A security-aware routing approach for networks-on-chip
| Ano de defesa: | 2017 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | eng |
| Instituição de defesa: |
Pontifícia Universidade Católica do Rio Grande do Sul
Faculdade de Informática Brasil PUCRS Programa de Pós-Graduação em Ciência da Computação |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | http://tede2.pucrs.br/tede2/handle/tede/7431 |
Resumo: | The next generation of MultiProcessor Systems-on-Chip (MPSoC) will encompass hundreds of integrated processing elements into a single chip, with the promise of highthroughput, low latency and, preferably, low energy utilization. Due to the high communication parallelism required by several applications targeting MPSoC architectures, the Network-on-Chip (NoC) has been widely adopted as a reliable and scalable interconnection mechanism. The NoC design space should be explored to meet the demanding requirements of current applications. Among the parameters that define a NoC configuration, the routing algorithm has been employed to provide services such as fault tolerance, deadlock and livelock freedom, as well as Quality of Service (QoS). As the adoption and complexity of System-on-Chip (SoC) increases for embedded systems, the concern for data protection appears as a new design requirement. Currently, MPSoCs can be attacked by exploiting either hardware or software vulnerabilities, with the later responsible for 80% of the security incidents in embedded systems. Protection against software vulnerabilities can occur at (i) Application Level, by using techniques such as data encryption to avoid plain data transmissions between Intellectual Property (IP) modules; or (ii) Communication Level, inspecting or filtering elements at the interconnect fabric with communication monitors or firewalls, respectively. As such, a routing algorithm aware of security requirements could also offer protection utilizing trusted communication paths in the NoC, avoiding potential malicious elements in otherwise unsafe communication paths. The main contribution of this work is a NoC protection technique at communication level by adapting Segment-based Routing (SBR) and Region-based Routing (RBR) algorithms to consider system security requirements, characterized by security zones which are defined on the NoC according to the mapping of applications on IP modules. Evaluation of the proposed routing technique considers aspects such as the scalability of routing tables, the number of secure communication paths, and the impact of this technique on applications of the NASA Numerical Aerodynamic Simulation (NAS) Parallel Benchmark (NPB). |
| id |
P_RS_4055f0a314b6b97e58ba61bfabd93a74 |
|---|---|
| oai_identifier_str |
oai:tede2.pucrs.br:tede/7431 |
| network_acronym_str |
P_RS |
| network_name_str |
Biblioteca Digital de Teses e Dissertações da PUC_RS |
| repository_id_str |
|
| spelling |
A security-aware routing approach for networks-on-chipUma abordagem de roteamento seguro para redes intrachipNetworks-on-ChipNoCsIntrachip RoutingNoC SecurityRedes IntrachipRoteamento IntrachipSegurança em NoCCIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAOThe next generation of MultiProcessor Systems-on-Chip (MPSoC) will encompass hundreds of integrated processing elements into a single chip, with the promise of highthroughput, low latency and, preferably, low energy utilization. Due to the high communication parallelism required by several applications targeting MPSoC architectures, the Network-on-Chip (NoC) has been widely adopted as a reliable and scalable interconnection mechanism. The NoC design space should be explored to meet the demanding requirements of current applications. Among the parameters that define a NoC configuration, the routing algorithm has been employed to provide services such as fault tolerance, deadlock and livelock freedom, as well as Quality of Service (QoS). As the adoption and complexity of System-on-Chip (SoC) increases for embedded systems, the concern for data protection appears as a new design requirement. Currently, MPSoCs can be attacked by exploiting either hardware or software vulnerabilities, with the later responsible for 80% of the security incidents in embedded systems. Protection against software vulnerabilities can occur at (i) Application Level, by using techniques such as data encryption to avoid plain data transmissions between Intellectual Property (IP) modules; or (ii) Communication Level, inspecting or filtering elements at the interconnect fabric with communication monitors or firewalls, respectively. As such, a routing algorithm aware of security requirements could also offer protection utilizing trusted communication paths in the NoC, avoiding potential malicious elements in otherwise unsafe communication paths. The main contribution of this work is a NoC protection technique at communication level by adapting Segment-based Routing (SBR) and Region-based Routing (RBR) algorithms to consider system security requirements, characterized by security zones which are defined on the NoC according to the mapping of applications on IP modules. Evaluation of the proposed routing technique considers aspects such as the scalability of routing tables, the number of secure communication paths, and the impact of this technique on applications of the NASA Numerical Aerodynamic Simulation (NAS) Parallel Benchmark (NPB).A próxima geração de sistemas multiprocessados intra-chip, do inglês MultiProcessor Systems-on-Chip (MPSoC), comportará centenas de elementos de processamento num único chip, com a promessa de alta vazão de comunicação, baixa latência e, preferencialmente, baixo consumo de energia. Devido à elevada demanda de comunicação paralela de aplicações para MPSoCs, a rede intra-chip, do inglês Network-on-Chip (NoC), tem sido amplamente adotada como um meio de comunicação confiável e escalável para MPSoCs. O espaço de projeto para NoCs deve ser explorado para atender à demanda das aplicações atuais. Dentre os parâmetros que definem uma NoC, o algoritmo de roteamento tem sido utilizado para prover serviços como tolerância à falhas, liberdade de deadlocks e de livelocks, assim como Quality of Service (QoS). Conforme a adoção e complexidade de Systems-on-Chip (SoC) aumenta para sistemas embarcados, a preocupação com a proteção de dados também torna-se um requisito para o projeto de MPSoCs. Atualmente, MPSoCs podem ser atacados explorando vulnerabilidades em hardware ou software, sendo o último responsável por 80% dos incidentes de segurança em sistemas embarcados. A proteção contra vulnerabilidades de software pode acontecer em: (i) Nível de Aplicação, utilizando técnicas como a criptografia, para evitar a transmissão de dados desprotegidos entre os elementos de um MPSoC, conhecidos como módulos de propriedade intelectual, do inglês Intellectual Property (IP); ou (ii) Nível de Comunicação, inspecionando ou filtrando elementos na arquitetura de interconexão através de monitores de comunicação ou firewalls, respectivamente. Portanto, um algoritmo de roteamento, ciente dos requisitos de segurança do sistema, deve oferecer proteção ao utilizar rotas confiáveis na NoC, evitando elementos potencialmente maliciosos em rotas porventura inseguras. A principal contribuição deste trabalho é uma técnica de proteção para NoCs que atua em nível de comunicação, adaptando os algoritmos Segment-based Routing (SBR) e Region-based Routing (RBR) para que estes considerem aspectos de segurança do sistema, estes caracterizados por zonas de segurança definidas na NoC de acordo com o mapeamento de aplicações nos IPs. A avaliação da técnica de roteamento considera aspectos como a escalabilidade das tabelas de roteamento, a quantidade de rotas seguras definidas entre os IPs, e o impacto desta técnica de roteamento em aplicações do benchmark NASA Numerical Aerodynamic Simulation (NAS) Parallel Bencharm (NPB).Pontifícia Universidade Católica do Rio Grande do SulFaculdade de InformáticaBrasilPUCRSPrograma de Pós-Graduação em Ciência da ComputaçãoMarcon, César Augusto Missio527.508.250-91http://buscatextual.cnpq.br/buscatextual/visualizacv.do?id=K4782473A7Sepúlveda, Martha Johannahttp://buscatextual.cnpq.br/buscatextual/visualizacv.do?id=K4717929J1Fernandes, Ramon Costi2017-06-30T13:50:31Z2017-03-13info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://tede2.pucrs.br/tede2/handle/tede/7431enginfo:eu-repo/semantics/openAccessreponame:Biblioteca Digital de Teses e Dissertações da PUC_RSinstname:Pontifícia Universidade Católica do Rio Grande do Sul (PUCRS)instacron:PUC_RS2017-06-30T15:01:50Zoai:tede2.pucrs.br:tede/7431Biblioteca Digital de Teses e Dissertaçõeshttp://tede2.pucrs.br/tede2/PRIhttps://tede2.pucrs.br/oai/requestbiblioteca.central@pucrs.br||opendoar:2017-06-30T15:01:50Biblioteca Digital de Teses e Dissertações da PUC_RS - Pontifícia Universidade Católica do Rio Grande do Sul (PUCRS)false |
| dc.title.none.fl_str_mv |
A security-aware routing approach for networks-on-chip Uma abordagem de roteamento seguro para redes intrachip |
| title |
A security-aware routing approach for networks-on-chip |
| spellingShingle |
A security-aware routing approach for networks-on-chip Fernandes, Ramon Costi Networks-on-Chip NoCs Intrachip Routing NoC Security Redes Intrachip Roteamento Intrachip Segurança em NoC CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO |
| title_short |
A security-aware routing approach for networks-on-chip |
| title_full |
A security-aware routing approach for networks-on-chip |
| title_fullStr |
A security-aware routing approach for networks-on-chip |
| title_full_unstemmed |
A security-aware routing approach for networks-on-chip |
| title_sort |
A security-aware routing approach for networks-on-chip |
| author |
Fernandes, Ramon Costi |
| author_facet |
Fernandes, Ramon Costi |
| author_role |
author |
| dc.contributor.none.fl_str_mv |
Marcon, César Augusto Missio 527.508.250-91 http://buscatextual.cnpq.br/buscatextual/visualizacv.do?id=K4782473A7 Sepúlveda, Martha Johanna http://buscatextual.cnpq.br/buscatextual/visualizacv.do?id=K4717929J1 |
| dc.contributor.author.fl_str_mv |
Fernandes, Ramon Costi |
| dc.subject.por.fl_str_mv |
Networks-on-Chip NoCs Intrachip Routing NoC Security Redes Intrachip Roteamento Intrachip Segurança em NoC CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO |
| topic |
Networks-on-Chip NoCs Intrachip Routing NoC Security Redes Intrachip Roteamento Intrachip Segurança em NoC CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO |
| description |
The next generation of MultiProcessor Systems-on-Chip (MPSoC) will encompass hundreds of integrated processing elements into a single chip, with the promise of highthroughput, low latency and, preferably, low energy utilization. Due to the high communication parallelism required by several applications targeting MPSoC architectures, the Network-on-Chip (NoC) has been widely adopted as a reliable and scalable interconnection mechanism. The NoC design space should be explored to meet the demanding requirements of current applications. Among the parameters that define a NoC configuration, the routing algorithm has been employed to provide services such as fault tolerance, deadlock and livelock freedom, as well as Quality of Service (QoS). As the adoption and complexity of System-on-Chip (SoC) increases for embedded systems, the concern for data protection appears as a new design requirement. Currently, MPSoCs can be attacked by exploiting either hardware or software vulnerabilities, with the later responsible for 80% of the security incidents in embedded systems. Protection against software vulnerabilities can occur at (i) Application Level, by using techniques such as data encryption to avoid plain data transmissions between Intellectual Property (IP) modules; or (ii) Communication Level, inspecting or filtering elements at the interconnect fabric with communication monitors or firewalls, respectively. As such, a routing algorithm aware of security requirements could also offer protection utilizing trusted communication paths in the NoC, avoiding potential malicious elements in otherwise unsafe communication paths. The main contribution of this work is a NoC protection technique at communication level by adapting Segment-based Routing (SBR) and Region-based Routing (RBR) algorithms to consider system security requirements, characterized by security zones which are defined on the NoC according to the mapping of applications on IP modules. Evaluation of the proposed routing technique considers aspects such as the scalability of routing tables, the number of secure communication paths, and the impact of this technique on applications of the NASA Numerical Aerodynamic Simulation (NAS) Parallel Benchmark (NPB). |
| publishDate |
2017 |
| dc.date.none.fl_str_mv |
2017-06-30T13:50:31Z 2017-03-13 |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
| format |
masterThesis |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://tede2.pucrs.br/tede2/handle/tede/7431 |
| url |
http://tede2.pucrs.br/tede2/handle/tede/7431 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
Pontifícia Universidade Católica do Rio Grande do Sul Faculdade de Informática Brasil PUCRS Programa de Pós-Graduação em Ciência da Computação |
| publisher.none.fl_str_mv |
Pontifícia Universidade Católica do Rio Grande do Sul Faculdade de Informática Brasil PUCRS Programa de Pós-Graduação em Ciência da Computação |
| dc.source.none.fl_str_mv |
reponame:Biblioteca Digital de Teses e Dissertações da PUC_RS instname:Pontifícia Universidade Católica do Rio Grande do Sul (PUCRS) instacron:PUC_RS |
| instname_str |
Pontifícia Universidade Católica do Rio Grande do Sul (PUCRS) |
| instacron_str |
PUC_RS |
| institution |
PUC_RS |
| reponame_str |
Biblioteca Digital de Teses e Dissertações da PUC_RS |
| collection |
Biblioteca Digital de Teses e Dissertações da PUC_RS |
| repository.name.fl_str_mv |
Biblioteca Digital de Teses e Dissertações da PUC_RS - Pontifícia Universidade Católica do Rio Grande do Sul (PUCRS) |
| repository.mail.fl_str_mv |
biblioteca.central@pucrs.br|| |
| _version_ |
1850041284311384064 |