Shared Resource Denial-of-Service Attacks on Multicore Platforms

With the increased adoption of machine learning algorithms across many different fields, powerful computing platforms have become necessary to meet their computational needs. Multicore platforms are a popular choice due to their ability to provide greater computing capabilities and still meet the different size, weight, and power (SWaP) constraints. As a result, multicore systems are also being employed at an increasing rate. However, contention for hardware resources between the multiple cores is a significant challenge as it can lead to interference and unpredictable timing behaviors. Furthermore, this contention can be intentionally induced by malicious actors with the specific goals of inhibiting system performance and increasing the execution time of safety-critical tasks. This is done by performing Denial-of-Service (DoS) attacks that target shared resources in order to prevent other cores from accessing them. When done properly, these DoS attacks can have significant impacts to performance and can threaten system safety. For example, we find that DoS attacks can cause >300X slowdown on the popular Raspberry Pi 3 embedded platform. Due to the inherent risks, it is vital that we discover and understand the mechanisms through which shared resource contention can occur and develop solutions that mitigate or prevent the potential impacts.

In this work, we investigate and evaluate shared resource contention on multicore platforms and the impacts it can have on the performance of real-time tasks. Leveraging this contention, we propose various Denial-of-Service attacks that each target different shared resources in the memory hierarchy with the goal of causing as much slowdown as possible. We show that each attack can inflict significant temporal slowdowns to victim tasks on target platforms by exploiting different hardware and software mechanisms. We then develop and analyze techniques for providing shared resource isolation and temporal performance guarantees for safety-critical tasks running on multicore platforms. In particular, we find that bandwidth throttling mechanisms are effective solutions against many DoS attacks and can protect the performance of real-time victim tasks.