A Comprehensive End-to-End Security Framework for Optical On-Chip Networks

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture Pub Date : 2025-07-17 DOI:10.1016/j.sysarc.2025.103518

Uzmat Ul Nisa, Janibul Bashir

{"title":"A Comprehensive End-to-End Security Framework for Optical On-Chip Networks","authors":"Uzmat Ul Nisa, Janibul Bashir","doi":"10.1016/j.sysarc.2025.103518","DOIUrl":null,"url":null,"abstract":"<div><div>The Optical Network-on-Chip (ONoC) offers a promising solution to the challenges of scalability, high power consumption, and limited bandwidth inherent in current Electrical Network-on-Chip (ENoC) architectures. Despite its advantages, ONoC remains susceptible to various security threats, notably hardware Trojans (HTs). The insertion of an HT in any optical station can compromise the tuning circuits of microring resonators (MRs), enabling unauthorized manipulation of the data traversing the waveguides. Once compromised, these MRs can be exploited to intercept, alter, or even obstruct data transmission, thereby posing significant risks to the integrity, authenticity, and confidentiality of the communication. To mitigate such threats, various countermeasures can be employed. These include hardware-based authentication and encryption, physical tamper-proofing of the chip, and strict supply chain management to prevent the insertion of HTs during fabrication. Additionally, regular monitoring and auditing of the ONoC are crucial for detecting suspicious activities and implementing timely mitigation strategies. In this paper, we propose a comprehensive security framework designed to address these vulnerabilities at both the physical and application layers, effectively restricting the malicious activities of compromised MRs. At the physical layer, our approach leverages the deterministic power loss characteristics of ONoCs to identify abnormal MR behavior. Concurrently, at the application layer, we introduce a lightweight encryption scheme to secure inter-node communication, thereby preventing unauthorized access and data tampering within the ONoC. The evaluation showed acceptable area, power, and performance overheads, with an 18.2% increase in average packet latency and a 19.2% rise in the energy-delay (ED) product when integrated with state-of-the-art optical interconnects.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103518"},"PeriodicalIF":3.7000,"publicationDate":"2025-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125001900","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

The Optical Network-on-Chip (ONoC) offers a promising solution to the challenges of scalability, high power consumption, and limited bandwidth inherent in current Electrical Network-on-Chip (ENoC) architectures. Despite its advantages, ONoC remains susceptible to various security threats, notably hardware Trojans (HTs). The insertion of an HT in any optical station can compromise the tuning circuits of microring resonators (MRs), enabling unauthorized manipulation of the data traversing the waveguides. Once compromised, these MRs can be exploited to intercept, alter, or even obstruct data transmission, thereby posing significant risks to the integrity, authenticity, and confidentiality of the communication. To mitigate such threats, various countermeasures can be employed. These include hardware-based authentication and encryption, physical tamper-proofing of the chip, and strict supply chain management to prevent the insertion of HTs during fabrication. Additionally, regular monitoring and auditing of the ONoC are crucial for detecting suspicious activities and implementing timely mitigation strategies. In this paper, we propose a comprehensive security framework designed to address these vulnerabilities at both the physical and application layers, effectively restricting the malicious activities of compromised MRs. At the physical layer, our approach leverages the deterministic power loss characteristics of ONoCs to identify abnormal MR behavior. Concurrently, at the application layer, we introduce a lightweight encryption scheme to secure inter-node communication, thereby preventing unauthorized access and data tampering within the ONoC. The evaluation showed acceptable area, power, and performance overheads, with an 18.2% increase in average packet latency and a 19.2% rise in the energy-delay (ED) product when integrated with state-of-the-art optical interconnects.

查看原文本刊更多论文

光片上网络的综合端到端安全框架

光片上网络（ONoC）为当前片上电子网络（ENoC）架构中固有的可扩展性、高功耗和有限带宽的挑战提供了一个有前途的解决方案。尽管有这些优势，ONoC仍然容易受到各种安全威胁的影响，尤其是硬件木马（ht）。在任何光站中插入HT都可能危及微环谐振器（MRs）的调谐电路，从而使穿越波导的数据能够被未经授权的操纵。一旦被破坏，这些MRs可以被用来拦截、改变甚至阻碍数据传输，从而对通信的完整性、真实性和保密性构成重大风险。为了减轻这种威胁，可以采用各种对策。这些措施包括基于硬件的认证和加密，芯片的物理防篡改，以及严格的供应链管理，以防止在制造过程中插入ht。此外，对ONoC的定期监测和审计对于发现可疑活动和及时实施缓解战略至关重要。在本文中，我们提出了一个全面的安全框架，旨在解决物理层和应用层的这些漏洞，有效地限制受损mrs的恶意活动。在物理层，我们的方法利用onoc的确定性功率损耗特性来识别异常MR行为。同时，在应用层，我们引入了一种轻量级的加密方案来保护节点间通信，从而防止ONoC内未经授权的访问和数据篡改。评估显示了可接受的面积、功率和性能开销，当与最先进的光互连集成时，平均分组延迟增加18.2%，能量延迟（ED）产品增加19.2%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.