Srinivas Devadas

Massachusetts Institute of Technology, Cambridge, Massachusetts, United States

Are you Srinivas Devadas?

Claim your profile

Publications (380)153.31 Total impact

  • Keun Sup Shim · Mieszko Lis · Omer Khan · Srinivas Devadas ·
    [Show abstract] [Hide abstract]
    ABSTRACT: For certain applications involving chip multiprocessors with more than 16 cores, a directoryless architecture with fine-grained and partial-context thread migration can outperform directory-based coherence, providing lighter on-chip traffic and reduced verification complexity.
    Computer 09/2015; 48(9):50-59. DOI:10.1109/MC.2015.263 · 1.44 Impact Factor
  • Source
    Xiangyao Yu · Muralidaran Vijayaraghavan · Srinivas Devadas ·
    [Show abstract] [Hide abstract]
    ABSTRACT: We prove the correctness of a recently-proposed cache coherence protocol, Tardis, which is simple, yet scalable to high processor counts, because it only requires O(logN) storage per cacheline for an N-processor system. We prove that Tardis follows the sequential consistency model and is both deadlock- and livelock-free. Our proof is based on simple and intuitive invariants of the system and thus applies to any system scale and many variants of Tardis.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Oblivious RAM (ORAM) is a cryptographic primitive that hides memory access patterns as seen by untrusted storage. Recently, ORAM has been architected into secure processors. A big challenge for hardware ORAM schemes is how to efficiently manage the Position Map (PosMap), a central component in modern ORAM algorithms. Implemented naively, the PosMap causes ORAM to be fundamentally unscalable in terms of on-chip area. On the other hand, a technique called Recursive ORAM fixes the area problem yet significantly increases ORAM's performance overhead. To address this challenge, we propose three new mechanisms. We propose a new ORAM structure called the PosMap Lookaside Buffer (PLB) and PosMap compression techniques to reduce the performance overhead from Recursive ORAM empirically (the latter also improves the construction asymptotically). Through simulation, we show that these techniques reduce the memory bandwidth overhead needed to support recursion by 95%, reduce overall ORAM bandwidth by 37% and improve overall SPEC benchmark performance by 1.27x. We then show how our PosMap compression techniques further facilitate an extremely efficient integrity verification scheme for ORAM which we call PosMap MAC (PMMAC). For a practical parameterization, PMMAC reduces the amount of hashing needed for integrity checking by >= 68x relative to prior schemes and introduces only 7% performance overhead. We prototype our mechanisms in hardware and report area and clock frequency for a complete ORAM design post-synthesis and post-layout using an ASIC flow in a 32~nm commercial process. With 2 DRAM channels, the design post-layout runs at 1~GHz and has a total area of .47~mm2. Depending on PLB-specific parameters, the PLB accounts for 10% to 26% area. PMMAC costs 12% of total design area. Our work is the first to prototype Recursive ORAM or ORAM with any integrity scheme in hardware.
    ACM SIGPLAN Notices 05/2015; 50(4):103-116. DOI:10.1145/2775054.2694353 · 0.66 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: We build and evaluate Tiny ORAM, an Oblivious RAM prototype on FPGA. Oblivious RAM is a cryptographic primitive that completely obfuscates an application’s data, access pattern, and read/write behavior to/from external memory (such as DRAM or disk). Tiny ORAM makes two main contributions. First, by removing an algorithmic bottleneck in prior work, Tiny ORAM is the first hardware ORAM design to support arbitrary block sizes (e.g., 64 Bytes to 4096 Bytes). With a 64 Byte block size, Tiny ORAM can finish an access in 1.4 µs, over 40X faster than the prior-art implementation. Second, through novel algorithmic and engineering-level optimizations, Tiny ORAM reduces the number of symmetric encryption operations by ~ 3X compared to a prior work. Tiny ORAM is also the first design to implement and report real numbers for the cost of symmetric encryption in hardware ORAM constructions. Putting it together, Tiny ORAM requires 18381 (5%) LUTs and 146 (13%) Block RAM on a Xilinx XC7VX485T FPGA, including the cost of encryption

  • ACM SIGARCH Computer Architecture News 03/2015; 43(1):103-116. DOI:10.1145/2786763.2694353
  • Michel A. Kinsy · Srinivas Devadas ·
    [Show abstract] [Hide abstract]
    ABSTRACT: In this paper we present an Integer Linear Programming (ILP) formulation and two non-iterative heuristics for scheduling a task-based application onto a heterogeneous many-core architecture. Our ILP formulation is able to handle different application performance targets, e.g., low execution time, low memory miss rate, and different architectural features, e.g., cache sizes. For large size problem where the ILP convergence time may be too long, we propose a simple mapping algorithm which tries to spread tasks onto as many processing units as possible, and a more elaborate heuristic that shows good mapping performance when compared to the ILP formulation. We use two realistic power electronics applications to evaluate our mapping techniques on full RTL many-core systems consisting of eight different types of processor cores.
  • M.A. Kinsy · S. Devadas ·
    [Show abstract] [Hide abstract]
    ABSTRACT: The increasing complexity of embedded systems is accelerating the use of multicore processors in these systems. This trend gives rise to new problems such as the sharing of on-chip network resources among hard real-time and normal best effort data traffic. We propose a network-on-chip router that provides predictable and deterministic communication latency for hard real-time data traffic while maintaining high concurrency and throughput for best-effort/general-purpose traffic with minimal hardware overhead. The proposed router requires less area than non-interfering networks, and provides better Quality of Service (QoS) in terms of predictability and determinism to hard real-time traffic than priority-based routers. We present a deadlock-free algorithm for decoupled routing of the two types of traffic. We compare the area and power estimates of three different router architectures with various QoS schemes using the IBM 45-nm SOI CMOS technology cell library. Performance evaluations are done using three realistic benchmark applications: a hybrid electric vehicle application, a utility grid connected photovoltaic converter system, and a variable speed induction motor drive application.
  • Source
    Xiangyao Yu · Srinivas Devadas ·
    [Show abstract] [Hide abstract]
    ABSTRACT: A new memory coherence protocol, TARDIS, is proposed. TARDIS uses timestamp counters representing logical as opposed to physical time to order memory operations and enforce memory consistency models in any type of shared memory system. Compared to the widely-adopted directory coherence protocol, TARDIS is simpler, only requires O(log N ) storage per cache block for an N-core system rather than the O(N) sharer information required by conventional directory protocols, and integrates better with some system optimizations. On average, TARDIS achieves similar performance to directory protocols on a wide range of benchmarks.

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper describes the use of physical unclonable functions (PUFs) in low-cost authentication and key generation applications. First, it motivates the use of PUFs versus conventional secure nonvolatile memories and defines the two primary PUF types: “strong PUFs” and “weak PUFs.” It describes strong PUF implementations and their use for low-cost authentication. After this description, the paper covers both attacks and protocols to address errors. Next, the paper covers weak PUF implementations and their use in key generation applications. It covers error-correction schemes such as pattern matching and index-based coding. Finally, this paper reviews several emerging concepts in PUF technologies such as public model PUFs and new PUF implementation technologies.
    Proceedings of the IEEE 08/2014; 102(8):1126-1141. DOI:10.1109/JPROC.2014.2320516 · 4.93 Impact Factor
  • G. Edward Suh · George Kurian · Srinivas Devadas · Larry Rudolph ·
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents the author retrospective on the analytical cache modeling work published in the 2001 International Conference on Supercomputing (ICS). We summarize the history of the work, revisit primary observations and lessons that we learned from the modeling effort, and also briefly describe follow-up work to show how the research direction evolved over time. Original Paper:
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper details the design and application of a new ultra-high speed real-time simulation for Hardware-in-the-Loop (HiL) testing and design of high-power power electronics systems. Our real-time hardware emulation for HiL system is based on a custom, heterogeneous, recon-figurable, multicore processor design that emulates power electronics, and includes a circuit compiler that translates graphic system models into processor executable machine code. We present digital processor architecture details, and describe the process of power electronic cir-cuit compilation. This approach to real-time emulation yields real-time execution in the order of 1µs simulation time step (including input/output latency) for a broad class of power electronics converters. In addition, we present HiL simulation experimental results for three representative systems: namely, a variable speed induction motor drive, a utility grid connected photovoltaic converter system, and a hybrid electric vehicle motor drive.
  • Meng-Day Yu · David M'Raihi · Ingrid Verbauwhede · Srinivas Devadas ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Physical Unclonable Functions (PUFs) allow a silicon device to be authenticated based on its manufacturing variations using challenge/response evaluations. Popular realizations use linear additive functions as building blocks. Security is scaled up using non-linear mixing (e.g., adding XORs). Because the responses are physically derived and thus noisy, the resulting explosion in noise impacts both the adversary (which is desirable) as well as the verifier (which is undesirable). We present the first architecture for linear additive physical functions where the noise seen by the adversary and the noise seen by the verifier are bifurcated by using a randomized decimation technique and a novel response recovery method at an authentication verification server. We allow the adversary's noise ηa → 0.50 while keeping the verifier's noise ηv constant, using a parameter-based authentication modality that does not require explicit challenge/response pair storage at the server. We present supporting data using 28nm FPGA PUF noise results as well as machine learning attack results. We demonstrate that our architecture can also withstand recent side-channel attacks that filter the noise (to clean up training challenge/response labels) prior to machine learning.
    2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST); 05/2014
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper described recent improvements to the Graphite simulator designed to help explore current and emerging research topics. With these improvements, Graphite is ideally suited to explore both power and performance in future multicore and manycore processors, especially those incorporating dynamic runtime monitoring and adaptation. Separate validation of Graphite has shown performance results within about 6% on average (18% worst case) of a cycle-level simulator and normalized power trends are predicted to within 10%. This makes Graphite accurate enough for medium- to long-term studies while maintaining very high performance. Graphite is freely available for anyone to use:
    International Symposium on Performance Analysis of Systems and Software (ISPASS), Monterey, CA; 03/2014
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes novel robust and low-overhead physical unclonable function (PUF) authentication and key exchange protocols that are resilient against reverse-engineering attacks. The protocols are executed between a party with access to a physical PUF (prover) and a trusted party who has access to the PUF compact model (verifier). The proposed protocols do not follow the classic paradigm of exposing the full PUF responses or a transformation of them. Instead, random subsets of the PUF response strings are sent to the verifier so the exact position of the subset is obfuscated for the third-party channel observers. Authentication of the responses at the verifier side is done by matching the substring to the available full response string; the index of the matching point is the actual obfuscated secret (or key) and not the response substring itself. We perform a thorough analysis of resiliency of the protocols against various adversarial acts, including machine learning and statistical attacks. The attack analysis guides us in tuning the parameters of the protocol for an efficient and secure implementation. The low overhead and practicality of the protocols are evaluated and confirmed by hardware implementation.
    IEEE Transactions on Emerging Topics in Computing 03/2014; 2(1):37-49. DOI:10.1109/TETC.2014.2300635
  • George Kurian · Srinivas Devadas · Omer Khan ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Next generation multicores will process massive data with varying degree of locality. Harnessing on-chip data locality to optimize the utilization of cache and network resources is of fundamental importance. We propose a locality-aware selective data replication protocol for the last-level cache (LLC). Our goal is to lower memory access latency and energy by replicating only high locality cache lines in the LLC slice of the requesting core, while simultaneously keeping the off-chip miss rate low. Our approach relies on low overhead yet highly accurate in-hardware run-time classification of data locality at the cache line granularity, and only allows replication for cache lines with high reuse. Furthermore, our classifier captures the LLC pressure at the existing replica locations and adapts its replication decision accordingly. The locality tracking mechanism is decoupled from the sharer tracking structures that cause scalability concerns in traditional coherence protocols. Moreover, the complexity of our protocol is low since no additional coherence states are created. On a set of parallel benchmarks, our protocol reduces the overall energy by 16%, 14%, 13% and 21% and the completion time by 4%, 9%, 6% and 13% when compared to the previously proposed Victim Replication, Adaptive Selective Replication, Reactive-NUCA and Static-NUCA LLC management schemes.
    2014 IEEE 20th International Symposium on High-Performance Computer Architecture (HPCA); 02/2014
  • [Show abstract] [Hide abstract]
    ABSTRACT: Oblivious RAM (ORAM) is an established cryptographic technique to hide a program's address pattern to an untrusted storage system. More recently, ORAM schemes have been proposed to replace conventional memory controllers in secure processor settings to protect against information leakage in external memory and the processor I/O bus. A serious problem in current secure processor ORAM proposals is that they don't obfuscate when ORAM accesses are made, or do so in a very conservative manner. Since secure processors make ORAM accesses on last-level cache misses, ORAM access timing strongly correlates to program access pattern (e.g., locality). This brings ORAM's purpose in secure processors into question. This paper makes two contributions. First, we show how a secure processor can bound ORAM timing channel leakage to a user-controllable leakage limit. The secure processor is allowed to dynamically optimize ORAM access rate for power/performance, subject to the constraint that the leakage limit is not violated. Second, we show how changing the leakage limit impacts program efficiency. We present a dynamic scheme that leaks at most 32 bits through the ORAM timing channel and introduces only 20% performance overhead and 12% power overhead relative to a baseline ORAM that has no timing channel protection. By reducing leakage to 16 bits, our scheme degrades in performance by 5% but gains in power efficiency by 3%. We show that a static (zero leakage) scheme imposes a 34% power overhead for equivalent performance (or a 30% performance overhead for equivalent power) relative to our dynamic scheme.
    2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA); 02/2014
  • Keun Sup Shim · Marcin Lis · Omar Khan · Srinivas Devadas ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Chip-multiprocessors (CMPs) have become the mainstream parallel architecture in recent years; for scalability reasons, designs with high core counts tend towards tiled CMPs with physically distributed shared caches. This naturally leads to a Non-Uniform Cache Access (NUCA) design, where on-chip access latencies depend on the physical distances between requesting cores and home cores where the data is cached. Improving data locality is thus key to performance, and several studies have addressed this problem using data replication and data migration. In this paper, we consider another mechanism, hardware-level thread migration. This approach, we argue, can better exploit shared data locality for NUCA designs by effectively replacing multiple round-trip remote cache accesses with a smaller number of migrations. High migration costs, however, make it crucial to use thread migrations judiciously; we therefore propose a novel, on-line prediction scheme which decides whether to perform a remote access (as in traditional NUCA designs) or to perform a thread migration at the instruction level. For a set of parallel benchmarks, our thread migration predictor improves the performance by 24% on average over the shared-NUCA design that only uses remote accesses.
    IEEE Computer Architecture Letters 01/2014; 13(1):53-56. DOI:10.1109/L-CA.2012.30 · 0.68 Impact Factor

  • 25th Anniversary International Conference; 01/2014
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: A major security concern with outsourcing data storage to third-party providers is authenticating the integrity and freshness of data. State-of-the-art software-based approaches require clients to maintain state and cannot immediately detect forking attacks, while approaches that introduce limited trusted hardware (e.g., a monotonic counter) at the storage server achieve low throughput. This paper proposes a new design for authenticating data storage using a small piece of high-performance trusted hardware attached to an untrusted server. The proposed design achieves significantly higher throughput than previous designs. The server-side trusted hardware allows clients to authenticate data integrity and freshness without keeping any mutable client-side state. Our design achieves high performance by parallelizing server-side authentication operations and permitting the untrusted server to maintain caches and schedule disk writes, while enforcing precise crash recovery and write access control.
    Proceedings of the 2013 ACM workshop on Cloud computing security workshop; 11/2013

Publication Stats

12k Citations
153.31 Total Impact Points


  • 1988-2014
    • Massachusetts Institute of Technology
      • • Laboratory for Computer Science
      • • Computer Science and Artificial Intelligence Laboratory
      • • Department of Electrical Engineering and Computer Science
      Cambridge, Massachusetts, United States
  • 2013
    • Idenix Pharmaceuticals, Inc.
      Cambridge, Massachusetts, United States
  • 2012
    • RSA Laboratories
      Cambridge, Massachusetts, United States
    • McGill University
      • McGill Centre for Bioinformatics
      Montréal, Quebec, Canada
  • 2004-2012
    • Distributed Artificial Intelligence Laboratory
      Berlín, Berlin, Germany
  • 2007
    • Cornell University
      • Department of Electrical and Computer Engineering
      Итак, New York, United States
  • 1986-2001
    • University of California, Berkeley
      • Department of Electrical Engineering and Computer Sciences
      Berkeley, California, United States
  • 1998
    • The University of Arizona
      Tucson, Arizona, United States
    • MIT Portugal
      Porto Salvo, Lisbon, Portugal
    • California State University
      • Department of Electrical & Computer Engineering
      Long Beach, California, United States
  • 1997
    • Institute for Systems and Computer Engineering of Porto (INESC Porto)
      Oporto, Porto, Portugal
  • 1993-1997
    • Princeton University
      • Department of Electrical Engineering
      Princeton, New Jersey, United States
  • 1992
    • Synopsys
      Mountain View, California, United States