Side-Channel Attack Resilience through Route Randomisation in Secure Real-Time Networks-on-Chip
This addresses security vulnerabilities in real-time embedded systems, but it is incremental as it builds on existing route randomization concepts for a specific attack type.
The paper tackles the problem of side-channel attacks in secure real-time Networks-on-Chip (NoCs) by proposing packet route randomization as a mechanism to increase resilience, showing through evolutionary optimization that it can enhance security while controlling impacts on hard real-time performance guarantees.
Security can be seen as an optimisation objective in NoC resource management, and as such poses trade-offs against other objectives such as real-time schedulability. In this paper, we show how to increase NoC resilience against a concrete type of security attack, named side-channel attack, which exploit the correlation between specific non-functional properties (such as packet latencies and routes, in the case of NoCs) to infer the functional behaviour of secure applications. For instance, the transmission of a packet over a given link of the NoC may hint on a cache miss, which can be used by an attacker to guess specific parts of a secret cryptographic key, effectively weakening it. We therefore propose packet route randomisation as a mechanism to increase NoC resilience against side-channel attacks, focusing specifically on the potential impact of such an approach upon hard real-time systems, where schedulability is a vital design requirement. Using an evolutionary optimisation approach, we show how to effectively apply route randomisation in such a way that it can increase NoC security while controlling its impact on hard real-time performance guarantees. Extensive experimental evidence based on analytical and simulation models supports our findings.