Combining synchronous and asynchronous timing schemes for high-performance systems

Globally asynchronous, locally synchronous (GALS) design is emerging as the architecture of choice for certain applications. In a GALS system, the circuitry in each timing domain is locally synchronized, and different clock domains are glued together according to asynchronous communication schemes. This issue of IEEE Design & Test introduces some basic design and validation issues of the GALS architecture. The editorial from the guest editors outlines the scope of this special theme. In addition to the special theme, this issue also includes a special section highlighting the International Test Conference (ITC). Finally, there is a short report of highlights from the 2007 Design Automation Conference held earlier this year.     

A Survey and Taxonomy of GALS Design Styles

Single-clocked digital systems are largely a thing of the past. Although most digital circuits remain synchronous, many designs feature multiple clock domains, often running at different frequencies. Using an asynchronous interconnect decouples the timing issues for the separate blocks. Systems employing such schemes are called globally asynchronous, locally synchronous (GALS). To minimize time to market, large SoC designs must integrate many functional blocks with minimal design effort. These blocks are usually designed using standard synchronous methods and often have different clocking requirements. A GALS approach can facilitate fast block reuse by providing wrapper circuits to handle interblock communication across clock domain boundaries. SoCs may also achieve power savings by clocking different blocks at their minimum speeds. For example, Scott et al. describe the advantages of GALS design for an embedded-processor peripheral bus.     

Guest Editors' Introduction: GALS Design and Validation

Globally asynchronous, locally synchronous (GALS) design has grown in popularity in both academia and industry. Breaking the synchrony assumption in digital design is often unsettling for designers, and to alleviate the difficulty, researchers in EDA have been proposing various GALS-based solutions. However, the tools, verification techniques, and testing methodologies for asynchronous designs are not as widespread as for synchronous digital design, leading to the hitherto limited usage of GALS design approaches. This special issue introduces some of the basic issues of GALS design and validation in the hardware domain. The hope is that this special issue will generate more interest by researchers and industry practitioners in creating design tools, techniques, and validation methodologies for GALS design.     

A Highly Scalable GALS Crossbar Using Token Ring Arbitration

With increases in die size and clock frequency, driving signals across dies is becoming increasingly more difficult. To reduce clock skew and power, the general trend is to use multiple clock domains on a single die, making both synchronous and asynchronous interclock domain communication possible. The 2005 International Technology Roadmap for Semiconductors states that asynchronous global signaling is required to handle multiple clock domains. According to the ITRS, the globally asynchronous, locally synchronous (GALS) methodology should address this problem. This methodology enables the use of a clocked design for smaller-scale functional units, and this has been the standard approach in industry. The GALS methodology also makes it possible to connect synchronous functional units using robust asynchronous interconnects. The efficient design of an asynchronous crossbar is one of the most promising implementations of the GALS methodology. In this article, we present a low-latency crossbar that uses a distributed arbitration mechanism in the form of token rings. We further improve the latency of this implementation by implementing asynchronous-to-synchronous and synchronous-to-asynchronous interface logic using bidirectional signals. These signals serve as requests and acknowledges, and they exhibit a very fast GasP-like implementation - although, unlike GasP, this implementation is not self-resetting.     

Surge:一种新型、低资源、高效的轻量级分组密码算法

目前,适合资源约束的轻量级密码算法已成为研究热点。提出一种低资源、高性能与高安全性的新轻量级分组密码算法Surge。Surge密码分组长度为64位,使用64位、80位和128位3种密钥长度,且基于SPN结构。轮函数分为5个模块,密钥扩展模块采用无扩展方式;轮常数加模块采用0到15的数字组合成轮常数,构造高效且高度混淆的轮常数加变换;列混合模块利用易于硬件实现的(0,1,2,4)组合矩阵,从而可以在有限域GF(2⁴)上构造硬件实现友好型矩阵。将Surge算法在FPGA上进行了实现,实验结果表明,相对于目前SPN结构的轻量级密码算法,Surge算法占用的面积资源更小,同时有着良好的加密性能;安全性实验证明了Surge可以有效抗差分与线性攻击、代数攻击。     

Formal modelling and verification of GALS systems using GRL and CADP

A GALS (Globally Asynchronous, Locally Synchronous) system consists of several synchronous components that evolve concurrently and interact with each other asynchronously. The design of GALS systems is tedious and error-prone due to the high degree of synchronous and asynchronous concurrency present in complex architectures. In this paper, we present GRL (GALS Representation Language), a formal language designed to model GALS systems, for the purpose of formal verification of the asynchronous aspects. GRL combines the synchronous reactive model underlying dataflow languages and the asynchronous concurrent model underlying process algebras. We propose a translation from GRL to LNT, a value-passing concurrent language with classical process algebra flavour. This makes possible the analysis of GRL specifications using all the state-of-the-art simulation and verification functionalities provided by the CADP toolbox.     

Dynamic frequency and voltage scaling for a multiple-clock-domain microprocessor

Multiple clock domains is one solution to the increasing problem of propagating the clock signal across increasingly larger and faster chips. The ability to independently scale frequency and voltage in each domain creates a powerful means of reducing power dissipation. A multiple clock domain (MCD) microarchitecture, which uses a globally asynchronous, locally synchronous (GALS) clocking style, permits future aggressive frequency increases, maintains a synchronous design methodology, and exploits the trend of making functional blocks more autonomous. In MCD, each processor domain is internally synchronous, but domains operate asynchronously with respect to one another. Designers still apply existing synchronous design techniques to each domain, but global clock skew is no longer a constraint. Moreover, domains can have independent voltage and frequency control, enabling dynamic voltage scaling at the domain level.     

系统可靠性预计与分配集成系统的设计与实现

文章对系统可靠性框图建模、可靠性预计、可靠性分配的过程及相互关系进行了分析，在此基础上给出了系统可靠性预计与分配集成系统的体系结构及系统的各主要模块的功能设计，介绍了系统的实现技术，同时提出了可靠性框图模型的数据结构。     

A Multiparty Videoconferencing System Over an Application-Level Multicast Protocol

Increased speeds of PCs and networks have made media communications possible on the Internet. Today, the need for desktop videoconferencing is experiencing robust growth in both business and consumer markets. However, the synchronous delivery of high-volume media content is still a big challenge under a current heterogeneous Internet environment. In this paper, we present a multiparty videoconferencing system based on a peer-to-peer (P2P) solution. The contribution of our paper is twofold. On the one hand, we design an application-level multicast scheme which intends to tolerate the heterogeneity in videoconferencing applications. Design tradeoffs are analyzed and our decisions are made based on extensive experimentation. On the other, we design a five-layer architecture for implementing a multiparty videoconferencing system. This architecture makes a clear-cut distinction between different functional modules and therefore provides rich flexibility in feature adaptation. We believe that our work can be a helpful reference in other efforts on building desktop videoconferencing systems.     

Protection of heterogeneous architectures on FPGAs: An approach based on hardware firewalls

Embedded systems are parts of our daily life and used in many fields. They can be found in smartphones or in modern cars including GPS, light/rain sensors and other electronic assistance mechanisms. These systems may handle sensitive data (such as credit card numbers, critical information about the host system and so on) which must be protected against external attacks as these data may be transmitted through a communication link where attackers can connect to extract sensitive information or inject malicious code within the system. This work presents an approach to protect communications in multiprocessor architectures. This approach is based on hardware security enhancements acting as firewalls. These firewalls filter all data going through the system communication bus and an additional flexible cryptographic block aims to protect external memory from attacks. Benefits of our approach are demonstrated using a case study and some custom software applications implemented in a Field-Programmable Gate Array (FPGA). Firewalls implemented in the target architecture allow getting a low-latency security layer with flexible cryptographic features. To illustrate the benefit of such a solution, implementations are discussed for different MPSoCs implemented on Xilinx Virtex-6 FPGAs. Results demonstrate a reduction up to 33% in terms of latency overhead compared to existing efforts.     

基于集散决策体系结构的智能车辆自主导航

智能车辆的体系结构作为智能车辆系统的基础,在构建智能车辆前必须得到合理的设计。为保证智能车辆系统的实时性和智能性,提出了基于集散决策的智能车辆体系结构。该结构由信息感知、规划决策、执行3个基本模块组成,其中规划决策分为低层次的分散决策和高层次的集中决策;分散决策对各种环境信息进行并行处理以得到各局部决策结果,集中决策对各分散决策结果进行综合判断并做出最终决策。按照以上设计思想,对道路环境下的智能车辆体系结构进行了仿真,同时实际构建了智能车辆车道识别及跟踪系统的体系结构。并进行了系统设计及实车试验。仿真结果表明,智能车辆能够根据实际环境信息做出合理决策,顺利完成车道跟踪、车距保持、换道行驶等任务。试验结果表明,在该体系结构控制下的智能车辆系统能够准确、可靠地完成车道识别、车道跟踪及车速保持任务。     

识别密码算法具体实现中潜在功耗攻击的理论分析方法

为验证密码算法具体实现技术抗功耗攻击的有效性,提出一种可发现在密码算法具体实现中可能存在的功耗攻击的分析方法,主要包括识别潜在攻击的基本理论、描述密码算法具体实现的增强数据相关图、根据基本理论和增强数据相关图以识别不同强度功耗攻击的算法,并给出针对一种典型的AES算法防护技术的分析结果.结合文中的结果以及密码算法部件抗功耗攻击能力的量化分析,可以建立相应的抗功耗攻击的设计流程.     

Stochastic stability analysis of networked control systems with random cryptographic protection under random zero-measurement attacks

Security issues in networked control systems (NCSs) have received increasing attention in recent years. However, security protection often requires extra energy consumption, computational overhead, and time delays, which could adversely affect the real-time and energy-limited system. In this paper, random cryptographic protection is implemented. It is less expensive with respect to computational overhead, time, and energy consumption, compared with persistent cryptographic protection. Under the consideration of weak attackers who have little system knowledge, ungenerous attacking capability and the desire for stealthiness and random zero-measurement attacks are introduced as the malicious modification of measurements into zero signals. NCS is modeled as a stochastic system with two correlated Bernoulli distributed stochastic variables for implementation of random cryptographic protection and occurrence of random zero-measurement attacks; the stochastic stability can be analyzed using a linear matrix inequality (LMI) approach. The proposed stochastic stability analysis can help determine the proper probability of running random cryptographic protection against random zero-measurement attacks with a certain probability. Finally, a simulation example is presented based on a vertical take-off and landing (VTOL) system. The results show the effectiveness, robustness, and application of the proposed method, and are helpful in choosing the proper protection mechanism taking into account the time delay and in determining the system sampling period to increase the resistance against such attacks.     

High-Level Side-Channel Attack Modeling and Simulation for Security-Critical Systems on Chips

The design flow of a digital cryptographic device must take into account the evaluation of its security against attacks based on side channels observation. The adoption of high level countermeasures, as well as the verification of the feasibility of new attacks, presently require the execution of timeconsuming physical measurements on the prototype product or the simulation at a low abstraction level. Starting from these assumptions, we developed an exploration approach centered on high level simulation, in order to evaluate the actual implementation of a cryptographic algorithm, being it software or hardware based. The simulation is performed within a unified tool based on SystemC, that can model a software implementation running on a microprocessor-based architecture or a dedicated hardware implementation as well as mixed software-hardware implementations with cycle-accurate resolution. Here we describe the tool and provide a large set of design explorations and characterizations based on actual implementations of the AES cryptographic algorithm, demonstrating how the execution of a large set of experiments allowed by the fast simulation engine can lead to important improvements in the knowledge and the identification of the weaknesses in cryptographic algorithm implementations.     

Moving from Weakly Endochronous Systems to Delay-Insensitive Circuits

We consider the problem of synthesizing the asynchronous wrappers and glue logic needed for the correct GALS implementation of a modular synchronous system. Our approach is based on the weakly endochronous synchronous model, which defines high-level, implementation-independent conditions guaranteeing correct desynchronization at the level of the abstract synchronous model. We can therefore factor the synthesis problem into (1) a high-level, implementation-independent phase insuring the weak endochrony of each synchronous module and (2) the actual wrapper synthesis phase, highly simplified by the high-level assumptions, yet flexible enough to produce various, efficient implementations.We focus here on the synthesis of delay-insensitive asynchronous wrappers from weakly endochronous synchronous modules, and show how this can be done for a simple DLX processor model.     

防DPA攻击的两种不同逻辑比较研究

DPA是一种非常有效的密码处理器攻击技术,它能够通过对密码处理器的功耗行为进行分析来获取密钥值。运用功耗恒定的标准单元实现密码处理器可以很好地达到防DPA攻击的目的。本文针对不同的集成电路制造工艺,分别对DIX2VSL与SABL两种不同逻辑的防DPA攻击特性进行比较分析。实验结果表明．随着晶体管沟道长度的减小,内部节点电容容对功耗恒定特性的作用逐渐减小,DDCVSL与SABL具有相近的防DPA攻击特性。同时,DDCVSL的功耗、延迟与面积小于SABL。     

Overview about attacks on smart cards

When compared with data carriers such as cards with magnetic stripes or diskettes, the potential for protecting and securing data is one of the main advantages of cards with electronic chips (smart cards). Consequently, the chip hardware must be designed in an optimum fashion to meet this purpose; this includes the corresponding cryptographic procedures for securing the secret data. However, security is not only dependent on the specialised hardware of the microcontroller or on the cryptographic algorithms implemented in the operating system software. The security of applications for smart cards and the design principles applied by the developers to meet these security needs are of fundamental importance. The essential property of a smart card is its ability to offer a secure environment for data and programs. This article examines the range of possible attacks against smart cards, and the measures that can be used to protect against these attacks.