Embedded firewall for on-chip bus transactions

Compu e s and Elec ical Enginee ing 98 (2022) 107707
A ailable online 1 Feb ua y 2022
0045-7906/© 2022 The Au ho (s). Published by Else ie L d. This is an open access a icle unde he CC BY license
(h p://c ea i ecommons.o g/licenses/by/4.0/).
Con en s lis s a ailable a ScienceDi ec
Compu e s and Elec ical Enginee ing
jou nal homepage: www.else ie .com/loca e/compeleceng
Embedded i ewall o on-chip bus ansac ions✩,✩✩
Jesús Láza o∗,Unai Bida e,Lei e Mugui a,A mando As a loa,Jaime Jiménez
Depa men o Elec onics Technology, Uni e si y o he Basque Coun y, Bilbao, Spain
ARTICLE INFO
Keywo ds:
Communica ion sys em secu i y
Da a buses
Da a secu i y
Field p og ammable ga e a ays
ABSTRACT
This a icle p esen s a no el app oach owa ds Sys em-on-Chip (SoC) secu i y. Al hough
communica ions secu i y and ope a ing sys em ha dening ha e been s udied, new applica ion
oppo uni ies and menaces ha e appea ed wi h he inco po a ion o Mul ip ocesso -Sys em-on-
Chip (MPSoC) in o he In e ne o Things (IoT). Reliable implemen a ion en i onmen s ha e
become necessa y, so no el secu i y a chi ec u es and solu ions ha e been in oduced o p o ec
he ulne able da a, which could be used by plen y o hese applica ions.
We p opose an Ad anced eX ensible In e ace (AXI) ansac ion i ewall, which, by checking
he ype o ope a ion, he physical add ess, and he bandwid h acco ding o a se o ules,
ejec s un us ed eques s be ween co es. Resul s ha e been pe o med on a Zynq pla o m, and
ob ained esul s show ha he p oposed AXI- i ewall can p e en unau ho ized ansac ions
consuming ew ha dwa e esou ces. Besides, he ully combina ional na u e o he i ewall’s
AXI o AXI pa h en ails ha he i ewall does no a ec he o e all pe o mance o he sys em.
1. In oduc ion
MPSoCs and ela ed on-chip ne wo king a chi ec u es o communica ing SoC elemen s ha e been ex ensi ely in es iga ed in
he pas [1], while secu i y is seldom men ioned. The accu acy and secu i y o he ha dwa e, especially he p ocesso s, need o be
enhanced because hey su e om a acks, and ha dwa e mending is igid.
In embedded applica ions, ailing o gua an ee secu i y in ol es economic consequences, aising a en ion o us ed compu ing
solu ions. Secu i y c i e ia a e use au hen ica ion, s o age and communica ions secu i y, and inpu s/ou pu s secu i y [2]. A Cen al
P ocessing Uni (CPU) can access physical esou ces in MPSoC [3], allowing illegi ima e p ocesses execu ing in one o mo e
CPUs o gene a e malicious eques s. Sensi i e in o ma ion can be ex ac ed, ope a ions o MPSoC can be disabled, o sys em
beha io modi ied due o a acks a MPSoCs [4]. I explains he cons an inc ease o in e es in secu i y conside a ions in embedded
sys ems [5]. Sa e y mechanisms a e demanded o a oid he inse ion o malicious da a o o de s in o he sys em. The design o SoC
main aining expense le els wi h inco po a ed secu i y ea u es and cos limi a ions emains a challenge o o e come. Fu he mo e,
his secu i y mus be main ained h oughou all he li e-cycle o he embedded sys em [6].
Due o he impac on he sys em secu i y, he design o MPSoCs in ol es con empla ing s ingen cons ain s o eal- ime, which
mus always be gua an eed, and secu i y equi emen s [7]. Howe e , he implemen a ion o a mechanism o igh eal- ime may
a ec he secu i y o MPSoCs. Secu i y mus be conside ed a design pa ame e , and balancing pe o mance wi h ha d eal- ime
✩This wo k has been suppo ed by he Minis e io de Economía y Compe i i idad o Spain wi hin he p ojec TEC2017-84011-R and FEDER, Spain unds as
well as by he Depa men o Educa ion o he Basque Go e nmen wi hin he und o esea ch g oups o he Basque uni e si y sys em, Spain IT978-16.
✩✩ This pape was submi ed o egula issues o CAEE, bu is o be included in o special sec ion VSI- pga3. Re iews we e p ocessed by A ea Edi o D . E.
Cabal-Yepez and ecommended o publica ion.
∗Co esponding au ho .
E-mail add ess: [email p o ec ed] (J. Láza o).
h ps://doi.o g/10.1016/j.compeleceng.2022.107707
Recei ed 23 Sep embe 2021; Recei ed in e ised o m 14 Decembe 2021; Accep ed 6 Janua y 2022
Compu e s and Elec ical Enginee ing 98 (2022) 107707
2
J. Láza o e al.
Ac onyms
AXI Ad anced eX ensible In e ace
BRAM Block RAM
CAN Con olle A ea Ne wo k
CPU Cen al P ocessing Uni
DoS Denial o Se ice
FF Flip-Flop
FPGA Field-P og ammable Ga e A ay
GPIO Gene al-Pu pose Inpu /Ou pu
IoT In e ne o Things
IP In ellec ual P ope y
LED Ligh Emi ing Diode
LUT Look-Up Table
MPSoC Mul ip ocesso -Sys em-on-Chip
NoC Ne wo k on Chip
PS P ocessing Sys em
SoC Sys em-on-Chip
and secu i y should be add essed [8]. The pe o mance o MPSoCs is usually inc eased by di iding he applica ions in o asks and
dissemina ing hem among he compu ing In ellec ual P ope y (IP) co es [4]. Ne e heless, i in ol es exchanging sensi i e da a,
and IP co es can be exploi ed o a ack he sys em.
The la es a acks use ansien execu ion and mic oa chi ec u al weaknesses, demons a ing ha he SoC, which includes
he p ocesso , canno be conside ed he us wo hy compu ing pilla , in opposi ion o he heo e ical model [9]. P ocesso s
a e suscep ible o complex a acks because he uppe so wa e laye igno es he managemen o he p og am’s da a a he
mic oa chi ec u al side. These ingenious and e ec i e a acks can be ca ego ized in o mic oa chi ec u al side-channel a acks and
ansien -execu ion a acks [10]. Side-channel a acks a e no con empla ed in he eliable execu ion en i onmen s p esen ed by he
indus y [11], such as AMD SEV [12], In el SGX [13], o ARM T us Zone [12]. So, al hough he enhancemen o secu i y, eliable
implemen a ion en i onmen s con inue being ulne able o h ea s.
The emaining pape is o ganized as ollows. In Sec ion 2, we o e iew ela ed wo k on ha dwa e secu i y. Sec ion 3desc ibes
he unc ionali y and componen s o he p oposed ha dwa e i ewall. Sec ion 4de ines di e en use cases, single and mul imas e
en i onmen s, o examine he e ec o he de eloped IP co e. In Sec ion 5, he ob ained esul s ega ding he a ea and ime esou ces
o a Zynq de ice a e discussed. In Sec ion 6, we compa e he pe o mance o ou secu i y app oach agains o he ha dwa e-based
i ewall solu ions. Finally, Sec ion 7summa izes his pape and ou lines u u e wo k.
2. Rela ed wo k
The augmen ed complexi y o he p ocesso s has been aced pa i ioning he design o a p ocesso in wo abs ac ion laye s: he
a chi ec u e and he mic oa chi ec u e [10]. The i s one is a high-le el abs ac ion, which e eals only he in e aces and a ibu es
o he so wa e, hiding he ha dwa e speci ics. The second one akes ca e o con aining he ha dwa e elemen s unno iceable om
he so wa e.
Secu i y solu ions a e commonly based on implemen ing di e se modules, such as a i ewall, in usion de ec ion o p e en ion
sys ems, o c yp og aphic unc ion accele a o s [14,15]. In [2], an o e iew o he main solu ions ega ding in e nal ansac ion
p o ec ion is p oposed. Memo y p o ec ion app oaches, bus, and Ne wo k on Chip (NoC) based secu i y me hods, and o he me hods
a e de ailed. Na u ally, pe o mance and secu i y – au hen ica ion, a ailabili y, and access con ol, among o he s – a e signi ican
design pa ame e s. Ne e heless, as men ioned be o e, making he bes use o secu i y gene ally comp omises pe o mance and
usabili y. The con iden iali y o IP co e communica ion was add essed in p eceding wo ks by c yp og aphic echniques [4].
Fu he mo e, i ewalls can be implemen ed wi h h ee secu i y le els, depending on he p e iously lis ed p o ided secu i y ea u es.
Lowe -le el checking schemes a e included in highe -le el i ewalls [16].
Ha dwa e blocks o so wa e unc ions can be deployed in embedded sys ems agains a acks. Solu ions implemen ed pu ely in
ha dwa e a e ypically as e conce ning la ency han a so wa e solu ion [2]. Mo eo e , mechanisms implemen ed in ha dwa e
a e mo e di icul ly comp omised han so wa e ones. Mic oa chi ec u al side-channel a acks a e p edominan ly implemen ed in
so wa e; howe e , ha dwa e-based ones gua an ee imp o ed pe o mance. On he o he hand, ansien execu ion a acks a e mainly
deployed in so wa e o based on mic ocode upda es. Ne e heless, ha dwa e-based solu ions also ha e been sugges ed [10].
No only does secu i y conce n so wa e design, bu ha dwa e mus also ake in o accoun cybe -a acks. Fo ins ance, ead/w i e
AXI cycles iden i y he des ina ion add ess bu no he o igin, so ha a malicious IP could access sensi i e memo y blocks o
pe iphe als. Au ho s o [2] exploi dis ibu ed ha dwa e i ewalls ha suppo con iden iali y, in eg i y, memo y pa i ioning, a ic
Compu e s and Elec ical Enginee ing 98 (2022) 107707
3
J. Láza o e al.
Fig. 1. The AXI Fi ewall s ands be ween an AXI Mas e (p ocesso , o example) and an AXI sla e (AXI in e connec , o example). I blocks ansac ions
acco ding o se e al ules: add ess ange, bandwid h limi ,....
moni o ing, and access con ol (R/W) h ough a se o pa ame e s de ining a secu i y policy. Howe e , hey p o ide a la ency o
2 clock cycles. On he o he hand, [17] desc ibes a ha dwa e/so wa e solu ion based on con igu able access igh s; i s la ency is
h ee clock cycles. Ha dwa e i ewalls a e mo e common in NoCs; o ins ance, [18] checks physical add esses in 4 clock cycles. In
he NoC o [1], a i ewall manages he access igh s by means o a lookup able while p ocessing he incoming packe — i.e., la ency
is sou ced by ame compu a ions. Tan e al. [19] c ea e memo y access mechanisms ha allow sa e use o sha ed IP wi h di ec
memo y access, as well as sha ed lib a ies. They also p esen a p o o ype Isola ion Uni ha checks memo y ansac ions and allows
o dynamic con igu a ion o pe missions. In [20], Ko na os e al. p oposed mechanisms consis ing o ha dwa e i ewalling and
on-chip ne wo k physical isola ion, whose mechanisms a e combined wi h sys em-wide c yp og aphic echniques in au omo i e
Con olle A ea Ne wo k (CAN) communica ions o p o ide au hen ica ion and con iden iali y.
3. Ha dwa e desc ip ion
The adap abili y o he unde lying ha dwa e and upg adable secu i y p ocedu es can p epa e elec onic de ices o o hcoming
secu i y ulne abili ies. An AXI ansac ion i ewall has been p oposed in his wo k (AXI Fi ewall). Ou secu i y app oach is based
on an IP co e ha mus be placed nex o he AXI Mas e s, be ween hem and he sla es, o p o ec sla es om audulen Mas e s.
Inpu /ou pu co es in single o mul imas e en i onmen s a e p o ec ed wi h he p esen ed i ewall. Un eliable ansac ions a e
blocked acco ding o se e al ues. The IP can e use eques s by compa ing he ype o ope a ion – w i e o ead –, he add ess
ange, and he equi ed bandwid h wi h p e iously de ined ules collec ions. A Field-P og ammable Ga e A ay (FPGA) based Zynq
de ice has been used o de elop he ha dwa e-based i ewall demons a ing ha demanded esou ces a e p e y cons ained. Se e al
case s udies ha e been implemen ed, p o ing he bene i s o ou secu i y app oach. A low-la ency secu i y solu ion wi h educed
esou ce consump ion has been exposed.
The main objec i e o AXIFi ewall is o be able o p o ec AXI sla es om bogus AXI Mas e s. In o de o do so, he ci cui mus
be in oduced be ween bo h mas e and sla e, bu nex o he mas e . The posi ion is de e mined because AXI ansac ions do ha e
des ina ion add esses bu no o igin ones. Fig. 1 depic s a simple diag am wi h he p oposed sys em a chi ec u e.
The IP can block eques s due o he ype o ope a ion ( ead o w i e), add ess ange, and bandwid h.
This AXI ansac ion i ewall is ully complian wi h he AXI Li e s anda d. The a chi ec u e is compa ible wi h AXI Full, bu we
ha e decided o ocus on small IP Co es ha canno en o ce secu i y. The main design guidelines ha ha e been ollowed a e:
•Fully cus omizable in he numbe o add ess anges, bandwid h...
•Minimum la ency
•Minimum a ea
In Fig. 2, a basic diag am is shown. The IP co e is dis ibu ed in wo equal pa s, one o he ead channel and one o he w i e
channel. A i s glance, hey may seem di e en since he w i e channel has h ee pa s (add ess, da a, and esponse) while he
ead has only wo (add ess and da a). Thanks o he na u e o he eading p ocess, he ead esponse channel is embedded in he
ead da a channel.
Each one o he blocks ( ead and w i e) is subdi ided in o wo sub-blocks, one o he add ess il e ing and one o he bandwid h
il e ing. Fig. 3 depic s he basic s uc u e o he add ess ma ching block o he w i e channel. I consis s o a se ies o mask and
add ess egis e s compa ed agains he ansac ion’s add ess. The use o a mask adds lexibili y, allowing he sa elis ing o whole
anges o add esses. I he e is a ma ch, he inpu and ou pu channels a e connec ed. I he e is no ma ch, he ansac ion is blocked.
No in o ma ion goes owa ds he add ess channel, and, a he same ime, he mas e ecei es an e o . This e o allows he AXI
ansac ion o end, no blocking he connec ion. The ansac ions o he ead channel a e equi alen . I he add ess is no alida ed,
an e o esponse is sen h ough he da a channel.
The o he wo king mode is bandwid h con ol. The block diag am o he w i e channel can be seen in Fig. 4. In his case, he e
is a coun e pe each add ess/mask pai . I he e is a ma ch in he add ess block, he co esponding coun e is checked. When i is
g ea e han ze o, he e is c edi o he ansac ion. Da a is passed owa ds he add ess channel, and he coun e is dec emen ed.
Pe iodically, he coun e is upda ed, adding c edi o he coun e .
Compu e s and Elec ical Enginee ing 98 (2022) 107707
4
J. Láza o e al.
Fig. 2. AXI is composed o 5 channels. The i ewall blocks 4 o hem in wo di e en manne s. Valid blocking o add ess- ela ed i ewall ules. Ready blocking
o bandwid h- ela ed i ewall ules.
Fig. 3. Add ess blocking s uc u e — w i e channel. I s main componen s a e he sa elis add ess egis e s and hei co esponding mask egis e s.
Fig. 4. Ra e limi ing s uc u e — w i e channel. I uses a bucke s uc u e. E e y upda ing pe iod c edi is added o he bucke . E e y da a ha passes he
in e ace educes he a ailable c edi . The e is one coun e pe add ess ange o a e limi .
Compu e s and Elec ical Enginee ing 98 (2022) 107707
5
J. Láza o e al.
Fig. 5. Vi ado block diag am o he inal single mas e implemen ed design.
Fig. 6. Vi ado block diag am o he inal mul imas e implemen ed design.
4. Use cases
This sec ion shows di e en use cases. The examples make use o se e al s anda d IP co es om Xilinx:
•AXI In e connec : AXI swi ch ha allows p o ocol ansla ion and communica ion among di e en IP co es.
•AXI Gene al-Pu pose Inpu /Ou pu (GPIO): AXI co e ha allows in e acing ex e nal gene ic pins, such as Ligh Emi ing Diodes
(LEDs) o swi ches, as in he examples.
•ZYNQ7 P ocessing Sys em (PS): IP co e ha w aps he ARM p ocesso subsys em p esen in he FPGA.
•AXI T a ic Gene a o : IP co e ha gene a es a ic on he AXI bus acco ding o a con igu a ion ile.
Fig. 5 depic s a s anda d use case. In his case, we ha e a single mas e , al hough i is easily ex ensible o mul iple mas e s. The
p oposed IP p o ec s he pa h be ween mas e and sla e. The IP can gua an ee ha special egis e s in he sla es canno be w i en
in o o he w i e a e. Simila ly, i can o bid he ead o egis e s ha should no be accessible o he mas e . The e a e mul iple
AXI In e connec s. These IP Co es a e au oma ically in oduced by he ool o ansla e any a ia ions o he AXI s anda d be ween
Co es. The i s one is compulso y since he AXI la o inside he PS is AXI 3 Full, while he IP Co e is AXI 4 Li e. The second AXI
In e connec is op ional and is meaning ul when he e a e se e al mas e s.
Fig. 6 shows he same sys em in a mul imas e en i onmen . In his case, we can make ha he i s mas e only accesses he
i s po o he GPIO (LEDs) while he second mas e only accesses he second po (swi ches). The con igu a ion o his example
equi es including he i s egis e o he GPIO IP in he i ewall connec ed o he i s mas e and he second egis e o he second
mas e . Any o he con igu a ion is possible; o example, one mas e w i es, he o he eads,...
In Fig. 7, we can see a pa icula case use o he p oposed co e. The e a e wo mas e s in he sys em, one secu ed and one non-
secu ed. The p oposed IP p o ec s he pa h om he non-secu ed mas e owa ds he sla e. The main poin s o such an a chi ec u e
a e:
•The use o a ha dwa e-only mas e (axi_ a ic_gen) o secu ely con igu e he sla e IP co es. This IP can be signed and
enc yp ed as i is pa o he bi s eam.
•The use o a ha dwa e/so wa e mas e (in his case, he ARM co e inside he FPGA) o pe o m eads on he IP co e.
•The use o he p oposed IP o en o ce ha e en i he so wa e becomes comp omised, he sla e IP co e canno be
miscon igu ed.
5. Resul s
The e i ica ion p ocess has been done using a modi ied e sion o he single mas e use case (see Fig. 5). Fig. 8 depic s he
e alua ion es bed. The ci cui uses a axi_ a ic_gen as a bus mas e o he ansac ions. This IP emula es a p ocesso wi h

Compu e s and Elec ical Enginee ing 98 (2022) 107707
6
J. Láza o e al.
Fig. 7. Vi ado block diag am o he implemen a ion o wo mas e s. Ini ializa ion secu e mas e and un- ime non-secu ed mas e .
Fig. 8. Vi ado block diag am o he e alua ion es bed. AXI mas e , AXI Fi ewall, and AXI Sla e (GPIO) — wi h equi ed AXI in e connec and o he AXI
in as uc u e co es.
Fig. 9. Resul o add ess il e ing. W i e o he selec ed sla e (0x40000000) passes he i ewall. The es o he w i es a e esponded wi h b esp signaling
sla e e o .
i s associa ed so wa e. The mas e is in cha ge o pe o ming se e al eads and w i es o es he di e en equi ed con igu a ions.
This p ocedu e can also be used o es he ules included in he i ewall in a con olled en i onmen . In his way, he se o ules
can be es ed in a con inuous in eg a ion low wi hou ac ual ha dwa e.
The esul s can be seen in Figs. 9 and 10. The main con ol signals, as pe he AXI s anda d, a e VALID and READY. No ansac ion
is pe o med un il bo h signals a e ue du ing a ising edge o he bus clock.
In Fig. 9, add ess il e ing is shown. Fi s and hi d w i e accesses a e blocked while second w i e and i s ead a e pe o med.
The mechanism o block includes in o ming he mas e o an e o in he sla e so ha he AXI bus is no locked.
Fig. 10 depic s a a e limi a ion. The IP co e is con igu ed only o allow ou ansac ions pe cycle (256 clock cycles). Bo h
pa ame e s – allowed ansac ions and cycle size – a e ully pa ame e ized. The cap u e clea ly shows ha he w i e a e has been
con olled.
Wi h hese p oo s o concep s, we can demons a e ha AXIFi ewall is capable o sol ing he ollowing secu i y isks:
•A ogue mas e a emp ing o access a non-allowed sla e egis e .
•A malicious mas e ying a Denial o Se ice (DoS) a ack on a sla e.
Compu e s and Elec ical Enginee ing 98 (2022) 107707
7
J. Láza o e al.
Fig. 10. Resul o a e il e ing. The allowed bandwid h is 4 by es pe cycle (256 clock cycles).
Table 1
Compa ison o a ea esul s. The esul s o his pape a e o 4 R/W a eas.
Au ho LUT FF Block RAM BRAM
This pape 188 90 0
Co e e al. [2] 293 123 1
Gundabolu e al. [17] 228 228 0
Tan e al. [19] 237 – 0
Ko na os e al. [20] 195 107 0
Table 2
Compa ison o iming esul s.
Au ho La ency (clock
cycles)
Clock equency
(MHz)
This pape 0 166
Co e e al. [2] 2 100
Gundabolu e al. [17] 3 –
G amma ikakis e al. [18] 4 100
Ko na os e al. [20] 5 –
5.1. A ea
The IP co e uses a s aigh o wa d app oach o minimize he equi ed esou ces. Fo ou ead and ou w i e a eas wi h hei
co esponding bandwid h limi a ion, he a ea esou ces o a Zynq de ice a e:
•128 Look-Up Tables (LUTs)
•90 Flip-Flops (FFs)
5.2. Time
The AXI o AXI pa h in he i ewall is ully combina ional. Only a swi ch connec s he inpu o he ou pu , as seen in Fig. 3,
allowing a ze o clock cycle delay. In o he wo ds, he p esence o he i ewall does no a ec he o e all pe o mance o he sys em.
The IP has i s sequen ial pa s and adds a combina ional delay o he AXI o AXI pa h. This can ha e an impac on he maximum
AXI clock equency. In ou expe imen s, he AXI clock uns a 166 MHz. The same sys em, wi hou he i ewall, was capable o
unning a 187.5 MHz. The esul is a 12 % dec ease in maximum clock equency.
6. Compa ison
The p oposed IP co e is compa ed wi h hose p esen in he li e a u e o unde s and he con ibu ions be e . Table 1 shows he
a ea esul s o se e al p oposals p esen ed in Sec ion 2.
As can be seen, he p oposed IP co e pe o ms sligh ly be e han o he s. I is o be no ed ha his app oach does no equi e
Block RAMs (BRAMs), making only use o gene al-pu pose esou ces.
Table 2 shows he esul s o iming compa isons. Ne e heless, he pape s p esen in he li e a u e do no always p o ide e e y
iming pa ame e equi ed o a comple e compa ison.
The app oach p esen ed in his pape has he bes possible la ency, ze o. A he same ime, i allows as bus speeds. This p oposal
pe o ms a o ably in e e y aspec compa ed o he pape s p e iously s udied.
The p oposed simula ion es bed also p o ides ad an ages o e hose implemen a ions discussed in his sec ion om he
simula ion poin o iew. Ins ead o using analy ical me hods, AXIFi ewall is es ed in an en i onmen ha is use ul o demons a ion
pu poses and he implemen a ion phase. As men ioned be o e, he es bed can be included in he de elopmen phase o es ha
he implemen ed ules can p o ec he sys em agains he h ea s ha wan o be co e ed.
Compu e s and Elec ical Enginee ing 98 (2022) 107707
8
J. Láza o e al.
7. Conclusion
The g ow h o MPSoC echnology esul s in an in e es inc ease in secu i y conside a ions and memo y p o ec ion applica ions.
MPSoCs can be p o ec ed agains da a modi ica ion, da a ex ac ion, and denial o se ice a acks. The embedded sys em could be
in jeopa dy because o modules ha can be p og ammed and o unknown IPs. Hence, equi emen s o secu i y ough o be sui ably
deployed. Packe inspec ion h ough i ewall inse ion is a widesp ead me hod. I is based on imp o ing he secu i y o he ha dwa e
pe o ming as i ewalls. Besides, i is also possible o modi y secu i y ables dynamically.
An app oach o enhance secu i y in SoC is p esen ed in his wo k. Embedded sys em memo ies and communica ions ha e been
p o ec ed wi h he app oach o dis ibu ed i ewalls. AXI ansac ion i ewalls ha e been implemen ed o p o ide secu i y, and
upda es can be execu ed h ough addi ional so wa e.
The p esen ed IP co e can block eques s be ween AXI Mas e and Sla es based on he ype o ope a ion, add ess ange,
and bandwid h. So, ou AXI ansac ion i ewall il e s male olen da a in usion. I blocks o allows eques s depending on he
co espondence be ween he con en o he packe and he i ewall secu i y ules.
The complex challenge o secu e a chi ec u al solu ions gua an ees a co ec and adequa e sepa a ion be ween p og am code and
da a among eliable and un eliable applica ions wi hou comp omising pe o mance. Se e al use cases ha e been implemen ed, and
a e i ica ion p ocess has been pe o med o es he i ewall’s included ules and p o e he p oposed IP’s e ec i eness. The p esen ed
AXI i ewall uses a s aigh o wa d app oach o educe he equi ed esou ces, and i s p esence does no a ec he sys em’s o e all
ime pe o mance. The impac on he a ea esou ces and he maximum AXI clock equency o a Zynq de ice has been measu ed
o cha ac e ize and alida e he p oposed secu i y solu ion.
CRediT au ho ship con ibu ion s a emen
Jesús Láza o: Concep ualiza ion, Me hodology, Valida ion, Resou ces, W i ing – o iginal d a , W i ing – e iew & edi ing,
Supe ision, P ojec adminis a ion. Unai Bida e: In es iga ion, W i ing – e iew & edi ing. Lei e Mugui a: In es iga ion, Da a
cu a ion, W i ing – e iew & edi ing. A mando As a loa: In es iga ion, W i ing – e iew & edi ing. Jaime Jiménez: Me hodology,
Fo mal analysis, W i ing – o iginal d a , W i ing – e iew & edi ing.
Decla a ion o compe ing in e es
The au ho s decla e ha hey ha e no known compe ing inancial in e es s o pe sonal ela ionships ha could ha e appea ed
o in luence he wo k epo ed in his pape .
Re e ences
[1] Fio in L, Luko ic S, Pale mo G, di Milano P. Implemen a ion o a econ igu able da a p o ec ion module o NoC-based MPSoCs. In: 2008 IEEE in e na ional
symposium on pa allel and dis ibu ed p ocessing. IEEE; 2008, h p://dx.doi.o g/10.1109/ipdps.2008.4536514.
[2] Co e P, Gognia G, Sepúl eda Fló ez MJ. P o ec ion o he e ogeneous a chi ec u es on FPGAs: an app oach based on ha dwa e i ewalls. Mic op ocess
Mic osy 2016;42:127–41. h p://dx.doi.o g/10.1016/j.micp o.2016.01.013.
[3] Wol W, Je aya A, Ma in G. Mul ip ocesso sys em-on-chip (MPSoC) echnology. IEEE T ans Compu -Aided Des In eg Ci cui s Sys 2008;27(10):1701–13.
h p://dx.doi.o g/10.1109/ cad.2008.923415.
[4] Sepul eda J, Fló ez D, Immle V, Gognia G, Sigl G. E icien secu i y zones implemen a ion h ough hie a chical g oup key managemen a NoC-based
MPSoCs. Mic op ocess Mic osy 2017;50:164–74. h p://dx.doi.o g/10.1016/j.micp o.2017.03.002.
[5] Fio in L, Sil ano C, Sami M. Secu i y aspec s in ne wo ks-on-chips: O e iew and p oposals o secu e implemen a ions. In: 10 h Eu omic o con e ence
on digi al sys em design a chi ec u es, me hods and ools. IEEE; 2007, h p://dx.doi.o g/10.1109/dsd.2007.4341520.
[6] Ray S, Pee e s E, Teh anipoo MM, Bhunia S. Sys em-on-chip pla o m secu i y assu ance: A chi ec u e and alida ion. P oc IEEE 2018;106(1):21–37.
h p://dx.doi.o g/10.1109/jp oc.2017.2714641.
[7] El Salloum C, Elshube M, Hö be ge O, Isako ic H, Wasicek A. The ACROSS MPSoC – A new gene a ion o mul i-co e p ocesso s designed o sa e y–c i ical
embedded sys ems. Mic op ocess Mic osy 2013;37(8):1020–32. h p://dx.doi.o g/10.1016/j.micp o.2013.08.002.
[8] Hagan M, Siddiqui F, Seze S, Kang B, McLaughlin K. En o cing policy-based secu i y models o embedded SoCs wi hin he in e ne o hings. In: 2018
IEEE Con e ence on dependable and secu e compu ing. IEEE; 2018, h p://dx.doi.o g/10.1109/desec.2018.8625140.
[9] Koche P, Ho n J, Fogh A, Genkin D, G uss D, Haas W, e al. Spec e a acks: Exploi ing specula i e execu ion. In: 2019 IEEE symposium on secu i y and
p i acy. IEEE; 2019, h p://dx.doi.o g/10.1109/sp.2019.00002.
[10] Dessouky G, F asse o T, Jaue nig P, Sadeghi A-R, S ap E. Wi h g ea complexi y comes g ea ulne abili y: F om s and-alone ixes o econ igu able
secu i y. IEEE Secu P i acy 2020;18(5):57–66. h p://dx.doi.o g/10.1109/msec.2020.2994978.
[11] Zhang N, Sun K, Shands D, Lou W, Hou YT. T uSense: In o ma ion leakage om T us Zone. In: IEEE INFOCOM 2018 - IEEE con e ence on compu e
communica ions. IEEE; 2018, h p://dx.doi.o g/10.1109/in ocom.2018.8486293.
[12] Wu Y, Liu Y, Liu R, Chen H, Zang B, Guan H. Comp ehensi e VM p o ec ion agains un us ed hype iso h ough e o i ed AMD memo y enc yp ion.
In: 2018 IEEE in e na ional symposium on high pe o mance compu e a chi ec u e. HPCA, IEEE; 2018, h p://dx.doi.o g/10.1109/hpca.2018.00045.
[13] Xu J, Zhang Y, Fu K, Peng S. SGX-based secu e indexing sys em. IEEE Access 2019;7:77923–31. h p://dx.doi.o g/10.1109/access.2019.2921223.
[14] Papag igo iou A, Pe akis P, G amma ikakis M. A i ewall module esol ing ules consis ency. In: 2017 13 h Wo kshop on in elligen solu ions in embedded
sys ems. IEEE; 2017, p. 73–8. h p://dx.doi.o g/10.1109/wises.2017.7986931.
[15] Sha ma G, Bousd as G, Ellinidou S, Ma kowi ch O, D ico J-M, Miloje ic D. Explo ing he secu i y landscape: Noc-based MPSoC o cloud-o -chips.
Mic op ocess Mic osy 2021;84:103963. h p://dx.doi.o g/10.1016/j.micp o.2021.103963.
[16] Hu Y, Mulle -G i schnede D, Sepul eda MJ, Gognia G, Schlich mann U. Au oma ic ILP-based i ewall inse ion o secu e applica ion-speci ic ne wo ks-
on-chip. In: 2015 Nin h in e na ional wo kshop on in e connec ion ne wo k a chi ec u es: On-chip, mul i-chip. IEEE; 2015, h p://dx.doi.o g/10.1109/ina-
ocmc.2015.9.
Compu e s and Elec ical Enginee ing 98 (2022) 107707
9
J. Láza o e al.
[17] Gundabolu S, Wang X. On-chip da a secu i y agains un us wo hy so wa e and ha dwa e IPs in embedded sys ems. In: 2018 IEEE compu e socie y
annual symposium on VLSI. IEEE; 2018, h p://dx.doi.o g/10.1109/is lsi.2018.00122.
[18] G amma ikakis MD, Papadimi iou K, Pe akis P, Papag igo iou A, Ko na os G, Ch is o o akis I, e al. Secu i y in MPSoCs: a noc i ewall and an e alua ion
amewo k. IEEE T ans Compu -Aided Des In eg Ci cui s Sys 2015;34(8):1344–57. h p://dx.doi.o g/10.1109/ cad.2015.2448684.
[19] Tan B, Bigla i-Abha i M, Salcic Z. A sys em-le el secu i y app oach o he e ogeneous MPSoCs. In: 2016 Con e ence on design and a chi ec u es o signal
and image p ocessing. IEEE; 2016, h p://dx.doi.o g/10.1109/dasip.2016.7853800.
[20] Ko na os G, Tomou zoglou O, Coppola M. Ha dwa e-assis ed secu i y in elec onic con ol uni s: Secu e au omo i e communica ions by u ilizing
one- ime-p og ammable ne wo k on chip and i ewalls. IEEE Mic o 2018;38(5):63–74. h p://dx.doi.o g/10.1109/mm.2018.053631143.
Jesús Láza o is a Full P o esso a he Depa men o Elec onics Technology o he Uni e si y o he Basque Coun y. He is he au ho o co-au ho o 4 pa en s,
35 a icles in in e na ional scien i ic. His main esea ch a eas a e high-speed ci cui s based on econ igu able de ices and communica ions de ices.
Unai Bida e ecei ed M.S. and Ph.D. deg ees in Telecommunica ion Enginee ing om he Uni e si y o he Basque Coun y (UPV/EHU), Spain, in 1996 and
2004. He is Associa e P o esso a UPV/EHU and esea che o he Applied Elec onics Resea ch Team. He is co-au ho o 3 pa en s, mo e han 10 pape s indexed
in JCR, and mo e han 60 o he con ibu ions o magazines and con e ences.
Lei e Mugui a ecei ed a Ph.D. deg ee in elecommunica ions enginee ing om he Uni e si y o he Basque Coun y (UPV), Spain, in 2015. In 2018, she s a ed
a he UPV. She has pa icipa ed in 10 esea ch p ojec s and 2 esea ch con ac s. She is he au ho o co-au ho o a pa en , 6 JCR a icles, a book chap e and
23 pape s in scien i ic con e ences.
A mando As a loa is a Full P o esso a he Depa men o Elec onics Technology o he Uni e si y o he Basque Coun y. He is he au ho o co-au ho o 30
a icles in in e na ional scien i ic magazines. His main esea ch a eas a e high-speed ci cui s based on econ igu able de ices, digi al con ol a chi ec u es, and
communica ions de ices.
Jaime Jiménez ecei ed M.S. and Ph.D. deg ees om he Uni e si y o he Basque Coun y, in 1991 and 2005. He has pa icipa ed in 45 compe i i e esea ch
p ojec s suppo ed by public ins i u ions and 39 p i a e esea ch con ac s. He is au ho o co-au ho o 26 a icles in scien i ic in e na ional jou nals. His a eas
o esea ch a e high-speed ci cui s on econ igu able de ices and communica ions de ices.