Attackers often use cache-related side-channel attacks on the last-level cache to extract sensitive information such as cryptographic keys.

Recently, MemPol [1] suggested to use the small microcontroller cores on today's multi processor system-on-chip platforms to trace the last-level cache activity of the big application cores for memory bandwidth regulation purposes. On most Arm platforms, the PMCs of the application cores are also exposed as memory-mapped devices (CoreSight [2]) and are thus accessible to other agents in the SoC. MemPol further uses the CoreSight debug mechanisms intended for hardware debuggers to halt and resume cores to implement per-core memory bandwidth regulation.

This thesis should follow MemPol's idea to monitor the PMCs of the big cores in real-time, but with a focus on the detection of cache-related side-channel attacks.

Thesis goals:
1) identify a set of PMCs to detect cache-related side-channel attacks,
2) implement an online detection mechanism of such attacks on the small core,
3) propose and evaluate possible mitigations to hinder such attacks.

The evaluation platform should happen on a four-core Arm-based system running Linux, e.g. AMD Kria [3,4] or NXP i.MX8M-based board [5], as an implementation of MemPol is available for these boards [6].

[1] A. Zuepke et al: MemPol: Polling-based Microsecond-scale Per-core Memory Bandwidth Regulation. Real-Time Syst. 2024. https://doi.org/10.1007/s11241-024-09422-8

[2] https://developer.arm.com/Architectures/CoreSight%20Architecture

[3] https://www.amd.com/en/products/system-on-modules/kria/k26/kv260-vision-starter-kit.html

[4] https://www.amd.com/en/products/system-on-modules/kria/k26/kr260-robotics-starter-kit.html

[5] https://coral.ai/products/dev-board

[6] MemPol implementation: https://gitlab.com/azuepke/mempol

C, Linux, Makefile, Bash, good understanding of computer architecture, especially caches

Students from Informatics and Electrical Engineering can apply