SoCurity: Enhancing SoC Security with Anomalous Activity Detection and Localization

As systems-on-a-chip (SoCs) that power our devices become increasingly heterogeneous to meet low-power, high-performance computational requirements, they also become more vulnerable to the possible impacts of an on-chip resource availability attack. In this paper, we present SoCurity, the first network-on-chip (NoC) counter-based hardware monitoring approach for enhancing heterogeneous SoC security. With this monitoring approach, we develop a fast, lightweight anomalous activity detection and localization system at the hardware level. The presented detection system uses semi-supervised machine learning models, and requires no prior attack knowledge for detecting anomalous activity. This design choice provides protection against existing and novel future attacks impacting on-chip resource availability. Our localization engine leverages the inherent interpretability of SoCurity’s NoC counters to locate detected anomalous activity in the SoC for focused recovery. We demonstrate our techniques with a case study on a real SoC implementation for a connected autonomous vehicle system and find up to 96% detection accuracy and fast detection (∼30μs for prediction on an ASIC) in online experiments. Furthermore, we show that the flagged anomalous activity can be reliably localized for up to 99% of detected anomalous activity in our experiments.