Article (Scientific journals)
Behind the last line of defense: Surviving SoC faults and intrusions
Pinto-Gouveia, Ines; Volp, Marcus; Esteves-Verissimo, Paulo
2022In Computers and Security, 123
Peer reviewed


Full Text
1-s2.0-S0167404822003121-main (1).pdf
Publisher postprint (2.36 MB)

All documents in ORBilu are protected by a user license.

Send to


Keywords :
Resilience; Operating System; Hardware Architecture
Abstract :
[en] Today, leveraging the enormous modular power, diversity and flexibility of manycore systems-on-a-chip (SoCs) requires careful orchestration of complex and heterogeneous resources, a task left to low-level software, e.g., hypervisors. In current architectures, this software forms a single point of failure and worthwhile target for attacks: once compromised, adversaries can gain access to all information and full control over the platform and the environment it controls. This article proposes Midir, an enhanced manycore architecture, effecting a paradigm shift from SoCs to distributed SoCs. Midir changes the way platform resources are controlled, by retrofitting tile-based fault containment through well known mechanisms, while securing low-overhead quorum-based consensus on all critical operations, in particular privilege management and, thus, management of containment domains. Allowing versatile redundancy management, Midir promotes resilience for all software levels, including at low level. We explain this architecture, its associated algorithms and hardware mechanisms and show, for the example of a Byzantine fault tolerant microhypervisor, that it outperforms the highly efficient MinBFT by one order of magnitude.
Disciplines :
Computer science
Author, co-author :
Pinto-Gouveia, Ines;  University of Luxembourg > SnT
Volp, Marcus  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX
Esteves-Verissimo, Paulo
External co-authors :
Language :
Title :
Behind the last line of defense: Surviving SoC faults and intrusions
Publication date :
December 2022
Journal title :
Computers and Security
Publisher :
Volume :
Peer reviewed :
Peer reviewed
FnR Project :
FNR12686210 - Architectural Support For Intrusion Tolerant Operating-system Kernels, 2018 (01/11/2018-31/10/2021) - Marcus Völp
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 13 December 2022


Number of views
70 (12 by Unilu)
Number of downloads
51 (5 by Unilu)

Scopus citations®
Scopus citations®
without self-citations
WoS citations


Similar publications

Contact ORBilu