HeatSense: Intelligent Thermal Anomaly Detection for Securing NoC-Enabled MPSoCs

TL;DR

This paper tackles the security risk of thermal-based hardware Trojans manipulating dynamic thermal management in NoC-enabled MPSoCs by proposing a lightweight, real-time anomaly-detection module embedded in NoC routers. The approach combines feature-driven selection, hardware-friendly thresholding with multi-tier sigma bounds, and a weighted moving average framework to detect and mitigate malicious temperature fluctuations with minimal hardware overhead. Experimental results from a two-stage CoMeT–AccessNoxim simulation show that high-signal feature sets achieve strong detection performance (up to ~82% accuracy) while reducing logic and specialized resources by up to 75% and 100%, respectively, compared with ML models like Random Forest. The work demonstrates a practical, low-cost security mechanism that preserves performance in resource-constrained NoC environments, enabling resilient thermal management in MPSoCs.

Abstract

Multi-Processor System-on-Chips (MPSoCs) are highly vulnerable to thermal attacks that manipulate dynamic thermal management systems. To counter this, we propose an adaptive real-time monitoring mechanism that detects abnormal thermal patterns in chip tiles. Our design space exploration helped identify key thermal features for an efficient anomaly detection module to be implemented at routers of network-enabled MPSoCs. To minimize hardware overhead, we employ weighted moving average (WMA) calculations and bit-shift operations, ensuring a lightweight yet effective implementation. By defining a spectrum of abnormal behaviors, our system successfully detects and mitigates malicious temperature fluctuations, reducing severe cases from 3.00°C to 1.9°C. The anomaly detection module achieves up to 82% of accuracy in detecting thermal attacks, which is only 10-15% less than top-performing machine learning (ML) models like Random Forest. However, our approach reduces hardware usage by up to 75% for logic resources and 100% for specialized resources, making it significantly more efficient than ML-based solutions. This method provides a practical, low-cost solution for resource-constrained environments, ensuring resilience against thermal attacks while maintaining system performance.

Figures (8)

• Figure 1: Temperature profiles of router attacks. (a) Attack behavior-1: initial lower captured temperatures followed by increased temperatures. (b) Attack behavior-2: initial higher captured temperatures followed by decreased temperatures. Green dashed line: real temperature; colored solid lines: captured temperatures during attack phases.
• Figure 2: Feature Importance in Network Model: Bar plot showing the importance of features, labeled by their corresponding feature numbers (F1, F2, ..., F19). Higher bars indicate a greater influence on the system's performance.
• Figure 3: Proposed router architecture based on the anomaly detection and action mechanism modules.
• Figure 4: State transition diagram illustrating the Anomaly Detection Module's response to different attack scenarios and corresponding port shutdown states.
• Figure 5: Comparison of classification accuracy between various machine learning models and the proposed anomaly detection module. (a) Binary classification results across multiple sets, including the anomaly detection module's performance. (b) Multi-class classification results across multiple sets, highlighting the anomaly detection module's accuracy alongside other models.