This paper presents an architectural study of a scalable system-level interconnection template. We explain why the shared bus, which is today's dominant template, will not meet the performance requirements of tomorrow's systems. We present an alternative interconnection in the form of switching networks. This technology originates in parallel computing, but is also well suited for heterogeneous communication between embedded processors and addresses many of the deep submicron integration issues. We discuss the necessity and the ways to provide high-level services on top of the bare network packet protocol, such as dataflow and address-space communication services. Eventually we present our first results on the cost/performance assessment of an integrated switching network.

/pdf/a-generic-architecture-for-on-chip-packet-switched-4el4cut58z.pdf

A generic architecture for on-chip packet-switched interconnections

Marc Dacier's topic is: intrusion detection vs. detection of errors caused by intentionally malicious faults. Although research on intrusion detection has been carried out for more than two decades, it has recently received increased attention due to the success of the Internet. A recent survey conducted by the IBM Global Security Laboratory indicates that more than 20 intrusion-detection products are now available on the market, whereas two years ago there were only three. Despite this growth of product offerings, intrusion-detection solutions are still in their infancy. Not only is there a lack of understanding of what an intrusion really is, but also how it should be handled. Moreover, from a technical point of view, many critical issues remain unsolved.In this talk, Marc presents what has been done in the intrusion domain in the past, and highlights new research directions that need to be addressed. He will highlight the relationship between intrusion detection and fault tolerance, drawing on the body of knowledge that has been developed within the traditional dependability community, and noting the opportunities for these two communities to work together to solve this important problem.Sami Saydjari's topic is: the detection of novel, previously unseen attacks. Although intrusion detection is a field still in its infancy, two broad approaches have evolved: pattern-based detection and anomaly-based detection. Pattern-based detection, sometimes called misuse-based detection, relies on matching known patterns of attacks already suffered. Anomaly-based detection, on the other hand, relies on detecting behaviors that are abnormal with respect to some normal standard. An example is that of a masquerader trying to hide behind someone else's login; unless the masquerader is clever indeed, his activities will stand out as anomalous against a victim's profile of normal behavior. Anomaly-based detection techniques appear to hold the best hope of detecting new variants of attacks.Sami emphasizes that although there exist some low-level sensors that can detect known attacks, the research community must move quickly in learning how to detect novel attacks at much higher detection rates (state of the art is around 80%) while keeping the false positive rates very low (0.1% or better). Detecting novel attacks will require better anomaly detection algorithms. Achieving a 99.9% detection rate will require gaining a firm understanding of the "sweet spots" of various detection algorithms, as well as an understanding of how to fuse the results of the best of the best. There is also a need to better represent knowledge of attack patterns in a canonical form, to be able to share that knowledge across multiple detection tools, and to be able to judge tools on the basis of how effectively they use knowledge, as opposed to which tool can include the largest corpus of precompiled (pattern-based) knowledge into its on-line database.The session concludes with an open discussion of how research communities can work together to reduce undependability caused by intentionally malicious faults.

Intrusion Detection

Measurement-based approaches with extreme value worst-case estimations are beginning to be proficiently considered for timing analyses. In this paper, we intend to make more formal extreme value theory applicability to safe worst-case execution time estimations. We outline complexities and challenges behind extreme value theory assumptions and parameter tuning. Including the knowledge requirements, we are able to conclude about safety of the probabilistic worst-case execution estimations from the extreme value theory, and execution time measurements.

https://drops.dagstuhl.de/opus/volltexte/2014/4601/pdf/4.pdf/

On the Sustainability of the Extreme Value Theory for WCET Estimation

Recently, there has been an increased focus on integration of reconfigurable fabric with modern processors. However, existing soft-processors are optimized to leverage older FPGA fabrics, focus primarily on resource minimization and have fixed-pipeline designs that limit the scope for tightly integrated hardware accelerators. In this work, we present Taiga: a RISC-V, 32-bit, soft-processor architecture supporting the RISC-V Multiply/Divide and Atomic operations extensions (RV32IMA) designed to support Linux-based shared-memory systems. The processor design is highly configurable and features a standardized interface for functional units allowing for ease of integration of new functional units. Despite a more complex pipeline, our design uses approximately 33% fewer slices while clocking 39% faster than a LEON3 based system built on a Xilinx Zynq X7CZ020.

TAIGA: A new RISC-V soft-processor framework enabling high performance CPU architectural features

Worst-case execution time (WCET) analysis has reached a high level of precision in the analysis of sequential programs executing on single-cores. In this paper we extend a state-of-the-art WCET analysis technique to compute tight WCETs estimates of parallel applications running on multicores. The proposed technique is termed integrated because it considers jointly the sequential code regions running on the cores and the communications between them. This allows to capture the hardware effects across code regions assigned to the same core, which significantly improves analysis precision. We demonstrate that our analysis produces tighter execution time bounds than classical techniques which first determine the WCET of sequential code regions and then compute the global response time by integrating communication costs. Comparison is done on two embedded control applications, where the gain is of 21% on average.

/pdf/integrated-worst-case-execution-time-estimation-of-multicore-2wtdgstny6.pdf

Integrated Worst-Case Execution Time Estimation of Multicore Applications

Embedded systems based on FPGA (Field-Programmable Gate Arrays) must exhibit more performance for new applications. However, no high-performance superscalar soft processor is available on the FPGA, because the superscalar architecture is not suitable for FPGAs. High-performance superscalar processors execute instructions out-of-order and it is necessary to re-order instructions after execution. This task is performed by the ROB (ReOrder Buffer) that uses usually multi-ports RAM, but only two-port buffers are available in FPGA. In this work, we propose a FPGA friendly ROB (ReOrder Buffer) architecture using only 2 ports RAM called a multi-bank ROB architecture. The ROB is the main and more complex structure in an out-of-order superscalar processor. Depending on processor architecture parameters, the FPGA implementation of our ROB compared to a classic architecture, requires 5 to 7 times less registers, 1.5 to 8.3 times less logic gates and 2.6 to 32 times less RAM blocks.

An out-of-order superscalar processor on FPGA: the ReOrder buffer design

We extend the state-of-the-art DSPIN network-on-chip architecture by defining programmable NoC routers that can establish effective static scheduling and routing of data packets as demanded by the application. Router programs are the result of a general compilation process which targets the NoC and the computing cores altogether. The objective is to reduce NoC contentions, improving speed and timing predictability. We consider the range of applications of such an approach and provide results on two of them (a simple embedded controller and an FFT).

https://hal.inria.fr/hal-00787497/document

Programmable routers for efficient mapping of applications onto NoC-based MPSoCs

This paper presents the MPC parallel computer and its MPI implementation performed at the Laboratoire LIP6 of Univ. Pierre and Marie Curie, Paris. MPC is a low cost and high performance parallel computer using standard PC main-boards as processing nodes connected through the specific FastHSL board to a high speed communication network using HSL 1 Gbits/s serial links, IEEE 1355 compliant. Two Asics are presented: RCUBE which is the HSL network router and PCI-DDC the network controller implementing the Direct Deposit State Less receiver protocol. The software part of the MPC parallel computer consists of 2 zero-copy layers leading to a latency of 5 to 40 /spl mu/s and a throughput of 490 Mbits/s. An efficient MPI implementation based on MPICH is presented and evaluated on an MPC parallel computer. Measures show a latency of 26 /spl mu/s and an useful throughput of 450 Mbits/s This paper presents also a performances study of the MPI implementation on the MPC computer. This reveals Several possible optimizations to reduce the overall MPI transfer latency on the MPC Computer.

Protocol and performance analysis of the MPC parallel computer

Nowadays, single-chip cache-coherent multi-cores up to 100 cores are a reality. Many-cores of hundreds of cores are planned in the near future. Due to the large number of cores and for power efﬁciency reasons (performance per watt), cores become simpler with small caches. To get efﬁcient use of parallelism offered by these architectures, applications must be multi-threads. The POSIX Threads (PThreads) standard is the most portable way to use threads across operating systems. It is also used as a low-level layer to support other portable, shared-memory, parallel environments like OpenMP. In this paper, we propose to verify experimentally the scalability of shared-memory, PThreads based, applications, on Cycle-Accurate-Bit-Accurate (CABA) simulated, 512-cores. Using two unmodiﬁed highly multi-threads applications, SPLASH-2 FFT, and EPFilter (medical images noise-ﬁltering application provided by Phillips) our study shows a scalability limitation beyond 64 cores for FFT and 256 cores for EPFilter. Based on hardware events counters, our analysis shows: (i) the detected scalability limitation is a conceptual problem related to the notion of thread and process; and (ii) the small per-core caches found in many-cores exacerbates the problem. Finally, we present our solution in principle and future work.

Does Shared-Memory, Highly Multi-Threaded, Single-Application Scale on Many-Cores?

1 Introduction Security is a key component for information technologies and communication. It undoubtedly represents one of the main tools of its rise because it introduces confidence which is necessary for users. Among the security threats, vulnerability of electronic material that implements cryptography (such as smart card), for services of confidentiality, authentication and data integrity, is perhaps the most important. Indeed, some unfaithful means, or 'attacks', on this material make it possible to extract confidential information like encoding keys and thus to lower the security of all the protected transmission chain of information. There are three main kinds of such``physical'' attacks. The first kind, called``side channel attacks'', exploits the fact that some physical values such as the power consumption, the electromagnetic radiation or the duration of computation of the chip depend on its internal computations [KJ99,MP07]. It is of particular concern, since it does not destroy the physical integrity of smart cards and it can be quickly mounted with cheap instrumentation equipments. The second type, called``fault attacks'', consists in modifying the circuit's behavior in order to bypass hardware or software protections or to exploit computational errors [BS97,PQ03]. The faults are injected into the device by various means as laser, glitches on clock [AD10], spikes on voltage supply or electromagnetic perturbations. The third type, called``invasive attacks'' [KK99], consists in analyzing the design of the chip by using destructive means such as abrasion, chemical etching and then probing the most informative signals with, for example, focused ion beam. A lot of protections have been proposed to counter those attacks. The first kind (further called " sensors ") gives information about the state of the system either by measuring the light, the voltage, the frequency or the temperature of the chip or by detecting error during computations. This detection is generally based on spatial redundancy (ie. realizing the same computation several times in parallel) or temporal redundancy (i.e. realizing the same computation several times) [MR10,NR10]. The second kind (further called " actuators ") does not modify the functional behavior of the circuit but only secures it. To reduce sensibility to side channel attacks, noise has been added to the power consumption, for example, by using an internal clock, by randomizing the order of the instructions, by adding dummy operations or by masking the internal computations that can be predicted by the attacker [RP09,CK09]. Another way to reduce sensibility to side channel attacks consists …

Franck Wajsburt

Papers

An out-of-order superscalar processor on FPGA: the ReOrder buffer design

Programmable routers for efficient mapping of applications onto NoC-based MPSoCs

Protocol and performance analysis of the MPC parallel computer

Does Shared-Memory, Highly Multi-Threaded, Single-Application Scale on Many-Cores?

Management of the security in smart secure devices