A monitoring system for NoCs
04 Dec 2010-pp 25-30
TL;DR: A monitoring architecture for Networks-on-Chip (NoCs) that provides system information useful for helping designers in efficiently exploiting resources available in new complex Multiprocessor System- on-Chip platforms, and in understanding their behavior is proposed.
Abstract: In this paper, we propose and discuss a monitoring architecture for Networks-on-Chip (NoCs) that provides system information useful for helping designers in efficiently exploiting resources available in new complex Multiprocessor System-on-Chip (MPSoC) platforms, and in understanding their behavior. We focus on the analysis of the architectural details and design challenges of such systems, by describing powerful tools for detecting information that can be used both at run-time for detecting dynamic changes in system behavior and at post-execution time for debugging and profiling of applications. We detail the design of the probes monitoring the events and discuss an architecture for collection, storage, and analysis of information generated by them. We evaluate cost of the implementation of the system in terms of area and traffic overhead, and we present results obtained when monitoring a use-case multimedia application.1
Citations
More filters
25 Oct 2012
TL;DR: This work introduces a parameterizable and synthesizable many-core platform with a fast and scalable monitoring and control mechanism that supports safe sharing of resources and is a step towards exploiting the benefits of multi- and many- core platforms for mixed-critical applications.
Abstract: On a multi- or many-core platform that runs applications of different safety criticality (mixed-criticality), all applications have to be certified to the highest level of criticality, unless they are sufficiently isolated. Isolation enables individual certification of applications and cost-efficient re-certification of single applications after an update. We introduce a parameterizable and synthesizable many-core platform with a fast and scalable monitoring and control mechanism that supports safe sharing of resources. Our contribution is a step towards exploiting the benefits of multi- and many-core platforms for mixed-critical applications.
40 citations
Cites background or methods or result from "A monitoring system for NoCs"
...[8] developed a very similar monitoring mechanism to ours....
[...]
...They are used for debugging [17], [18], [8], [14], optimization [8], [19], evaluation [20], and also for fault detection [19] and isolation [7]....
[...]
...Solutions based on periodic evaluation of other applications [7] or requiring interaction with a central controller [8], [7] have a much larger detection/reaction time that requires a much larger overhead to allow mixed-critical applications running safely on the same platform....
[...]
29 Apr 2012
TL;DR: This work proposes an efficient solution with several hardware enhancements to secure data exchanges in a bus-based MPSoC that relies on low complexity distributed firewalls connected to all critical IPs of the system.
Abstract: Security in MPSoC is gaining an increasing attention since several years. Digital convergence is one of the numerous reasons explaining such a focus on embedded systems as much sensitive and secret data are now stored, manipulated and exchanged in these systems. Most solutions are currently built at the software level, we believe hardware enhancements also play a major role in system protection. One strategic point is the communication layer as all data goes through it. Monitoring and controlling communications enable to fend off attacks before system corruption. In this work, we propose an efficient solution with several hardware enhancements to secure data exchanges in a bus-based MPSoC. Our approach relies on low complexity distributed firewalls connected to all critical IPs of the system. Designers can deploy different security policies (access right, data format, authentication, confidentiality) in order to protect the system in a flexible way. To illustrate the benefit of such a solution, implementations are discussed for different MPSoCs implemented on Xilinx Virtex-6 FPGAs. Results demonstrate a reduction up to 33% in terms of latency overhead compared to existing efforts.
17 citations
Cites background or methods from "A monitoring system for NoCs"
...Xilinx Microblaze processor was taken as a reference for Table VII SECURITY OVER PROCESSOR AREA RATIOS area(security enhancement) area(processor) Coburn [6] (16KB / 150 MHz) 6.20% Fiorin [5] (8KB / 100 MHz) 25% Our solution (8KB / 100 MHz) 11.30% Table VII, individual configurations are indicated between brackets (caches size and clock frequency)....
[...]
...This approach is similar to Fiorin’s work and is based on SEI (Security Enforcement Interface) implemented in each interface between an IP and the bus....
[...]
...In Table VII, our solution has a ratio lower than the Data Protection Unit system [5]: this may be due to the CAM system which is more complex than a Block RAM....
[...]
...Fiorin et al. [5] propose an alternative to this work by adding probes within the interface structure to refine the protection mechanisms....
[...]
...SECA Fiorin Our work [6] [5] HW resources SEI, SEM Probes, LF, CF protection units Security Monitoring Monitoring Monitoring enhancement and verification and verification and verification Crypto....
[...]
TL;DR: The goal of this paper is to investigate the runtime adaptation of the NoC resources, according to the QoS requirements of each application running in the MPSoC, with an NoC architecture with duplicated physical channels, adaptive routing, support to flow priorities and simultaneous packet and circuit switching.
Abstract: With the significant increase in the number of processing elements in NoC-based MPSoCs, communication becomes, increasingly, a critical resource for performance gains and quality-of-service (QoS) guarantees. The main gap observed in the NoC-based MPSoCs literature is the runtime adaptive techniques to meet QoS. In the absence of such techniques, the system user must statically define, for example, the scheduling policy, communication priorities, and the communication switching mode of applications. The goal of this paper is to investigate the runtime adaptation of the NoC resources, according to the QoS requirements of each application running in the MPSoC. This paper adopts an NoC architecture with duplicated physical channels, adaptive routing, support to flow priorities and simultaneous packet and circuit switching. The monitoring and adaptation management is performed at the operating system level, ensuring QoS to the monitored applications. The QoS acts in the flow priority and the switching mode. Monitoring and QoS adaptation were implemented in software, resulting in flexibility to apply the techniques to other platforms or include other adaptive techniques, as task migration or DVFS. Applications with latency and throughput deadlines run concurrently with best-effort applications. Results with synthetic and real application reduced in average 60% the latency violations, ensuring smaller jitter and throughput. The execution time of applications is not penalized applying the proposed QoS adaptation methods.
16 citations
09 Jul 2012
TL;DR: This work proposes a full boot-to-runtime protection flow of an embedded Linux kernel during boot and confidentiality/integrity protection of the external memory containing the kernel and the main application code/data.
Abstract: Nowadays, embedded systems become more and more complex: the hardware/software codesign approach is a method to create such systems in a single chip which can be based on reconfigurable technologies such as FPGAs (Field-Programmable Gate Arrays). In such systems, data exchanges are a key point as they convey critical and confidential information and data are transmitted between several hardware modules and software layers. In case of an FPGA development life cycle, OS (Operating System) / data updates as runtime communications can be done through an insecure link: attackers can use this medium to make the system misbehave (malicious injection) or retrieve bitstream-related information (eavesdropping). Recent works propose solutions to securely boot a bitstream and the associated OS while runtime transactions are not protected. This work proposes a full boot-to-runtime protection flow of an embedded Linux kernel during boot and confidentiality/integrity protection of the external memory containing the kernel and the main application code/data. This work shows that such a solution with hardware components induces an area occupancy of 10% of a xc6vlx240t Virtex-6 FPGA while having an improved throughput for Linux booting and low-latency security for runtime protection.
8 citations
25 Oct 2012
TL;DR: This work proposes a lightweight solution to dynamically update hardware firewall enhancements which secure data exchanges in a bus-based MPSoC and provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update.
Abstract: Nowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. Addressing the protection issue in an efficient way is challenging as information can leak from many points. However one strategic component of a bus-based MPSoC is the communication architecture as all information that an attacker could try to extract or modify would be visible on the bus. Thus monitoring and controlling communications allows an efficient protection of the whole system. Attacks can be detected and discarded before system corruption. In this work, we propose a lightweight solution to dynamically update hardware firewall enhancements which secure data exchanges in a bus-based MPSoC. It provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update. An FPGA implementation demonstrates an area overhead of around 11% for the adaptive version of the hardware firewall compared to the static one.
6 citations
References
More filters
TL;DR: Focusing on using probabilistic metrics such as average values or variance to quantify design objectives such as performance and power will lead to a major change in SoC design methodologies.
Abstract: On-chip micronetworks, designed with a layered methodology, will meet the distinctive challenges of providing functionally correct, reliable operation of interacting system-on-chip components. A system on chip (SoC) can provide an integrated solution to challenging design problems in the telecommunications, multimedia, and consumer electronics domains. Much of the progress in these fields hinges on the designers' ability to conceive complex electronic engines under strong time-to-market pressure. Success will require using appropriate design and process technologies, as well as interconnecting existing components reliably in a plug-and-play fashion. Focusing on using probabilistic metrics such as average values or variance to quantify design objectives such as performance and power will lead to a major change in SoC design methodologies. Overall, these designs will be based on both deterministic and stochastic models. Creating complex SoCs requires a modular, component-based approach to both hardware and software design. Despite numerous challenges, the authors believe that developers will solve the problems of designing SoC networks. At the same time, they believe that a layered micronetwork design methodology will likely be the only path to mastering the complexity of future SoC designs.
3,852 citations
Additional excerpts
...ripherals, interconnected by Networks-on-Chip (NoCs) [2]....
[...]
07 Nov 2005
TL;DR: The paper provides a performance characterization of the ALPBench benchmarks, with a focus on parallelism, and modified the original applications to expose thread-level and data-level parallelism using POSIX threads and sub-word SIMD instructions respectively.
Abstract: Multimedia applications are becoming increasingly important for a large class of general-purpose processors. Contemporary media applications are highly complex and demand high performance. A distinctive feature of these applications is that they have significant parallelism, including thread- , data-, and instruction-level parallelism, that is potentially well-aligned with the increasing parallelism supported by emerging multi-core architectures. Designing systems to meet the demands of these applications therefore requires a benchmark suite comprising these complex applications and that exposes the parallelism present in them. This paper makes two contributions. First, it presents ALPBench, a publicly available benchmark suite that pulls together five complex media applications from various sources: speech recognition (CMU Sphinx 3), face recognition (CSU), ray tracing (Tachyon), MPEG-2 encode (MSSG), and MPEG-2 decode (MSSG). We have modified the original applications to expose thread-level and data-level parallelism using POSIX threads and sub-word SIMD (Inters SSE2) instructions respectively. Second, the paper provides a performance characterization of the ALPBench benchmarks, with a focus on parallelism. Such a characterization is useful for architects and compiler writers for designing systems and compiler optimizations for these applications.
203 citations
"A monitoring system for NoCs" refers methods in this paper
...As use-case, we monitored the execution of ray tracing application [8]....
[...]
TL;DR: This work presents a network interface (NI) for an on-chip network that uses a transaction-based protocol to achieve backward compatibility with existing bus protocols such as AXI, OCP, and DTL.
Abstract: We present a network interface (NI) for an on-chip network. Our NI decouples computation from communication by offering a shared-memory abstraction, which is independent of the network implementation. We use a transaction-based protocol to achieve backward compatibility with existing bus protocols such as AXI, OCP, and DTL. Our NI has a modular architecture, which allows flexible instantiation. It provides both guaranteed and best-effort services via connections. These are configured via NI ports using the network itself, instead of a separate control interconnect. An example instance of this NI with four ports has an area of 0.25 mm/sup 2/ after layout in 0.13-/spl mu/m technology, and runs at 500 MHz.
158 citations
TL;DR: The Intel Pentium 4's unique performance-monitoring features overcome many limitations and problems found in previous processors.
Abstract: The Intel Pentium 4's unique performance-monitoring features overcome many limitations and problems found in previous processors. Pentium 4 Xeon performance monitoring supports simultaneous multithreaded execution features.
151 citations
"A monitoring system for NoCs" refers background in this paper
...In [14], data collection is performed running an interrupt service routine that stops core execution and collects samples from the several counters deployed in the system....
[...]
...While in [14] probes are specialized for single events, we have chosen to implement a multipurpose probe able to monitor all the possible events generated by the system....
[...]
...Modern, high performance processors deal with this problem through the use of dedicated on-chip hardware event detectors and counters [14]....
[...]
16 Apr 2007
TL;DR: A new communication service, congestion-controlled best-effort (CCBE) is introduced for Networks-on-Chip (NoC), and a simple but effective model for link utilization for the model-based predictions is presented.
Abstract: Congestion has negative effects on network performance. In this paper, a novel congestion control strategy is presented for Networks-on-Chip (NoC). For this purpose we introduce a new communication service, congestion-controlled best-effort (CCBE). The load offered to a CCBE connection is controlled based on congestion measurements in the NoC. Link utilization is monitored as a congestion measure, and transported to a Model Predictive Controller (MPC). Guaranteed bandwidth and latency connections in the NoC are used for this, to assure progress of link utilization data in a congested NoC. We also present a simple but effective model for link utilization for the model-based predictions. Experimental results show that the presented strategy is effective and has reaction speeds of several microseconds which is considered acceptable for realtime embedded systems.
96 citations