ASAP 2017 - The 28th Annual IEEE International Conference - PowerPoint Presentation

Slide1

ASAP 2017 - The 28th Annual IEEE International Conference on Application-specific Systems, Architectures and ProcessorsJuly 10th-12th 2017, Seattle, WA, USA

DoSGuard: Protecting Pipelined MPSoCs Against Hardware Trojan Based DoS AttacksAmin Malekpour, Roshan Ragel, Aleksandar Ignjatovic, and Sri Parameswaran School of Computer Science and EngineeringUniversity of New South Wales, Sydney, Australia

Outline

IntroductionRelated WorkProposed Architecture

Comparison with State of the Art

2

IntroductionHardware Trojans (HTs) - malicious modifications to ICs

ICs vulnerabilities to HT:Economic pressureDesign outsourcingReliance on IPs Unverified design automation toolsHT free components - arduous task

3

Introduction

4

Logic Type

Physical Layout

Location

Abstraction

Insertion

Triggering Mechanism

Payload

Sequential

Large

Processor

System

Specification

Always on

Information Leakage

Combinational

Small

Memory

RTLDesignInternallyFunctional/Data ModificationHybridAugmentedI/OLogicFabricationExternallyDenial of Service (DOS)ClusteredPower SupplyTransistorTestingDistributedClock GridPhysicalAssembly

Table 1:

hardware

Trojan Taxonomy

Introduction

Most researches - detecting an HT or preventing its activationNo guarantee - detection or prevention Solution - methods for safely operating in

HT presenceDoSGuard

contributions:DoS attack detection

Identification and isolationFast recovery

5

Related Work

Technique

Detection

Identification

Recovery

Bloom09 [6]

✓

✓

✕

Beaumont12 [4]

✓

✕

✕

Cui14 [8]

✓

✕

✓

Rajendaran16 [16]

✓

✓

✕

Table

2:

Effectiveness of the Different Techniques

6

Architecture

Stream programming - parallelism of many-core architectures

Applications – Network processing, Multimedia, and DSP

Processor Pipelines – Improve

throughput and performance

Pipelined

MPSoC

Architecture

7

Architecture

-

PMPSoC

Pipelined

MPSoC

Architecture Running

H.264

Application

Color Conversion

Motion Estimation

Motion Compensation

TQE

Inverse TQ

Write Back

8

Architecture –

DoSGuard

9

Sleeping Pool

Untrusted Pool

V1

V1

V1

V1

V3

V3

V3

V3

V2

V2

V2

V1

V1

V1

V1

V3

V3

V3

V3

V2

V2

V2

V2

TMR

Monitor Cores

Architecture –

RwD

10

Sleeping Pool

Untrusted Pool

TMR

Monitor Cores

11

Sleeping Pool

Untrusted Pool

Architecture –

RaD

TMR

Monitor Cores

Testing

12Results

Throughput vs. # of Attacks and Monitoring Interval for H.264Throughput for Different Benchmarks

Failed

Failed

Failed

Comparison - Related Work13

Table

3:

Effectiveness of the Different Techniques

Technique

Detection

Identification

Recovery

Bloom09 [6]

✓

✓

✕

Beaumont12 [4]

✓

✕

✕

Cui14 [8]

✓

✕

✓

Rajendaran16 [16]

✓

✓

✕

DoSGuard

-

RaD

✓

✓

✓

DoSGuard

-

RwD

✓

✕

✓

Comparison with State of the Art

J. Rajendran, O. Sinanoglu, and R. Karri. “Building trustworthy systems using untrusted components: A high-level synthesis approach

”, IEEE Transactions on VLSI Systems, 2016.

Base System – M cores, 2 cores per each stage

14

Technique

# of Cores

Dyn

. Power

Sta. Power

State of the Art

2M

P

D

*(2M)

P

S

*(2M)

DoSGuard

M

+ 3

P

D

*

(M

+3)

P

S*(M+3)Table 4: Hardware Trojan Attacks DetectionTechnique# of Cores

Dyn. PowerSta. Power

State of the Art

3M

P

D

*(3M)

P

S

*(3M)

DoSGuard

-

RaD

1.5M + 3

P

D

*

(M

+3)

P

S

*

(1.5M+3)

Table 5

:

Hardware Trojan Infected Cores Identification

TMR

TMR

TMR

TMR

Attack Scenarios

-

DoS

attacks

TMR

Monitoring System - TMR !!!!

Input - True/False Signals

+ Buffer Delays

Time bomb Trojans – Resetting the Cores

PMPSoC

-

failure

of one stage - failure of the

entire system

15

Summary

DoSGuard

:

Detect, Identify,

and

Recover

–

DoS

attacks

Fewer number of cores, Less power, No throughput reduction

16

Thank You!

17