DiSPEL: Distributed Security Policy Enforcement for Bus-based SoC

TL;DR

DiSPEL is a flexible framework that enforces security policies in bus-based SoCs, ensuring trusted operations even with untrusted IPs, while maintaining low overhead and supporting various policy types.

Contribution

Introduces DiSPEL, a generic distributed security enforcement framework for bus-based SoCs, enhancing flexibility and trustworthiness in security policy implementation.

Findings

Effective enforcement of security policies demonstrated on open-source benchmarks.

Low area, delay, and power overheads confirmed through experimental results.

Supports both synthesizable and non-synthesizable security solutions.

Abstract

The current zero trust model adopted in System-on-Chip (SoC) design is vulnerable to various malicious entities, and modern SoC designs must incorporate various security policies to protect sensitive assets from unauthorized access. These policies involve complex interactions between multiple IP blocks, which poses challenges for SoC designers and security experts when implementing these policies and for system validators when ensuring compliance. Difficulties arise when upgrading policies, reusing IPs for systems targeting different security requirements, and the subsequent increase in design time and time-to-market. This paper proposes a generic and flexible framework, called DiSPEL, for enforcing security policies defined by the user represented in a formal way for any bus-based SoC design. It employs a distributed deployment strategy while ensuring trusted bus operations despite the presence of untrusted IPs. It relies on incorporating a dedicated, centralized module capable of implementing diverse security policies involving bus-level interactions while generating the necessary logic and appending in the bus-level wrapper for IP-level policies. The proposed architecture is generic and independent of specific security policy types supporting both synthesizable and non-synthesizable solutions. The experimental results demonstrate its effectiveness and correctness in enforcing the security requirements and viability due to low overhead in terms of area, delay, and power consumption tested on open-source standard SoC benchmarks.