当前位置: X-MOL 学术IEEE Trans. Comput. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
2.5D Root of Trust: Secure System-Level Integration of Untrusted Chiplets
IEEE Transactions on Computers ( IF 3.6 ) Pub Date : 2020-11-01 , DOI: 10.1109/tc.2020.3020777
Mohammed Nabeel , Mohammed Ashraf , Satwik Patnaik , Vassos Soteriou , Ozgur Sinanoglu , Johann Knechtel

For the first time, we leverage the 2.5D interposer technology to establish system-level security in the face of hardware- and software-centric adversaries. More specifically, we integrate chiplets (i.e., third-party hard intellectual property of complex functionality, like microprocessors) using a security-enforcing interposer. Such hardware organization provides a robust 2.5D root of trust for trustworthy, yet powerful and flexible, computation systems. The security paradigms for our scheme, employed firmly by design and construction, are: 1) stringent physical separation of trusted from untrusted components and 2) runtime monitoring. The system-level activities of all untrusted commodity chiplets are checked continuously against security policiesvia physically separated security features. Aside from the security promises, the good economics of outsourced supply chains are still maintained; the system vendor is free to procure chiplets from the open market, while only producing the interposer and assembling the 2.5D system oneself. We showcase our scheme using the Cortex-M0 core and the AHB-Lite bus by ARM, building a secure 64-core system with shared memories. We evaluate our scheme through hardware simulation, considering different threat scenarios. Finally, we devise a physical-design flow for 2.5D systems, based on commercial-grade design tools, to demonstrate and evaluate our 2.5D root of trust.

中文翻译:

2.5D 信任根:不受信任小芯片的安全系统级集成

面对以硬件和软件为中心的对手,我们首次利用 2.5D 中介层技术建立系统级安全性。更具体地说,我们使用安全实施中介层集成小芯片(即复杂功能的第三方硬知识产权,如微处理器)。这种硬件组织为可信赖但功能强大且灵活的计算系统提供了强大的 2.5D 信任根。我们的方案的安全范式被设计和构造牢牢采用,是:1) 可信组件与不可信组件的严格物理分离和 2) 运行时监控。所有不受信任的商品小芯片的系统级活动都通过物理分离的安全功能根据安全策略进行持续检查。除了安全承诺,外包供应链的良好经济效益仍然保持;系统供应商可以自由地从公开市场采购小芯片,而只能自己生产中介层和组装 2.5D 系统。我们展示了我们使用 Cortex-M0 内核和 ARM 的 AHB-Lite 总线的方案,构建了一个具有共享内存的安全 64 核系统。我们通过硬件模拟评估我们的方案,考虑不同的威胁场景。最后,我们为 2.5D 系统设计了一个基于商业级设计工具的物理设计流程,以展示和评估我们的 2.5D 信任根。构建具有共享内存的安全 64 核系统。我们通过硬件模拟评估我们的方案,考虑不同的威胁场景。最后,我们为 2.5D 系统设计了一个基于商业级设计工具的物理设计流程,以展示和评估我们的 2.5D 信任根。构建具有共享内存的安全 64 核系统。我们通过硬件模拟评估我们的方案,考虑不同的威胁场景。最后,我们为 2.5D 系统设计了一个基于商业级设计工具的物理设计流程,以展示和评估我们的 2.5D 信任根。
更新日期:2020-11-01
down
wechat
bug