This article presents a novel approach towards System-on-Chip (SoC) security. Although communications security and operating system hardening have been studied, new application opportunities and menaces have appeared to incorporate Multiprocessor-System-on-Chip (MPSoC) into the Internet of Things (IoT). Reliable implementation environments have become necessary, so novel security architectures and solutions have been introduced to protect the vulnerable data, which could be used by plenty of these applications.

An Advanced eXtensible Interface (AXI) transaction firewall is proposed. Untrusted requests between cores are rejected by checking the type of operation, the physical address, and the bandwidth according to a set of rules. Results have been performed on a Zynq platform, and obtained results show that the proposed AXI-firewall can prevent unauthorized transactions consuming few hardware resources. 

Besides, the fully combinational nature of the firewall’s AXI to AXI path entails that the firewall does not affect the system's overall performance.

APERT authors of this contribution -Jesús Lázaro, Unai Bidarte, Leire Muguira, Armando Astarloa and Jaime Jiménez- are experts on digital electronics design.