System on Chip Rejuvenation in the Wake of Persistent Attacks

Abstract

To cope with the ever increasing threats of dynamic and adaptive persistent attacks, Fault and Intrusion Tolerance (FIT) is being studied at the hardware level to increase critical systems resilience. Based on state-machine replication, FIT is known to be effective if replicas are compromised and fail independently. This requires different ways of diversification at the software and hardware levels. In this paper, we introduce the first hardware-based rejuvenation framework, we call Samsara, that allows for creating new computing cores (on which FIT replicas run) with diverse architectures. This is made possible by taking advantage of the programmable and reconfigurable features of MPSoC with an FPGA. A persistent attack that analyzes and exploits the vulnerability of a core will not be able to exploit it as rejuvenation to a different core architecture is made fast enough. We discuss the feasibility of this design, and we leave the empirical evaluations for future work.