Traffic isolation techniques for Networks-on-Chip

Abstract

As the number of cores available on modern multiprocessor Systems-on-chip increases, the traditional bus interconnection fails to provide enough scalability to handle the increased network load. To handle these shortcomings, an interconnection network, called Network-on-chip, can be used to provide better performance and scalability to the number of cores, supporting simultaneous transmission of multiple messages from different cores. However, there are some security vulnerabilities in this type of network. The network can be overloaded, potentially preventing critical applications to communicate properly, which can by achieved by an attacker performing a denial-of-service attack. Attackers can also potentially deduce the contents of network traffic based on fluctuations in response latencies, known as timing side-channel attacks. By isolating traffic flows, the potential impact of these problems can be reduced. This thesis presents a network-on-chip featuring three techniques that provide the user with tools to isolate traffic flows. The three techniques are (1) source throttling, (2) fixed virtual channel allocation per traffic flow, and (3) fixed timeslots for the switch allocator. Source throttling can be used to limit the traffic injection rate of problematic nodes. By statically allocating virtual channels to high-priority flows, packets belonging to these flows can be given contention-free access to resources of the NoC. Finally, schedulable switch allocator timeslots prevent malicious nodes from using timing information to find out when and what a node is transmitting. Through simulation, the different techniques’ effectiveness in protecting against attacks is evaluated. The results show that source throttling can provide protection against denial-of-service attacks with few aggressor nodes but cannot protect against timing side-channel attacks. Fixed allocation of virtual channels effectively protects against denial of service attacks, even with many aggressor nodes, but does not provide protection against timing side-channel attacks. Separate switch allocator timeslots are not effective on their own, but by combining fixed virtual channel allocation with separate switch allocator timeslots, protection against timing side-channel attacks is shown to be possible.