Summary: | Submitted by Caroline Xavier (caroline.xavier@pucrs.br) on 2017-06-30T13:50:31Z
No. of bitstreams: 1
DIS_RAMON_COSTI_FERNANDES_COMPLETO.pdf: 4552821 bytes, checksum: 31f78eb686d2c3126cf0abf4584de386 (MD5) === Made available in DSpace on 2017-06-30T13:50:31Z (GMT). No. of bitstreams: 1
DIS_RAMON_COSTI_FERNANDES_COMPLETO.pdf: 4552821 bytes, checksum: 31f78eb686d2c3126cf0abf4584de386 (MD5)
Previous issue date: 2017-03-13 === A pr?xima gera??o de sistemas multiprocessados intra-chip, do ingl?s MultiProcessor
Systems-on-Chip (MPSoC), comportar? centenas de elementos de processamento
num ?nico chip, com a promessa de alta vaz?o de comunica??o, baixa lat?ncia e, preferencialmente,
baixo consumo de energia. Devido ? elevada demanda de comunica??o paralela
de aplica??es para MPSoCs, a rede intra-chip, do ingl?s Network-on-Chip (NoC), tem sido
amplamente adotada como um meio de comunica??o confi?vel e escal?vel para MPSoCs.
O espa?o de projeto para NoCs deve ser explorado para atender ? demanda das
aplica??es atuais. Dentre os par?metros que definem uma NoC, o algoritmo de roteamento
tem sido utilizado para prover servi?os como toler?ncia ? falhas, liberdade de deadlocks e
de livelocks, assim como Quality of Service (QoS). Conforme a ado??o e complexidade de
Systems-on-Chip (SoC) aumenta para sistemas embarcados, a preocupa??o com a prote??o
de dados tamb?m torna-se um requisito para o projeto de MPSoCs.
Atualmente, MPSoCs podem ser atacados explorando vulnerabilidades em hardware
ou software, sendo o ?ltimo respons?vel por 80% dos incidentes de seguran?a em
sistemas embarcados. A prote??o contra vulnerabilidades de software pode acontecer em:
(i) N?vel de Aplica??o, utilizando t?cnicas como a criptografia, para evitar a transmiss?o de
dados desprotegidos entre os elementos de um MPSoC, conhecidos como m?dulos de propriedade
intelectual, do ingl?s Intellectual Property (IP); ou (ii) N?vel de Comunica??o, inspecionando
ou filtrando elementos na arquitetura de interconex?o atrav?s de monitores de
comunica??o ou firewalls, respectivamente. Portanto, um algoritmo de roteamento, ciente
dos requisitos de seguran?a do sistema, deve oferecer prote??o ao utilizar rotas confi?veis
na NoC, evitando elementos potencialmente maliciosos em rotas porventura inseguras.
A principal contribui??o deste trabalho ? uma t?cnica de prote??o para NoCs que
atua em n?vel de comunica??o, adaptando os algoritmos Segment-based Routing (SBR) e
Region-based Routing (RBR) para que estes considerem aspectos de seguran?a do sistema,
estes caracterizados por zonas de seguran?a definidas na NoC de acordo com o mapeamento
de aplica??es nos IPs. A avalia??o da t?cnica de roteamento considera aspectos
como a escalabilidade das tabelas de roteamento, a quantidade de rotas seguras definidas
entre os IPs, e o impacto desta t?cnica de roteamento em aplica??es do benchmark NASA
Numerical Aerodynamic Simulation (NAS) Parallel Bencharm (NPB). === The next generation of MultiProcessor Systems-on-Chip (MPSoC) will encompass
hundreds of integrated processing elements into a single chip, with the promise of highthroughput,
low latency and, preferably, low energy utilization. Due to the high communication
parallelism required by several applications targeting MPSoC architectures, the
Network-on-Chip (NoC) has been widely adopted as a reliable and scalable interconnection
mechanism.
The NoC design space should be explored to meet the demanding requirements
of current applications. Among the parameters that define a NoC configuration, the routing
algorithm has been employed to provide services such as fault tolerance, deadlock and
livelock freedom, as well as Quality of Service (QoS). As the adoption and complexity of
System-on-Chip (SoC) increases for embedded systems, the concern for data protection
appears as a new design requirement.
Currently, MPSoCs can be attacked by exploiting either hardware or software vulnerabilities,
with the later responsible for 80% of the security incidents in embedded systems.
Protection against software vulnerabilities can occur at (i) Application Level, by using
techniques such as data encryption to avoid plain data transmissions between Intellectual
Property (IP) modules; or (ii) Communication Level, inspecting or filtering elements at the
interconnect fabric with communication monitors or firewalls, respectively. As such, a routing
algorithm aware of security requirements could also offer protection utilizing trusted communication
paths in the NoC, avoiding potential malicious elements in otherwise unsafe communication
paths.
The main contribution of this work is a NoC protection technique at communication
level by adapting Segment-based Routing (SBR) and Region-based Routing (RBR) algorithms
to consider system security requirements, characterized by security zones which are
defined on the NoC according to the mapping of applications on IP modules. Evaluation of
the proposed routing technique considers aspects such as the scalability of routing tables,
the number of secure communication paths, and the impact of this technique on applications
of the NASA Numerical Aerodynamic Simulation (NAS) Parallel Benchmark (NPB).
|