Miltos D. Grammatikakis

Packet Routing in Fixed-Connection Networks

We survey routing problems on fixed-connection networks. We consider many aspects of the routing problem and provide known theoretical results for various communication models. We focus on (partial) permutation, k-relation routing, routing to random destinations, dynamic routing, isotonic routing, fault tolerant routing, and related sorting results. We also provide a list of unsolved problems and numerous references.

OCCN: a network-on-chip modeling and simulation framework

The open-source on-chip communication network (OCCN) defines an efficient framework for network-on-chip modeling and simulation based on an object-oriented C++ library built on top of systemC. OCCN increases the productivity of developing communication driver models through the definition of a universal communication API. This API provides a new design pattern that enables creation and reuse of executable transaction level models (TLMs). OCCN also addresses protocol refinement, design exploration, and high-level performance modeling.

NoC Topologies Exploration based on Mapping and Simulation Models

NoC architectures are considered the next generation of communication infrastructure for future systems-on- chip. Selection of the network architecture and mapping of IP nodes onto the NoC topology are two important research topics. In this paper we compare well known NoC interconnect systems, specifically, Ring, 2d-Mesh, Spidergon and unbuffered Crossbar using theoretical uniform traffic based on the request/reply paradigm as well as a realistic traffic based on a Mpeg4 application. The IP mapping is computed by the SCOTCH partitioning tool opportunely modified to maximize selected embedding quality criteria under multiple topological constraints.

OCCN: a NoC modeling framework for design exploration

The On-Chip Communication Network (OCCN) project provides an efficient framework, developed within SourceForge, for the specification, modeling, simulation, and design exploration of network on-chip based on an object-oriented C++ library built on top of SystemC. OCCN is shaped by our experience in developing communication architectures for different System-on-Chip. OCCN increases the productivity of developing communication driver models through the definition of a universal Application Programming Interface (API). This API provides a new design pattern that enables creation and reuse of executable transaction level models across a variety of SystemC-based environments and simulation platforms. It also addresses model portability, simulation platform independence, interoperability, and high-level performance modeling issues.

IPSIM: SystemC 3.0 Enhancements for Communication Refinement

Refinement is a key methodology for SoC design. The proposed IPSIM design environment, based on a C++ modeling library developed on top of SystemC 3.0, supports an object-oriented design methodology, separates IP modules into behavior and communication components and further establishes two inter-module communication layers. The Message Box layer includes generic and system-specific communication, while the driver layer implements higher level user-defined communications as illustrated in a design example.

Priority queues and sorting methods for parallel simulation

The authors examine the design, implementation, and experimental analysis of parallel priority queues for device and network simulation. They consider: 1) distributed splay trees using MPI; 2) concurrent heaps using shared memory atomic locks; and 3) a new, more general concurrent data structure based on distributed sorted lists, designed to provide dynamically balanced work allocation and efficient use of shared memory resources. We evaluate performance for all three data structures on a Cray-TSESOO system at KFA-Julich. Our comparisons are based on simulations of single buffers and a 64/spl times/64 packet switch which supports multicasting. In all implementations, PEs monitor traffic at their preassigned input/output ports, while priority queue elements are distributed across the Cray-TBE virtual shared memory. Our experiments with up to 60000 packets and two to 64 PEs indicate that concurrent priority queues perform much better than distributed ones. Both concurrent implementations have comparable performance, while our new data structure uses less memory and has been further optimized. We also consider parallel simulation for symmetric networks by sorting integer conflict functions and implementing a packet indexing scheme. The optimized message passing network simulator can process /spl sim/500 K packet moves in one second, with an efficiency that exceeds /spl sim/50 percent for a few thousand packets on the Cray-T3E with 32 PEs. All developed data structures form a parallel library. Although our concurrent implementations use the Cray-TSE ShMem library, portability can be derived from Open-MP or MP1-2 standard libraries, which will provide support for one-way communication and shared memory lock mechanisms.

Security in MPSoCs: A NoC Firewall and an Evaluation Framework

In multiprocessor system-on-chip (MPSoC), a CPU can access physical resources, such as on-chip memory or I/O devices. Along with normal requests, malevolent ones, generated by malicious processes running in one or more CPUs, could occur. A protection mechanism is therefore required to prevent injection of malicious instructions or data across the system. We propose a self-contained Network-on-Chip (NoC) firewall at the network interface (NI) layer which, by checking the physical address against a set of rules, rejects untrusted CPU requests to the on-chip memory, thus protecting all legitimate processes running in a multicore SoC. To sustain high performance, we implement the firewall in hardware, with rule-checking performed at segment-level based on deny rules. Furthermore, to evaluate its impact, we develop a novel framework on top of gem5 simulation environment, coupling ARM technology and an instance of a commercial point-to-point interconnect from STMicroelectronics (STNoC). Simulation tests include scenarios in which legitimate and malicious processes, running in different CPUs, request access to shared memory. Our results indicate that a firewall implementation at the NI can have a positive effect on network performance by reducing both end-to-end network delay and power consumption. We also show that our coarse-grain firewall can prevent saturation of the on-chip network and performs better than fine-grain alternatives that perform rule checking at page-level. Simulation results are accompanied with field measurements performed on a Zedboard platform running Linux, whereas the NoC Firewall is implemented as a reconfigurable, memory-mapped device on top of AMBA AXI4 interconnect fabric.

Security Effectiveness and a Hardware Firewall for MPSoCs

There is a constant increase in the interest shown for trusted computing in the embedded domain. In an MPSoC each processing element such as a CPU could request accessing any physical resource of the device such as a memory or an I/O component. Along with normal requests, malevolent ones could occur produced by malware applications or processes running in one or more CPUs. A protection mechanism is required to prevent injection of malicious data across the device, e.g. Unsafe data written by a CPU into a memory address, which are read later by another CPU. A considerable amount of research has been devoted in security for MPSoCs, but limited work exists in performing protection at the source instead of the target, thus cutting-off malicious content at an early stage prior to entering the on-chip network. In the present work we focus on the side of the CPU connected to the SoC network. We are envisioning a self-contained NoC firewall, which by checking the physical address of a request to a memory-mapped device against a set of rules, rejects untrusted CPU requests to the on-chip memory, thus protecting all legitimate applications running in a shared-memory SoC. To sustain high-performance we implemented the firewall in hardware, while rule-checking is performed at segment-level based on deny rules. To evaluate the impact of security mechanisms we developed a novel framework based on gem5, coupling ARM technology and an instance of a commercial point-to-point interconnect from STMicroelectronics called Spider on STNoC. Tests include several scenarios with legitimate and malicious processes running in different CPUs requesting access to shared memory. Preliminary results show that the incorporation of a security mechanism in the network interface can have a positive effect on network performance by reducing both the end-to-end delivery time of packets, and the power consumed from unnecessary transmissions. From the network aspect, this effect is independent of the performance of implementation itself, e.g. Either a hardware or a software solution equally relieves the network from unnecessary loads. Finally, we compare the performance of our hardware approach over a simple equivalent software solution. Certainly, this comparison favours hardware by considerable margins, however we use it only as reference to illustrate the merit from implementing protection in hardware. The purpose of the present study is three-fold. First, we present the proposed hardware NoC firewall. Then we examine the effect on network transmissions from incorporating a security mechanism in the network interface, to do this we developed a novel framework. Finally, we include preliminary performance results of our NoC firewall and a simple yet indicative comparison with a software solution.

System-level power estimation methodology using cycle- and bit-accurate TLM

We propose a new system-level methodology for relative power estimation, which is independent of register transfer level models. Our methodology monitors the number of bit transitions for all input/output gate signals on a bit- and cycle-accurate SystemC virtual platform model. For absolute results and reliable technology-based predictions of system power and speed (e.g. in future 32/22nm technology nodes and variations), relative metrics can be multiplied with bit energy coefficients provided by semiconductor technology datasheets and device models.

Hardware Support for Cost-Effective System-Level Protection in Multi-core SoCs

The increasing adoption of multi-core Systems-on-Chip (SoC) in critical systems has turned security into an important design requirement. In addition to making a SoC tamper-resistant by embedding cryptographic solutions, in order to make a system robust, we need to control the level of access to the critical functions and capabilities. We propose a hardware protection architecture to enhance a traditional SoC platform in terms of protection. These hardware enhancements focus on isolating physical memory compartments by applying access rules, thus we allow dynamic security policies to be enforced at the hardware for protection against untrustworthy hardware or software components. We present and analyze an implementation of a prototype that allows sixteen concurrently active protection domains at a system cost of less that three percent and negligible operational overhead.