Tutorial T1: Designing Secure SoCs

Information security is a critical concern in a wide range of embedded computing and communications systems. Embedded systems are being used in critical applications (medical electronics, automotive systems, and avionics), where the consequence of security attacks can be severe. Several business models (e.g., distribution of multimedia content, mobile e- commerce, etc.) require an adequate level of security in the associated electronic systems in order to be viable. On the other hand, the increasing complexity and networked nature of embedded systems has led to many vulnerabilities or weaknesses that can be easily targeted for security attacks. IBM\´s Global Business Security Index Report (2005) projected "the aggressive spread of viruses and worms to handheld devices, cell phones, wireless networks, car and satellite systems, and other embedded computers" as a major emerging trend. If our past experience is any indication, conventional approaches to security or simple add-on security schemes are insufficient. Adequate security can be achieved in a system only if security is considered throughout the design process, including the design of the SoCs (HW and embedded SW). It is therefore imperative that SoC architects, HW designers, and embedded SW developers be aware of the security challenges and techniques to address them. This tutorial will introduce security challenges in embedded systems, identify the security requirements for SoCs that they contain, and present approaches to designing secure SoCs. Secure SoC design will be described as an attempt to bridge three "design gaps" - the assurance gap, performance gap, and battery gap. Examples from various state-of-the-art commercial SoCs will be used to illustrate the presented concepts. The tutorial will be organized into the following parts: part 1. security concerns in embedded systems and challenges in secure SoC design; part 2. efficient security processing architectures - bridging the performance/battery gaps- - ; part 3. SW attacks and SW attack-resistant architectures - bridging the assurance gap; part 4. physical & side-channel attacks, and attack-resistant circuit design - bridging the assurance gap.