Security Enhancement for Multicore Processor Chips

Lightweight Snooping Invalidation & Aging-based Snooping Detection Mechanisms

Opportunity

Available for Licensing

IP Status

US Utility Patent Pending (Not Yet Published)

Inventors

​Sudeep Pasricha
Venkata Yaswanth Raparti

At A Glance

​Researchers at Colorado State University have developed novel security enhancements of network-on-chip (NoC) based multicore processors by preventing and detecting data snooping attacks aided by Hardware Trojans (HTs) that are inserted maliciously into chip intellectual property (IP) components such as the network interface (NI) and the NoC router.  The system consists of (1) a low-overhead snooping invalidation module (SIM) that uses an encoding-based duplicate packet detection mechanism to prevent malicious data replication by HTs in NoCs; and (2) a data-snooping detection circuit (THANOS) that uses threshold voltage degradation as a means to detect an on-going applications that utilizes such HTs and blacklists the software that initiated the attack.  Experimental analysis shows that unlike state-of-the-art mechanisms, SIM and THANOS not only mitigate snooping attacks but also improve NoC performance by 8.4% in the presence of these attacks, with a minimal area and power overhead (~2.15% and ~5.5%, respectively).

For more details, please contact our office.

Licensing Director

Mandana Ashouri
Mandana.Ashouri@colostate.edu
970-491-7100

Reference No.:  2019-093

Background

Data-snooping is a serious security threat in network-on-Chip (NoC) fabrics that can lead to theft of sensitive information from applications executing on manycore processors.   Hardware Trojans (HTs) covertly embedded in NoC components can carry out such snooping attacks, creating a major security challenge for multicore computing chips typically found in all types of computers: smartphones, IoT devices, desktops/laptops, servers etc.

With the growing complexity in NoC design, designers are opting for third-party NoC Ips, which has led to major challenges in ensuring secure execution of applications on manycore platforms in the presence of potentially untrusted hardware and software components.  Accordingly, it is essential to design more secure processors that can detect and address malicious hardware Trojan triggered attacks in a very lightweight manner, transparent to the user of the chip.

Technology Overview

To prevent such snooping attacks, two novel security enhancements were developed: (1) a snooping invalidation module (SIM) at the NI, and (2) an aging-based threshold-driven NoC snooping detection module (THANOS) at the processing element.  Hardware Trojans in an NI can potentially duplicate the packets and send them to a malicious application executing on a processing element using the shared resources of the NoC.  The system here prevents duplicate packets from entering the NoC using the SIM module.  In SIM, the packets are enhanced by appending an additional security key that needs to be validated in the NI before injecting packets into the NoC.  The low-cost key-generation and validation mechanisms that are integrated into the NI which incur only 1 additional clock cycle latency at 1 GHz clock frequency with ~5.5% power and ~2.15% area overheads.  

Furthermore, the system employs a second security mechanism, called THANOS, that detects on-going snooping attacks that may have originated from malicious threads running on one or more cores on the chip, and whose presence would be undetected by the SIM module.  THANOS is a lightweight snooping detection module that uses bias temperature instability (BTI) based circuit aging phenomenon to keep a track of the incoming packets into the processing cores on the chip. A hard-to-tamper circuit in THANOS that uses a combination of analog and digital elements detects and notifies a trusted processing core if there is a large influx of snooped packets over a time window for one or more cores on the chip. Upon receiving the notification, the trusted core could terminate and blacklist the malicious application threads running on the identified cores. THANOS incurs negligible power and area overheads of ~50 μW and ~0.9 μm2 at the 22 nm technology node.

Benefits
  • Detection of malicious thread source and core it is running on (snooping attack)
  • Mitigates attack with less overhead (e.g. area and power dissipation)
  • SIM + THANOS reduces application execution time and energy consumption
Applications
  • Computer processor design
Publications
  1. Y. Raparti and S. Pasricha, “Lightweight Mitigation of Hardware Trojan Attacks in NoC-based Manycore Computing,” 2019 56th ACM/IEEE Design Automation Conference (DAC), Las Vegas, NV, USA, 2019, pp. 1-6.

Last updated: August 2020

Add keywords or various names of inventors here (text is hidden)