Abstract
System-on-Chip (SoC) security architectures targeted towards diverse applications including Internet of Things (IoT) and automotive systems enforce two critical design requirements: in-field configurability and low overhead. To simultaneously address these constraints, in this paper, we present a novel, flexible, and adaptable SoC security architecture that efficiently implements diverse security policies. The architecture and associated CAD flow enable “hardware patching,” i.e., hardware security policy engine that can be seamlessly and securely upgraded in field to address unanticipated attacks or new security requirements. The proposed framework provides a systematic approach to represent and synthesize diverse security policies. Through extensive analysis using representative SoC models, we show, for the first time to our knowledge, that the proposed framework provides high level of patchability with minimal energy and performance overhead.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
J. Backer, D. Hely, R. Karri, On enhancing the debug architecture of a system-on-chip (SoC) to detect software attacks, in IEEE DFTS (2015)
A. Basak, S. Bhunia, S. Ray, A flexible architecture for systematic implementation of SoC security policies, in IEEE/ACM International Conference on Computer-Aided Design (ICCAD) (2015), pp. 536–543
Counterfeit chips on the rise, http://spectrum.ieee.org/computing/
D. Evans, The internet of things - how the next evolution of the internet is changing everything, in White Paper. Cisco Internet Business Solutions Group (IBSG) (2011)
J.A. Goguen, J. Meseguer, Security policies and security models, in Proceedings of 1982 IEEE Symposium on Security and Privacy (1982), pp. 11–20
J. Lee, I. Heo, Y. Lee, Y. Paek, Efficient dynamic information flow tracking on a processor with core debug interface, in ACM DAC (2015)
X. Li, Sapper: a language for hardwarelevel security policy enforcement, in Architectural Support for Programming Languages and Operating Systems (ASPLOS) (2014)
J. Loucaides, A. Furtak, A new class of vulnerability in SMI handlers of BIOS/UEFI firmware, in The 15th Annual CanSecWest Conference (CanSecWest 2015) (2015)
A.P.D. Nath, S. Ray, A. Basak, S. Bhunia, System-on-chip security architecture and cad framework for hardware patch, in ASP DAC (2018)
S. Ray, J. Yang, A. Basak, S. Bhunia, Correctness and security at odds: post-silicon validation of modern SoC designs, in ACM DAC (2015)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Ray, S., Basak, A., Bhunia, S. (2019). A Move Towards a Hardware Patch. In: Security Policy in System-on-Chip Designs. Springer, Cham. https://doi.org/10.1007/978-3-319-93464-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-93464-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93463-1
Online ISBN: 978-3-319-93464-8
eBook Packages: EngineeringEngineering (R0)