Embedded firewall for on-chip bus transactions

New contribution to the security applied to the high-end semiconductor industry.

How to implement Embedded Firewalls for on-chip bus transactions

Open Access Publication

Fecha de primera publicación: 01/02/2022

(Abre una nueva ventana)

In article, an extensible Interface (AXI) transaction firewall is proposed to enhance the security in System-on-Chip devices.

This article presents a novel approach towards System-on-Chip (SoC) security. Although communications security and operating system hardening have been studied, new application opportunities and menaces have appeared to incorporate Multiprocessor-System-on-Chip (MPSoC) into the Internet of Things (IoT). Reliable implementation environments have become necessary, so novel security architectures and solutions have been introduced to protect the vulnerable data, which could be used by plenty of these applications.

An Advanced eXtensible Interface (AXI) transaction firewall is proposed. Untrusted requests between cores are rejected by checking the type of operation, the physical address, and the bandwidth according to a set of rules. Results have been performed on a Zynq platform, and obtained results show that the proposed AXI-firewall can prevent unauthorized transactions consuming few hardware resources. 

Besides, the fully combinational nature of the firewall’s AXI to AXI path entails that the firewall does not affect the system's overall performance.

APERT authors of this contribution -Jesús Lázaro, Unai Bidarte, Leire Muguira, Armando Astarloa and Jaime Jiménez- are experts on digital electronics design.

Referencia bibliográfica