Skip to main content
SpringerLink
Log in

Securing on-Chip Communication Using Digital Watermarking

  • Chapter
  • First Online:
Network-on-Chip Security and Privacy

Abstract

System-on-chip (SoC) developers utilize Intellectual Property (IP) cores from third-party vendors due to increasing design complexity, cost as well as time-to-market constraints. A typical SoC consists of a wide variety of IP cores (such as processor, memory, controller, FPGA, etc.) that interact using a Network-on-Chip (NoC). This global trend of designing SoCs using third-party IPs raises serious concerns about security vulnerabilities. Since NoC facilitates communication between all IPs in an SoC, NoC is the ideal place for any malicious implants (such as hardware Trojans) to hide and launch a plethora of attacks. Due to the resource-constrained nature of SoCs, developing security solutions against such attacks is a major challenge. In particular, in an eavesdropping attack, a Trojan-infected router copies packets transferred through the NoC and re-routes the duplicated packets to an accompanying malicious application running on another IP in an attempt to extract confidential information. While authenticated encryption can thwart such attacks, it leads to performance and energy overhead in resource-constrained SoCs. In this chapter, we discuss a lightweight alternative defense based on digital watermarking techniques. The method is theoretically analyzed to evaluate its security. Experiments using realistic SoC models and diverse applications demonstrate that the approach can mitigate eavesdropping attacks while incurring minor overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 129.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Most NoCs facilitate flits, which is a further breakdown of a packet used for flow control purposes. We stick to the level of packets for the ease of explanation as this method remains the same at the flit level as well.

References

  1. N. Agarwal, T. Krishna, L. Peh, N.K. Jha, Garnet: a detailed on-chip network model inside a full-system simulator, in 2009 IEEE International Symposium on Performance Analysis of Systems and Software (2009), pp. 33–42

    Google Scholar 

  2. A. Ahmed, F. Farahmandi, Y. Iskander, P. Mishra, Scalable hardware trojan activation by interleaving concrete simulation and symbolic execution, in 2018 IEEE International Test Conference (ITC) (IEEE, Piscataway, 2018), pp. 1–10

    Google Scholar 

  3. A. Ahmed, Y. Huang, P. Mishra, Cache reconfiguration using machine learning for vulnerability-aware energy optimization. ACM Trans. Embed. Comput. Syst. 18(2), 1–24 (2019)

    Article  Google Scholar 

  4. Alteris FlexNoC Resilience Package, www.arteris.com/flexnoc-resilience-package-functional-safety [Online]

  5. D.M. Ancajas, K. Chakraborty, S. Roy, Fort-NoCs: mitigating the threat of a compromised NoC, in 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC) (2014), pp. 1–6

    Google Scholar 

  6. M. Best, A. Brouwer, F. MacWilliams, A. Odlyzko, N.J.A.A. Sloane, Bounds for binary codes of length less than 25. IEEE Trans. Inf. Theory 24(1), 81–93 (1978)

    Article  MathSciNet  MATH  Google Scholar 

  7. N. Binkert, B. Beckmann, G. Black, S.K. Reinhardt, A. Saidi, A. Basu, J. Hestness, D.R. Hower, T. Krishna, S. Sardashti, R. Sen, K. Sewell, M. Shoaib, N. Vaish, M.D. Hill, D.A. Wood, The gem5 simulator. SIGARCH Comput. Archit. News 39(2), 1–7 (2011)

    Article  Google Scholar 

  8. A.K. Biswas, Network-on-chip intellectual property protection using circular path–based fingerprinting. ACM J. Emerg. Technol. Comput. Syst. 17(1), 1–22 (2020)

    Article  Google Scholar 

  9. A.K. Biswas, S.K. Nandy, R. Narayan. Router attack toward NoC-enabled MPSoC and monitoring countermeasures against such threat. Circuits Syst. Signal Process. 34(10), 3241–3290 (2015)

    Article  Google Scholar 

  10. Bloomberg, The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies. https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

  11. T. Boraten, A.K. Kodi, Packet security with path sensitization for NoCs, in 2016 Design, Automation Test in Europe Conference Exhibition (DATE) (2016), pp. 1136–1139

    Google Scholar 

  12. S. Charles, P. Mishra, Lightweight and trust-aware routing in NoC based SoCs, in IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (2020)

    Google Scholar 

  13. S. Charles, P. Mishra, Reconfigurable network-on-chip security architecture. ACM Trans. Des. Autom. Electron. Syst. 25(6), 1–25 (2020)

    Article  Google Scholar 

  14. S. Charles, P. Mishra, Securing network-on-chip using incremental cryptography, in IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (2020)

    Google Scholar 

  15. S. Charles, H. Hajimiri, P. Mishra, Proactive thermal management using memory-based computing in multicore architectures, in International Green and Sustainable Computing Conference (IGSC) (2018), pp. 1–8

    Google Scholar 

  16. S. Charles, C.A. Patil, U.Y. Ogras, P. Mishra, Exploration of memory and cluster modes in directory-based many-core CMPs, in IEEE/ACM International Symposium on Networks-on-Chip (NOCS) (2018), pp. 1–8

    Google Scholar 

  17. S. Charles, A. Ahmed, U.Y. Ogras, P. Mishra, Efficient cache reconfiguration using machine learning in NoC-based many-core CMPs. ACM Transact. Des. Autom. Electron. Syst. 24(6), 1–23 (2019)

    Article  Google Scholar 

  18. S. Charles, Y. Lyu, P. Mishra, Real-time detection and localization of DoS attacks in NoC based SoCs, in Design Automation & Test in Europe (DATE) (2019), pp. 1160–1165

    Google Scholar 

  19. S. Charles, M. Logan, P. Mishra, Lightweight anonymous routing in NoC based SoCs, in Design Automation & Test in Europe (DATE) (2020)

    Google Scholar 

  20. S. Charles, Y. Lyu, P. Mishra, Real-time detection and localization of distributed DoS attacks in NoC based SoCs. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 39(12), 4510– 4523 (2020)

    Article  Google Scholar 

  21. S.V.R. Chittamuru, I.G. Thakkar, V. Bhat, S. Pasricha, Soteria: exploiting process variations to enhance hardware security with photonic NoC architectures, in 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC) (2018), pp. 1–6

    Google Scholar 

  22. H. Deng, X. Sun, B. Wang, Y. Cao, Selective forwarding attack detection using watermark in WSNs, in 2009 ISECS International Colloquium on Computing, Communication, Control, and Management, vol. 3 (IEEE, Piscataway, 2009), pp. 109–113

    Google Scholar 

  23. I. Dumer, D. Micciancio, M. Sudan, Hardness of approximating the minimum distance of a linear code. IEEE Trans. Inf. Theory 49(1), 22–37 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  24. F. Farahmandi, P. Mishra, FSM anomaly detection using formal analysis, in 2017 IEEE International Conference on Computer Design (ICCD) (IEEE, Piscataway, 2017), pp. 313–320

    Book  Google Scholar 

  25. F. Farahmandi, Y. Huang, P. Mishra, Trojan localization using symbolic algebra, in 2017 22nd Asia and South Pacific Design Automation Conference (ASPDAC) (IEEE, Piscataway, 2017), pp. 591–597

    Google Scholar 

  26. F. Farahmandi, Y. Huang, P. Mishra, System-on-Chip Security: Validation and Verification (Springer Nature, Cham, 2019)

    Google Scholar 

  27. J. Frey, Q. Yu, A hardened network-on-chip design using runtime hardware trojan mitigation methods. Integr. VLSI J. 56(C), 15–31 (2017)

    Article  Google Scholar 

  28. U. Gupta, C.A. Patil, G. Bhat, P. Mishra, U.Y. Ogras, DyPo: dynamic pareto-optimal configuration selection for heterogeneous MpSoCs. ACM Trans. Embed. Comput. Syst. 16(5s), 1–20 (2017)

    Article  Google Scholar 

  29. W. Hoeffding, Probability inequalities for sums of bounded random variables, in The Collected Works of Wassily Hoeffding (Springer, Berlin, 1994), pp. 409–426

    Book  Google Scholar 

  30. A. Houmansadr, N. Borisov, BotMosaic: collaborative network watermark for the detection of IRC-based botnets. J. Syst. Softw. 86(3), 707–715 (2013)

    Article  Google Scholar 

  31. A. Houmansadr, N. Kiyavash, N. Borisov, Rainbow: a robust and invisible non-blind watermark for network flows, in Proceedings of the NDSS (2009)

    Google Scholar 

  32. Y. Huang, P. Mishra, Vulnerability-aware energy optimization for reconfigurable caches in multitasking systems. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 38(5), 809–821 (2019)

    Article  Google Scholar 

  33. Y. Huang, S. Bhunia, P. Mishra, MERS: statistical test generation for side-channel analysis based trojan detection, in ACM SIGSAC Conference on Computer and Communications Security (CCS) (2016), pp. 130–141

    Google Scholar 

  34. Y. Huang, S. Bhunia, P. Mishra, Scalable test generation for trojan detection using side channel analysis. IEEE Trans. Inf. Forensics Secur. 13(11), 2746–2760 (2018)

    Article  Google Scholar 

  35. M. Hussain, A. Malekpour, H. Guo, S. Parameswaran, EETD: an energy efficient design for runtime hardware trojan detection in untrusted network-on-chip, in 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (2018), pp. 345–350

    Google Scholar 

  36. A. Iacovazzi, Y. Elovici, Network flow watermarking: a survey. IEEE Commun. Surv. Tutor. 19(1), 512–530 (2017)

    Article  Google Scholar 

  37. L.S. Indrusiak, J. Harbin, M.J. Sepulveda, Side-channel attack resilience through route randomisation in secure real-time networks-on-chip, in 2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC) (2017), pp. 1–8

    Google Scholar 

  38. L.S. Indrusiak, J. Harbin, C. Reinbrecht, J. Sepúlveda, Side-channel protected MPSoC through secure real-time networks-on-chip. Microprocess. Microsyst. 68, 34–46 (2019)

    Article  Google Scholar 

  39. Intel Xeon Phi Processor 7210, http://ark.intel.com/products/94033/Intel-Xeon-Phi-Processor-7210-16GB-1_30-GHz-64-core [Online]

  40. H.K. Kapoor, G.B. Rao, S. Arshi, G. Trivedi, A security framework for NoC using authenticated encryption and session keys. Circuits Syst. Signal Process. 32(6), 2605–2622 (2013)

    Article  MathSciNet  Google Scholar 

  41. S.T. King, J. Tucek, A. Cozzie, C. Grier, W. Jiang, Y. Zhou, Designing and implementing malicious hardware, in Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, LEET’08 (USENIX Association, Berkeley, 2008)

    Google Scholar 

  42. B. Lebiednik, S. Abadal, H. Kwon, T. Krishna, Architecting a secure wireless network-on-chip, in 2018 Twelfth IEEE/ACM International Symposium on Networks-on-Chip (NOCS) (2018), pp. 1–8

    Google Scholar 

  43. Z. Ling, X. Fu, W. Jia, W. Yu, D. Xuan, J. Luo, Novel packet size-based covert channel attacks against anonymizer. IEEE Trans. Comput. 62(12), 2411–2426 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  44. Y. Lyu, P. Mishra, A survey of side-channel attacks on caches and countermeasures. J. Hardw. Syst. Secur. 2(1), 33–50 (2018)

    Article  Google Scholar 

  45. Y. Lyu, P. Mishra, Efficient test generation for trojan detection using side channel analysis, in Design Automation & Test in Europe Conference (DATE) (2019), pp. 408–413

    Google Scholar 

  46. Y. Lyu, P. Mishra, Automated test generation for trojan detection using delay-based side channel analysis, in 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE) (2020), pp. 1031–1036

    Google Scholar 

  47. Y. Lyu, P. Mishra, Automated trigger activation by repeated maximal clique sampling, in Asia and South Pacific Design Automation Conference (ASPDAC) (2020), pp. 482–487

    Google Scholar 

  48. Y. Lyu, P. Mishra, Scalable activation of rare triggers in hardware trojans by repeated maximal clique sampling. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. (2020). https://doi.org/10.1109/TCAD.2020.3019984

  49. J.Y.V. Manoj Kumar, A.K. Swain, S. Kumar, S.R. Sahoo, K. Mahapatra, Run time mitigation of performance degradation hardware trojan attacks in network on chip, in 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (2018), pp. 738–743

    Google Scholar 

  50. A. May, I. Ozerov, On computing nearest neighbors with applications to decoding of binary linear codes, in Annual International Conference on the Theory and Applications of Cryptographic Techniques (Springer, Berlin, 2015), pp. 203–228

    MATH  Google Scholar 

  51. D. McGrew, J. Viega, The Galois/counter mode of operation (GCM), in Submission to NIST Modes of Operation Process, 20 (2004)

    Google Scholar 

  52. P. Mishra, S. Bhunia, M. Tehranipoor, Hardware IP Security and Trust (Springer, Berlin, 2017)

    Book  Google Scholar 

  53. Z. Pan, P. Mishra, Automated test generation for hardware trojan detection using reinforcement learning, in Asia and South Pacific Design Automation Conference (ASPDAC) (2021)

    Google Scholar 

  54. Z. Pan, J. Sheldon, P. Mishra, Test generation using reinforcement learning for delay-based side channel analysis, in IEEE/ACM International Conference on Computer-Aided Design (ICCAD) (2020)

    Google Scholar 

  55. J. Porquet, A. Greiner, C. Schwarz, NoC-MPU: a secure architecture for flexible co-hosting on shared memory MPSoCs, in 2011 Design, Automation Test in Europe (2011), pp. 1–4

    Google Scholar 

  56. N Prasad, R. Karmakar, S. Chattopadhyay, I. Chakrabarti, Runtime mitigation of illegal packet request attacks in networks-on-chip, in 2017 IEEE International Symposium on Circuits and Systems (ISCAS) (IEEE, Piscataway, 2017), pp. 1–4

    Google Scholar 

  57. J.S. Rajesh, D.M. Ancajas, K.Chakraborty, S. Roy, Runtime detection of a bandwidth denial attack from a rogue network-on-chip, in Proceedings of the 9th International Symposium on Networks-on-Chip, NOCS ’15 (Association for Computing Machinery, New York, 2015)

    Google Scholar 

  58. V.Y. Raparti, S. Pasricha, Lightweight mitigation of hardware trojan attacks in NoC-based manycore computing, in 2019 56th ACM/IEEE Design Automation Conference (DAC) (2019), pp. 1–6

    Google Scholar 

  59. C. Reinbrecht, A. Susin, L. Bossuet, J. Sepúlveda, Gossip NoC – avoiding timing side-channel attacks through traffic management, in 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (2016), pp. 601–606

    Google Scholar 

  60. R.M. Roth, G. Seroussi, Bounds for binary codes with narrow distance distributions. IEEE Trans. Inf. Theory 53(8), 2760–2768 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  61. A. Saeed, A. Ahmadinia, M. Just, C. Bobda, An ID and address protection unit for NoC based communication architectures, in Proceedings of the 7th International Conference on Security of Information and Networks (ACM, New York, 2014), p. 288

    Google Scholar 

  62. K. Sajeesh, H.K. Kapoor, An authenticated encryption based security framework for NoC architectures, in 2011 International Symposium on Electronic System Design (2011), pp. 134–139

    Google Scholar 

  63. J. Sepúlveda, D. Flórez, G. Gogniat, Reconfigurable security architecture for disrupted protection zones in NoC-based MPSoCs, in 10th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC) (IEEE, Piscataway, 2015), pp. 1–8

    Google Scholar 

  64. J. Sepúlveda, A. Zankl, D. Flórez, G. Sigl, Towards protected MPSoC communication for information protection against a malicious NoC. Procedia Comput. Sci. 108, 1103–1112 (2017). International Conference on Computational Science, ICCS 2017, 12–14 June 2017, Zurich

    Google Scholar 

  65. J. Sepúlveda, D. Aboul-Hassan, G. Sigl, B. Becker, M. Sauer, Towards the formal verification of security properties of a network-on-chip router, in 2018 IEEE 23rd European Test Symposium (ETS) (IEEE, Piscataway, 2018), pp. 1–6

    Google Scholar 

  66. K. Shuler, Majority of leading China semiconductor companies rely on arteris network-on-chip interconnect IP (2013)

    Google Scholar 

  67. A. Sodani, R. Gramunt, J. Corbal, H. Kim, K. Vinod, S. Chinthamani, S. Hutsell, R. Agarwal, Y. Liu, Knights landing: second-generation Intel Xeon Phi product. IEEE Micro 36(2), 34–46 (2016)

    Article  Google Scholar 

  68. A. Van Herrewege, I. Verbauwhede, Software only, extremely compact, Keccak-based secure PRNG on ARM Cortex-M, in Proceedings of the 51st Annual Design Automation Conference (DAC) (IEEE, Piscataway, 2014), pp. 1–6

    Google Scholar 

  69. Y. Wang, G.E. Suh, Efficient timing channel protection for on-chip networks, in 2012 IEEE/ACM Sixth International Symposium on Networks-on-Chip (2012), pp. 142–151

    Google Scholar 

  70. X. Wang, D.S. Reeves, P. Ning, F. Feng, Robust network-based attack attribution through probabilistic watermarking of packet flows. Technical report, North Carolina State University, Dept. of Computer Science, 2005

    Google Scholar 

  71. W. Wang, P. Mishra, S. Ranka, Dynamic Reconfiguration in Real-Time Systems (Springer, Berlin, 2012)

    Google Scholar 

  72. S.C. Woo, M. Ohara, E. Torrie, J.P. Singh, A. Gupta, The splash-2 programs: characterization and methodological considerations, in Proceedings 22nd Annual International Symposium on Computer Architecture (1995), pp. 24–36

    Google Scholar 

  73. Q. Yu, J. Frey, Exploiting error control approaches for hardware trojans on network-on-chip links, in 2013 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS) (IEEE, Piscataway, 2013), pp. 266–271

    Google Scholar 

  74. A. Zand, G. Vigna, R. Kemmerer, C. Kruegel, Rippler: delay injection for service dependency detection, in IEEE INFOCOM 2014-IEEE Conference on Computer Communications (IEEE, Piscataway, 2014), pp. 2157–2165

    Book  Google Scholar 

Download references

Acknowledgement

This work was partially supported by the National Science Foundation (NSF) grant SaTC-1936040.

Author information

Authors and Affiliations

  1. University of Moratuwa, Colombo, Sri Lanka

    Subodha Charles

  2. University of Florida, Gainesville, FL, USA

    Prabhat Mishra

Authors
  1. Subodha Charles
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Prabhat Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Subodha Charles .

Editor information

Editors and Affiliations

  1. University of Florida, Gainesville, FL, USA

    Prabhat Mishra

  2. University of Moratuwa, Colombo, Sri Lanka

    Subodha Charles

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Charles, S., Mishra, P. (2021). Securing on-Chip Communication Using Digital Watermarking. In: Mishra, P., Charles, S. (eds) Network-on-Chip Security and Privacy. Springer, Cham. https://doi.org/10.1007/978-3-030-69131-8_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-69131-8_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-69130-1

  • Online ISBN: 978-3-030-69131-8

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation