}, year = {2010}, month = {July}, address = {Athens, Greece}, abstract = {Wireless sensor networks are composed of small nodes that might be used for a variety of purposes. Nodes communicate together through a wireless connection that might be subject to different attacks when the network is placed in hostile environments. Furthermore, the nodes are usually equipped with very small batteries providing limited battery life, therefore limited power consumption is of utmost importance for nodes. This is in clear opposition with the requirement of providing security to communications as security might be very expensive from the power consumption stand point. Energy harvesting methods can be used to recharge batteries, but, in most of the cases the recharge profile cannot be known in advance. Therefore, nodes might face periods of time in which no recharge is available and the battery level is low. In this paper we introduce an optimization mechanism that allows the system to change the communication security settings at runtime with the goal of improving node lifetime, yet providing a suitable security level. The optimization mechanism further improves energy consumption by putting in place a quality of service mechanism: when energy is scarce, the system tends to send only essential packets. As shown by the simulations presented in this paper, this mechanism optimizes the energy consumption among different recharges.}, keywords = {energy harvesting, priority, quality of service (QoS), security, wireless sensor networks}, author = {Taddeo, Antonio Vincenzo and Mura, Marcello and Ferrante, Alberto} } @conference {116.TuRePaFeSc10, title = {A Reconfigurable Multiprocessor Architecture for a Reliable Face Recognition Implementation}, booktitle = {Proceedings of Design, Automation and Test in Europe (DATE) Conference}, year = {2010}, month = {March}, address = {Dresden, Germany}, abstract = {Face Recognition techniques are solutions used to quickly screen a huge number of persons without being intrusive in open environments or to substitute id cards in companies or research institutes. There are several reasons that require to systems implementing these techniques to be reliable. This paper presents the design of a reliable face recognition system implemented on Field Programmable Gate Array (FPGA). The proposed implementation uses the concepts of multiprocessor architecture, parallel software and dynamic reconfiguration to satisfy the requirement of a reliable system. The target multiprocessor architecture is extended to support the dynamic reconfiguration of the processing unit to provide reliability to processors fault. The experimental results show that, due to the multiprocessor architecture, the parallel face recognition algorithm can achieve a speed up of 63\% with respect to the sequential version. Results regarding the overhead in maintaining a reliable architecture are also shown}, author = {Tumeo, Antonino and Regazzoni, Francesco and Palermo, Gianluca and Ferrandi, Fabrizio and Sciuto, Donatella} } @conference {121.DeFe10, title = {Scheduling energy consumption with local renewable micro-generation and dynamic electricity prices}, booktitle = {CPSWEEK/GREEMBED 2010: Proceedings of the First Workshop on Green and Smart Embedded System Technology: Infrastructures, Methods and Tools}, year = {2010}, month = {April}, address = {Stockholm, Sweden}, abstract = {The electricity market is going through a deep modification as it is moving toward the integration of smart grids. Future homes will include smarter electric devices that will be easily managed from the power consumption stand point. The capability of performing short-term negotiation of energy purchases, if introduced and if efficiently exploited, will give the user the ability to reduce energy costs. In this paper we discuss a scheduling problem for household tasks that will help users save money spent on their energy consumption. Our system model relies on electricity price signals, availability of locally-generated power and flexible tasks with deadlines. A case study shows that cost savings are possible but fast and efficient solutions to the scheduling problem are needed for their real world use.}, keywords = {scheduling, smart grid, smart home}, author = {Derin, Onur and Ferrante, Alberto} } @conference {17743, title = {Security and Packets Delivery Trade-Off for WSN}, booktitle = {Consumer Communications and Networking Conference (CCNC), 2010 7th IEEE}, year = {2010}, abstract = {The optimization of resources to be used for securing transmissions in wireless sensor networks while retaining communication quality of service is a challenging task. In this paper, we propose an energy-aware mechanism to determine the most efficient set of packets to be processed according with the resource consumed and the packets delivery requirements.}, keywords = {authentication, costs, data security, delay, energy consumption, energy-aware mechanism, information security, network security, packet radio networks, packets delivery requirements, packets delivery trade-off, protection, quality of service (QoS), runtime, telecommunication security, wireless sensor networks, WSN}, doi = {10.1109/CCNC.2010.5421689}, author = {Taddeo, Antonio Vincenzo and Ferrante, Alberto} } @conference {123.LuPeFi10, title = {Stack Protection Unit as a step towards securing MPSoCs}, booktitle = {Proceedings of 24th IEEE International Parallel and Distributed Processing Symposium (IPDPS)}, year = {2010}, month = {April 19-23}, address = {Atlanta, USA}, abstract = {Reconfigurable technologies are getting popular as an instrument for not only verification and prototyping but also commercial implementation of Multi-Processor Systems-on-Chip (MPSoC) architectures. At the same time, these systems in particular Networks-on-Chip (NoCs) based ones, have emerged as a design strategy to cope with increased requirements and complexity of modern applications. Nevertheless, increasing heterogeneity coupled with possibility of reconfiguration makes security become one of major concerns in MPSoC design. Protection strategies must consider attack scenarios at both levels - individual cores and system level security. This work represents an element in a wider security framework, it shows a solution against one of the most widespread types of attacks - code injection. Our response to tackle this challenge is given in form of Stack Protection Unit (SPU) embedded into processing core. MicroBlaze soft-core processor serves as a case study for verification of the proposed solution in FPGA technology.}, keywords = {FPGA, microblaze, security, stack protection unit}, doi = {http://dx.doi.org/10.1109/IPDPSW.2010.5470728}, author = {Lukovi{\'c}, Slobodan and Pezzino, Paolo and Fiorin, Leandro} } @conference {18084, title = {The Certicom Challenges ECC2-X}, booktitle = {Workshop on Special Purpose Hardware for Attacking Cryptographic Systems (SHARCS)}, year = {2009}, month = {September}, address = {Lausanne, Switzerland}, author = {Bailey, Daniel V. and Baldwin, Brian and Batina, Lejla and Bernstein, Daniel J. and Birkner, Peter and Bos, Joppe W. and van Damme, Gauthier and de Meulenaer, Giacomo and Fan, Junfeng and Gurkaynak, Frank and G{\"u}neys, Tim and Kleinjung, Thorsten and Lange, Tanja and Mentens, Nele and Paar, Christof and Regazzoni, Francesco and Schwabe, Peter and Uhsadel, Leif} } @article {94.DeFeTa08, title = {Coordinated management of hardware and software self-adaptivity}, journal = {Journal of Systems Architecture}, volume = {55}, number = {{3}}, issue = {3}, year = {2009}, note = {{Challenges in self-adaptive computing (Selected papers from the Aether-Morpheus 2007 workshop), Accepted Manuscript, Available online 29 July 2008}}, month = {03/2009}, pages = {170 - 179}, abstract = {Self-adaptivity is the capability of a system to adapt itself dynamically to achieve its goals. Self-adaptive systems will be widely used in the future both to efficiently use system resources and to ease the management of complex systems. The frameworks for self-adaptivity developed so far usually concentrate either on self-adaptive software or on self-adaptive hardware, but not both. In this paper, we propose a model of self-adaptive systems and we describe how to manage self-adaptivity at all levels (both hardware and software) by means of a decentralized control algorithm. The key advantage of decentralized control is in the simplicity of the local controllers. Simulation results are provided to show the main characteristics of the model and to discuss it.}, keywords = {application, architecture, autonomic, goal, hardware, model, reconfigurable, run-time environment, self-adaptivity, software}, issn = {1383-7621}, doi = {http://dx.doi.org/10.1016/j.sysarc.2008.07.002}, author = {Derin, Onur and Ferrante, Alberto and Taddeo, Antonio Vincenzo} } @conference {77.MaToFi08, title = {Design Space Exploration of PISA Architecture For ONU Auto-discovery Process}, booktitle = {proceedings of 6th International Conference of Electrical Engineering (ICEENG)}, year = {2009}, month = {May 27-29}, address = {Cairo, Egypt}, abstract = {The goal of the paper is to optimize the PISA architecture for the ONU Auto-discovery process. This Auto-discovery process has been written in C language following the IEEE 802.3ah MPCP standard. Using SimpleScalar [3] simulation tool, the architecture profile is evaluated in order to decide the range of the design exploration. Then, using Wattch [1] and CACTI [2] simulation tools the CPI, average power consumed and cache area are calculated for each design point, the cost function is defined and evaluated for each design point using greedy strategy. The Auto-discovery process has been written in VHDL and using Synopys power compiler [4] the power consumption has been calculated and then we compared between the VHDL implementation and the PISA architecture from the power consumption point of view.}, keywords = {design space exploration}, doi = {http://dx.doi.org/10.1109/ICNM.2009.4907186}, author = {Mady, Alie El-Din and Tonini, Andrea and Finardi, Davide} } @article {108.DeFe09.3, title = {Enabling Self-adaptivity in Component-based Streaming Applications}, journal = {ACM SIGBED Review - Special Issue on the 2nd International Workshop on Adaptive and Reconfigurable Embedded Systems}, volume = {6}, number = {{3}}, year = {2009}, note = {Special Issue on the 2nd International Workshop on Adaptive and Reconfigurable Embedded Systems (APRES{\textquoteright}09)}, month = {10/2009}, pages = {14:1-14:4}, publisher = {ACM SIGBED}, abstract = {Self-adaptivity is the capability of a system to adapt itself dynamically to achieve its goals. By means of this mechanism the system is able to autonomously modify its behavior or the way in which applications are run and implemented to achieve the goals set.In this paper we propose a framework that uses a component-based approach to implement self-adaptivity at application level. By using this mechanism, the framework provides the ability to perform both adaptation on the structure of the application (i.e., how the components are connected together) and on internal parameters of each component. At application level, there is a mechanism to monitor different parameters and to check whether the system is meeting the assigned goals or not. A controller drives adaptations when goals are not met.}, keywords = {component-based design, self-adaptive systems}, issn = {1551-3688}, doi = {http://dx.doi.org/10.1145/1851340.1851356}, author = {Derin, Onur and Ferrante, Alberto} } @inbook {17765, title = {IPSec Database Query Acceleration}, booktitle = {E-business and Telecommunications}, series = {Communications in Computer and Information Science}, volume = {23}, year = {2009}, pages = {188-200}, publisher = {Springer Berlin Heidelberg}, organization = {Springer Berlin Heidelberg}, isbn = {978-3-540-88652-5}, doi = {10.1007/978-3-540-88653-2_14}, url = {http://dx.doi.org/10.1007/978-3-540-88653-2_14}, author = {Ferrante, Alberto and Chandra, Satish and Piuri, Vincenzo}, editor = {Filipe, Joaquim and Obaidat, Mohammad} } @conference {95.FiPaSi09, title = {MPSoCs Run-Time Monitoring through Networks-on-Chip}, booktitle = {The 2009 Conference on Design, Automation and Test In Europe (DATE{\textquoteright}09)}, year = {2009}, month = {April/2009}, address = {Nice, France}, abstract = {Networks-on-Chip (NoCs) have appeared as design strategy to overcome the limitations, in terms of scalability, efficiency, and power consumption of current buses. In this paper, we discuss the idea of using NoCs to monitor system behaviour at run-time by tracing activities at initiators and targets. Main goal of the monitoring system is to retrieve information useful for run-time optimization and resources allocation in adaptive systems. Information detected by probes embedded within NIs is sent to a central unit, in charge of collecting and elaborating the data. We detail the design of the basic blocks and analyse the overhead associated with the ASIC implementation of the monitoring system, as well as discussing implications in terms of the additional traffic generated in the NoC.}, keywords = {monitoring, network-on-chip (NoC)}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina} } @conference {97.Silvanoetal09, title = {MULTICUBE: Multi-Objective Design Space Exploration of Multiprocessor Architectures for Embedded Multimedia Applications}, booktitle = {Proceedings of the DATE{\textquoteright}09 workshop on Designing for Embedded Parallel Computing Platforms: Architectures, Design Tools, and Applications}, year = {2009}, month = {April}, address = {Nice, France}, author = {Silvano, Cristina and Palermo, Gianluca and Zaccaria, Vittorio and Fornaciari, William and Zafalon, Roberto and Bocchio, Sara and Martinez, Marcos and Wouters, Maryse and Vanmeerbeeck, Geert and Avasare, Prabhat and Onesti, Luka and Kavka, Carlos and Bondi, Umberto and Mariani, Giovanni and Villar, Eugenio and Posadas, Hector and Wu, Chris and Dongrui, Fan and Hao, Zhang} } @conference {109.TaMaFe09, title = {Negotiation of Security Services: a Multi-criteria Decision Approach}, booktitle = {Proceedings of the 4th Workshop on Embedded Systems Security}, year = {2009}, month = {October}, address = {Grenoble, France}, abstract = {Presently, one of the most important challenges in securing communications between resource-constrained mobile systems is the optimization of the trade-off between energy and performance of security services. Any adopted security solution should be able to negotiate the best security services in a dynamic and energy efficient way. In this paper, we propose an energy-aware adaptive protocol to negotiate security settings for communications. The protocol is based on a multi-criteria selection mechanism which provides the most profitable services related to nodes requirements and available resources.}, keywords = {analytic hierarchy process (AHP), multi-criteria decision, security, security service selection}, doi = {http://dx.doi.org/10.1145/1631716.1631720}, author = {Taddeo, Antonio Vincenzo and Marcon, Pierpaolo and Ferrante, Alberto} } @Patent {87.pat07301411.0-2413PATENT, title = {Programmable data protection device, secure programming manager system and process for controlling access to an interconnect network for an integrated circuit}, number = {EP 20070301411}, year = {2009}, month = {04/2009}, type = {Application}, chapter = {EP 2043324 A1}, abstract = {A data protection device for an interconnect network on chip (NoC) includes a header encoder that receives input requests for generating network packets. The encoder routes the input requests to a destination address. An access control unit controls and allows access to the destination address. The access control unit uses a memory to store access rules for controlling access to the network as a function of the destination address and of a source of the input request.}, issn = {EP 2043324 A1}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina and Catalano, Valerio and Locatelli, Riccardo and Coppola, Marcello} } @conference {107.TaFe209, title = {Run-time Selection of Security Algorithms For Networked Devices}, booktitle = {5th ACM International Symposium on QoS and Security for Wireless and Mobile Networks}, year = {2009}, address = {Tenerife, Canary Islands, Spain}, abstract = {One of the most important challenges that need to be currently faced in securing resource-constrained embedded systems is optimizing the trade-off between resources used (energy consumption and computational capabilities required) and security requirements for cryptographic algorithms: any adopted security solutions should guarantee an adequate level of protection, yet respecting constraints on computational resources and consumed power. These constraints are given by the kind of system considered and by the foreseen applications. In this paper, a generic, efficient, and energy-aware mechanism is proposed to face the problem of determining a correct trade off between security requirements and resources consumed. The solution proposed relies on Analytic Hierarchy Process (AHP) to define priorities among different requirements and to compare different security solutions. A knapsack problem is formulated to select the most relevant algorithms based on their utility and on available resources.}, keywords = {adaptive systems, algorithm selection, protocol, quality of service (QoS), security}, doi = {http://dx.doi.org/10.1145/1641944.1641963}, author = {Taddeo, Antonio Vincenzo and Ferrante, Alberto} } @inbook {92.FiPaSi09.2, title = {Security in NoC}, booktitle = {Networks-on-Chips: Theory and Practice}, year = {2009}, pages = {157-194}, publisher = {Taylor and Francis Group, LLC - CRC Press}, organization = {Taylor and Francis Group, LLC - CRC Press}, abstract = {Future integrated systems will contain billion of transistors, composing tens to hundreds of IP cores. These IP cores, implementing emerging complex multimedia and network ap- plications, should be able to deliver rich multimedia and networking services. An efficient cooperation among these IP cores (e.g., efficient data transfers) can be achieved through utilization of the available resources. The design of such complex systems includes several challenges to be addressed. Among others one challenge is to design an on-chip interconnection network that should be able to efficiently connect the IP cores. Another challenge is to derive such an application mapping that will make efficient usage of the available hardware resources . An architecture that is able to accommodate such a high number of cores, satisfying the need for commu- nication and data transfers, is the Network-on-Chip (NoC) architecture. For these reasons Networks-on-Chip become a popular choice for designing the on-chip interconnect for Systems-on-Chip (MPSoCs), and are supported from the industry (such as the Ethereal NoC from Philips, the STNoC from STMicroelectronics and an 80-core NoC from Intel). As it is presented in , the key design challenges of emerging NoC design are a) the communication infrastructure, b) the communication paradigm selection and c) the application mapping optimization.}, keywords = {network-on-chip (NoC), security}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina and Elmiligi, Haytham}, editor = {Gebali, Fayez and El-Kharashi, Watheq} } @conference {17769, title = {A Security Service Protocol for MANETs}, booktitle = {Consumer Communications and Networking Conference. CCNC 2009}, year = {2009}, month = {01/2009}, publisher = {IEEE}, organization = {IEEE}, address = {in Las Vegas, Nevada, USA}, abstract = {Mobile ad-hoc networks are composed of heterogeneous mobile systems. Securing their communications may be difficult due to differences in the supported algorithms and protocols. In this paper we propose a protocol to negotiate security settings for the communications. This protocol aims at minimizing the power consumption and at providing the highest possible security level associated with the communications.}, keywords = {ad hoc networks, communication system security, data security, decision support systems, energy consumption, hardware, heterogeneous mobile systems, MANET, mobile ad-hoc networks, mobile communication, mobile radio, power consumption, power system security, protocol, quality of service (QoS), routing protocols, security service protocol, telecommunication security}, doi = {10.1109/CCNC.2009.4784782}, author = {Taddeo, Antonio Vincenzo and Ferrante, Alberto} } @conference {100.DeFe09, title = {Simulation of a Self-adaptive Run-time Environment with Hardware and Software Components}, booktitle = {SINTER {\textquoteright}09: Proceedings of the 2009 ESEC/FSE workshop on Software integration and evolution @ runtime}, year = {2009}, month = {August}, pages = {37{\textendash}40}, publisher = {ACM}, organization = {ACM}, address = {Amsterdam, The Netherlands}, abstract = {In this paper we describe a new way for simulating self-adaptive systems developed by relying on a component-based approach, this approach proves to be useful both in easing self-adaptivity and in providing the ability to mix hardware and software elements. Our simulation method is based on SACRE (Self-Adaptive Component Run-time Environment), a framework we have defined in Java for simulating self-adaptive systems.}, keywords = {component-based design, HW/SW co-design, self-adaptive systems, simulation}, isbn = {978-1-60558-681-6}, doi = {http://doi.acm.org/10.1145/1596495.1596507}, author = {Derin, Onur and Ferrante, Alberto} } @conference {82.BeBrFaRe08, title = {A 640 Mbit/s 32-bit Pipelined Implementation of the AES Algorithm}, booktitle = {SECRYPT}, year = {2008}, month = {July 26}, address = {Porto, Portugal}, abstract = {Due to the diffusion of cryptography in real time applications, performances in cipher and decipher operations are nowadays more important than in the past. On the other side, while facing the problem for embedded systems, additional constraints of area and power consumption must be considered. Many optimized software implementations, instruction set extensions and co-processors, were studied in the past with the aim to either increase performances or to keep the cost low. This paper presents a co-processor that aims to be an intermediate solution, suitable for such applications that require a throughput in the Megabit range and where the die size is a bit relaxed as constraint. To achieve this goal, the core is designed to operate at 32 bits and the throughput is guaranteed by a 2 stage pipeline with data forwarding. The obtained results synthesizing our coprocessor by means of the CMOS $0.18$ $μ$m standard cell library show that the throughput reaches 640 Mbit/s while the circuit size is of only 20 K equivalent gates. }, keywords = {cryptography, security}, author = {Bertoni, Guido Marco and Breveglieri, Luca and Farina, Roberto and Regazzoni, Francesco} } @conference {80.LuFi08, title = {An Automated Design Flow for NoC-based MPSoCs on FPGA}, booktitle = {RSP 2008, The 19th IEEE/IFIP International Symposium on Rapid System Prototyping}, year = {2008}, month = {June 2-5}, address = {Monterey, USA/CA}, abstract = {Increased dynamics of the embedded devices market makes reduced time-to-market emerge as one of most challenging tasks in modern embedded system design. The complexity of Multiprocessor Systems-on-Chip (MPSoCs) rapidly increases and Networks-on-Chips (NoCs) have emerged as design strategy to cope with it. In order to allow fast generation of these platforms in the development phase, a full design flow is required. On the other hand, modern FPGAs provide the possibility for fast and low-cost prototyping, representing an efficient response to these needs. In this paper we present a framework, based on the Xilinx Embedded Development Kit (EDK) design flow, for the generation of MPSoCs based on NoCs. The tool provides system designers with the possibility to easily and quickly generate desired architectures that can be helpful for testing, debugging and verifying purposes. Our integrated design flow takes as input a textual description of the system and produces as final result a configuration bitstream file. The framework has been tested and verified on a Xilinx Virtex-II Pro board.}, keywords = {FPGA, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), reconfigurable systems, security}, doi = {http://dx.doi.org/10.1109/RSP.2008.31}, author = {Lukovi{\'c}, Slobodan and Fiorin, Leandro} } @conference {76.FiLuPa08, title = {Implementation of a Reconfigurable Data Protection Module for NoC-based MPSoCs}, booktitle = {Proceedings of the 21st IPDPS 2007 Reconfigurable Architecture Workshop (RAW), 21th IEEE International Parallel and Distributed Processing Symposium}, year = {2008}, month = {April}, address = {Miami, USA/FL}, abstract = {Security issues are emerging to be a basic concern in modern SoC development. Since in the field of on-chip interconnections the security problem continues to remain mostly an unexplored topic, this paper proposes a novel technique for data protection that uses the communication subsystem as basis. The proposed architecture works as a firewall managing the memory accesses on the basis of a lookup table containing the access rights. This module, called Data Protection Unit (DPU), has been designed for MPSoC architectures and integrated in the Network Interfaces near the shared memory. We implement the DPU inside an MPSoC architecture on FPGA and we add features to the module to be aware of dynamic reconfiguration of the system software. Starting from a general overview of our design down to components structure, we introduce the place and the role of the DPU module inside the system for a reconfigurable secure implementation of a MPSoC on FPGA. The description of the DPU concept, its implementation, and integration into the system are described in detail. Finally, the architecture is fully implemented on FPGA and tested on a Xilinx Virtex-II Pro board.}, keywords = {data protection, FPGA, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), reconfigurable systems, security}, doi = {http://dx.doi.org/10.1109/IPDPS.2008.4536514}, author = {Fiorin, Leandro and Lukovi{\'c}, Slobodan and Palermo, Gianluca} } @conference {79.Ptsbrg, title = {Modelling the Power Cost of Security in Wireless Sensor Networks : the Case of 802.15.4}, booktitle = {Proceedings of IEEE ICT08}, year = {2008}, month = {June}, address = {Saint Petersburg, Russia}, abstract = {Pervasive applications and in particular Wireless Sensors Networks have very strict requirements in terms of power consumption. It is well known that radio activity is very expensive in terms of energy; we show here that intensive processing activities (as security) represent a major contribution to power budget. In this paper we extend our methodology for analyzing the impact of Security related operations on power consumption and optimizing it. The analysis is based on experimental data and was validated with measurements on a real platform.}, keywords = {low power design, modeling, protocol, wireless sensor networks}, doi = {http://dx.doi.org/10.1109/ICTEL.2008.4652616}, author = {Mura, Marcello and Fabbri, Fabio and Sami, Mariagiovanna} } @conference {91.FePoStTa08, title = {A Protocol For Pervasive Distributed Computing Reliability}, booktitle = {SecPri_WiMob 2008}, year = {2008}, month = {10/2008}, publisher = {IEEE}, organization = {IEEE}, address = {Avignon, France}, abstract = {The adoption of new hardware and software architectures will make future generations of pervasive devices more flexible and extensible. Networks of computational nodes will be used to compose such systems. In these networks tasks will be delegated dynamically to different nodes (that may be either general purpose or specialized). Thus, a mechanism to verify the reliability of the nodes is required, especially when nodes are allowed to move in different networks. In this context, the reliability of nodes is determined by their ability to execute the tasks assigned to them with the promised performances. This paper proposes a protocol to evaluate the reliability of the different nodes in the network, thus providing a trusting mechanism among nodes which can also manage the soft/hard real-time constrains of task execution. Some simulation results are also shown to help describing the properties of the protocol.}, keywords = {protocol, quality of service (QoS), security, trusting}, author = {Ferrante, Alberto and Pompei, Roberto and Stulova, Anastasia and Taddeo, Antonio Vincenzo} } @article {84.AlGaSte2008, title = {Secure Memory Accesses on Networks-on-Chip}, journal = {IEEE Transactions on Computers}, volume = {57}, number = {9}, year = {2008}, month = {September}, pages = {1216-1229}, abstract = {Security is gaining relevance in the development of embedded devices. Towards a secure system at each level of design, this paper addresses security aspects related to Network on Chip (NoC) architectures, foreseen as the communication infrastructure of next-generation embedded devices. In the context of NoC-based multiprocessor systems, we focus on the topic, not yet thoroughly faced, of data protection. In this paper, we present a secure NoC architecture composed of a set of Data Protection Units (DPUs) implemented within the Network Interfaces (NIs)1. The run-time configuration of the programmable part of the DPUs is managed by a central unit, the Network Security Manager (NSM). The DPU, similar to a firewall, can check and limit the access rights (none, read, write, or both) of processors accessing data and instructions in a shared memory. In particular, the DPU can distinguish between the operating roles (supervisor/user and secure/non secure) of the processing elements.We explore alternative implementations of the DPU and demonstrate how this unit does not affect the network latency if the memory request has the appropriate rights. We also focus on the dynamic updating of the DPUs to support their utilization in dynamic environments, and on the utilization of authentication techniques to increase the level of security.}, keywords = {data protection, embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1109/TC.2008.69}, author = {Fiorin, Leandro and Palermo, Gianluca and Lukovi{\'c}, Slobodan and Catalano, Valerio and Silvano, Cristina} } @conference {88.FiPaSi08, title = {A Security Monitoring Service for NoCs}, booktitle = {Sixth IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS{\textquoteright}08)}, year = {2008}, month = {10/2008}, address = {Atlanta, Georgia, USA.}, abstract = {As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. Networks-on- Chip (NoCs) have appeared as design strategy to cope with the rapid increase in complexity of Multiprocessor Systems- on-Chip (MPSoCs), but only recently research community have addressed security on NoC-based architectures. In this paper, we present a monitoring system for NoC based architectures, whose goal is to help detect security violations carried out against the system.Information col- lected are sent to a central unit for efficiently counteracting actions performed by attackers.We detail the design of the basic blocks and analyse overhead associated with the ASIC implementation of the monitoring system, discussing type of security threats that it can help detect and counteract.}, keywords = {embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1145/1450135.1450180}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina} } @conference {68.FiPaLuSi07, title = {A Data protection Unit for NoC-based Architecture}, booktitle = {CODES+ISSS 2007, in proceedings of the Fifth IEEE/ACM/FIP International Conference of Hardware/Software Codesign and System Synthesis (CODES+ISSS 2007)}, year = {2007}, month = {September 30}, address = {Salzburg, Austria}, abstract = {Security is gaining increasing relevance in the development of embedded devices. Towards a secure system at each level of design, this paper addresses the security aspects related to Network-on-Chip (NoC) architectures, foreseen as the communication infrastructure of next generation embedded devices. In the context of NoC-based Multiprocessor systems, we focus on the topic, not thoroughly faced yet, of data protection. We present the architecture of a Data Protection Unit (DPU) designed for implementation within the Network Interface (NI). The DPU supports the capability to check and limit the access rights(none, read, write or both) of processors requesting access to data locations in a shared memory - in particular distinguishing between the operating roles (supervisor or user) of processing elements. We explore different alternative implementations and demonstrate how the DPU unit does not affect the network latency if the memory request has the appropriate rights. In the experimental section we show synthesis results for different ASIC implementations of the Data Protection Unit.}, keywords = {data protection, embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1145/1289816.1289858}, author = {Fiorin, Leandro and Palermo, Gianluca and Lukovi{\'c}, Slobodan and Silvano, Cristina} } @conference {72.Ferrari2007, title = {Design exploration for an Ogg/Vorbis decoder for VLIW architectures}, booktitle = {Workshop on Application Specific Processors (WASP {\textquoteright}07)}, year = {2007}, month = {October}, address = {Salzburg, Austria}, abstract = {Parallel processing architectures are set to be the dominating design approach for a plethora of application domains, mainly because of the eminent reach of the so-called power wall, and furthermore because of the evident gap between the application/software development growth and Moore{\textquoteright}s law. In this work a design space for an audio codec is explored, targeted at a VLIW architecture. The Ogg/Vorbis codec is first analyzed and optimized for exposing potential parallelism to the VEX tools for compilation and parallel architecture exploration. Furthermore, the use of custom instructions is assessed and important results are obtained by means of a modification on the toolchain to reveal dynamic profiling information}, author = {Ferrari, Federico and Amador, Erick} } @conference {54.FePi07, title = {High-level Architecture of an IPSec-dedicated System on Chip}, booktitle = {proceedings of NGI 2007}, year = {2007}, month = {May}, publisher = {IEEE Press}, organization = {IEEE Press}, address = {Trondheim, Norway}, abstract = {IPSec is a suite of protocols which adds security to communications at the IP level. Protocols within the IPSec suite make extensive use of cryptographic algorithms. Since these algorithms are computationally very intensive, some hardware acceleration is needed to support high throughput. In this paper we propose a high level architecture of a System on Chip (SoC) which implements IPSec. This SoC has been thought to be placed on the main data path of the host machine (flow-through architecture), thus allowing for transparent processing of IPSec traffic. The functionalities of the different blocks and their interactions, along with an estimation of the internal memory size, are also shown.}, keywords = {accelerator, IPSec, priority, quality of service (QoS), security, system-on-chip (SoC), SystemC}, author = {Ferrante, Alberto and Piuri, Vincenzo} } @conference {55.DaFeMa, title = {A Memory Unit for Priority Management in IPSec Accelerators}, booktitle = {proceedings of ICC07. Glasgow, Scotland: IEEE Communications Society}, year = {2007}, month = {June 24}, address = {Glasgow, Scotland}, abstract = {This paper introduces a hardware architecture for high speed network processors, focusing on support for Quality of Service in IPSec-dedicated systems. The effort is aimed at defining a secure system on chip environment, where the speed and security requirements are of utmost importance. In particular, a method is devised to introduce and support Quality of Service through priorities at this level. An architecture of a memory system that provides automatic priority management is proposed.}, keywords = {accelerator, IPSec, priority, quality of service (QoS), security, system-on-chip (SoC), SystemC}, doi = {http://dx.doi.org/10.1109/ICC.2007.257}, author = {Dadda, Luigi and Ferrante, Alberto and Macchetti, Marco} } @conference {49.MuPaNeSaFa07, title = {Power Modeling and Power Analysis for IEEE 802.15.4: a Concurrent State Machine Approach}, booktitle = {Proceedings of CCNC 2007}, year = {2007}, month = {January 11-13}, address = {Las Vegas, USA}, abstract = {802.15.4 is a recent low-rate/low-power standard for wireless personal area and sensor networks. Its simple infrastructure, intermediate range and good power performance make it a candidate for applications that require a reasonably low throughput but a very high device lifetime and power efficiency. An experimental power analysis of an 802.15.4 implementation is carried out, providing a detailed power model of the protocol based on concurrent state machines; resulting power model is then used to generate a customized simulator. The model has been validated through a set of experiments and provides good accuracy; results are discussed, considering in particular use of the model as a basis for subsequent optimizations on 802.15.4 networks.}, keywords = {low power design, modeling, wireless sensor networks}, doi = {http://dx.doi.org/10.1109/CCNC.2007.135}, author = {Mura, Marcello and Paolieri, Marco and Negri, Luca and Fabbri, Fabio and Sami, Mariagiovanna} } @conference {58.FeChPi07, title = {A Query Unit for the IPSec Databases}, booktitle = {SECRYPT 2007}, year = {2007}, month = {07/2007}, address = {Barcelona, Spain}, abstract = {IPSec is a suite of protocols that adds security to communications at the IP level. Protocols within IPSec make extensive use of two databases, namely the Security Policy Database (SPD) and the Security Association Database (SAD). The ability to query the SPD quickly is fundamental as this operation needs to be done for each incoming or outgoing IP packet, even if no IPSec processing needs to be applied on it. This may easily result in millions of query per second in gigabit networks. Since the databases may be of several thousands of records on large secure gateways, a dedicated hardware solution is needed to support high throughput. In this paper we discuss an architecture for these query units, we propose different query methods for the two databases, and we compare them through simulation. Two different versions of the architecture are presented: the basic version is modified to support multithreading. As shown by the simulations, this technique is very effective in this case. The architecture that supports multithreading allows for 11 million queries per second in the best case.}, keywords = {accelerator, database, IPSec, security, security association database (SAD), security policy database (SPD), system-on-chip (SoC), SystemC}, author = {Ferrante, Alberto and Chandra, Satish and Piuri, Vincenzo} } @article {51.TaFe07, title = {Scheduling Small packets in IPSec Multi-accelerator Based Systems}, journal = {Journal of Communication(JCM) Academy publisher}, volume = {2}, number = {2}, year = {2007}, month = {March}, pages = {53-60}, address = {Stresa, Italy}, abstract = {IPSec is a suite of protocols that adds security to communications at the IP level. Protocols within the IPSec suite make extensive use of cryptographic algorithms. Since these algorithms are computationally very intensive, some hardware acceleration is needed to support high throughput. IPSec accelerator performance may heavily depend on the dimension of the packets to be processed. In fact, when packets are small, the time needed to transfer data and to set up the accelerators may exceed the one to process (e.g. to encrypt) the packets by software. In this paper we present a packet scheduling algorithm that tackles this problem. Packets belonging to the same Security Association are grouped before the transfer to the accelerators. Thus, the transfer and the initialization time have a lower influence on the total processing time of the packets. This algorithm also provides the capability of scheduling grouped packets over multiple cryptographic accelerators. High-level simulations of the scheduling algorithm have been performed and the results for a one-accelerator and for a two-accelerator system are also shown in this paper.}, keywords = {accelerator, HW/SW co-design, IPSec, scheduling algorithm, security}, author = {Taddeo, Antonio Vincenzo and Ferrante, Alberto} } @conference {60.FiSiSa07, title = {Security Aspects in Networks-on-Chips: Overview and Proposals for Secure Implementations}, booktitle = {DSD07, in proceedings of 10th EUROMICRO Conference on Digital System Design Architectures, Methods and Tools (DSD 07)}, year = {2007}, month = {August 29-31}, address = {L{\"u}beck, Germany}, abstract = {Security has gained increasing relevance in the development of embedded devices. Towards the aim of a secure system at each level of the design, in this paper we address security aspects related to Networks-on-Chips (NoCs) architectures. After presenting the attacks most likely to address NoCs, we survey existing academic and industrial secure architectures relevant to our case, focusing in particular on their communication infrastructure. We outline and propose possible solutions to contrast some of the attacks described and suggest the use of the NoC as a mean to monitor and detect unexpected system behaviors.}, keywords = {embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1109/DSD.2007.4341520}, author = {Fiorin, Leandro and Silvano, Cristina and Sami, Mariagiovanna} } @conference {56.FeTaSaMa07, title = {Self-adaptive Security at Application Level: a Proposal}, booktitle = {ReCoSoC 2007, Jun. 2007, in proceedings of ReCoSoC 2007}, year = {2007}, month = {June}, abstract = {Self-adaptive systems have the ability to adapt themselves to mutating external or internal conditions without requesting any intervention of the user; the security of such systems is influenced by those adaptations. Therefore, also the security mechanisms that are put in place by the operating system, should adapt to maintain the desired security level. This paper proposes a self-adaptive framework for the system security. This adaptation scheme allows the system to choose the best set of security policies at every given time; this set is determined by considering the system internal and external conditions as well as the application requirements. The proposed framework deals with self-adaptation at system level in order to provide both a domain independent and a flexible solution.}, keywords = {autonomous systems, security, security policies, self-adaptive security, self-adaptive systems, system level design}, author = {Ferrante, Alberto and Taddeo, Antonio Vincenzo and Sami, Mariagiovanna and Mantovani, Fabrizio and Fridkins, Jurijs} } @conference {41.TaFePi2006, title = {Scheduling Small Packets in IPSec-based Systems}, booktitle = {CCNC}, year = {2006}, month = {January 8}, address = {Las Vegas, NV, USA}, abstract = {IPSec is a suite of protocols that adds security to communications at the IP level. Protocols within the IPSec suite make extensive use of cryptographic algorithms. Since these algorithms are computationally very intensive, some hardware acceleration is needed to support high throughput. IPSec accelerator performance may heavily depend on the dimension of the packets to be processed. When packets are small, the time needed to transfer data and to set up the accelerator may exceed the one to process the packets (e.g. to encrypt) by software. In this paper, we propose a solution for this problem. High-level simulations and the related results are provided to show the properties of the algorithm.}, keywords = {accelerator, HW/SW co-design, IPSec, scheduling algorithm, security}, doi = {http://dx.doi.org/10.1109/CCNC.2006.1593123}, author = {Taddeo, Antonio Vincenzo and Ferrante, Alberto and Piuri, Vincenzo} } @conference {39.1169233, title = {Speeding Up AES By Extending a 32 bit Processor Instruction Set}, booktitle = {ASAP {\textquoteright}06: Proceedings of the IEEE 17th International Conference on Application-specific Systems, Architectures and Processors (ASAP{\textquoteright}06)}, year = {2006}, pages = {275-282}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {Nowadays the need of speed in cipher and decipher operations is more important than in the past. This is due to the diffusion of real time applications, which fact involves the use of cryptography. Many co-processors for cryptography were studied and presented in the past, but only few works were addressed to the enhancement of the instruction set architecture (ISA) of the embedded processor. This paper presents an extension of the ISA of a 32 bit processor, that aims at speeding up the software implementations of the AES algorithm. After the identification of the most frequently executed and the most time consuming sections of the algorithm, a set of dedicated instructions is designed in order to improve the performances of the cipher operations. We validate our instruction set extension by measuring the speed up for different optimized implementations of AES using an ARM processor simulator, but the enhancements we propose are general enough to be applied to almost all 32 bit processors.}, keywords = {cryptography, HW/SW co-design, instruction set extension}, isbn = {0-7695-2682-9}, doi = {http://dx.doi.org/10.1109/ASAP.2006.62}, author = {Bertoni, Guido Marco and Breveglieri, Luca and Farina, Roberto and Regazzoni, Francesco} } @conference {28.1049903, title = {Application-Driven Optimization of VLIW Architectures: A Hardware-Software Approach}, booktitle = {RTAS {\textquoteright}05: Proceedings of the 11th IEEE Real Time on Embedded Technology and Applications Symposium}, year = {2005}, month = {03/2005}, pages = {128{\textendash}137}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {A large number of embedded multimedia applications are characterized by high instruction-level parallelism (ILP) expecially in the most critical internal loop bodies. Very Large Instruction Word (VLIW) architectures Application Specific Instruction Set Processors (ASIP) are best suited to exploit such parallelism. Fast design space exploration and optimization of VLIW architecture to a specific application target is increasingly becoming the crucial factor to achieve higher efficiency designs in a relatively small amount of time. In this paper we propose an example of VLIW architecture application driven optimization using the VEX (VLIW Example) system. A typical image processing application, the Imaging Pipeline, has been chosen as an example.}, keywords = {design space exploration, embedded systems, HW/SW co-design, HW/SW partitioning, system level design, very long instruction words (VLIW)}, isbn = {0-7695-2302-1}, doi = {http://dx.doi.org/10.1109/RTAS.2005.9}, author = {Ferrante, Alberto and Piscopo, Giuseppe and Scaldaferri, Stefano} } @Patent {22.pat20040228482PATENT, title = {Method of implementing one-to-one binary function and relative hardware device, especially for a Rijndael S-box}, number = {US 10/816,791 -- EP 20030425211}, year = {2004}, month = {10/2004}, type = {Grant}, chapter = {US 7502464 B2 -- EP 1465365 A1 }, abstract = {A method for implementing one-to-one binary functions defined on the Galois field GF(2^8) is very useful for forming fast and low power hardware devices regardless of the binary function. The method includes decoding an input byte for generating at least one bit string that contains only one active bit, and logically combining the bits of the bit string according to the binary function for generating a 256-bit string representing a corresponding output byte. The 256-bit string is then encoded in a byte for obtaining the output byte.}, issn = {US 7502464 B2}, author = {Macchetti, Marco and Fragneto, Pasqualina and Bertoni, Guido Marco} } @conference {26.BoFeDuPi2004, title = {A Methodology for Testing IPSec-based Systems}, booktitle = {SoftCOM 2004}, year = {2004}, month = {October}, pages = {22-26}, address = {Split}, abstract = {{IPSec is a suite of protocols adding security to communications at the IP level. This suite of protocols is becoming more and more important as it is included as mandatory security mechanism in IPv6. This paper focuses on a methodology for testing IPSec implementations. A UML model of the IPSec suite of protocols was developed. Test cases were obtained applying a coverage method on the same model.}}, keywords = {encapsulating security payload (ESP), IPSec, security, testing, unified modeling language (UML)}, author = {Boiko, Uljana and Ferrante, Alberto and Lo Duca, Antonietta and Piuri, Vincenzo} } @conference {11.BiMaBeBreZaFra2003, title = {About the Performances of the Advanced Encryption Standard in Embedded Systems with Cache Memory}, booktitle = {ISCAS 2003}, year = {2003}, month = {May 25-28}, pages = {145-148}, address = {Bangkok}, abstract = {Modern networked embedded systems represent a growing market segment in which security is becoming an essential requirement. The Advanced Encryption Standard (AES) specification is becoming the default choice for such type of systems; however, a proper software implementation of AES is of fundamental importance in order to achieve significant performance. Current implementations presented in literature differ in terms of the amount of look-up tables used for pre-computing the functions of the encryption/decryption phase. This raises some questions regarding which AES implementation is optimal for a specific system configuration that, up to now, have been only empirically solved. In this work, we present an analytical model to study and evaluate the performance of the possible AES implementations in the early phases of system development. We then show that the proposed high-level timing model captures, with significant accuracy, the actual performance of current AES applications and thus it can be used for early evaluation of optimal AES implementations and to support the design space exploration phase. Validating experiments have been carried out on the Lx architecture, a scalable and customizable VLIW architecture developed by STMicroelectronics and HP Labs. Some final considerations are eventually reported about the relevant characteristics of the analyzed implementations and the role of the cache memory.}, doi = {http://dx.doi.org/10.1109/ISCAS.2003.1206212}, author = {Bircan, Aril and Macchetti, Marco and Bertoni, Guido Marco and Breveglieri, Luca and Zaccaria, Vittorio and Fragneto, Pasqualina} } @conference {8.752733, title = {Efficient Software Implementation of AES on 32-Bit Platforms}, booktitle = {CHES {\textquoteright}02: Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems}, year = {2003}, pages = {159{\textendash}171}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {London, UK}, abstract = {Rijndael is the winner algorithm of the AES contest; therefore it should become the most used symmetric-key cryptographic algorithm. One important application of this new standard is cryptography on smart cards. In this paper we present an optimisation of the Rijndael algorithm to speed up execution on 32-bits processors with memory constraints, such as those used in smart cards. First a theoretical analysis of the Rijndael algorithm and of the proposed optimisation is discussed, and then simulation results of the optimised algorithm on different processors are presented and compared with other reference implementations, as known from the technical literature.}, isbn = {3-540-00409-2}, author = {Bertoni, Guido Marco and Breveglieri, Luca and Fragneto, Pasqualina and Macchetti, Marco and Marchesin, Stefano} } @Patent {10.pat20030068036PATENT, title = {Method and circuit for data encryption/decryption}, number = {US 09/974,705}, year = {2003}, month = {April}, type = {Grant}, chapter = {US7801301 B2}, abstract = {Data are converted between an unencrypted and an encrypted format according to the Rijndael algorithm, including a plurality of rounds. Each round is comprised of fixed set of transformations applied to a two-dimensional array, designated state, of rows and columns of bit words. At least a part of said transformations are applied on a transposed version of the state, wherein rows and columns are transposed for the columns and rows, respectively.}, issn = {US7801301B2}, author = {Macchetti, Marco and Marchesin, Stefano and Bondi, Umberto and Breveglieri, Luca and Bertoni, Guido Marco and Fragneto, Pasqualina} } @conference {1.371690, title = {Development cost and size estimation starting from high-level specifications}, booktitle = {CODES {\textquoteright}01: Proceedings of the ninth international symposium on Hardware/software codesign}, year = {2001}, pages = {86-91}, publisher = {ACM Press, New York, USA}, organization = {ACM Press, New York, USA}, address = {Copenhagen, Denmark}, abstract = {This paper addresses the problem of estimating cost and development effort of a system, starting from its complete or partial high-level description. In addition, some modifications to evaluate the cost-effectiveness of reusing VHDL-based designs, are presented. The proposed approach has been formalized using an approach similar to the COCOMO analysis strategy, enhanced by a project size prediction methodology based on a VHDL function point metric. The proposed design size estimation methodology has been validated through a significant benchmark. The LEON-I microprocessor, whose VHDL description is of public domain.}, keywords = {concurrent engineering, design reuse, process management, project size estimation, VHDL}, isbn = {1-58113-364-2}, doi = {http://dx.doi.org/10.1109/HSC.2001.924656}, author = {Fornaciari, William and Salice, Fabio and Bondi, Umberto and Magini, Edi} } @conference {3.CaPoMaMaBeBreFra2001, title = {Efficient C implementation of the ECC and AES cryptographic systems}, booktitle = {Technology Leadership Day - organized by the MicroSwiss Network}, year = {2001}, month = {October 10}, address = {Fribourg}, author = {Cassoli, Federico and Polloni, Flavio and Marchesin, Stefano and Macchetti, Marco and Bertoni, Guido Marco and Breveglieri, Luca and Fragneto, Pasqualina} }