Activities per year
Abstract
Embedded multiprocessor system-on-chip (MPSoC) architectures allow implementation of mixed critical applications and provide security mechanisms to segregate and protect system resources such as ARM TrustZone. These architectures enforce strict security measures right from the powering on of the system, to prevent misuse and compromise. However, such security mea- sures have been found vulnerable where security design practices are not considered or are poorly implemented, particularly at software and hardware stack boundaries. Also, the embedded solutions developed using these MPSoC platforms are vulnerable to single points of failure and do not contain active response or mitigations for circumstances where a compromise occurs.
This paper proposes pro-active hardware based policing and policy enforcement approach, along with system architecture and its hardware components, to this research problem. The architecture is physically isolated from the rich computing resources which actively monitors communications of system resources on the ARM AMBA-AXI4 bus. It detects anomalous system behaviours such as policy violation or compromised bus communication responses, and responds with predefined active countermeasures, such as deletion of secret data or disabling of the device to tackle security vulnerabilities and attacks at run- time. This proposed solution complements existing embedded hardware and software security technologies and provides an additional layer of hardware security when a vulnerability is found and exploited. This contribution lends itself to the principle of least privilege, implemented in software-based access control solutions like SELinux to mitigate when other protections have failed. This paper presents a proof-of-concept work supported by preliminary synthesis results on Xilinx Zynq-7000 and Ultra- Scale+ MPSoC chips.
This paper proposes pro-active hardware based policing and policy enforcement approach, along with system architecture and its hardware components, to this research problem. The architecture is physically isolated from the rich computing resources which actively monitors communications of system resources on the ARM AMBA-AXI4 bus. It detects anomalous system behaviours such as policy violation or compromised bus communication responses, and responds with predefined active countermeasures, such as deletion of secret data or disabling of the device to tackle security vulnerabilities and attacks at run- time. This proposed solution complements existing embedded hardware and software security technologies and provides an additional layer of hardware security when a vulnerability is found and exploited. This contribution lends itself to the principle of least privilege, implemented in software-based access control solutions like SELinux to mitigate when other protections have failed. This paper presents a proof-of-concept work supported by preliminary synthesis results on Xilinx Zynq-7000 and Ultra- Scale+ MPSoC chips.
Original language | English |
---|---|
Title of host publication | 2018 31st IEEE International System-on-Chip Conference (SOCC) |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 130-135 |
Number of pages | 6 |
ISBN (Electronic) | 978-1-5386-1491-4 |
DOIs | |
Publication status | Published - 21 Jan 2019 |
Event | 31st International IEEE System-on-Chip Conference - Washington, United States Duration: 04 Sept 2018 → 07 Sept 2018 Conference number: 31 https://www.ieee-socc.org/ |
Publication series
Name | |
---|---|
ISSN (Electronic) | 2164-1706 |
Conference
Conference | 31st International IEEE System-on-Chip Conference |
---|---|
Abbreviated title | IEEE SoCC |
Country/Territory | United States |
City | Washington |
Period | 04/09/2018 → 07/09/2018 |
Internet address |
Keywords
- FPGA
- MPSoC
- SoC
- Zynq
- ARM AMBA AXI4
- ARM TrustZone
- Hardware Trojan
- Policing
- defense
- Proactive
ASJC Scopus subject areas
- General Computer Science
- General Engineering
- Hardware and Architecture
- Safety, Risk, Reliability and Quality
- Information Systems
- Architecture
Fingerprint
Dive into the research topics of 'Pro-active policing and policy enforcement architecture for securing MPSoCs'. Together they form a unique fingerprint.-
A comparative analysis of security patterns for enhanced security in safety-critical systems
Siddiqui, F. (Advisor)
07 Sept 2023Activity: Talk or presentation types › Oral presentation
-
31st International IEEE System-on-Chip Conference
Siddiqui, F. M. (Participant)
04 Sept 2018 → 30 Sept 2018Activity: Participating in or organising an event types › Participation in conference
-
Cybersecurity engineering: bridging the security gaps in advanced automotive systems and ISO/SAE 21434
Siddiqui, F., Khan, R., Yengec Tasdemir, S., Hui, H., Sonigara, B., Sezer, S. & McLaughlin, K., 14 Aug 2023, 97th IEEE Vehicular Technology Conference (VTC2023-Spring). Institute of Electrical and Electronics Engineers Inc., ( IEEE Vehicular Technology Conference (VTC): Proceedings).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Open AccessFile4 Citations (Scopus)201 Downloads (Pure) -
Evolution of embedded platform security technologies: past, present and future challenges
Siddiqui, F. & Sezer, S., 06 Sept 2021, 33rd IEEE International System-on-Chip Conference (SOCC): Proceedings. Qu, G., Xiong, J., Zhao, D., Muthukumar, V., Reza, M. F. & Sridhar, R. (eds.). Institute of Electrical and Electronics Engineers Inc., (IEEE International System-on-Chip Conference: Proceedings).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Open AccessFile1 Citation (Scopus)184 Downloads (Pure) -
Enhancing security and privacy of next-generation edge computing technologies
Hagan, M., Siddiqui, F. & Sezer, S., 06 Jan 2020, 2019 17th International Conference on Privacy, Security and Trust, PST 2019 - Proceedings. Institute of Electrical and Electronics Engineers Inc., 5 p. (International Conference on Privacy, Security and Trust (PST)).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Open AccessFile11 Citations (Scopus)974 Downloads (Pure)