System-on-Chip Platform Security Assurance: Architecture and Validation

• Published in: Proceedings of the IEEE Vol. 106; no. 1; pp. 21 - 37
• Main Authors: Ray, Sandip, Peeters, Eric, Tehranipoor, Mark M., Bhunia, Swarup
• Format: Journal Article
• Language: English
• Published: New York IEEE 01.01.2018; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Architecture; Communications systems; Complexity theory; Computer architecture; Computer security; Cyber-physical systems; Design analysis; Firmware; Reliability analysis; Reliability engineering; Resilience; Safety; Security; Security architecture; security policy; Supply chains; System on chip; system-on-chip (SoC) security; trusted SoC; untrusted IPs
• ISSN: 0018-9219; 1558-2256
• DOI: 10.1109/JPROC.2017.2714641

Modern system-on-chip (SoC) designs include a wide variety of highly sensitive assets which must be protected from unauthorized access. A significant aspect of SoC design involves exploration, analysis, and evaluation of resiliency mechanisms against attacks to such assets. These attacks may arise from a number of sources, including malicious intellectualproperty blocks (IPs) in the hardware, malicious or vulnerable firmware and software, insecure communication of the system with other devices, and side-channel vulnerabilities through power and performance profiles. Countermeasures for these attacks are equally diverse, which include architecture, design, implementation, and validation-based protection. In this paper, we provide a comprehensive overview of the security infrastructure in modern SoC designs, including both resiliency techniques and their validation paradigms at presilicon and postsilicon stages. We identify gaps in current resiliency and analysis architectures and propose design and validation solutions to address them. Finally, we provide industry perspectives on the role and impact of current practices on SoC security, and discuss some emerging trends in this important area.