Sharing external memory resources between strongly isolated domains in high-end security applications

Sharing external memory resources between strongly isolated domains in high-end security applications

Kruijsse, Hendrik Jan (TU Delft Electrical Engineering, Mathematics and Computer Science)

Wong, J.S.S.M. (mentor)
Op 't Land, S.T. (mentor)
van Leuken, T.G.R.M. (graduation committee)

Delft University of Technology

Electrical Engineering | Embedded Systems

2023-04-04

Nowadays, the society strongly depends on computer networks and systems as a means of reliable communication and data storage. In order to maintain absolute security of the networks and thus the society, one would need to separate everything, but this is not feasible. Consequently, sharing of resources is inevitable. There are security products that rely on an FPGA to create domain separation. The domain separation is required to prevent leakage of confidential information and manipulating of critical processes. A modern FPGA has enough resources to have multiple soft-cores initiated on it- each of them working in a different domain. However, due to the limited amount of IO pins on an FPGA, using multiple DRAM chips is not an option. Therefore a single DRAM is shared between multiple soft-cores, threatening the domain separation. The main threats when using a shared DRAM are communication channels due to latency deviations, data corruption due to rowhammering and direct access to unauthorized data due to the data being available on shared addresses. Research has been done to determine what causes the latency deviation and how to mitigate it. The results of the research are that the only fundamental solution to mitigate the latency deviation is to have a fixed latency when accessing the DRAM. A fixed time arbiter is designed and tested. The fixed time arbiter is using a deterministic delay after each DRAM access in order to mitigate the latency deviation. Before mitigating the rowhammer vulnerability it is shown that rowhammering causes bitflips not only in the adjacent rows, but also in non-adjacent rows. To mitigate the rowhammer vulnerability for adjacent rows, a row refresher is created that tracks the rows that are accessed and refreshes the adjacent rows when accessed more than the bitflip threshold. To mitigate the vulnerability for non adjacent rows a test is created to give an overview of all non adjacent rows that contain bitflips so that those rows can be be dedicated as unused guard rows. The last part that is implemented is an address mapper to be sure that no soft-core can access the addresses of another soft-core. The fixed time arbiter, row refresher and address mapper are combined into the memory domain protector. The consequence on the bandwidth of the DRAM is that the bandwidth is halved compared to the benchmark design. The memory domain protector also uses 23× more logic than a standard arbiter. 

dram
cyber security
Rowhammer Attacks
rowbuffer attacks
DRAM attacks
DRAM vulnerabilities
sharing dram

http://resolver.tudelft.nl/uuid:30546ab3-e9f1-4897-b457-337977b017b4

Student theses

master thesis

© 2023 Hendrik Jan Kruijsse