TY - JOUR
T1 - Behind the last line of defense: Surviving SoC faults and intrusions
AU - Gouveia, Inês Pinto
AU - Völp, Marcus
AU - Esteves-Verissimo, Paulo
N1 - KAUST Repository Item: Exported on 2022-10-05
Acknowledgements: This work was supported by the Fonds National de la Recherche (FNR) [C18/IS/12686210/HyLIT].
PY - 2022/9/22
Y1 - 2022/9/22
N2 - Today, leveraging the enormous modular power, diversity and flexibility of manycore systems-on-a-chip (SoCs) requires careful orchestration of complex and heterogeneous resources, a task left to low-level software, e.g., hypervisors. In current architectures, this software forms a single point of failure and worthwhile target for attacks: once compromised, adversaries can gain access to all information and full control over the platform and the environment it controls. This article proposes Midir, an enhanced manycore architecture, effecting a paradigm shift from SoCs to distributed SoCs. Midir changes the way platform resources are controlled, by retrofitting tile-based fault containment through well known mechanisms, while securing low-overhead quorum-based consensus on all critical operations, in particular privilege management and, thus, management of containment domains. Allowing versatile redundancy management, Midir promotes resilience for all software levels, including at low level. We explain this architecture, its associated algorithms and hardware mechanisms and show, for the example of a Byzantine fault tolerant microhypervisor, that it outperforms the highly efficient MinBFT by one order of magnitude.
AB - Today, leveraging the enormous modular power, diversity and flexibility of manycore systems-on-a-chip (SoCs) requires careful orchestration of complex and heterogeneous resources, a task left to low-level software, e.g., hypervisors. In current architectures, this software forms a single point of failure and worthwhile target for attacks: once compromised, adversaries can gain access to all information and full control over the platform and the environment it controls. This article proposes Midir, an enhanced manycore architecture, effecting a paradigm shift from SoCs to distributed SoCs. Midir changes the way platform resources are controlled, by retrofitting tile-based fault containment through well known mechanisms, while securing low-overhead quorum-based consensus on all critical operations, in particular privilege management and, thus, management of containment domains. Allowing versatile redundancy management, Midir promotes resilience for all software levels, including at low level. We explain this architecture, its associated algorithms and hardware mechanisms and show, for the example of a Byzantine fault tolerant microhypervisor, that it outperforms the highly efficient MinBFT by one order of magnitude.
UR - http://hdl.handle.net/10754/682221
UR - https://linkinghub.elsevier.com/retrieve/pii/S0167404822003121
UR - http://www.scopus.com/inward/record.url?scp=85138450964&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2022.102920
DO - 10.1016/j.cose.2022.102920
M3 - Article
SN - 0167-4048
VL - 123
SP - 102920
JO - Computers and Security
JF - Computers and Security
ER -