Reference : Behind the Last Line of Defense -- Surviving SoC Faults and Intrusions
E-prints/Working papers : Already available on another site
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/43197
Behind the Last Line of Defense -- Surviving SoC Faults and Intrusions
English
Pinto Gouveia, Ines mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Volp, Marcus mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Esteves-Verissimo, Paulo mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
3-May-2020
14
No
[en] fault and intrusion tolerance ; hypervisor ; processor architecture
[en] Today, leveraging the enormous modular power, diversity and flexibility of manycore systems-on-a-chip (SoCs) requires careful orchestration of complex resources, a task left to low-level software, e.g. hypervisors. In current architectures, this software forms a single point of failure and worthwhile target for attacks: once compromised, adversaries gain access to all information and full control over the platform and the environment it controls. This paper proposes Midir, an enhanced manycore architecture, effecting a paradigm shift from SoCs to distributed SoCs. Midir changes the way platform resources are controlled, by retrofitting tile-based fault containment through well known mechanisms, while securing low-overhead quorum-based consensus on all critical operations, in particular privilege management and, thus, management of containment domains. Allowing versatile redundancy management, Midir promotes resilience for all software levels, including at low level. We explain this architecture, its associated algorithms and hardware mechanisms and show, for the example of a Byzantine fault tolerant microhypervisor, that it outperforms the highly efficient MinBFT by one order of magnitude.
http://hdl.handle.net/10993/43197
https://arxiv.org/abs/2005.04096
FnR ; FNR12686210 > Marcus Völp > HyLIT > Architectural Support for Intrusion Tolerant Operating-System Kernels > 01/11/2018 > 31/10/2021 > 2018

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
2005.04096.pdfPublisher postprint1.2 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.