Security Enclave Architecture for Heterogeneous Security Primitives for Supply-Chain Attacks
By Kshitij Raj, Atri Chatterjee, Patanjali SLPSK, Swarup Bhunia, Sandip Ray (University of Florida)
Abstract
Designing secure architectures for system-on-chip (SoC) platforms is a highly intricate and time-intensive task, often requiring months of development and meticulous verification. Even minor architectural oversights can lead to critical vulnerabilities that undermine the security of the entire chip. In response to this challenge, we introduce CITADEL, a modular security framework aimed at streamlining the creation of robust security architectures for SoCs. CITADEL offers a configurable, plug-and-play subsystem composed of custom intellectual property (IP) blocks, enabling the construction of diverse security mechanisms tailored to specific threats. As a concrete demonstration, we instantiate CITADEL to defend against supply-chain threats, illustrating how the framework adapts to one of the most pressing concerns in hardware security. This paper explores the range of obstacles encountered when building a unified security architecture capable of addressing multiple attack vectors and presents CITADEL's strategies for overcoming them. Through several real-world case studies, we showcase the practical implementation of CITADEL and present a thorough evaluation of its impact on silicon area and power consumption across various ASIC technologies. Results indicate that CITADEL introduces only minimal resource overhead, making it a practical solution for enhancing SoC security.
Keywords
Security and privacy Hardware attacks and countermeasures, Hardware reverse engineering, Embedded systems security, System on a chip
To read the full article, click here
Related Semiconductor IP
- Ultra-Secure, PQC-first, Root-of-Trust Security Platform
- Quantum Safe, ISO 21434 Automotive-grade Programmable Hardware Security Module
- Embedded Hardware Security Module (Root of Trust) - Automotive Grade ISO 26262 ASIL-B
- Embedded Hardware Security Module for Automotive and Advanced Applications
- Hardware Security Module
Related White Papers
- Interstellar: Fully Partitioned and Efficient Security Monitoring Hardware Near a Processor Core for Protecting Systems against Attacks on Privileged Software
- A closer look at security verification for RISC-V processors
- CANsec: Security for the Third Generation of the CAN Bus
- PCIe IP With Enhanced Security For The Automotive Market
Latest White Papers
- Security Enclave Architecture for Heterogeneous Security Primitives for Supply-Chain Attacks
- relOBI: A Reliable Low-latency Interconnect for Tightly-Coupled On-chip Communication
- Enabling Space-Grade AI/ML with RISC-V: A Fully European Stack for Autonomous Missions
- CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus
- How Next-Gen Chips Are Unlocking RISC-V’s Customization Advantage