@conference {18588, title = {SCA-Resistance for AES: How Cheap Can We Go?}, booktitle = {Progress in Cryptology {\textendash} AFRICACRYPT 2018}, year = {2018}, publisher = {Springer International Publishing}, organization = {Springer International Publishing}, address = {Cham}, abstract = {This paper introduces a novel AES structure capable of improving the robustness against power analysis attacks while allowing for a very compact structure with a potentially negligible area and performance impact. The proposed design is based on a low entropy masking scheme, where half of the time the true value and half of the time the complemented value are used to mask the power consumption variation. The obtained experimental results suggest that the area overhead for the protection against power analysis is as low as 5{\%} LUT increase with a performance degradation of about 10{\%}. When compared with the state of the art supported on FPGAs, efficiency improvements above 6 times and a throughput improvement of at least two times higher are achieved.}, isbn = {978-3-319-89339-6}, author = {Chaves, Ricardo and Chmielewski, {\L}ukasz and Regazzoni, Francesco and Batina, Lejla}, editor = {Joux, Antoine and Nitaj, Abderrahmane and Rachidi, Tajjeeddine} } @article {18531, title = {Model-Free Fault Detection and Isolation in Large-Scale Cyber-Physical Systems}, journal = {IEEE Transactions on Emerging Topics in Computational Intelligence}, volume = {1}, year = {2017}, month = {Feb}, pages = {61-71}, keywords = {Change detection algorithms, clustering methods, Computational modeling, cyber-physical systems, Fault detection, Hidden Markov models, monitoring, Sensor phenomena and characterization, Sensor systems}, doi = {10.1109/TETCI.2016.2641452}, author = {Alippi, Cesare and Ntalampiras, Stavros and Roveri, Manuel} } @conference {18450, title = {Online Model-free Sensor Fault Identification and Dictionary Learning in Cyber-Physical Systems}, booktitle = {IEEE-INNS International Joint Conference on Neural Networks (IJCNN16)}, year = {2016}, month = {07/2016}, address = {Vancouver, Canada}, abstract = {This paper presents a model-free method for the online identification of sensor faults and learning of their fault dictionary. The method, designed having in mind Cyber-Physical Systems (CPSs), takes advantage of functional relationships among the datastreams acquired by CPS sensing units. Existing model-free change detection mechanisms are proposed to detect faults and identify the fault type thanks to a fault dictionary which is built over time. The main features of the proposed algorithm are its ability to operate without requiring any a priori information about the system under inspection or the nature of the possibly occurring faults. As such, the method follows the model-free approach, characterized by the fact the fault dictionary is constructed online once faults are detected. Whenever available, humans can be considered in the loop to label a fault or a fault class in the dictionary as well as introduce fault instances generated thanks to a priori information. Experimental results on both synthetic and real datasets corroborate the effectiveness of the proposed fault diagnosis system. }, author = {Alippi, Cesare and Ntalampiras, Stavros and Roveri, Manuel} } @article {18482, title = {Automatic Application of Power Analysis Countermeasures}, journal = {IEEE Transactions on Computers }, volume = {64}, issue = {2}, year = {2015}, month = {02/2015}, pages = {329-341}, type = {journal}, chapter = {329}, abstract = {We introduce a compiler that automatically inserts software countermeasures to protect cryptographic algorithms against power-based side-channel attacks. The compiler first estimates which instruction instances leak the most information through side-channels. This information is obtained either by dynamic analysis, evaluating an information theoretic metric over the power traces acquired during the execution of the input program, or by static analysis. As information leakage implies a loss of security, the compiler then identifies (groups of) instruction instances to protect with a software countermeasure such as random precharging or Boolean masking. As software protection incurs significant overhead in terms of cryptosystem runtime and memory usage, the compiler protects the minimum number of instruction instances to achieve a desired level of security. The compiler is evaluated on two block ciphers, AES and Clefia; our experiments demonstrate that the compiler can automatically identify and protect the most important instruction instances. To date, these software countermeasures have been inserted manually by security experts, who are not necessarily the main cryptosystem developers. Our compiler offers significant productivity gains for cryptosystem developers who wish to protect their implementations from side-channel attacks}, keywords = {cryptographic algorithms protection, cryptography, data protection, power analysis attacks, program compilers, side-channel attacks}, issn = {0018-9340}, doi = {10.1109/TC.2013.219}, url = {http://dx.doi.org/10.1109/TC.2013.219}, author = {Bayrak, Ali Galip and Regazzoni, Francesco and Novo, David and Brisk, Philip and Standaert, Fran{\c c}ois-Xavier and Ienne, Paolo} } @article {18060, title = {Automatic Application of Power Analysis Countermeasures}, journal = {IEEE Transactions on Computers}, volume = {PP}, issue = {99}, year = {2013}, month = {12/2013}, abstract = {We introduce a compiler that automatically inserts software countermeasures to protect cryptographic algorithms against power-based side-channel attacks. The compiler first estimates which instruction instances leak the most information through side-channels. This information is obtained either by dynamic analysis, evaluating an information theoretic metric over the power traces acquired during the execution of the input program, or by static analysis. As information leakage implies a loss of security, the compiler then identifies (groups of) instruction instances to protect with a software countermeasure such as random precharging or Boolean masking. As software protection incurs significant overhead in terms of cryptosystem runtime and memory usage, the compiler protects the minimum number of instruction instances to achieve a desired level of security. The compiler is evaluated on two block ciphers, AES and Clefia; our experiments demonstrate that the compiler can automatically identify and protect the most important instruction instances. To date, these software countermeasures have been inserted manually by security experts, who are not necessarily the main cryptosystem developers. Our compiler offers significant productivity gains for cryptosystem developers who wish to protect their implementations from side-channel attacks.}, issn = {0018-9340}, doi = {10.1109/TC.2013.219}, author = {Bayrak, Ali Galip and Regazzoni, Francesco and Novo Bruna, David and Brisk, Philip and Standaert, Fran{\c c}ois-Xavier and Ienne, Paolo} } @conference {18072, title = {An eda-friendly protection scheme against side-channel attacks}, booktitle = {Design, Automation and Test in Europe (DATE)}, year = {2013}, month = {March}, address = {Grenoble, France}, author = {Bayrak, Ali Galip and Velickovic, Nikola and Regazzoni, Francesco and Novo Bruna, David and Brisk, Philip and Ienne, Paolo} } @conference {18066, title = {Sleuth: Automated Verification of Software Power Analysis Countermeasures}, booktitle = {Workshop on Cryptographic Hardware and Embedded Systems (CHES)}, year = {2013}, month = {August}, address = {Santa Barbara, California, USA}, author = {Bayrak, Ali Galip and Regazzoni, Francesco and Novo Bruna, David and Ienne, Paolo} } @conference {18075, title = {Compact Implementation and Performance Evaluation of Block Ciphers in ATtiny Devices}, booktitle = {Progress in Cryptology - Africacrypt}, year = {2012}, month = {July}, address = {Ifrance, Morocco}, author = {Eisenbarth, Thomas and Gong, Zheng and Gneysu, Tim and Heyse, Stefan and Indesteege, Sebastiaan and Kerckhof, St{\'e}phanie and Koeune, Francois and Nad, Tomislav and Plos, Thomas and Regazzoni, Francesco and Standaert, Fran{\c c}ois-Xavier and Oldenzeel, Loic Van Oldene} } @conference {17740, title = {Towards an ESL design framework for adaptive and fault-tolerant MPSoCs: MADNESS or not?}, booktitle = {Embedded Systems for Real-Time Multimedia (ESTIMedia), 2011 9th IEEE Symposium on}, year = {2011}, abstract = {The MADNESS project aims at the definition of innovative system-level design methodologies for embedded MP-SoCs, extending the classic concept of design space exploration in multi-application domains to cope with high heterogeneity, technology scaling and system reliability. The main goal of the project is to provide a framework able to guide designers and researchers to the optimal composition of embedded MPSoC architectures, according to the requirements and the features of a given target application field. The proposed approach will tackle the new challenges, related to both architecture and design methodologies, arising with the technology scaling, the system reliability and the ever-growing computational needs of modern applications. The methodologies proposed with this project act at different levels of the design flow, enhancing the state-of-the art with novel features in system-level synthesis, architectural evaluation and prototyping. Support for fault resilience and efficient adaptive runtime management is introduced at hardware and middleware level, and considered by the system-level synthesis as one of the optimization factors to be taken into account. This paper presents the first stable results obtained in the MADNESS project, already demonstrating the effectiveness of the proposed methods.}, keywords = {adaptive MPSoC, adaptive runtime management, computer architecture, embedded MPSoC architectures, emulation, ESL design framework, fault resilience, fault tolerance, fault tolerant MPSoC, field programmable gate arrays, hardware, integrated circuit reliability, libraries, MADNESS project, middleware, multiprocessing systems, network synthesis, program processors, system level design methodologies, system level synthesis, system reliability, system-on-chip (SoC)}, doi = {10.1109/ESTIMedia.2011.6088518}, author = {Cannella, Emanuele and Di Gregorio, Lorenzo and Fiorin, Leandro and Lindwer, Menno and Meloni, Paolo and Neugebauer, Olaf and Pimentel, Andy} } @article {18492, title = {Breaking ECC2K-130}, journal = {IACR Cryptology ePrint Archive}, volume = {2009}, year = {2009}, month = {11/2009}, pages = {541}, abstract = {Elliptic-curve cryptography is becoming the standard public-key primitive not only for mobile devices but also for high-security applications. Advantages are the higher cryptographic strength per bit in comparison with RSA and the higher speed in implementations. To improve understanding of the exact strength of the elliptic-curve discrete-logarithm problem, Certicom has published a series of challenges. This paper describes breaking the ECC2K-130 challenge using a parallelized version of Pollard{\textquoteright}s rho method. This is a major computation bringing together the contributions of several clusters of conventional computers, PlayStation~3 clusters, computers with powerful graphics cards and FPGAs. We also give /preseestimates for an ASIC design. In particular we present * our choice and analysis of the iteration function for the rho method; * our choice of finite field arithmetic and representation; * detailed descriptions of the implementations on a multitude of platforms: CPUs, Cells, GPUs, FPGAs, and ASICs; * details about running the attack. }, keywords = {Attacks, automorphisms, binary fields, Certicom challenges, DLP, ECC, implementation, Koblitz curves, parallelized Pollard rho}, url = {http://eprint.iacr.org/2009/541}, author = {Bailey, Daniel V. and Batina, Lejla and Bernstein, Daniel J. and Birkner, Peter and Bos, Joppe W. and Chen, Hsieh - Chung and Cheng, Chen - Mou and van Damme, Gauthier and G{\"u}neysu, Tim and Gurkaynak, Frank and Kleinjung, Thorsten and Paar, Christof and Regazzoni, Francesco and Niederhagen, Ruben and Schwabe, Peter and Uhsadel, Leif and Van Herrewege, Anthony} } @Patent {78.pat20080134187PATENT, title = {Hardware scheduled SMP architectures}, number = {US 11/947,278}, year = {2008}, month = {06/2008}, type = {Application}, chapter = {US 20080134187 A1}, abstract = {A symmetric multiprocessor system employing a hardware constituted real-time operating system.}, issn = {US 20080134187 A1}, author = {Lajolo, Marcello and Nacul, Andre Costi and Regazzoni, Francesco} } @conference {53.CoReLa07, title = {HardwareScheduling Support in SMP Architecture}, booktitle = {Design, Automation and Test in Europe(DATE)}, year = {2007}, month = {April 16-20}, address = {Nice, France}, abstract = {In this paper the authors propose a hardware real time operating system (HW-RTOS) that implements the OS layer in a dual-processor SMP architecture. Intertask communication is specified by means of dedicated APIs and the HW-RTOS takes care of the communication requirements of the application and also implements the task scheduling algorithm. The HW-RTOS allows to have smaller footprints, since it avoids the need to link to the final executables traditional software RTOS libraries. Moreover, the HW-RTOS is able to exploit the easy task migration feature provided by an SMP architecture much more efficiently than a traditional software RTOS, due to its faster execution and the authors show how this significantly overcomes the performance achievable with optimal static task partitioning among two processors. Preliminary results show that the hardware overhead in a dual processor architecture is less than 20K gates.}, keywords = {HW/SW co-design, multiprocessor system-on-chip (MPSoC), real time operating systems}, doi = {http://dx.doi.org/10.1109/DATE.2007.364666}, author = {Nacul, Andre Costi and Regazzoni, Francesco and Lajolo, Marcello} } @conference {49.MuPaNeSaFa07, title = {Power Modeling and Power Analysis for IEEE 802.15.4: a Concurrent State Machine Approach}, booktitle = {Proceedings of CCNC 2007}, year = {2007}, month = {January 11-13}, address = {Las Vegas, USA}, abstract = {802.15.4 is a recent low-rate/low-power standard for wireless personal area and sensor networks. Its simple infrastructure, intermediate range and good power performance make it a candidate for applications that require a reasonably low throughput but a very high device lifetime and power efficiency. An experimental power analysis of an 802.15.4 implementation is carried out, providing a detailed power model of the protocol based on concurrent state machines; resulting power model is then used to generate a customized simulator. The model has been validated through a set of experiments and provides good accuracy; results are discussed, considering in particular use of the model as a basis for subsequent optimizations on 802.15.4 networks.}, keywords = {low power design, modeling, wireless sensor networks}, doi = {http://dx.doi.org/10.1109/CCNC.2007.135}, author = {Mura, Marcello and Paolieri, Marco and Negri, Luca and Fabbri, Fabio and Sami, Mariagiovanna} } @conference {69.BoIoNeTaTo07, title = {Role Based Access Control for the interaction with Search Engines}, booktitle = {COOPER Workshop in conjunction with EC-TEL07 Conference}, year = {2007}, month = {September 17}, abstract = {Search engine-based features are a basic interaction mean for users to find information inside a Web-based Learning Management Systems (LMS); nonetheless, traditional solutions lack in mechanisms for access rights management for data contained in search engines{\textquoteright} indexes. This paper explores the integration of a Role Based Access Control (RBAC) mechanism for the interaction with a search engine in a Web-based LMS. We first outline a reference conceptual model for the design of Web-based LMSs exploiting RBAC by means of WebML, a visual modeling language for the high-level specification of data-intensive Web applications. Then, we propose a model-driven approach for the definition of a RBAC-driven interaction between users and search engines, extending WebML with new modeling primitives and outlining significative modeling patterns for the specification of the visibility and action access control levels.}, keywords = {access control modeling, index modeling, search engine design, web engineering}, author = {Bozzon, Alessandro and Iofciu, Tereza and Nejdl, Wolfgang and Taddeo, Antonio Vincenzo and Tonnies, Sascha} } @conference {50.MuPaNeSa07, title = {StateCharts to SystemC: a High Level Hardware Simulation Approach}, booktitle = {Proceedings of GLSVLSI 2007}, year = {2007}, month = {March 11-13}, address = {Stresa, Italy}, abstract = {In this paper we present a tool that converts specifications written with a subset of StateCharts into SystemC behavioral models. The main advantages of such an approachare rapidity of use, simplicity and reusability. Various systems can be modeled at different levels of abstraction and accuracy through StateCharts and different peculiar aspects (e.g. energy, performances) can be taken into consideration. Moreover different parts of the design can be identified at different detail levels. The kernel of the simulator is fully discussed together with its mapping to the semantics of our StateCharts diagrams. As a case study we present here a model of the IBM PowerPC 750 Cache system and the respective SystemC simulator automatically generated by our tool.}, keywords = {code generation, StateCharts, SystemC, unified modeling language (UML)}, doi = {http://dx.doi.org/10.1145/1228784.1228904}, author = {Mura, Marcello and Paolieri, Marco and Negri, Luca and Sami, Mariagiovanna} } @conference {38.1110115, title = {Power/Performance Tradeoffs in Bluetooth Sensor Networks}, booktitle = {HICSS {\textquoteright}06: Proceedings of the 39th Annual Hawaii International Conference on System Sciences}, year = {2006}, pages = {236.2}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {Low power consumption is a critical issue in wireless sensor networks. Over the past few years, a considerable number of ad-hoc architectures and communication protocols have been proposed for sensor network nodes. If on one hand custom solutions carry the greatest power optimization potential, widespread communication standards guarantee interoperability and ease of connection with existing devices. In this paper we present a variable-granularity power model of Bluetooth, and apply it to variable-complexity optimization scenarios, to devise optimal power management policies. These policies, if backed by hardware implementations that are more power-aggressive than those available, could make the protocol fit for a wider range of sensor networks than it is today.}, isbn = {0-7695-2507-5}, doi = {http://dx.doi.org/10.1109/HICSS.2006.383}, author = {Negri, Luca and Zanetti, Davide} } @conference {36.RegNacLaj2005, title = {Automatic Synthesis of the Hardware/Software Interface in Multiprocessor Architectures}, booktitle = {FDL{\textquoteright}05 - Forum on Specification and Design Languages}, year = {2005}, month = {September 27-30}, address = {Lausanne, Switzerland}, abstract = {Although Moore{\textquoteright}s Law, in principle, enables a huge number of components to be integrated into a single chip, design methods that will allow system architects to put the components together to achieve cost, power and time-to-market targets are severely lacking. System-level design and optimization techniques can significantly reduce the design gap by providing solutions that achieve correct-by-construction rather than the correct-by-iteration approach. This paper presents a programmatic interface generation tool for automating the generation of the hardware/software interfaces in the context of multiprocessor Systems-On-Chips. The solutions that we present are of crucial importance in a platform based design environment for building a flexible system with reusable IPs and CPU cores.}, keywords = {HW/SW co-design, system-on-chip (SoC)}, author = {Regazzoni, Francesco and Nacul, Andre Costi and Lajolo, Marcello} } @conference {31.1070384, title = {Flexible Power Modeling for Wireless Systems: Power Modeling and Optimization of two Bluetooth Implementations}, booktitle = {WOWMOM {\textquoteright}05: Proceedings of the Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks (WoWMoM{\textquoteright}05)}, year = {2005}, pages = {408{\textendash}416}, publisher = {IEEE Computer Society}, organization = {IEEE Computer Society}, address = {Washington, DC, USA}, abstract = {A large number of embedded multimedia applications are characterized by high instruction-level parallelism (ILP) expecially in the most critical internal loop bodies. Very Large Instruction Word (VLIW) architectures Application Specific Instruction Set Processors (ASIP) are best suited to exploit such parallelism. Fast design space exploration and optimization of VLIW architecture to a specific application target is increasingly becoming the crucial factor to achieve higher efficiency designs in a relatively small amount of time. In this paper we propose an example of VLIW architecture application driven optimization using the VEX (VLIW Example) system. A typical image processing application, the Imaging Pipeline, has been chosen as an example.}, isbn = {0-7695-2342-0-01}, doi = {http://dx.doi.org/10.1109/WOWMOM.2005.46}, author = {Negri, Luca and Sami, Mariagiovanna and Tran, Que Dung and Zanetti, Davide} } @conference {17.NegBon2004, title = {The ALaRI Intranet: a Remote Collaboration Platform for a Worldwide Learning and Research Network}, booktitle = {World Conference on Educational Multimedia, Hypermedia and Telecommunications 04 (ED-MEDIA 04)}, year = {2004}, pages = {5042-5047}, publisher = {AACE Press}, organization = {AACE Press}, address = {Lugano, Switzerland}, abstract = {The ALaRI Intranet is a web-based remote learning, tutoring and collaboration platform that has been developed within the ANTITESYS project. ANTITESYS is a EU project involving some of the major academic and industrial institutions in Europe; its aim is to foster academic-industrial collaboration in the field of embedded systems whilst forming selected students by means of a one-year master program, held at the ALaRI institute sited in Lugano, Switzerland. What makes this scenario very unique lies in the roles played by the industrial and academic partners of ANTITESYS. The two sides contribute to the training of the master students in different ways, but both share the problem of integrating remote and face-to-face meetings with the students and with the other stakeholders. In this paper, we present the requirements gathering process and the design phase of the ALaRI Intranet, plus some details about its actual implementation and some initial usage figures.}, keywords = {case study, remote cooperation}, author = {Negri, Luca and Bondi, Umberto} } @conference {16.1013323, title = {FSM{\textendash}based power modeling of wireless protocols: the case of bluetooth}, booktitle = {ISLPED {\textquoteright}04: Proceedings of the 2004 international symposium on Low power electronics and design}, year = {2004}, pages = {369-374}, publisher = {ACM Press, New York, USA}, organization = {ACM Press, New York, USA}, address = {Newport Beach, California, USA}, abstract = {The proliferation of pervasive computing applications relying on battery-powered devices and wireless connectivity is posing great emphasis on the issue of power optimization. While node-level models and approaches have been widely discussed, a problem requiring even greater attention is that of power associated with the communication protocols. We propose a high-level modeling methodology based on Finite State Machines useful to predict the energy consumption of given communication tasks with very low computational cost, which can be applied to any protocol. We use this methodology to create a power model of Bluetooth that we characterize and validate experimentally on a real implementation.}, keywords = {bluetooth, power modeling, wireless protocols}, isbn = {1-58113-929-2}, doi = {http://dx.doi.org/10.1109/LPE.2004.1349368}, author = {Negri, Luca and Sami, Mariagiovanna and Macii, David and Terranegra, Alessandra} }