Network-on-Chip Security and Privacy

Preface
Acknowledgments
Contents
Part I Introduction
1 Trustworthy System-on-Chip Design Using Secure on-Chip Communication Architectures
1.1 Introduction
1.2 Overview of Network-on-Chip (NoC) Architectures
1.2.1 Network-on-Chip Architecture and Communication Protocol
1.2.1.1 Network Topology
1.2.1.2 Router and Routing Protocol
1.2.2 Emerging NoC Technologies
1.2.2.1 Wireless NoC
1.2.2.2 Optical NoC
1.3 Security Landscape in NoC-Based System-on-Chip
1.3.1 Security Vulnerabilities in SoCs
1.3.2 Unique Challenges in Securing NoC-Based SoCs
1.3.2.1 Conflicting Requirements
1.3.2.2 Increased Complexity
1.3.2.3 Diverse Technologies
1.3.3 Threat Models
1.3.3.1 Eavesdropping Attacks
1.3.3.2 Spoofing and Data Integrity Attacks
1.3.3.3 Denial-of-Service Attacks
1.3.3.4 Buffer Overflow and Memory Extraction Attacks
1.3.3.5 Side-Channel Attacks
1.4 Summary
References
2 Interconnect Modeling for Homogeneous and Heterogeneous Multiprocessors
2.1 Interconnects in Modern Systems
2.1.1 Cache Coherence
2.1.1.1 Message Classes and Virtual Networks (Vnets)
2.1.1.2 Message Sizes
2.1.1.3 Point-to-Point Ordering
2.1.2 Heterogeneous Interconnect Systems
2.1.2.1 Multi-Domain Interconnect Systems
2.1.2.2 Serializer-Deserializer Units
2.2 Traffic Models
2.2.1 Synthetic Traffic
2.2.2 Application Traffic
2.2.2.1 Trace-Based Simulation
2.2.2.2 Full-System Simulation
2.3 Analytical Modeling
2.3.1 Latency
2.3.2 Throughput
2.3.3 Energy
2.3.4 Area
2.4 Cycle-Level Software Simulators
2.4.1 Topology
2.4.1.1 Physical Links
2.4.1.2 Network Interface
2.4.1.3 Clock Domain Crossing Units
2.4.1.4 Serializer-Deserializer Units
2.4.2 Routing
2.4.3 Flow Control and Buffer Management
2.4.4 Router Microarchitecture
2.4.5 Life of a Message in Garnet 3.0
2.4.6 Area, Power and Energy Model
2.5 NoC RTL Generators
2.6 Conclusion
References
3 Energy-Efficient Networks-on-Chip Architectures: Design and Run-Time Optimization
3.1 Introduction
3.2 Design Strategies for Energy-Efficient NoCs
3.2.1 NoC Router Design
3.2.2 NoC Architecture and Packet Routing
3.2.3 3D NoC Architectures
3.2.4 Wireless NoC Architectures
3.2.5 Optical NoC Architectures
3.3 Run-Time Power and Energy Management Techniques
3.3.1 Adaptive Routing Approaches
3.3.2 Run-Time Flow Control and Source Throttling Techniques
3.3.3 Voltage-Frequency Scaling
3.4 NoCs for Deep Neural Networks
3.5 Conclusion
References
Part II Design-for-Security Solutions
4 Lightweight Encryption Using Incremental Cryptography
4.1 Introduction
4.2 Background
4.2.1 Symmetric Encryption Schemes
4.2.2 Block Ciphers
4.2.3 Incremental Cryptography
4.3 Related Work
4.3.1 Packet Security and Integrity
4.3.2 Incremental Cryptography
4.4 Motivation
4.5 Incremental Encryption
4.5.1 Overview
4.5.2 Incremental Crypto Engine
4.5.3 Encryption Scheme
4.5.4 Initialization and Parameter Refresh
4.6 Experiments
4.6.1 Experimental Setup
4.6.2 Performance Evaluation
4.6.3 Security Analysis
4.6.4 Overhead Analysis
4.7 Summary
References
5 Trust-Aware Routing in NoC-Based SoCs
5.1 Introduction
5.2 Motivation
5.3 Related Work
5.4 NoC Trust Model
5.4.1 Axioms for Trust Delegation
5.4.2 Delegated Trust Calculation
5.4.3 Direct Trust Calculation
5.5 Trust-Aware Routing
5.5.1 Updating Trust
5.5.2 Delegating Trust in the NoC
5.5.3 Routing Protocol
5.6 Experiments
5.6.1 Experimental Setup
5.6.2 Performance Improvement
5.6.3 Energy Efficiency Improvement
5.6.4 Overhead Analysis
5.7 Summary
References
6 Lightweight Anonymous Routing for On-chip Interconnects
6.1 Introduction
6.2 Background
6.2.1 Symmetric and Asymmetric Encryption
6.2.2 Authenticated Encryption with Associated Data
6.2.3 Secret Sharing with Polynomial Interpolation
6.2.4 Router and Routing Protocol
6.2.5 Anonymous Communication using Onion Routing
6.3 Related Work
6.4 Motivation
6.5 Lightweight Encryption and Anonymous Routing Protocol
6.5.1 Overview
6.5.2 Route Discovery
6.5.3 Data Transfer
6.5.4 Parameter Management
6.6 Experiments
6.6.1 Experimental Setup
6.6.2 Performance Evaluation
6.6.3 Area Overhead of the Key Mapping Table
6.6.4 Security Analysis
6.7 Discussion
6.7.1 Feasibility of a Separate Service NoC
6.7.2 Obfuscating the Added Secret
6.7.3 Hiding the Number of Layers
6.8 Summary
References
7 Secure Cryptography Integration: NoC-Based Microarchitectural Attacks and Countermeasures
7.1 Introduction
7.2 MPSoC Organization
7.2.1 General Description
7.2.2 Computation Structure
7.2.3 Memory Structure
7.2.4 Communication Structure: Network-on-Chip (NoC)
7.3 Cryptographic Implementation
7.3.1 Basic Concepts
7.3.2 Current and Future Cryptography
7.3.2.1 Symmetric Cryptography
7.3.2.2 Public Key Cryptography
7.4 Threat Model
7.5 Microarchitectural Attacks
7.5.1 Computation Attacks
7.5.2 Cache Attacks
7.5.3 NoC Attacks
7.6 NoC-Enhanced Cache Attacks
7.6.1 Description
7.6.2 Countermeasures
7.7 Summary and Conclusions
References
Part III Runtime Monitoring Techniques
8 Real-Time Detection and Localization of DoS Attacks
8.1 Introduction
8.2 System and Threat Models
8.2.1 Threat Model
8.2.2 Communication Model
8.3 Related Work
8.4 Real-Time Attack Detection and Localization
8.4.1 Determination of Arrival Curve Bounds
8.4.2 Determination of Destination Latency Curves
8.4.3 Real-Time Detection of DoS Attacks
8.4.4 Real-Time Localization of Malicious IPs
8.4.4.1 DoS Attack by a Single MIP
8.4.4.2 DoS Attack by Multiple MIPs
8.5 Experiments
8.5.1 Experimental Setup
8.5.2 Efficiency of Real-Time DoS Attack Detection
8.5.3 Efficiency of Real-Time DoS Attack Localization
8.5.4 Overhead Analysis
8.5.4.1 Performance Overhead
8.5.4.2 Hardware Overhead
8.6 Case Study with Intel KNL Architecture
8.7 Discussion
8.8 Summary
References
9 Securing on-Chip Communication Using Digital Watermarking
9.1 Introduction
9.2 Threat Model and Related Work
9.2.1 Related Work
9.2.2 Threat Model
9.3 Motivation
9.4 NoC Packet Watermarking
9.4.1 Definitions
9.4.1.1 Hoeffding's Inequality
9.4.1.2 Bounds for Binary Codes
9.4.2 Overview
9.4.3 Probabilistic Watermarking Concept
9.4.4 Watermark Encoder and Decoder
9.4.4.1 Watermark Encoding Process
9.4.4.2 Watermark Decoding Process
9.4.5 Managing Shared Secrets
9.5 Theoretical Analysis
9.5.1 Bit Decoding Success Rate During Normal Operation
9.5.2 Impact of an Attack on the Bit Decoding Success Rate
9.5.3 Optimal Error Margin Selection
9.5.3.1 Maximizing Watermark Detection Rate
9.5.3.2 Minimizing Risk of Watermark Forging Attacks
9.6 Experimental Results
9.6.1 Experimental Setup
9.6.2 Parameter Tuning
9.6.2.1 Bit Decoding Success Rate Behavior with m and α
9.6.2.2 Choosing δ and w
9.6.3 Performance Evaluation
9.7 Discussion
9.7.1 Eliminating the Trusted Dealer
9.7.2 What Can Be Inferred from Packet Timing?
9.7.3 Watermark Is Not a Secret Anymore?
9.8 Summary
References
10 Network-on-Chip Attack Detection using Machine Learning
10.1 Introduction
10.2 Threat Model and Related Work
10.2.1 Threat Model
10.2.2 Related Work
10.2.2.1 DoS Attacks in Computer Networks
10.2.2.2 DoS Attacks in NoC-based SoCs
10.2.2.3 Securing Networks using Machine Learning
10.3 Motivation
10.4 NoC Attack Detection Using Machine Learning
10.4.1 Machine Learning Model
10.4.1.1 Training the ML model
10.4.1.2 Attack Detection
10.4.2 Implementation of Hardware Components
10.4.2.1 Multiple Physical NoCs
10.4.2.2 Probes at Routers and Security Engine
10.5 Experiments
10.5.1 Experimental Setup
10.5.2 Machine Learning Model Comparison
10.5.3 Feature Importance
10.5.4 DoS Attack Detection Accuracy
10.6 Summary
References
11 Trojan Aware Network-on-Chip Routing
11.1 Introduction
11.1.1 Overview of Hardware Trojans
11.1.2 Trojan-Based Attacks on NoC Architectures
11.1.2.1 Denial of Service (DoS)
11.1.2.2 Information Leakage
11.1.2.3 Data Corruption
11.1.2.4 Functional Modification
11.2 Different Placements of Hardware Trojans
11.2.1 Trojan at Network Interface (NI)
11.2.2 Trojan at Network Link
11.2.3 Trojan at Input/Output Buffers
11.2.4 Trojan at Network Routers
11.3 SECTAR: Secure NoC Using Trojan Aware Routing
11.3.1 Threat Model
11.3.1.1 Attack Scenario: Denial of Service (DoS)
11.3.1.2 Attack Scenario: Injection Suppression
11.3.1.3 Attack Scenario: Delay of Service
11.3.2 Trojan Aware Routing
11.3.2.1 Detecting the Trojan
11.3.2.2 Shielding the Trojan
11.3.2.3 Bypassing the Trojan
11.4 Performance Evaluation
11.4.1 Simulation Framework and Workloads
11.4.2 Results and Discussion
11.4.2.1 Effective Average Packet Latency
11.4.2.2 Effective Average Deflected Packet Latency
11.4.2.3 Throughput
11.4.2.4 Injection Suppression Avoidance
11.4.3 Overhead
11.5 Summary
References
Part IV NoC Validation and Verification
12 Network-on-Chip Security and Trust Verification
12.1 Introduction
12.2 Network-on-Chip Architectures and Security Vulnerabilities
12.2.1 Network-on-Chip (NoC) Architectures
12.2.2 NoC Security Vulnerabilities
12.2.2.1 Packet Duplication
12.2.2.2 Packet Corruption
12.2.2.3 Packet Starvation
12.2.2.4 Packet Dropping
12.2.2.5 Packet Misrouting
12.3 Formal Verification of NoC Security Vulnerabilities
12.3.1 Definition of NoC Security Properties
12.3.2 Verification of NoC Security Properties
12.4 Simulation-Based Validation Using Security Assertions
12.4.1 Types of Assertions
12.4.2 Generation of Security Assertions
12.4.3 Directed Test Generation to Activate Security Assertions
12.5 Post-Silicon NoC Security Validation
12.5.1 Vulnerability Analysis for Security Assertion Generation
12.5.2 On-Chip Trigger Design Using Security Assertions
12.5.3 Security-Aware Trace Signal Selection
12.5.4 Post-Silicon Debug of Security Vulnerabilities
12.6 Experiments
12.6.1 Experimental Setup
12.6.1.1 Pre-Silicon NoC Validation Setup
12.6.1.2 Post-Silicon NoC Debug Setup
12.6.2 Pre-Silicon Validation Utilizing Security Assertions
12.6.3 Post-Silicon Debug of Injected Vulnerabilities
12.7 Summary
References
13 NoC Post-Silicon Validation and Debug
13.1 Introduction
13.2 NoC Fault Model
13.2.1 Short-lived Faults
13.2.1.1 Dropped Data Fault (DDF)
13.2.1.2 Corrupt Data Fault (CDF)
13.2.1.3 Direction Fault (DF)
13.2.1.4 Multiple Copies in Space Fault (MCSF)
13.2.1.5 Multiple Copies in Time Fault (MCTF)
13.2.1.6 Starvation
13.2.2 Permanent Faults
13.2.2.1 Deadlock
13.2.2.2 Livelock
13.3 NoC Post-Silicon Validation Framework
13.4 Packet Trace Collection
13.4.1 NoC Monitoring Infrastructure
13.4.2 Process of Trace Collection
13.5 Trace Data Transfer and Storage
13.5.1 Trace Transfer
13.5.2 Trace Storage
13.5.3 Trace Reduction
13.6 Fault Analysis
13.7 NoC Validation Framework using Wireless Links
13.7.1 Debug Operation using WIs
13.7.2 Wireless Interface
13.7.3 Results and Analysis
13.7.3.1 Trace Buffer Size
13.7.3.2 Efficient Trace Data Transfer
13.8 Reuse of NoC Debug Infrastructure
13.8.1 Trace Buffer Distribution
13.8.1.1 Profiling the Router Nodes
13.8.1.2 Fair Division of Trace Buffers
13.8.2 Network Operation
13.8.2.1 During Debug Mode
13.8.2.2 During In-field Execution Mode
13.8.3 Experimental Results
13.8.3.1 Value Function Calculation and Trace Buffer Distribution
13.8.3.2 Trace Buffer Overflow
13.8.3.3 Network Performance
13.9 Conclusion and Future Work
References
14 Design of Reliable NoC Architectures
14.1 Introduction
14.2 Factors Affecting NoC Reliability
14.2.1 Negative Bias Temperature Instability and Electromigration
14.2.2 Asymmetric Traffic Utilization
14.2.3 Hot Carrier Injection
14.2.4 Quality-of-Service (QoS) Policies
14.2.5 Voltage Emergencies
14.2.6 Power Supply Noise
14.3 Reliable NoC Design Methodologies
14.3.1 Overcoming NBTI and Electromigration
14.3.2 Balancing Traffic Utilization
14.3.2.1 Criticality of Different Flits in NoCs
14.3.2.2 Wearout Monitoring System (WMS) for NoC Routers
14.3.2.3 Criticality-Driven Path Selection
14.3.3 Tackling HCI
14.3.3.1 Bit Cruising (BC)
14.3.3.2 Distributed Cycle Mode (DCM)
14.3.3.3 Crossbar Lane Switching (CLS)
14.3.3.4 Bit Cruising and Crossbar Lane Switching (BCCLS)
14.3.4 Managing QoS support
14.3.4.1 NoC Health Meter (NHM)
14.3.4.2 Propagating Delay Information and Routing Table Update
14.3.4.3 Routing Algorithm
14.3.4.4 Applying NoC Health Meter in Dynamic Wearout Resilient Routing
14.3.5 Voltage Emergencies
14.3.5.1 Error Detection and Confinement
14.3.5.2 Recovery Mechanisms
14.3.6 Power Supply Noise
14.3.6.1 Hierarchical MCL Allocation
14.3.6.2 Optimizations of PAF
14.3.6.3 PAF-Aware Adaptive Routing Algorithm
14.3.7 Concurrent Research Works
14.4 Summary
References
Part V Emerging NoC Technologies
15 Securing Silicon Photonic NoCs Against Hardware Attacks
15.1 Introduction
15.2 State of the Art in NoCS
15.3 Photonic NoCS (PNoCS) and Related Security Challenges
15.4 Related Work
15.5 Hardware Security Concerns in PNoCS
15.5.1 Device-Level Security Concerns
15.5.2 Link-Level Security Concerns
15.6 SOTERIA Framework:Overview
15.7 Privy Data Encipherment Scheme (PDES)
15.8 Reservation-Assisted Metadata Protection Scheme
15.9 Implementing SOTERIA Framework on PNoCS
15.10 Evaluations
15.10.1 Evaluation Setup
15.10.2 Overhead Analysis of SOTERIA on PNoCs
15.10.3 Analysis of Overhead Sensitivity
15.11 Conclusion
References
16 Security Frameworks for Intra and Inter-Chip Wireless Interconnection Networks
16.1 Introduction
16.2 Contemporary Works
16.3 Attack Model for WiNoCs and WiNiPs
16.4 Security Framework for On-Chip Wireless NoC (WiNoC)
16.4.1 WiNoC Topology
16.4.2 Wireless Interconnect Overview
16.4.3 WSU Design for Secure Wireless Communication
16.4.4 DoS Attack Detection and Defense Mechanism
16.4.4.1 Machine Learning for Attack Detection
16.4.4.2 Strengthening Attack Detection with Adversarial Learning
16.4.4.3 Attack Detection Unit Operation
16.4.4.4 WiNoC Defense Mechanism Against DoS Attack
16.4.5 Defending WiNoC Against Eavesdropping
16.4.5.1 Defense against External Eavesdropper
16.4.5.2 Defense Against Internal Eavesdropper
16.5 Experimental Results and Analysis
16.5.1 Simulation Setup
16.5.2 ML Classifier Performance for DoS Attack Detection
16.5.3 Detection Accuracy with Adversarial Attacks
16.5.4 Performance of the WiNoC in Presence of DoS Attacks
16.5.5 WiNoC Performance Against Eavesdropping
16.6 Security Framework for Multichip Systems with Wireless Network-in-Package (WiNiP) Interconnect
16.6.1 Multichip Topology
16.6.2 Persistent Jamming-based DoS-Aware Reconfigurable MAC
16.6.3 Attack and Normal Mode Communication Protocol
16.6.3.1 Selection and Generation of PN Code
16.6.3.2 ACDMA Communication Mechanism in Attack Mode
16.6.4 DoS Attack Detection and Defense for WiNiP
16.7 Simulation Results
16.7.1 Evaluation Under Persistent Jamming-Based DoS Attack
16.7.1.1 Internal jamming
16.7.1.2 External Jamming
16.7.2 Optimum PN Code Length Selection
16.7.3 Eavesdropping in WiNiP
16.7.4 Overhead Analysis
16.8 Conclusions
References
17 Securing 3D NoCs from Hardware Trojan Attacks
17.1 Introduction
17.2 Related Work
17.3 Background and Attack Model
17.3.1 Background
17.3.2 Attack Model
17.3.3 Design Details: Network Interface with a Hardware Trojan
17.3.4 Hardware Trojan Attack Model in 3D NoCs
17.4 Mitigation of 3D NoC Snooping Attacks
17.4.1 Security Enhanced NI: Preventing Data-Snooping Attack
17.4.1.1 Overhead Analysis
17.4.2 Detecting the Source of a Data-Snooping Attack
17.4.2.1 Overview of Snooping Detection Circuit
17.4.2.2 Operation of Snooping Detection Circuit
17.5 Experiments
17.6 Conclusions
References
Part VI Conclusion and Future Directions
18 The Future of Secure and Trustworthy Network-on-Chip Architectures
18.1 Summary
18.1.1 NoC-Based SoC Design Methodology
18.1.2 Design-for-Security Solutions
18.1.3 Runtime Monitoring Techniques
18.1.4 NoC Validation and Verification
18.1.5 Emerging NoC Technologies
18.2 Future Directions
18.2.1 Confluence of Functional Validation and Security Verification
18.2.2 Security of Emerging NoC Architectures
18.2.3 Seamless Integration of NoC Security Mechanisms
18.2.4 NoC Security versus Interoperability Constraints
18.2.5 Comprehensive NoC Security Vulnerability Analysis
18.2.6 NoC Security and Privacy Analytics Using Machine Learning
References
Index