Visible to the public Hermes: Secure heterogeneous multicore architecture design

TitleHermes: Secure heterogeneous multicore architecture design
Publication TypeConference Paper
Year of Publication2017
AuthorsKinsy, M. A., Khadka, S., Isakov, M., Farrukh, A.
Conference Name2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
Date Publishedmay
ISBN Number978-1-5386-3929-0
Keywordsaccelerator function units, application executable code, ASIC, DSP, general-purpose system-on-chip architectures, Hardware, Hermes architecture, Metrics, Multicore Computing, multicore computing security, Multicore processing, multilevel user-defined security, multiple processing elements, multiprocessing systems, nonsecure cores, Program processors, programmable distributed group key management scheme, programmable RISC cores, programmable secure router interface, pubcrawl, resilience, Resiliency, Scalability, secure cores, secure heterogeneous multicore architecture design, security, SoC design, system-level integration, system-on-chip, tenant security, trust-aware routing algorithm

The emergence of general-purpose system-on-chip (SoC) architectures has given rise to a number of significant security challenges. The current trend in SoC design is system-level integration of heterogeneous technologies consisting of a large number of processing elements such as programmable RISC cores, memory, DSPs, and accelerator function units/ASIC. These processing elements may come from different providers, and application executable code may have varying levels of trust. Some of the pressing architecture design questions are: (1) how to implement multi-level user-defined security; (2) how to optimally and securely share resources and data among processing elements. In this work, we develop a secure multicore architecture, named Hermes. It represents a new architectural framework that integrates multiple processing elements (called tenants) of secure and non-secure cores into the same chip design while (a) maintaining individual tenant security, (b) preventing data leakage and corruption, and (c) promoting collaboration among the tenants. The Hermes architecture is based on a programmable secure router interface and a trust-aware routing algorithm. With 17% hardware overhead, it enables the implementation of processing-element-oblivious secure multicore systems with a programmable distributed group key management scheme.

Citation Keykinsy_hermes:_2017