Ryan Bradetich, Paul Oman, Jim Alves-‐Foss, and Theora Rice Center for Secure and Dependable Systems
University of Idaho
Complexity of Multicore Architectures Framework Introduction Apply Framework to P4080 Architecture
Introduce Example Security Policy Map Security Policy to P4080 Architecture
Conclusions Question and Answer
1. Hardware component identification.
2. Information flows, safeguards, and component state analysis.
3. Security policy mapping.
System High Compartment
External State A
External State B
External State C
P0 P1 P2 P3 P4 P5 P6 P7
CoreNet
DPAA On Chip Network
Real Time Debug
Enhanced Local Bus Controller
SerDes Bus
Platform Cache 0
Platform Cache 1
SDRAM Controller 0
SDRAM Controller 1
P0 P1 P2 P3 P4 P5 P6 P7
CoreNet
DPAA On Chip Network
Real Time Debug
Enhanced Local Bus Controller
SerDes Bus
Platform Cache 0
Platform Cache 1
SDRAM Controller 0
SDRAM Controller 1
Fetching Instructions
CoreNet
Exception State
Wait State
Safeguard: MMU
CoreNet
Safeguard: PAMU
P0 P1 P2 P3 P4 P5 P6 P7
PAMU 0 Normal
Platform Cache 0
Platform Cache 1
Peripherals Peripherals
PAMU 1 Bypass
Interrupt Interrupt
CoreNet
Safeguard: None
Platform Cache 0 Enabled
Platform Cache 1 Disabled
SDRAM Controller 0
SDRAM Controller 1
Core 0 Memory Region 0
Core 1 Memory Region 1
P0 P1 P2 P3 P4 P5 P6 P7
CoreNet
DPAA On Chip Network
Real Time Debug
Enhanced Local Bus Controller
SerDes Bus
Platform Cache 0
Platform Cache 1
SDRAM Controller 0
SDRAM Controller 1
P0 P1 P2 P3 P4 P5 P6 P7
CoreNet
DPAA On Chip Network
Real Time Debug
Enhanced Local Bus Controller
SerDes Bus
Platform Cache 0
Platform Cache 1
SDRAM Controller 0
SDRAM Controller 1
Information flows and safeguards represent hardware
Information flows without safeguards
Select a different multicore architecture Software safeguard (e.g. Hypervisor, Trusted Component, Etc.)