Srivaths Ravi

Security as a new dimension in embedded system design

The growing number of instances of breaches in information security in the last few years has created a compelling case for efforts towards secure electronic systems. Embedded systems, which will be ubiquitously used to capture, store, manipulate, and access data of a sensitive nature, pose several unique and interesting security challenges. Security has been the subject of intensive research in the areas of cryptography, computing, and networking. However, despite these efforts, security is often mis-construed by designers as the hardware or software implementation of specific cryptographic algorithms and security protocols. In reality, it is an entirely new metric that designers should consider throughout the design process, along with other metrics such as cost, performance, and power..This paper is intended to introduce embedded system designers and design tool developers to the challenges involved in designing secure embedded systems. We attempt to provide a unified and holistic view of embedded system security by first analyzing the typical functional security requirements for embedded systems from an end-user perspective. We then identify the implied challenges for embedded system architects, as well as hardware and software designers (e.g., tamper-resistant embedded system design, processing requirements for security, impact of security on battery life for battery-powered systems, etc.). We also survey solution techniques to address these challenges, drawing from both current practice and emerging research, and identify open research problems that will require innovations in embedded system architecture and design methodologies.

Power-aware test: Challenges and solutions

Power-aware test is increasingly becoming a major manufacturing test consideration due to the problems of increased power dissipation in various test modes as well as test implications that arise due to the usage of various low-power design technologies in devices today. Several challenges emerge for test engineers and test tool developers, including (and not restricted to) understanding of various concerns associated with power-aware test, development of power-aware design-for-test (DFT), automatic test pattern generation (ATPG) techniques, and test power analysis flows, evaluation of their efficacy and ensuring easy/rapid deployment. This paper highlights concerns and challenges in power-aware test, surveys various practices drawn from both academia and industry, and points out critical gaps that need to be addressed in the future.

Synthesis of application-specific heterogeneous multiprocessor architectures using extensible processors

Nanometer fabrication technologies have made it feasible to integrate multiple processors on a single chip. Heterogeneous multiprocessor systems-on-chip (MPSoCs), in which different processors are customized for specific tasks, can provide high levels of efficiency in performance and power consumption, while maintaining programmability. However, in order to best exploit processor heterogeneity, designers are still required to manually customize each processor, while mapping the application tasks to them, so that the overall performance and/or power requirements are satisfied. In this paper, we propose a methodology to automatically synthesize a custom (heterogeneous) architecture, consisting of multiple extensible processors, to best speed up a given application. Our methodology simultaneously customizes the instruction set of, and assigns application tasks to, each processor in the multiprocessor system, while scheduling their execution. We motivate the need for such an integrated approach by demonstrating that custom instruction selection has complex interdependencies with task assignment and scheduling, and performing these steps independently often results in significant degradation in the quality of the synthesized multiprocessor architecture. Our methodology uses an iterative improvement algorithm to assign and schedule tasks on processors and select custom instructions along the critical path in an interleaved manner. It utilizes the concept of expected execution time to better integrate these two steps. It not only considers the currently selected custom instructions for the current task assignment and schedule, but also the possibility of better custom instructions being selected in future iterations. We also enhance our methodology to integrate task-level software pipelining to further increase the parallelism and provide opportunities for multiprocessing. We have implemented the proposed heterogeneous multiprocessor synthesis methodology in the context of a commercial extensible processor design flow using the Xtensa/spl trade/ platform from Tensilica Inc. We have evaluated our tool by automatically generating custom multiprocessor architectures for several complex embedded software benchmarks. The results show that architectures synthesized by the proposed methodology demonstrate an average speedup of 2.0 /spl times/ (up to 3.1 /spl times/) compared to symmetric multiprocessor architectures in which the processors have not been augmented with custom instructions. To the best of our knowledge, this is the first tool for the synthesis of custom MPSoCs using extensible processors.

Energy and execution time analysis of a software-based trusted platform module

Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate trusted platform module (TPM) chip are not acceptable. One alternative is to use a software-based TPM (SW-TPM), which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this work, an evaluation of the energy and execution time overheads for a SW-TPM implementation on a Sharp Zaurus PDA was performed. The execution time and energy required by each TPM command was characterized through actual measurements on the target platform. In addition, the overheads of using SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), secure file storage, secure VoIP client, and secure Web browser was also evaluated. Furthermore, it was observed that for most TPM commands, the overheads are primarily due to the use of 2048-bit RSA operations that are performed within SW-TPM. In order to alleviate SW-TPM overheads, the use of elliptic curve cryptography (ECC) as a replacement for the RSA algorithm specified in the trusted computing group (TCG) standards was evaluated. Experiments indicate that this optimization can significantly reduce SW-TPM overheads (an average of 6.51times execution time reduction and 6.75times energy consumption reduction for individual TPM commands, and an average of 10.25times execution time reduction and 10.75times energy consumption reduction for applications). This work demonstrates that ECC-based SW-TPMs are a viable approach to realizing the benefits of trusted computing in resource-constrained embedded systems

Generation of Heterogeneous Distributed Architectures for Memory-Intensive Applications Through High-Level Synthesis

Memory-intensive applications present unique challenges to an application-specific integrated circuit (ASIC) designer in terms of the choice of memory organization, memory size requirements, bandwidth and access latencies, etc. The high potential of single-chip distributed logic-memory architectures in addressing many of these issues has been recognized in general-purpose computing, and more recently, in ASIC design. The high-level synthesis (HLS) techniques presented in this paper are motivated by the fact that many memory-intensive applications exhibit irregular array data access patterns. Synthesis should, therefore, be capable of determining a partitioned architecture, wherein array data and computations may have to be heterogeneously distributed for achieving the best performance speed-up. We use a combination of clustering and min-cut style partitioning techniques to yield distributed architectures, based on simulation profiling while considering various factors including data access locality, balanced workloads, inter-partition communication, etc. Our experiments with several benchmark applications show that the proposed techniques yielded two-way partitioned architectures that can achieve upto 2.1 x (average of 1.9 x) performance speed-up over conventional HLS solutions, while achieving upto 1.5 x (average of 1.4 x) performance speed-up over the best homogeneous partitioning solution feasible. At the same time, the reduction in the energy-delay product over conventional single-memory designs is upto 2.7 x (average of 2.0 x). A larger amount of partitioning makes further system performance improvement achievable at the cost of chip area.

Methodology for low power test pattern generation using activity threshold control logic

This paper proposes a new technique of power-aware test pattern generation, wherein the test mode power constraints are specified using pseudo hardware logic functions (referred to as power constraint circuits) that augment the target circuit fed to the ATPG tool. The novelty of this approach is three-fold: (i) The ATPG tool only sees the enhanced circuit. This influences the generation of the test cubes themselves, as against post-processing of these cubes for a given pattern. (ii) Pattern generation can be driven to minimize test power according to a programmable switching activity threshold, and hence, is scalable. (iii) The same constraint circuit can also be effectively used for pattern filtering to isolate patterns which cause high switching activity. Additionally, the proposed method does not require any changes to the pattern generation tool or process. This paper describes the methodology, together with techniques for realizing the hardware circuit and specifying thresholds. Experimental results on various benchmark circuits (including an industrial design) are presented to show the effectiveness of this approach.

A generic low power scan chain wrapper for designs using scan compression

Shrinking power budgets in low power system-on-chips (SoCs) have elevated test power consumption as a major consideration for chip design and test engineering teams. Many traditional automatic test pattern generation (ATPG) and design-for-test (DFT) techniques for test power reduction are either effective for circuits not using test data compression hardware or have implications on the physical design cycle. This paper describes a technique for reducing peak current during scan based testing that can work in the presence of compression, and impose no restrictions on physical design, e.g. related to chip clocking. We propose low-design effort modifications to the test compression logic (wrapper-like changes) that enable us to (a) bypass scan chains or groups of them and (b) shift in constant values into the bypassed flip-flops for lowering the instantaneous current drawn. The modifications are easily localized to a scan chain wrapper that can be used with any scan compression solution. An SoC using lowpower scan chain wrappers provides sufficient configurability (scan chains bypassed or scan chains included) to explore different power reductions with test cost trade-offs. We describe a methodology that allows us to manage the inherent configurability available in our solution. For empirical validation, we have implemented low-power scan chain wrappers for a subset of scan chains in a recently taped-out 65nm low-power SoC. We present experimental data from ATPG and initial silicon power measurements for this chip to demonstrate the benefits and limitations of the proposal.

Architectural Support for Run-Time Validation of Program Data Properties

As computer systems penetrate deeper into our lives and handle private data, safety-critical applications, and transactions of high monetary value, efforts to breach their security also assume significant dimensions way beyond an amateur hackers play. Until now, security was always an afterthought. This is evident in regular updates to antivirus software, patches issued by vendors after software bugs are discovered, etc. However, increasingly, we are realizing the need to incorporate security during the design of a system, be it software or hardware. We invoke this philosophy in the design of a hardware-based system to enable protection of a programs data during execution. In this paper, we develop a general framework that provides security assurance against a wide class of security attacks. Our work is based on the observation that a programs normal or permissible behavior with respect to data accesses can be characterized by various properties. We present a hardware/software approach wherein such properties can be encoded as data attributes and enforced as security policies during program execution. These policies may be application- specific (e.g., access control for certain data structures), compiler- generated (e.g., enforcing that variables are accessed only within their scope), or universally applicable to all programs (e.g., disallowing WRITES to unallocated memory). We show how an embedded system architecture can support such policies by: 1) enhancing the memory hierarchy to represent the attributes of each datum as security tags that are linked to it throughout its lifetime and 2) adding a configurable hardware checker that interprets the semantics of the tags and enforces the desired security policies. We evaluated the effectiveness of the proposed architecture in enforcing various security policies for several embedded benchmark applications. Our experiments in the context of the Simplescalar framework demonstrate that the proposed solution ensures run-time validation of application-defined data properties with minimal execution time overheads.

Low Power Test for Nanometer System-on-Chips (SoCs)

Shrinking power consumption budgets and increasing use of low power design techniques in nanometer designs are forcing test engineers to examine the two problems of (a) reducing power consumption in the test mode of circuit operation, and (b) testing the device in the presence of various power management structures. This paper examines the various concerns associated with this domain (often referred to as low-power or power-aware test), identifies the relevant design and test challenges, surveys salient solutions along with the associated trade-offs, and identifies open topics that require further attention from researchers in both academia and industry.

Power Analysis and Reduction Techniques for Transition Fault Testing

This paper examines the differences in power consumption characteristics of two popular ATPG techniques for transition fault testing (TFT) -- launch off shift (LOS) and launch off capture (LOC). These differences have critical implications on the circuit switching during the launch and capture cycles, and if unaddressed, can lead to IR drop issues and unwarranted silicon failures. Our investigations show that power consumption in the launch cycle for LOS patterns can be as high as 1.96 times the corresponding number for LOC patterns. We systematically understand the reasons for this difference and propose a variety of power-aware design-for-test (DFT) and automatic test pattern generation (ATPG) techniques to limit this power differential as well as general TFT power consumption. The proposed techniques include use of (a) fill techniques, (b) intelligent test and functional enable control of clock gates, and (c) pattern re-generation using low compression and low effort ATPG. Our experiments demonstrate the efficacy of the proposed techniques in reducing power consumption, and the associated trade-offs in pattern volume.