SOS An innovative secure system architecture

Similar documents
COSC 6385 Computer Architecture - Pipelining (II)

FAULT ATTACKS ON TWO SOFTWARE COUNTERMEASURES

Control unit. Input/output devices provide a means for us to make use of a computer system. Computer System. Computer.

What is Pipelining? Time per instruction on unpipelined machine Number of pipe stages

Advanced processor designs

CISC 662 Graduate Computer Architecture Lecture 7 - Multi-cycles. Interrupts and Exceptions. Device Interrupt (Say, arrival of network message)

CISC 662 Graduate Computer Architecture Lecture 7 - Multi-cycles

Operating System Control Structures

EITF20: Computer Architecture Part2.2.1: Pipeline-1

Instruction Pipelining Review

Pipelined processors and Hazards

Module 5 Introduction to Parallel Processing Systems

EITF20: Computer Architecture Part2.2.1: Pipeline-1

Unit 8: Superscalar Pipelines

Pipelining concepts The DLX architecture A simple DLX pipeline Pipeline Hazards and Solution to overcome

There are different characteristics for exceptions. They are as follows:

Computer Systems Architecture I. CSE 560M Lecture 5 Prof. Patrick Crowley

Advanced Parallel Architecture Lessons 5 and 6. Annalisa Massini /2017

DSP Resources. Main features: 1 adder-subtractor, 1 multiplier, 1 add/sub/logic ALU, 1 comparator, several pipeline stages

The Processor Pipeline. Chapter 4, Patterson and Hennessy, 4ed. Section 5.3, 5.4: J P Hayes.

3/12/2014. Single Cycle (Review) CSE 2021: Computer Organization. Single Cycle with Jump. Multi-Cycle Implementation. Why Multi-Cycle?

What is Pipelining? RISC remainder (our assumptions)

Instruction Level Parallelism. Appendix C and Chapter 3, HP5e

CS 333 Introduction to Operating Systems. Class 2 OS-Related Hardware & Software The Process Concept

Pipelining concepts The DLX architecture A simple DLX pipeline Pipeline Hazards and Solution to overcome

EITF20: Computer Architecture Part2.2.1: Pipeline-1

Chapter 5 B. Large and Fast: Exploiting Memory Hierarchy

CS 333 Introduction to Operating Systems Class 2 OS-Related Hardware & Software The Process Concept

EXAM #1. CS 2410 Graduate Computer Architecture. Spring 2016, MW 11:00 AM 12:15 PM

Instr. execution impl. view

CS 252 Graduate Computer Architecture. Lecture 4: Instruction-Level Parallelism

ECE 571 Advanced Microprocessor-Based Design Lecture 4

Minimizing Data hazard Stalls by Forwarding Data Hazard Classification Data Hazards Present in Current MIPS Pipeline

High Performance SMIPS Processor

ECE 486/586. Computer Architecture. Lecture # 12

Lecture1: introduction. Outline: History overview Central processing unite Register set Special purpose address registers Datapath Control unit

CS2506 Quick Revision

William Stallings Computer Organization and Architecture

Virtual Virtual Memory

Digital System Design Using Verilog. - Processing Unit Design

Recall from Pipelining Review. Lecture 16: Instruction Level Parallelism and Dynamic Execution #1: Ideas to Reduce Stalls

Chapter 12. CPU Structure and Function. Yonsei University

Page 1. Recall from Pipelining Review. Lecture 15: Instruction Level Parallelism and Dynamic Execution

Class Notes. Dr.C.N.Zhang. Department of Computer Science. University of Regina. Regina, SK, Canada, S4S 0A2

A Key Theme of CIS 371: Parallelism. CIS 371 Computer Organization and Design. Readings. This Unit: (In-Order) Superscalar Pipelines

Processor Structure and Function

SH-Mobile3: Application Processor for 3G Cellular Phones on a Low-Power SoC Design Platform

CS3350B Computer Architecture Winter 2015

Virtual Memory. Reading. Sections 5.4, 5.5, 5.6, 5.8, 5.10 (2) Lecture notes from MKP and S. Yalamanchili

MIPS Pipelining. Computer Organization Architectures for Embedded Computing. Wednesday 8 October 14

Introduction to Operating Systems. Chapter Chapter

Page 1. Recall from Pipelining Review. Lecture 16: Instruction Level Parallelism and Dynamic Execution #1: Ideas to Reduce Stalls

Investigation of a Masking Countermeasure against Side-Channel Attacks for RISC-based Processor Architectures

Instruction Level Parallelism. ILP, Loop level Parallelism Dependences, Hazards Speculation, Branch prediction

Instruction Pipelining

ASSEMBLY LANGUAGE MACHINE ORGANIZATION

RISC Processors and Parallel Processing. Section and 3.3.6

Instruction Pipelining

The Nios II Family of Configurable Soft-core Processors

CS399 New Beginnings. Jonathan Walpole

Virtual Memory. Lecture for CPSC 5155 Edward Bosworth, Ph.D. Computer Science Department Columbus State University

Materials: 1. Projectable Version of Diagrams 2. MIPS Simulation 3. Code for Lab 5 - part 1 to demonstrate using microprogramming

ECE468 Computer Organization and Architecture. Virtual Memory

Electromagnetic Transient Fault Injection on AES

EC 413 Computer Organization - Fall 2017 Problem Set 3 Problem Set 3 Solution

Lecture 2: Pipelining Basics. Today: chapter 1 wrap-up, basic pipelining implementation (Sections A.1 - A.4)

Pipelining: Hazards Ver. Jan 14, 2014

ECE4680 Computer Organization and Architecture. Virtual Memory

COSC 122 Computer Fluency. Computer Organization. Dr. Ramon Lawrence University of British Columbia Okanagan

Slides for Lecture 15

CPE Computer Architecture. Appendix A: Pipelining: Basic and Intermediate Concepts

Updated Exercises by Diana Franklin

Computers and Microprocessors. Lecture 34 PHYS3360/AEP3630

Basic Instruction Timings. Pipelining 1. How long would it take to execute the following sequence of instructions?

Address spaces and memory management

Lecture-13 (ROB and Multi-threading) CS422-Spring

Outline Review: Basic Pipeline Scheduling and Loop Unrolling Multiple Issue: Superscalar, VLIW. CPE 631 Session 19 Exploiting ILP with SW Approaches

Dynamic program analysis

HPC VT Machine-dependent Optimization

CPS104 Computer Organization and Programming Lecture 20: Superscalar processors, Multiprocessors. Robert Wagner

Structure of Computer Systems

CS510 Operating System Foundations. Jonathan Walpole

Lecture 7: Pipelining Contd. More pipelining complications: Interrupts and Exceptions

COSC4201 Pipelining. Prof. Mokhtar Aboelaze York University

ENGN 2910A Homework 03 (140 points) Due Date: Oct 3rd 2013

ROB: head/tail. exercise: result of processing rest? 2. rename map (for next rename) log. phys. free list: X11, X3. PC log. reg prev.

EE 457 Unit 8. Exceptions What Happens When Things Go Wrong

Virtual memory. Hung-Wei Tseng

ECE 2300 Digital Logic & Computer Organization. Caches

ECE 313 Computer Organization FINAL EXAM December 13, 2000

ECEC 355: Pipelining

EECS150 - Digital Design Lecture 09 - Parallelism

The embedded security challenge: Protecting bits at rest

Secure Microcontrollers for Smart Cards. AT90SC Summary

MIPS pipelined architecture

COSC 243. Computer Architecture 1. COSC 243 (Computer Architecture) Lecture 6 - Computer Architecture 1 1

Hakim Weatherspoon CS 3410 Computer Science Cornell University

( ) תשס"ח סמסטר ב' May, 2008 Hugo Guterman Web site:

ECE 669 Parallel Computer Architecture

Computer-System Organization (cont.)

Transcription:

SOS An innovative secure system architecture Michel Agoyan, Bruno Robisson, Minh Huu Nguyen CEA LETI /DSIS/LCS/SAS Pirouz Bazargan-Sabe UPMC-LIP6 Guillaume Phan TRUSTED-Logic Sébastien Le Henaff VIACCESS CEA-LETI/DSIS/SCME/CCS SAS Systèmes et Architectures Sécurisés 6 Cryptarchi June 2010

Plan Introduction 1 Introduction 2 3 4 5

The project SOS : Smart On Smart is a project funded by the "Agence Nationale pour la Recherche : ANR-07-SESU-014 and supported by SCS cluster 6 Purpose Propose an innovative secure system architecture for embedded device such as smart card and prove it. An innovative secure system architecture to : Help the design of the security strategy Improve the smartness of the security strategy Reconcile availability with security Improve the performance

The concept Split off CLASSIC SC ARCHITECTURE SECURITY STRATEGY + DATA PROCESSING APP Security strategy VM Security strategy

The concept Split off CLASSIC SC ARCHITECTURE SECURITY STRATEGY + DATA PROCESSING APP SPLIT OFF VM Security strategy

The concept Split off SOS ARCHITECTURE DATA PROCESSING SECURITY STRATEGY APP VM OS Security strategy

Split off Advantages Regroup all the security management under the responsibility of an unique entity Security policy more flexible, adaptable Opportunity to design a smarter security policy Fault attacks path more complex increase the security level Improve the performance 2 systems running in parallel Fit the initial main objectives Drawbacks Impact on the cost New concept new paths for attack?

The model Why? How? Practical approach to test the concept Prove it Choose an application requiring different security levels and performance pay tv Conditional Access System : Principle : digital audio/video stream can be unscrambled if the right is owned by the smart-card. 3 main classes of command are used by the CAS : Subscription management (keys & rights writing) : Very sensitive Unscrambling (generating a control word) : Sensitive Subscriber operations (parental control) : Not very sensitive

security policy The challenge : availability versus security

security policy Graduated reaction

Plan Introduction 1 Introduction 2 3 4 5

HS AS communication : normal exec APP 1 VM OS ICU 1 App requests to the VM a security level

HS AS communication : normal exec APP 2 VM OS ICU 1 App requests to the VM a security level 2 VM forwards the request to AS

HS AS communication : normal exec APP VM OS ICU 3 1 App requests to the VM a security level 2 VM forwards the request to AS 3 Depending on current context & request AS computes the actions to perform.

HS AS communication : normal exec APP VM OS ICU 4 1 App requests to the VM a security level 4 AS could decide to parameter some hardware 2 VM forwards the request to AS 3 Depending on current context & request AS computes the actions to perform.

HS AS communication : normal exec APP VM OS 5 ICU 1 App requests to the VM a security level 2 VM forwards the request to AS 4 AS could decide to parameter some hardware 5 AS could also ask to VM to apply software. 3 Depending on current context & request AS computes the actions to perform.

HS AS communication : normal exec APP 6 VM OS ICU 1 App requests to the VM a security level 2 VM forwards the request to AS 3 Depending on current context & request AS computes the actions to perform. 4 AS could decide to parameter some hardware 5 AS could also ask to VM to apply software. 6 AS resumes the execution

HS AS communication : sensor event APP VM OS ICU 1 1 A sensor event occurs

HS AS communication : sensor event APP VM OS ICU 2 1 A sensor event occurs 2 An interruption is raised on HS and AS through the ICU

HS AS communication : sensor event APP VM OS ICU 3 1 A sensor event occurs 2 An interruption is raised on HS and AS through the ICU 3 Depending on current context AS computes the actions to perform.

HS AS communication : sensor event APP VM OS ICU 4 1 A sensor event occurs 4 AS could decide to parameter some hardware 2 An interruption is raised on HS and AS through the ICU 3 Depending on current context AS computes the actions to perform.

HS AS communication : sensor event APP VM OS 5 ICU 1 A sensor event occurs 2 An interruption is raised on HS and AS through the ICU 4 AS could decide to parameter some hardware 5 AS waits for HS interruption ack 3 Depending on current context AS computes the actions to perform.

HS AS communication : sensor event APP VM OS 6 ICU 1 A sensor event occurs 2 An interruption is raised on HS and AS through the ICU 3 Depending on current context AS computes the actions to perform. 4 AS could decide to parameter some hardware 5 AS waits for HS interruption ack 6 AS clears the interruption

HS AS communication : sensor event APP 7 VM OS ICU 1 A sensor event occurs 2 An interruption is raised on HS and AS through the ICU 3 Depending on current context AS computes the actions to perform. 4 AS could decide to parameter some hardware 5 AS waits for HS interruption ack 6 AS clears the interruption 7 AS could also asks to VM to apply software and resumes the execution

Plan Introduction 1 Introduction 2 3 4 5

Interface Follows the basic rule of SOS : Split off Sensitive data are processed by the Host System HS embeds Security is under the control of the Audit System AS controls Rem : To demonstrate SOS concept chose hardware that are parametrable, switchable, and have an impact on cpu performance Hardware interface 4KB dedicated to map registers into memory space of AS A control register : on/off + parameter A status register Interrupts from the sensors into the Host system are routed to the Interrupt Control Unit of the Audit system

ALU protection against fault attacks Principle Based on Idle Hardware : ALU = Functional Units (Adder, multiplier, shifter) Time redundancy if optypea optypeb then Recompute A and in parallel, Execute B else Stall the processor and Recompute A end if Compare the recomputed result of A with the Fetch Decode Cycle n 1 Cycle n A MEM B Recomputation of A ALU WB previously stored Fetch Decode ALU MEM WB

ALU protection against fault attacks : Results % instructions using ALU Scheduling improvement Hardware overhead Number of Slices Max Clock Period (ns) Base ALU 2146 1.050 Fault tolerant ALU 2584 1.056 (+20.4%) (+0.57%)

Random Instruction Injection A command register programmable by the Audit System Based on : Injecting random instructions at random places during the execution [Smart Random Code Injection to Mask Power Analysis Based Side Channel Attacks, Jude Angelo Ambrose, University of New South Wales Sydney, Australia] Setting and clearing a flag delimit the block frame to protect SET_FLAG : starts to generate random instructions N : the maximum number of random instructions injected between two regular instructions D : the maximum number of regular instructions skipped RESET_FLAG : stops the injection of random instructions

Random Instruction Injection A command register programmable by the Audit System Based on : Injecting random instructions at random places during the execution [Smart Random Code Injection to Mask Power Analysis Based Side Channel Attacks, Jude Angelo Ambrose, University of New South Wales Sydney, Australia] Setting and clearing a flag delimit the block frame to protect SET_FLAG : starts to generate random instructions N : the maximum number of random instructions injected between two regular instructions D : the maximum number of regular instructions skipped RESET_FLAG : stops the injection of random instructions Limitation of random instruction set random register combined with zero register result written back to same random register : ADD $3, $3, $0

Random Instruction Injection : Implementation Issue if the injected instruction uses a register containing a sensitive data ր leakage information

Random Instruction Injection : Implementation Issue Solution if the injected instruction uses a register containing a sensitive data ր leakage information Use 2 register files : the main register file M and the register file R with random values Inject a random instruction using operands of R example ADD R5,R3,R0 normal instruction ADD R5,R7,R8 random instruction

Random Instruction Injection : Results Trivial DPA on VCDs without CM Trivial DPA on VCDs with CM Hardware overhead Slices reg Slices LUT used as logic used as ram Max Clock Period (ns) RII 2367 4568 4546 22 5.6ns RII 3625 5413 5391 22 7 ns 53% 18% 18% 0%

Plan Introduction 1 Introduction 2 3 4 5

The design flow

Testing SOS The security policy is tested using hardware emulation for fault injection rules improvement

Plan Introduction 1 Introduction 2 3 4 5

SOS to be continued... Introduction Security Policy The project finishes at the end of 2010. The basic framework to build a smarter security is already available. Implementation for different applications is possible. These new implementations will help us to improve and validate the concept Performance The main concern of the first implementation of the communication protocol is the security policy in spite of the performance So there are opportunities to exploit the parallelism of the architecture and to reveal the performance

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback