@inbook {92.FiPaSi09.2, title = {Security in NoC}, booktitle = {Networks-on-Chips: Theory and Practice}, year = {2009}, pages = {157-194}, publisher = {Taylor and Francis Group, LLC - CRC Press}, organization = {Taylor and Francis Group, LLC - CRC Press}, abstract = {Future integrated systems will contain billion of transistors, composing tens to hundreds of IP cores. These IP cores, implementing emerging complex multimedia and network ap- plications, should be able to deliver rich multimedia and networking services. An efficient cooperation among these IP cores (e.g., efficient data transfers) can be achieved through utilization of the available resources. The design of such complex systems includes several challenges to be addressed. Among others one challenge is to design an on-chip interconnection network that should be able to efficiently connect the IP cores. Another challenge is to derive such an application mapping that will make efficient usage of the available hardware resources . An architecture that is able to accommodate such a high number of cores, satisfying the need for commu- nication and data transfers, is the Network-on-Chip (NoC) architecture. For these reasons Networks-on-Chip become a popular choice for designing the on-chip interconnect for Systems-on-Chip (MPSoCs), and are supported from the industry (such as the Ethereal NoC from Philips, the STNoC from STMicroelectronics and an 80-core NoC from Intel). As it is presented in , the key design challenges of emerging NoC design are a) the communication infrastructure, b) the communication paradigm selection and c) the application mapping optimization.}, keywords = {network-on-chip (NoC), security}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina and Elmiligi, Haytham}, editor = {Gebali, Fayez and El-Kharashi, Watheq} } @article {84.AlGaSte2008, title = {Secure Memory Accesses on Networks-on-Chip}, journal = {IEEE Transactions on Computers}, volume = {57}, number = {9}, year = {2008}, month = {September}, pages = {1216-1229}, abstract = {Security is gaining relevance in the development of embedded devices. Towards a secure system at each level of design, this paper addresses security aspects related to Network on Chip (NoC) architectures, foreseen as the communication infrastructure of next-generation embedded devices. In the context of NoC-based multiprocessor systems, we focus on the topic, not yet thoroughly faced, of data protection. In this paper, we present a secure NoC architecture composed of a set of Data Protection Units (DPUs) implemented within the Network Interfaces (NIs)1. The run-time configuration of the programmable part of the DPUs is managed by a central unit, the Network Security Manager (NSM). The DPU, similar to a firewall, can check and limit the access rights (none, read, write, or both) of processors accessing data and instructions in a shared memory. In particular, the DPU can distinguish between the operating roles (supervisor/user and secure/non secure) of the processing elements.We explore alternative implementations of the DPU and demonstrate how this unit does not affect the network latency if the memory request has the appropriate rights. We also focus on the dynamic updating of the DPUs to support their utilization in dynamic environments, and on the utilization of authentication techniques to increase the level of security.}, keywords = {data protection, embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1109/TC.2008.69}, author = {Fiorin, Leandro and Palermo, Gianluca and Lukovi{\'c}, Slobodan and Catalano, Valerio and Silvano, Cristina} } @conference {88.FiPaSi08, title = {A Security Monitoring Service for NoCs}, booktitle = {Sixth IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS{\textquoteright}08)}, year = {2008}, month = {10/2008}, address = {Atlanta, Georgia, USA.}, abstract = {As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. Networks-on- Chip (NoCs) have appeared as design strategy to cope with the rapid increase in complexity of Multiprocessor Systems- on-Chip (MPSoCs), but only recently research community have addressed security on NoC-based architectures. In this paper, we present a monitoring system for NoC based architectures, whose goal is to help detect security violations carried out against the system.Information col- lected are sent to a central unit for efficiently counteracting actions performed by attackers.We detail the design of the basic blocks and analyse overhead associated with the ASIC implementation of the monitoring system, discussing type of security threats that it can help detect and counteract.}, keywords = {embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1145/1450135.1450180}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina} } @conference {68.FiPaLuSi07, title = {A Data protection Unit for NoC-based Architecture}, booktitle = {CODES+ISSS 2007, in proceedings of the Fifth IEEE/ACM/FIP International Conference of Hardware/Software Codesign and System Synthesis (CODES+ISSS 2007)}, year = {2007}, month = {September 30}, address = {Salzburg, Austria}, abstract = {Security is gaining increasing relevance in the development of embedded devices. Towards a secure system at each level of design, this paper addresses the security aspects related to Network-on-Chip (NoC) architectures, foreseen as the communication infrastructure of next generation embedded devices. In the context of NoC-based Multiprocessor systems, we focus on the topic, not thoroughly faced yet, of data protection. We present the architecture of a Data Protection Unit (DPU) designed for implementation within the Network Interface (NI). The DPU supports the capability to check and limit the access rights(none, read, write or both) of processors requesting access to data locations in a shared memory - in particular distinguishing between the operating roles (supervisor or user) of processing elements. We explore different alternative implementations and demonstrate how the DPU unit does not affect the network latency if the memory request has the appropriate rights. In the experimental section we show synthesis results for different ASIC implementations of the Data Protection Unit.}, keywords = {data protection, embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1145/1289816.1289858}, author = {Fiorin, Leandro and Palermo, Gianluca and Lukovi{\'c}, Slobodan and Silvano, Cristina} } @conference {60.FiSiSa07, title = {Security Aspects in Networks-on-Chips: Overview and Proposals for Secure Implementations}, booktitle = {DSD07, in proceedings of 10th EUROMICRO Conference on Digital System Design Architectures, Methods and Tools (DSD 07)}, year = {2007}, month = {August 29-31}, address = {L{\"u}beck, Germany}, abstract = {Security has gained increasing relevance in the development of embedded devices. Towards the aim of a secure system at each level of the design, in this paper we address security aspects related to Networks-on-Chips (NoCs) architectures. After presenting the attacks most likely to address NoCs, we survey existing academic and industrial secure architectures relevant to our case, focusing in particular on their communication infrastructure. We outline and propose possible solutions to contrast some of the attacks described and suggest the use of the NoC as a mean to monitor and detect unexpected system behaviors.}, keywords = {embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1109/DSD.2007.4341520}, author = {Fiorin, Leandro and Silvano, Cristina and Sami, Mariagiovanna} }