Security Policy Enforcement in Modern SoC Designs

S. Ray and Y. Jin

In D. Marculescu, F. Liu, and S. Parameswaran editors, 34th International Conference on Computer-Aided Design (ICCAD 2015), Austin, TX, USA, November 2015, pages 345-350. IEEE.

© 2015 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.


Modern SoC designs contain a large number of sensitive assets that must be protected from unauthorized access. Authentication mechanisms controlling access to such assets are governed by a large number of complex security policies. The policies affect multiple design blocks, and may involve subtle interactions between hardware, firmware, and software. The design of security policies is a complex process, requiring comprehension of the interplay between security and functionality requirements across multiple IPs in the SoC over the life-time of the system execution. The implementation of such policies, often referred uniformly as a security architecture, typically involves a combination of hardware and firmware modules distributed across the different IPs of the system. This paper gives an overview of the design of SoC security architectures, emphasizing on the distributed codesigns between various components that are necessary both in specification and implementation of these policies. The complexity induced by these codesign requirements is itself a source of errors and security vulnerabilities, and we discuss research needs in the area for developing robust, trustworthy SoC designs.

Relevant files