Detalhes bibliográficos
| Ano de defesa: |
2022 |
| Autor(a) principal: |
Marchese, Tadeu de Sousa
 |
| Orientador(a): |
Moraes, Fernando Gehm
|
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Pontifícia Universidade Católica do Rio Grande do Sul
|
| Programa de Pós-Graduação: |
Programa de Pós-Graduação em Ciência da Computação
|
| Departamento: |
Escola Politécnica
|
| País: |
Brasil
|
| Palavras-chave em Português: |
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
http://tede2.pucrs.br/tede2/handle/tede/10131
|
Resumo: |
The increase in complexity in Integrated Circuits (ICs) designs due to the amount of prevalidated hardware modules (Intellectual Property - IPs) integrated into the same System-on- Chip (SoC) motivates the development of scalable communication models such as Networkson- Chip (NoCs). This model brings concepts of computer networks, parallel and distributed applications to IC projects. IP modules are used to reduce engineering costs and design time, and their reuse is facilitated by the adoption of standardized interfaces and protocols. The possibility of running applications from different sources and profiles in parallel in a Multiprocessor-System-on-Chip (MPSoC) makes it susceptible to attacks from malicious applications, which can use the resources sharing provided by the platform to extract information or prevent its functioning. This work reviews the state-of-the-art in security network interfaces for NoCs, considering a threat model with the following security principles: security, integrity, non-repudiation, confidentiality, availability, authorization. We propose a secure network interface (NI) for MPSoCs to abstract their internal protocol to external peripherals. This NI allows the integration of third-party IPs as hardware accelerators, in addition to providing access control for the peripherals connected to the MPSoC and also ensuring integrity and confidentiality of the messages coming from tasks running on it (in-transit) during the communication with external peripherals and during storage in memories connected to the MPSoC. As proof of concept, an external memory with a standardized interface and protocol was developed, integrated into the Memphis MPSoC, with the API developed at the kernel level. The API implements a resource allocation scheme that allows controlling access to peripherals and prevents the injection of forged packets into the network. We show through the experiments that it is possible to mitigate attacks arising from the execution of malicious tasks and third-party IPs by adopting the secure NI that implements message signature verification, data encryption, resource allocation, and control access mechanisms. |
