A Flexible Multi-Processor System-on-a-Chip Architecture for Safety and Security-Critical Applications (by Daniel Kliem)


Modularization is a common design pattern in safety- and security-critical embedded software designs. It is mainly motivated by complexity reduction but also allows for effort and cost reduction during development. Domain segregation is a key concept to support such system partitioning. In contrast to strict isolation, segregation allows for communication between segregated components.

This thesis presents a concept of a robust, safe, secure, and efficient architecture with segregation support that is well prepared for certification. Moreover, it deals with aspects of prototype realization on an Field Programmable Gate Array (FPGA) platform. The goal is to host different safety and security critical functions with as few hardware components as possible: the System-on-a-Chip (SoC) approach.

Software solutions, i. e., operating systems with time and space partitioning, are state-of-the-art approaches to handle segregation. As an alternative to pure software solutions, and to circumvent their particular drawbacks, a novel SoC architecture is proposed. The architecture offers hardware enforced segregation and is completely transparent to software applications. Since it targets reconfigurable platforms, the architecture is flexible and can be tailored to application specific needs at design time. This approach follows the recent trend of chip-multiprocessing. Instead of focusing solely on software partitioning, the architecture segregates whole computer systems on a single chip. Segregation is achieved with a hierarchical connection of memory busses by secure bus bridges. Different bridge designs are evaluated. Special attention is paid to performance evaluation and avoidance of temporal conflicts. The architecture is evaluated by dedicated bus observers using simulation and hardware prototypes. It is finally able to run multiple isolated off-the-shelf Linux systems.