Designing secure heterogeneous multicore systems from untrusted components

Michel A. Kinsy, Lake Bu, Mihailo Isakov, Miguel Mark

Research output: Contribution to journalArticlepeer-review

2 Scopus citations

Abstract

In current systems-on-chip (SoCs) designs, processing elements, i.e., intellectual property (IP) cores, may come from different providers, and executable code may have varying levels of trust, all executing on the same compute platform and sharing resources. This creates a very fertile attack ground and represents the Achilles’ heel of heterogeneous SoC architectures and distributed connected devices. The general consensus today is that conventional approaches and software-only add-on schemes fail to provide sufficient security protections and trustworthiness. In this paper, we develop a secure heterogeneous SoC architecture named Hermes. It represents a new architectural model that integrates multiple processing elements (called tenants) of secure and non-secure cores into the same chip design while: (a) maintaining individual tenant security; (b) preventing data leakage and corruption; (c) promoting collaboration among the tenants; and (d) tolerating untrusted tenants with potentially malicious purposes. The Hermes architecture is based on a programmable secure router interface and a trust-aware routing algorithm. Depending on the trust levels of computing nodes, it is able to virtually isolate them in different access modes to the memory blocks. With secure key management and join protocols, Hermes is also able to function properly when nodes request for, or allow, memory access in a dishonest manner. With 17% hardware overhead, it enables the implementation of processing-element-oblivious secure multicore systems with a programmable distributed group key management scheme. The Hermes architecture is meant to emblematize the design of secure heterogeneous multicore computing systems out of unsecured or untrusted components using user-defined security policies to create at the hardware-level virtual zones to enforce these security and trust policies.

Original languageEnglish (US)
Article number12
Pages (from-to)1-21
Number of pages21
JournalCryptography
Volume2
Issue number3
DOIs
StatePublished - Sep 2018
Externally publishedYes

Keywords

  • Encryption
  • Heterogeneous
  • Key management
  • Multicore

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Networks and Communications
  • Computer Science Applications
  • Software
  • Applied Mathematics

Fingerprint

Dive into the research topics of 'Designing secure heterogeneous multicore systems from untrusted components'. Together they form a unique fingerprint.

Cite this