Litcius/Paper detail

2.5D Root of Trust: Secure System-Level Integration of Untrusted Chiplets

Mohammed Nabeel, Mohammed Ashraf, Satwik Patnaik, Vassos Soteriou, Ozgur Sinanoglu, Johann Knechtel

2020IEEE Transactions on Computers45 citationsDOIOpen Access PDF

Abstract

For the first time, we leverage the 2.5D interposer technology to establish system-level security in the face of hardware- and software-centric adversaries. More specifically, we integrate chiplets (i.e., third-party hard intellectual property of complex functionality, like microprocessors) using a security-enforcing interposer. Such hardware organization provides a robust 2.5D root of trust for trustworthy, yet powerful and flexible, computation systems. The security paradigms for our scheme, employed firmly by design and construction, are: 1) stringent physical separation of trusted from untrusted components and 2) runtime monitoring. The system-level activities of all untrusted commodity chiplets are checked continuously against security policiesvia physically separated security features. Aside from the security promises, the good economics of outsourced supply chains are still maintained; the system vendor is free to procure chiplets from the open market, while only producing the interposer and assembling the 2.5D system oneself. We showcase our scheme using the Cortex-M0 core and the AHB-Lite bus by ARM, building a secure 64-core system with shared memories. We evaluate our scheme through hardware simulation, considering different threat scenarios. Finally, we devise a physical-design flow for 2.5D systems, based on commercial-grade design tools, to demonstrate and evaluate our 2.5D root of trust.

Topics & Concepts

Computer scienceScheme (mathematics)Computer securityLeverage (statistics)VendorHardware security moduleDistributed computingRoot (linguistics)Embedded systemCryptographyComputer security modelComputer networkSecurity analysisComputationSecure communicationExploitEncryptionOperating systemTrusted ComputingTrusted computing baseSecurity testingScalabilityAsideRoot causeCloud computing securityBlock cipher mode of operationSupply chainOutsourcingPhysical Unclonable Functions (PUFs) and Hardware SecuritySecurity and Verification in ComputingSlime Mold and Myxomycetes Research