2.5D Root of Trust: Secure System-Level Integration of Untrusted Chiplets

TL;DR

This paper introduces a novel 2.5D interposer-based system-level security architecture that enforces trust by physically separating trusted and untrusted chiplets, enabling secure, flexible, and economically viable multi-chip systems.

Contribution

It presents the first use of 2.5D interposers for system-level security, integrating trusted and untrusted chiplets with runtime monitoring and physical separation.

Findings

Secure 64-core system prototype built with Cortex-M0 and ARM bus.

Hardware simulation confirms effectiveness against various threat scenarios.

Physical design flow developed using commercial tools.

Abstract

Dedicated, after acceptance and publication, in memory of the late Vassos Soteriou. For the first time, we leverage the 2.5D interposer technology to establish system-level security in the face of hardware- and software-centric adversaries. More specifically, we integrate chiplets (i.e., third-party hard intellectual property of complex functionality, like microprocessors) using a security-enforcing interposer. Such hardware organization provides a robust 2.5D root of trust for trustworthy, yet powerful and flexible, computation systems. The security paradigms for our scheme, employed firmly by design and construction, are: 1) stringent physical separation of trusted from untrusted components, and 2) runtime monitoring. The system-level activities of all untrusted commodity chiplets are checked continuously against security policies via physically separated security features. Aside from the security promises, the good economics of outsourced supply chains are still maintained; the system vendor is free to procure chiplets from the open market, while only producing the interposer and assembling the 2.5D system oneself. We showcase our scheme using the Cortex-M0 core and the AHB-Lite bus by ARM, building a secure 64-core system with shared memories. We evaluate our scheme through hardware simulation, considering different threat scenarios. Finally, we devise a physical-design flow for 2.5D systems, based on commercial-grade design tools, to demonstrate and evaluate our 2.5D root of trust.