Security and Survivability of Heterogeneous SoCs

Abstract

With the increasing popularity of internet-of-things (IoT) and machine learning-based applications, heterogeneous computing systems-on-chip (SoCs) are being developed to meet the growing need for powerful and energy-efficient computing platforms. Heterogeneous SoCs integrate general-purpose microprocessors, field programmable gate arrays (FPGA) and other domain-specific intellectual property (IP) blocks. Since heterogeneous SoCs are deployed in various platforms and target exciting new applications, security issues must be proactively addressed to ensure that these systems can be deployed with high assurance.Recently, the detection of cache side-channel attacks, rowhammer attacks, and malware has been studied using machine learning based on hardware performance-counter traces. However, studies have shown that the use of performance counters collected from realistic scenarios is not effective for detecting malware. Therefore, we investigate the effectiveness of embedded trace buffers as an alternative to performance counters for detecting malware. In addition, we refute the finding of recent work that shows that performance counters are not effective for malware detection. We show that appropriate data pre-processing techniques and selection of suitable machine learning models can improve malware detection using performance counters. We also leverage machine learning and performance counters to detect hardware Trojans. A hardware Trojan is a malicious circuitry added to the designs. It constitutes another critical threat to microprocessors. Moreover, FPGAs are now being integrated in high-end computing platforms to enable domain-specific customization. Therefore, they constitute important component of contemporary SoCs. However, prior research has only focused on securing the FPGA fabric against the insertion of malicious hardware to the FPGA fabric and the protection of the implemented modules from reverse engineering. This is not sufficient for securing the integration of FPGAs into platforms shared by multiple tenants. We have identified the security breaches caused by multi-tenancy. These attacks include the unauthorized communication between the software applications and the IPs implemented on the FPGA. They also include the hiding and configuration of malicious bitstreams on the FPGAs. Malicious bitstreams implement malicious IPs. These malicious IPs can launch side-channel analysis and fault-injection attacks on the rest of the SoC components. They can also cause overheating of the FPGA fabric. Furthermore, FPGAs communicate with the other SoC components through various interfaces, for example, the Advanced extensible interface and the Avalon memory-mapped interface. Thus, malicious bitstreams can also launch rowhammer attacks on the shared memories in the SoC through these interfaces. We propose novel countermeasures that leverage authentication and encryption algorithms, machine learning models, and reconfigurable monitors to detect these attacks.In addition, since the integration of multiple heterogeneous IPs on the same chip increases system complexity, a reliable debug and test infrastructure is needed. The IEEE Std. 1687 (IJTAG) has been introduced to facilitate the test and debug of modern SoCs, and for on-chip health monitoring. IJTAG allows the integration of IPs as black-box IPs. This opens a loophole for adversaries to compromise IPs to launch attacks on other IPs integrated on-chip. Therefore, we propose countermeasures to secure IPs against attacks launched by other malicious IPs through the SoC IJTAG. Also, the IPs can suffer from design vulnerabilities that can be exploited by malicious IPs integrated on the same SoC or by malicious software and firmware. We propose to secure the IPs against these vulnerabilities by observing the inputs and outputs of each IP using on-chip monitors. These monitors infer the state of the IP and raise an alarm or enforce a corrective action if a vulnerability or an attempt to exploit a vulnerability is detected. In summary, to ensure the security of heterogeneous SoCs, we study the different attack vectors that pose threats to the system and we propose cost-effective countermeasures to ensure trust and reliability. We propose techniques to detect and mitigate the attacks launched on (i) microprocessors, (ii) FPGAs, and (iii) generic IPs. Solutions to the above research problems will strengthen the security and survivability of SoCs. Hence, this thesis will be a key enabler for protecting next-generation SoCs, covering threats at the core, reconfigurable logic, and generic IP levels.