Hardware Trojan Threats to Cache Coherence in Modern 2.5D Chiplet Systems

TL;DR

This paper investigates hardware Trojan threats targeting cache coherence in modern 2.5D chiplet systems, revealing new attack vectors that can compromise memory data without physical proximity or malicious packet modifications.

Contribution

It identifies novel attack vectors exploiting cache coherence in chiplet systems and demonstrates a Trojan capable of directly modifying victim memory data.

Findings

Trojan can modify memory data without touching it directly

Attacks do not require Trojan to be physically between victim and memory

Highlights need for new security mechanisms in cache coherence protocols

Abstract

As industry moves toward chiplet-based designs, the insertion of hardware Trojans poses a significant threat to the security of these systems. These systems rely heavily on cache coherence for coherent data communication, making coherence an attractive target. Critically, unlike prior work, which focuses only on malicious packet modifications, a Trojan attack that exploits coherence can modify data in memory that was never touched and is not owned by the chiplet which contains the Trojan. Further, the Trojan need not even be physically between the victim and the memory controller to attack the victim's memory transactions. Here, we explore the fundamental attack vectors possible in chiplet-based systems and provide an example Trojan implementation capable of directly modifying victim data in memory. This work aims to highlight the need for developing mechanisms that can protect and secure the coherence scheme from these forms of attacks.