Interposer Based Root-of-Trust
Abstract
Modern computing systems try to extract every bit of performance available through various techniques such as hardware speculation and memory de-duplication. Recent Spectre and Meltdown attacks have revealed different types of security vulnerabilities that can arise due to speculative hardware in modern processors. Hardware speculation and complex software applications running on these hardware make it extremely difficult to verify every possible functional aspects of a system, which leads to security vulnerabilities within the system. Attackers tend to take advantage of these unforeseen vulnerabilities through means of both software and hardware attacks.
In this work, we focused on hardware attacks specifically through hardware trojans[1]. Hardware Trojans can be defined as malicious modifications that are made in the design of a processor or any other part of the integrated circuit(IC). These trojans can be inserted into the system during design or fabrication phase. Economic factors have led to the semiconductor industry adopting the approach of chiplet based design, where the functional design logic is distributed across multiple chiplets which are fabricated with high yields and then are connected onto a die using interposers. These chiplets are fabricated in fabrication facilities based in different countries to further streamline the fabrication process. Such an approach reduces the cost of manufacturing while also allowing for the possible introduction of hardware trojans in the system during fabrication stages[2] in untrusted fabs.
The study tackles the issue of security vulnerabilities brought in through these hardware trojans in multi-core multi-chip systems with the use of active interposer technology. Interposers[3] are used for interconnecting multiple chiplets onto a single die. Recent research show that interposers can be active[4][5]. This means that design logic can be embedded into these interposers which can then serve the role of monitoring transactions across chiplets. Interposers, which have a lower technological constraint for fabrication, can be manufactured in trusted fabs and serve as the "root-of-trust" for a system.
In our proposal we take a look into design aspects of a Security Network Interface(SNI)[6][7] which is a module that is embedded into active interposer layer and monitors cache coherence messages between chiplets in a multi-chip system. We analyze various aspects of network and cache coherence protocol which impact the design of a SNI. We also provide the impact of SNI on performance of a system using SPEC CPU benchmarks.
We intend to contribute to the idea of active interposer as the "root of trust". Past research have focused on VLSI aspects of interposer[6], but in this research we intend to focus on the architectural challenges. These include understanding the network-on-chip and cache coherence system, since the SNI implemented in interposer layer will monitor network packets which carry cache coherence messages. Thus, this research will highlight the architectural factors which ought to be considered for implementing an interposer as "root-of-trust" and the performance impact of such SNI in a network.
Subject
Active Interposer, SecurityCitation
Mandal, Tapojyoti (2021). Interposer Based Root-of-Trust. Master's thesis, Texas A&M University. Available electronically from https : / /hdl .handle .net /1969 .1 /195831.