WP_Term Object
(
    [term_id] => 77
    [name] => Sonics
    [slug] => sonics
    [term_group] => 0
    [term_taxonomy_id] => 77
    [taxonomy] => category
    [description] => 
    [parent] => 14433
    [count] => 49
    [filter] => raw
    [cat_ID] => 77
    [category_count] => 49
    [category_description] => 
    [cat_name] => Sonics
    [category_nicename] => sonics
    [category_parent] => 14433
)

Security Needs in On-Chip Networks

Security Needs in On-Chip Networks
by Randy Smith on 08-25-2013 at 8:15 pm

 I remember during my first ten years as a software developer, I used many different computers such as IBM mainframes, Apollo and Sun workstations, and VAX computers. During that time I also bought my first home computer, a Macintosh. I didn’t of course think of this at the time, but the one thing they all had in common was that they did not need antivirus software. Things have really changed a lot in the last ten years. A few years ago, I bought an Android cell phone – even that phone required antivirus software. That was one of the reasons why decided to move to an iPhone. Now, as we enter the era of the Internet of Things (IoT), security is becoming a very critical issue in a growing number of chip designs for this market.

Over the next several years, we will increasingly interact with specialized processors, and a growing number of devices, in our home, work, and the places we visit. Since we will be able to connect to these devices and interact with these devices in many different ways it is important that we feel secure when connecting with these devices. For example, if we install devices to be able to remotely lock and unlock the front door of our home, we want to make sure that no one else can use the system for the same purpose. This is why the chip designer, developing products for the IoT, needs to ensure the security of the data path from various processors and memory. The on-chip network, which manages the data flow through the chip, is a key component in the system that includes various security features, also called protection mechanisms or firewalls.

It is important that in selecting an on-chip network intellectual property (IP) provider, that you choose one which supports a broad set of security features in its products. The IP should come with mechanisms to enable content protection, core hijacking prevention, and denial of service protection. I have found that all these features, and more, exist in the security mechanisms provided in the products of Sonics.

Sonics security measures are based on the attributes of address, initiator ID, command, and user signals. The methodology includes the use of protection groups to determine which devices are allowed to communicate and what actions they may perform. The access rights are stored in a table of run-time configurable registers – these registers reside in a protected region. The system then performs two tests. First, is the incoming request type allowed according to the read and write permissions? And secondly, are the role bits of the incoming request within the allowed pattern established by the user defined network permissions? If the request passes both tests, access is allowed to the target. There is also a definition of “burst communication”. By chopping the data transfers into bursts, the overhead of security measures can be controlled.

Using these security features, various security protocols may be developed. One such example is shown in the figure above. Sonics network on-chip security measures go much further in identifying multiple threat vectors. The protection mechanism addresses security vulnerabilities such as information extraction, core hijacking, and denial of service attacks. While I am certainly glad I never needed to develop these features in the programs I previously developed for EDA tools, it is good to know that a semiconductor intellectual property provider such as Sonics has built mechanisms into their IP which makes security much easier to implement. Be sure to look into the security measures available in your network-on-chip IP.


Comments

0 Replies to “Security Needs in On-Chip Networks”

You must register or log in to view/post comments.