Traditional multiprocessor architectures allow a modular system design and an easy integration of different components into one system. However, hardware components are not isolated from each other and therefore can communicate with all other components, utilize I/O interfaces, and access each memory. Hence, malicious components may compromise the whole system. In order to mitigate these security risks, the goal of the research topic is to deploy a componentized, microkernel-based operating system with a tile-based hardware architecture and communication control. A component-based system design follows the isolation-by-default concept and thus improves both security and reusability.
The presented hardware architecture consists of multiple heterogeneous tiles which are connected by a network-on-chip. Each tile may include processing cores, accelerators, or application-specialized hardware, but can also interface to I/O peripherals or off-chip memory. The isolation between tiles is enforced by Trusted Communication Units (TCUs) which set up dedicated communication channels. Only the kernel running on a selected tile is privileged to configure the communication channels between tiles.