Paper 2019/182

Security is an Architectural Design Constraint

Prasanna Ravi, Sourav Sen Gupta, Anupam Chattopadhyay, Mustafa Khairallah, Zakaria Najm, and Shivam Bhasin


In state-of-the-art design paradigm, time, space and power efficiency are considered the primary design constraints. Quite often, this approach adversely impacts the security of the overall system, especially when security is adopted as a countermeasure after some vulnerability is identified. In this position paper, we motivate the idea that security should also be considered as an architectural design constraint in addition to time, space and power. We show that security and efficiency objectives along the three design axes of time, space and power are in fact tightly coupled while identifying that security stands in direct contrast with them across all layers of architectural design. We attempt to prove our case utilizing a proof-by-evidence approach wherein we refer to various works across literature that explicitly imply the eternal conflict between security and efficiency. Thus, security has to be treated as a design constraint from the very beginning. Additionally, we advocate a security-aware design flow starting from the choice of cryptographic primitives, protocols and system design.

Note: This paper has been accepted at the Journal of Microprocessors and Microsystems, but not yet published.

Available format(s)
Publication info
Preprint. MINOR revision.
Digital systemsdesign constraintssecurity-efficiency trade-offsecurity-aware design
Contact author(s)
PRASANNA RAVI @ ntu edu sg
2019-02-26: received
Short URL
Creative Commons Attribution


      author = {Prasanna Ravi and Sourav Sen Gupta and Anupam Chattopadhyay and Mustafa Khairallah and Zakaria Najm and Shivam Bhasin},
      title = {Security is an Architectural Design Constraint},
      howpublished = {Cryptology ePrint Archive, Paper 2019/182},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.