TY - JOUR
T1 - 2.5d root of trust
T2 - Secure system-level integration of untrusted chiplets
AU - Nabeel, Mohammed
AU - Ashraf, Mohammed
AU - Patnaik, Satwik
AU - Soteriou, Vassos
AU - Sinanoglu, Ozgur
AU - Knechtel, Johann
N1 - Funding Information:
This work was supported in part by the Center for Cyber Security at NYU New York/Abu Dhabi (NYU/NYUAD) and by the NYUAD REF scheme under Grant RE218. The work of Satwik Patnaik was supported by the Global PhD Fellowship at NYU/NYUAD.
Publisher Copyright:
© 2020 IEEE.
PY - 2020/11
Y1 - 2020/11
N2 - For the first time, we leverage the 2.5D interposer technology to establish system-level security in the face of hardware- and software-centric adversaries. More specifically, we integrate chiplets (i.e., third-party hard intellectual property of complex functionality, like microprocessors) using a security-enforcing interposer. Such hardware organization provides a robust 2.5D root of trust for trustworthy, yet powerful and flexible, computation systems. The security paradigms for our scheme, employed firmly by design and construction, are: 1) stringent physical separation of trusted from untrusted components and 2) runtime monitoring. The system-level activities of all untrusted commodity chiplets are checked continuously against security policiesvia physically separated security features. Aside from the security promises, the good economics of outsourced supply chains are still maintained; the system vendor is free to procure chiplets from the open market, while only producing the interposer and assembling the 2.5D system oneself. We showcase our scheme using the Cortex-M0 core and the AHB-Lite bus by ARM, building a secure 64-core system with shared memories. We evaluate our scheme through hardware simulation, considering different threat scenarios. Finally, we devise a physicaldesign flow for 2.5D systems, based on commercial-grade design tools, to demonstrate and evaluate our 2.5D root of trust.
AB - For the first time, we leverage the 2.5D interposer technology to establish system-level security in the face of hardware- and software-centric adversaries. More specifically, we integrate chiplets (i.e., third-party hard intellectual property of complex functionality, like microprocessors) using a security-enforcing interposer. Such hardware organization provides a robust 2.5D root of trust for trustworthy, yet powerful and flexible, computation systems. The security paradigms for our scheme, employed firmly by design and construction, are: 1) stringent physical separation of trusted from untrusted components and 2) runtime monitoring. The system-level activities of all untrusted commodity chiplets are checked continuously against security policiesvia physically separated security features. Aside from the security promises, the good economics of outsourced supply chains are still maintained; the system vendor is free to procure chiplets from the open market, while only producing the interposer and assembling the 2.5D system oneself. We showcase our scheme using the Cortex-M0 core and the AHB-Lite bus by ARM, building a secure 64-core system with shared memories. We evaluate our scheme through hardware simulation, considering different threat scenarios. Finally, we devise a physicaldesign flow for 2.5D systems, based on commercial-grade design tools, to demonstrate and evaluate our 2.5D root of trust.
KW - 2.5D integration
KW - Active interposer
KW - Chiplets
KW - Hardware security
KW - Multi-core system
KW - Policies
KW - Runtime monitoring
UR - http://www.scopus.com/inward/record.url?scp=85102849852&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85102849852&partnerID=8YFLogxK
U2 - 10.1109/TC.2020.3020777
DO - 10.1109/TC.2020.3020777
M3 - Article
AN - SCOPUS:85102849852
SN - 0018-9340
VL - 69
SP - 1611
EP - 1625
JO - IEEE Transactions on Computers
JF - IEEE Transactions on Computers
IS - 11
M1 - 9184271
ER -