@Patent {87.pat07301411.0-2413PATENT, title = {Programmable data protection device, secure programming manager system and process for controlling access to an interconnect network for an integrated circuit}, number = {EP 20070301411}, year = {2009}, month = {04/2009}, type = {Application}, chapter = {EP 2043324 A1}, abstract = {A data protection device for an interconnect network on chip (NoC) includes a header encoder that receives input requests for generating network packets. The encoder routes the input requests to a destination address. An access control unit controls and allows access to the destination address. The access control unit uses a memory to store access rules for controlling access to the network as a function of the destination address and of a source of the input request.}, issn = {EP 2043324 A1}, author = {Fiorin, Leandro and Palermo, Gianluca and Silvano, Cristina and Catalano, Valerio and Locatelli, Riccardo and Coppola, Marcello} } @article {84.AlGaSte2008, title = {Secure Memory Accesses on Networks-on-Chip}, journal = {IEEE Transactions on Computers}, volume = {57}, number = {9}, year = {2008}, month = {September}, pages = {1216-1229}, abstract = {Security is gaining relevance in the development of embedded devices. Towards a secure system at each level of design, this paper addresses security aspects related to Network on Chip (NoC) architectures, foreseen as the communication infrastructure of next-generation embedded devices. In the context of NoC-based multiprocessor systems, we focus on the topic, not yet thoroughly faced, of data protection. In this paper, we present a secure NoC architecture composed of a set of Data Protection Units (DPUs) implemented within the Network Interfaces (NIs)1. The run-time configuration of the programmable part of the DPUs is managed by a central unit, the Network Security Manager (NSM). The DPU, similar to a firewall, can check and limit the access rights (none, read, write, or both) of processors accessing data and instructions in a shared memory. In particular, the DPU can distinguish between the operating roles (supervisor/user and secure/non secure) of the processing elements.We explore alternative implementations of the DPU and demonstrate how this unit does not affect the network latency if the memory request has the appropriate rights. We also focus on the dynamic updating of the DPUs to support their utilization in dynamic environments, and on the utilization of authentication techniques to increase the level of security.}, keywords = {data protection, embedded systems, multiprocessor system-on-chip (MPSoC), network-on-chip (NoC), security}, doi = {http://dx.doi.org/10.1109/TC.2008.69}, author = {Fiorin, Leandro and Palermo, Gianluca and Lukovi{\'c}, Slobodan and Catalano, Valerio and Silvano, Cristina} }