Runtime Detection of a Bandwidth Denial Attack from a Rogue Network-on-chip

Developed by Rajesh JayashankarSridevi, Dean M. Ancajas, Dr. Koushik Chakraborty, and Sanghamitra Roy of Utah State University’s Electrical and Computer Engineering Department


Technical Summary

The semiconductor industry has seen a rapid growth in demand for Multiprocessor System-on-Chips (MPSoCs) to sustain ubiquitous computing. Under unprecedented time-to-market demands, modern MPSoCs integrate many different Third Party Intellectual Property (3PIP) components such as Network-on-Chips (NoCs). These components may introduce security loopholes in a system that can be very difficult to detect. First, a NoC has direct access to all the components in the MPSoC and plays a central role in resource availability on the chip. Second, there is only one instance of a NoC in an MPSoC making it difficult to validate assurance and performance guarantees as one cannot deploy 3PIP trustworthiness based on replicated execution. A malicious or rogue 3PIP NoC (rNoC) can disrupt the availability of on-chip resources, thereby causing large performance bottlenecks for the software running on the MPSoC platform. An rNoC can also enable data corruption, denial of service, and information stealing.


To counter potential threats from a rNoC, USU researchers developed a novel and covert runtime technique to detect a bandwidth denial attack, termed as Runtime Latency Auditor for NoCs (RLAN). A secure system must provide three central aspects of trustworthiness: confidentiality, integrity, and availability. While all are equally important, RLAN focuses on the availability aspect.


RLAN is a runtime latency auditor that enables an MPSoC integrator to monitor the trustworthiness of a NoC throughout its lifetime. RLAN is non-invasive and does not rely on any support from the 3PIP NoC provider. RLAN injects carefully selected monitoring packets in the network. Through these monitoring packets the SoC firmware can audit the application driven traffic and detect anomalous delays in their transit.


Competitive Advantages

While prior work has explored secure NoC design, techniques to thwart a rNoC have not been well explored. Also, prior protection mechanism cannot, unlike RLAN, detect or protect against a bandwidth denial attack caused by a rNoC. RLAN systematically monitors the trustworthiness of a 3PIP NoC during runtime. USU researchers demonstrated the efficacy of RLAN under different realistic environments using rigorous circuit-architectural analysis. In operation, RLAN incurs modest overheads of 12.7%, 9.8%, and 5.4% in area, power, and network latency, respectively.


Commercial Applications

•  Anything involved with NoCs

•  Hardware Security



•  Rajesh JS, Dean Michael Ancajas, Koushik Chakraborty, and Sanghamitra Roy. 2015. “Runtime Detection of a Bandwidth Denial Attack from a Rogue Network-on-Chip," in Proceedings of the 9th International Symposium on Networks-on-Chip (NOCS ‘15). ACM, New York, NY, USA, Article 8, 8 pages. doi=



Patent Information:
Computer Science
For Information, Contact:
Christian Iverson
Utah State University
Rajesh Jayashankarsridevi Dean Ancajas Koushik Chakraborty Sanghamitra Roy