Secure Zones for NoC-Based Many-Core Accelerators
Explore the concept of dynamic spatially isolated secure zones for Network-on-Chip (NoC)-based many-core accelerators to mitigate cache-based side-channel attacks. Learn about countermeasures against access-driven attacks and hardware/software solutions to enhance security in parallel processing environments.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Dynamic Spatially Isolated Secure Zones for NoC-based Many- core Accelerators Maria M ndez Real, Vincent Migliore, Vianney Lapotre, Guy Gogniat Lab-STICC Universit de Bretagne-Sud Lorient FRANCE Philipp Wehner, Diana G hringer Ruhr-University Bochum, GERMANY
Context: Context: NoC NoC- -based many based many- -core accelerator core accelerator V: Victim V: Victim A: Attacker A: Attacker A controller is in charge of the deployment of the applications on the accelerator Trusted and untrusted processes executing in parallel sharing resources -> cache-based Side-Channel Attacks (SCA) 2
Context: Cache Context: Cache- -based Side based Side- -Channel Attacks Channel Attacks Cache-based Side-Channel Attacks due to cache sharing Principle Principle: : Caches are seen as leakage channels The attacker behaves as a normal process Analyzes its own activity Determine cache lines or sets accessed by the victim Deduce sensitive information Various Various implementations implementations AES, RSA, ECC Different architectures (Intel, AMD, ARM) [2] 3 [2] Y. Yarom, et al., FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , in the 23th USENIX Security Simposium, 2014.
Countermeasures against access Countermeasures against access- -driven attacks driven attacks Application Application specific specific Software countermeasures: Software countermeasures: Changing the implementation of cryptographic algorithms [3] Too expensive Too expensive - -> not doable > not doable Hardware countermeasures: Hardware countermeasures: Disabling cacheability Flushing the cache after each context switch [4] Changing the cache design -> Partitioned cache [5] Two separate virtual worlds on the same processor [6] Solution at Solution at the processor the processor level only level only [3] J. Blomer and V. Krummel, Analysis of Countermeasures Against Access Driven Cache Attacks on AES, Selected Areas in Cryptography,vol. 4876, pp. 96 109, 2007. [4] Guanciale, et al., Cache Storage Channels: Alias-Driven Attacks and Verified Countermeasures, in IEEE Symposium on Security and Privacy, 2016. [5] Wang and R. B. Lee, New Cache Designs for Thwarting Software Cache-based Side Channel Attacks, in IEEE Symposium on Computer Architecture (ISCA), 2007, pp. 494 505. [6] www.arm.com/products/processors/technologies/trustzone/ 4
Spatial isolation Spatial isolation for sensitive applications for sensitive applications The NoC is secured How can this be achieved? Expected under utilization of resources, how can the performance overhead be evaluated? 5
Implementation Implementation A dedicated processor behaves as a controller of the platform Evaluation of different deployment strategies for the controller Scheduling Monitoring of the platform state Resource allocation algorithms Secure zones creation strategies SW controller is trusted 6 [7] M.M ndez Real et al., ALMOS many-core operating system extension with new secure-enable mechanisms for dynamic creation of secure zones, in Proc. of Euromicro international Conference on Parallel, Distributed and Network-Based Processing (PDP), 2016.
Secure Secure- -enable mechanisms enable mechanisms Scheduling: Scheduling: Round Robin Monitoring: Monitoring: Quaternary decision tree structure Task mapping: Task mapping: Leverage the data accesses locality 2 C 1 C 0 C M : Memory utilization rate U : Processor utilization S : Secure zone dedicated 2 C 0 C total c0 c1 c3 c2 1 C M M M M M U U U U U 0 C S S S S S c0 c1 c2 c3 7
Secure Secure- -enable mechanisms enable mechanisms Isolated application Isolated application - -> secure zone creation: > secure zone creation: Static SZ size 2 C Idle cluster Active cluster Secure zone cluster 1 C 0 C M : Memory utilization rate U : Processor utilization S : Secure zone dedicated 0 c1 2 C C 1 total c0 c3 c2 C M M M M M U U U U U 0 C S S S S S c0 c1 c2 c3 8
Secure Secure- -enable mechanisms enable mechanisms Isolated application Isolated application - -> secure zone creation: > secure zone creation: Static SZ size Dynamic SZ size 2 C Idle cluster Active cluster Secure zone cluster 1 C 0 C M : Memory utilization rate U : Processor utilization S : Secure zone dedicated 0 c1 2 C C 1 total c0 c3 c2 C M M M M M U U U U U 0 C S S S S S c0 c1 c2 c3 9
Experimental setup Experimental setup Virtual prototyping: Virtual prototyping: OVP-based MPSoCSim [8] Experimental Experimental protocol: 4x4 clusters architecture (60 MB + 1 ARM) Matrix multiplications, 17 parallel tasks for each multiplication protocol: 5 applications -> 85 85 tasks running in parallel Different deployment strategies Different deployment strategies: : 1. Secure zones of fixed size Maximum parallelism (5 clusters) Limited resources (4 clusters) 2. Secure zones with dynamic size Different execution scenarios: Different execution scenarios: a. Baseline scenario b. One isolated application arriving at first c. One isolated application at the middle of the execution d. Three isolated applications [8] M.M ndez Real et al., MPSoCSim extension: An OVP Simulator for the Evaluation of Cluster-based Multicore and Many-core architectures, in Proc. Workshop on Virtual Prototyping of Parallel and Embedded Systems (ViPES) as part of the International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation (SAMOS XV), 2016. 10
Results Results Total execution time normalized to the baseline scenario: Up to Up to 30% overhead overhead 30% Negligible Negligible overhead when overhead when no load no load b. b. One isolated application with the highest priority c. c. One isolated application with a medium priority d. d. Three isolated applications 11
Results Results Exec. time of non isolated, isolated application (in msec.) and in average: The static (5 clusters) strategy The static (5 clusters) strategy leverages the performance of leverages the performance of isolated applications isolated applications 1. Static SZ size (5 clusters) 2. 2. Static SZ size (4 clusters) 3. 3. Dynamic SZ size The dynamic strategy The dynamic strategy leverages the performance of leverages the performance of non isolated applications non isolated applications b. b. One isolated application with the highest priority c. c. One isolated application with a medium priority d. d. Three isolated applications 12
Results Results Resources utilization rate: 1. 1. Static SZ size (5 clusters) 2. 2. Static SZ size (4 clusters) 3. 3. Dynamic SZ size The dynamic strategy The dynamic strategy achieves the highest achieves the highest resource utilization resource utilization rate rate 13
Conclusion and future work Conclusion and future work Spatial isolation of sensitive applications VS cache-based SCA Evaluation on different execution scenarios with different strategies through virtual prototyping According to the deployment strategy, isolated or/and non isolated applications performance is leveraged Future work: Future work: NoC protection 14
