Evaluation Approach for Efficient Countermeasure Techniques Against Denial-of-Service Attack on MPSoC-Based IoT Using Multi-Criteria Decision-Making

Context: Denial-of-Service Attack countermeasure techniques (DoS A-CTs) evaluation is a Multi-criteria decision-making (MCDM) problem based on different MPSoCs of IoT platform design, performance, and design overhead. Therefore, the Fermatean by fuzzy decision opinion score method (F-FDOSM) for prioritizing the powerful countermeasure technique against Denial-of-Service (DoS) attack is the best approach because it employs the most efficient MCDM ranking technique. Nonetheless, the FDOSM method needs to weight the criteria before being submitted for the ranking process. In order to address this theoretical challenge, the Criteria-importance through inter-criteria correlation (CRITIC) technique can be applied as an effective MCDM weighting technique to offer an explicit weight for a set of criteria with no inconsistency based on the standard deviation, which uses correlation analysis to determine the relevance of each criterion. Objectives: This research proposes a Fermatean-FDOSM framework for evaluating DoS A-CTs in the context of MPSoCs-based IoT and CRITIC techniques to weight the criteria. Methods: The methodology is presented in three phases. Firstly, a proposed countermeasure techniques dataset was collected that included eighteen defense approaches (e.g., Sniffer, SeRA, and RLAN) based on thirteen criteria (e.g., size, power, latency, and effectiveness…etc.). Then, the Decision matrix (DM) was built based on an intersection of the countermeasure techniques as an alternative and MPSoC design and performance criteria. Then, the multi-criteria decision-making methods were integrated. The CRITIC method for criteria weighting was followed by the development of the Fermatean-FDOSM method for ranking. Results: (1) CRITIC weighting shows that MPSoC NoC Routing Algorithm (XY and YX) is the highest weight criterion, whereas latency (clock/cycle) is the less weight criterion. (2) The Fermatean-FDOSM-based group ranking shows that the Collision Point Router Detection (CPRD) countermeasure technique is the first-ranked alternative compared to the Secure Model Checkers (SMCs) approach. (3) The DoS A-CTs priority ranks were subjected to a systematic ranking that was confirmed by solid correlation results throughout thirteen criterion weight values. A comparison with recent studies confirmed the feasibility of the proposed framework. Conclusion: The results of this research are expected to provide a specific understanding and guide for those who want to engage in MPSoCs-based IoT and NoC communication security research with decision theory.


I. INTRODUCTION A. MOTIVATION
The tremendous advancement in computational systems has resulted in the adoption of parallel architectures using Multiprocessors System-On-Chip (MPSoCs). Mainly, the IoT is based on MPSoCs devices that have become more complicated and powerful and thus are linked together through a 5G network [1], [2]. However, due to their extensive use in critical applications and resource sharing, MPSoCs have become prone to hardware and software attacks that might denial the service, physically damage the system, compromise crucial information, or interrupt the running application [3]. Attacks on MPSoCs may perform on either a computational level, i.e., Intellectual property (IP) cores such as processors, memory blocks, I/O peripherals, and so on, or a communication level, i.e., Network-On-Chip (NoC) [4]. This fact also offers an extreme threat to semiconductor suppliers and ultimate MPSoCs customers, including vital applications and cyber infrastructure; given the current circumstances, including military weaponry, mobile communications, aerospace agencies, and medical electronics, it is not only necessary but also challenging to research several defensive approaches and Countermeasure techniques (CTs) in order to mitigate the possible risks to data security presented via what is known as DoS attacks, explicitly Flooding and Distributing Flooding-DoS.

B. CHALLENGES
Because of the growing attention shown by academia and industry, research on DoS A-CTs in the context of MPSoCs-based IoT remains scarce in the literature. The majority of published research articles have concentrated on the MPSoC communication security aspects and several expected Hardware Trojans (HTs) and other malicious circuits that may include in the MPSoC platforms by a disloyal member during the design or fabrication process [5]. Some studies have focused on the MPSoCs communication system routing protocols and routers aspects, highlighting the necessity of the proposed defenses techniques compatible with MPSoC design constraints or investigating the appropriate countermeasure technique for MPSoC in real runtime [6], [7], [8], [9]. We provide a methodology that helps facilitate both design and implementation aspects of selecting powerful countermeasure techniques against DoS attacks in the context of MPSoCs-based IoT.
In general, choosing the suitable criteria to assess the countermeasure technique against DoS A-CTs in the context of MPSoCs-based IoT leads to performance enhancement and robust MPSoC platforms. From this perspective, MCDM methods are beneficial for devising a system for picking the optimal countermeasure technique against DoS attacks in the context of MPSoCs-based IoT. In an MCDM method, many criteria are evaluated, and a total score is given to each alternative depending on the assessment, which is often offered by a group of experts (decision-makers). Moreover, experts must inevitably deal with inadequate and imperfect evidence due to the subjective nature of their decisions. In this way, fuzzy set theory [14] offers valuable tools to aid experts in making the right decision by giving more robust and precise results.

C. CONTRIBUTION
The current study aims to present an integrated CRITIC method with Fermatean-FDOSM for decision-making under uncertainty for weighting and ranking countermeasure techniques of DoS attacks in the context of MPSoCsbased IoT. Briefly, this article's key contributions are as follows: 1) This study fills the gap in evaluating the different approaches of defense against DoS attacks in the context of MPSoCs-based IoT.
2) The detailed analysis proposes a decision matrix for DoS A-CTs includes thirteen criteria and eighteen alternatives.

3) For the first time, this study integrated CRITIC with
Fermatean-FDOSM. 4) For the first time, this study employs the CRITIC method to wight DoS A-CTs criteria. 5) For the first time, this study utilizes the Fermatean-FDOSM method with MPSoCs-based IoT countermeasure techniques decision matrix to find the most efficient countermeasure technique. In addition, this study uses the individual and group approach of ranking to select the most potent countermeasure technique against DoS in the context of MPSoCs.

D. OBJECTIVES
In this article, we intend to achieve the following goals: illustrates MPSoCs with a varied array of Processing elements (PEs) as Intellectual property (IP) cores that provide parallelism and programmability, resulting in power efficiency, powerful processing performance, and more flexibility, leading to reduced communication latencies in huge environments such as IoT cloud edges. Secondly, the typical DoS attack scenario is based on system degradation. The adversary looks to degrade the system performance of either computation or communication. MPSoC-based IoT, adopted from [11].
In a domain like that depicted in FIGURE 1, end users submit their scripts or an application for implementation by MPSoC-powered IoT platforms. Following that, the task scheduler of IoT platform firmware maps an application to the IP cores of the integrated MPSoC on a typical operation. Unfortunately, the client might submit one or more of these applications to launch a DoS attack on the MPSoC Network-On-Chip (NoC).
Furthermore, NoC flooding is the primary frequent DoS attack approach. A malicious program executing on any infected IP core of MPSoC can perform by sending packets to another IP core over the NoC. These extra packets compete for the routers' crossbars in the same communication path and, if successful, prevent the transmission of other packets. The blocked packet has forwarding delays increased, resulting in an overall extra communication delay that time considered unacceptable from the perspective of crucial applications.

2) NOC ROLE IN MPSOC
NoC is the heart of MPSoC. NoC is an expanding technology for the formation of multiprocessor state interconnect patterns. NoC technology is modified to accommodate various multiprocessor needs. NoC gives MPSoC components a way to talk to each other that is reliable, fast, scalable, and uses little power [2], [12], [13], [14]. NoC is an interconnection design that consists of many processing elements linked to one another by routers and regular-sized wires (links). As seen in FIGURE 2, a processing element may be anything from a microprocessor to an Application-specific integrated circuit (ASIC) to a chunk of Intellectual properties (IPs) cores that execute a particular program. However, PEs are referred to as IPs throughout this study.  2 illustrates the typical NoC building blocks. The first NoC main component is an NoC router, a crossbar-based hardware component that switches incoming packets to the output ports of the targeted IP core. NoC router control NoC transmission medium known as links. NoC router connects MPSoC IP cores in a pre-defined methodology called a topology. The source IP injects the packets of data to be received by the destination IP. Typically, NoC routers integrate several components, such as input buffers and a crossbar switch, in addition to the allocator that assigns the priority and schedulable to packets for granting crossbar access. The second NoC component is the Network interface (NI). NI is used to link IP cores to routers. NI executes the communication protocol for managing packing and unpacking data in addition to data injection and ejection from the NoC [15]. NoC connectivity architecture employs a packet-based communication strategy. A request or response (source/destination) model directed to a cache or off-chip memory is separated into packets, which are then converted to flits and injected into the network. A flit is the smallest flow control unit in VOLUME 11, 2023 an NoC. Packets may be made up of one or more flits routed by NoC routers.

3) WHY CHOOSING CRITIC
Diakoulaki suggested the Criteria-importance through intercriteria correlation (CRITIC) as a robust criteria weighting approach [16]. CRITIC is an objective technique for estimating the weight of criteria in a decision-making challenge that includes a degree of conflict and contrast. CRITIC is a correlation approach that uses an analytical computation of a decision matrix to determine the information contained in the criteria used to evaluate alternatives. The CRITIC technique comprises of six steps, and the standard deviation of normalized criterion values by columns, as well as the correlation coefficients of all pairs of columns, are utilized to calculate the criteria contrast [16], [17], [18], [19]. The CRITIC technique stages for extracting the DoS A-CTs DM criterion wights are explained in Section III, of this study.

4) WHY CHOOSING FDOSM
The Fuzzy decision by opinion score method (FDOSM) is one of the recent MCDM approaches introduced in the current studies by Salih [20]. FDOSM proposes a stable and efficient MCDM approach under a fuzzy environment. The FDOSM method has been proposed in order to yield the fewest mathematical operations, define a fair and implicit understandable comparison, stop inconsistency, and cut down on vagueness [20], [21], [22]. The FDOSM method is based on three phases, called (data input, transformation, and processing phase) respectively. FDOSM utilizes individual and group decision-making platforms. FDOSM procedure basis on the principle of ideal solutions and enables the experts (decision makers) to identify and select the best value and compare it with other values based on the same criterion. Consequently, a different mathematical operation should be performed to get the final rank and select the best alternative among a set of available alternatives. FDOSM has already been proven to be quite powerful when combined with fuzzy approaches and conflicting criteria [22], [23], [24], [25], [26], [27], [28].
In this study, we apply the FDOSM MCDM method with Fermatean Fuzzy Set (FFS) within the context of alternative ranking to select the most potent DoS countermeasure technique.

5) WHY WORKING WITH FERMATEAN FUZZY SETS
In Yager developed the theory of Fermatean fuzzy sets (FFSs) [29]. FFSs are a novel extension of Pythagorean fuzzy sets (PyFSs) [30] and Intuitionistic fuzzy sets [31]. Since the total of the cubes of the membership and non-membership degrees of FFSs is in the unit interval, FFSs give a broader viewpoint on fuzzy sets. They allow experts more flexible to express their opinions about membership ratings [32], [33], [34]. In order to manage uncertain information, FFSs are more adaptable and effective than IFSs and PyFSs. As a result, using FFSs to represent decision-making uncertainties when adapting DoS A-CTs DM offers an advanced assessment of the significance of main and sub-criteria, an accurate evaluation of experts' reputations, and an effective assessment of explored alternatives as we used in the current study. FFS-based models have previously been used to resolve MCDM issues in the fields of Cyber Security Technologies, IoT, and Quantum Communication Evaluation [35], [36], [37], [38]. However, there has not been any prior study that offers an FFS-based MCDM model for DoS A-CTs in terms of MPSoCs of IoT.

II. LITERATURE REVIEW
The review of literature is divided into three sections. First, we discuss a number of the current research lines and studies on the MPSoC of IoT DoS attacks, threat models, and DoS countermeasure techniques. The second section focuses on CRITIC and FDOSM methods. The last section focuses on recent Fermatean Fuzzy Sets (FFSs) research.

A. STUDIES ON DOS ATTACKS OF MPSOCS-BASED IOT
Due to the global utilization of embedded systems, MPSoC is commonly used in embedded systems. An efficient and scalable connectivity architecture, NoC allows several cores to communicate with one another inside the MPSoC. In the MPSoC, several tasks run simultaneously on different processors that all connect to the same NoC. As a result, the NoC is now a prime target for threats and security attacks. One of the crucial attacks affecting the MPSoCs platform's performance and buying intention of today's semiconductor industries is a malicious circuit known as a Hardware Trojan (HT), which might infect the NoC and launch a DoS attack. Among the most recent research, Daoud offers a DoS attack model for Hardware HT that works by purposefully deleting packets from the NoC. Dropping packets due to infection earns the infected router another name: Black hole router [1]. Daoud also provides a countermeasure technique as a secure connectivity network. The suggested method can identify and localize the BHR in real-time, then cut it off from the network routing by rerouting the packets around the compromised router [39]. Chaves et al. analyze information to narrow down the attacker's position in the MPSoC, reducing search space by 69%; then, they propose a low-cost approach for detecting interference by upgrading communication packet structure and putting communication degradation monitors in NoC routers [40]. Khalid et al. introduce a general technique to identify runtime intrusions using burst mode communication. Their three-phased approach is behavioral modeling of design specifications and linear temporal logic model checker verification. Secondly, Phase 1 counterexamples are used to introduce runtime monitors. Finally, install and test runtime monitoring. The suggested approach may be utilized to create a runtime monitoring configuration without IP module netlist information [41].
Understanding matching Machine learning (ML) algorithms and approaches as a powerful technique for hardware security attacks detection and localization of malicious IP cores constitute the trend research direction currently followed by DoS attacks and countermeasure techniques in several studies. Sinha et al. present a Sniffer, an effective MIP localization system that leverages a low-overhead machine learning technique to precisely track the attack route and make a consensus conclusion about the location of the MIPs [3]. Charles et al. [42] suggest a system that is both efficient and light on resources, allowing it to identify them as they occur in real-time time. When an attack is detected, their method may additionally pinpoint the location of the offending IP core by analyzing the latency data collected by NoC devices. In addition, Charles et al. developed the proposed system in [42] to be an effective system for detecting and localization Distributed DoS (DDoS) attacks in real-time. They provide a real-time, lightweight approach for detecting DDoS attacks on NoC-based SoCs by analyzing packets for infractions. Using the latency data from the NoC routers after a possible attack has been identified, our method can additionally localize the malicious IPs. During the design phase, apps are statically profiled to discover communication patterns. These patterns are then used for real-time DDoS detection and localizations [43].

B. DOS ATTACKTHREAT MODEL
This section categorizes the DoS attacks in the context of MPSoC-based IoT according to the threat motel. The threat model is a methodology based on pre-identified steps implemented by a system attacker [40]. In general, DoS attacks almost shares the same characteristics regarding threat models in the context of MPSoCs-based IoT except for a few improvements by attackers or system designers in terms of improving their DoS attacks countermeasure techniques against proposed DoS strategies (e.g., DoS and DDoS) attacks. In real runtime, MPSoCs running in the context of IoT can download programs that update the firmware and perform several dynamic applications. Due to executing such operations, system adversaries plan to infect a pre-defined IP core to produce a Malicious IP (MIP) capable of flooding the system with useless packets to degrade the system's performance. Then enables system adversaries to exploit system degradation to accomplish various tasks, such as extracting sensitive data or depriving the system's service. FIGURE 3 depicts the typical DoS attack steps on MPSoCs-based IoT. There are steps to perform the framework of DoS attacks starting by infecting an IP core with malicious software (e.g., Malware or Hardware Trojan) to control the SoC communication infrastructure. The MIP initializes the Packet injection rate (PIR) to neighbor IPs to maintain the connection and calculate the effectiveness of PIR on the system. MIP keeps flooding the system by maintaining the same high rates of PIR until the DoS conditions are satisfied.
There are three DoS attack threat models (1) Packet corruption DoS (2) Flooding DoS (3) Traffic Manipulation DoS, depending on their threat model.

1) PACKET CORRUPTION DOS
It is a DoS attack that may also be caused by continuous packet corruption [44]. For example [45], hardware Trojans interfere with flits arriving at a router's input buffer, causing performance reduction. Dropped packets, waste of NoC resources such as buffer space, response delays, and retransmissions contribute to performance loss. This proposed category of DoS attacks is a result of four different sorts of (a) Hardware trojans, (b) Head Hardware trojans, (c) Tail HT Addresses, and (d) Quan HT.

2) FLOODING DOS
It is a DoS attack that relies on malicious IPs that may cause DoS attacks by flooding the NoC with packets in an attempt to manipulate the availability of on-chip resources. A SoC's performance may rely substantially on only a few parts. An application that makes significant use of memory, for instance, will cause increased traffic on the routers linked to the memory controllers [42], [43] as shown in FIGURE 3.

3) TRAFFIC FLOW MANIPULATION DOS
It is a DoS attack that depends on unfair packet treatment at the NoC router [46]. Once incorporated into the SoC, the Malicious NoC IP (MIP) manipulates traffic to/from a critical Victim IP (VIP). Denying router allocator and arbiter equitable access controls traffic flow. The allocator gives flits crossbar access. Allocator delays packets to/from victim IP to cause DoS. At the arbiter, the Trojan-infected router assigns victim IP flits the least priority.

C. DOS ATTACK COUNTERMEASURE TECHNIQUES
This section classifies DoS attack countermeasure techniques for NoC-based MPSoCs according to the DoS attack threat model as in below:

1) ADDITIONAL CHECK VALIDATION
DoS countermeasure technique based on functional validation; validation methods are often used. For example, Secure Model Checkers, NoC Alert, and NoC Router characteristics to avoid DoS attack on MPSoCs-of IoT are a defence approach proposed in [47], [48], [49], [50], and [51].

2) TRAFFIC FLOW MONITORING
DoS countermeasure technique based on abnormalities of traffic flow monitoring procedure. For example, in articles [42], [43], [52], [53], [54], the DoS attacks proposed are based on injecting additional packets into the network and then examining their latencies. And the countermeasure techniques rely on profiling SoC behaviour in order to detect DoS attacks. The profile is statically identified the time window and the maximum number of packets that should arrive at the NoC router; if it exceeds these limits, it will be flagged as a potential threat.

3) FUZZING AND PARTITIONING
The DoS countermeasure technique is based on making HT task more complicated and difficult. For example, in articles [44], [45], [48], designers proposed a defense approach based on bit-shuffling and SurfNoC architecture methods to mitigate the attack effectiveness. Bit-shuffling makes packets less vulnerable to attack by reordering the packets' crucial bit fields so that the Trojan targets random data rather than the packets' required fields. Frequently, the order of the shuffles will alter. Since the Trojan does not know the reshuffling patterns, it cannot meaningfully target specific fields in an attack. At the same time, the SurfNoC technique enhances security and performance issues by dividing the information carried by the NoC into (domains) and transmitting (waves) of information from each part via the NoC in turn. The concept of waves may be thought of as a temporal division. Because of this, only packets of the same kind may ride the wave without affecting other channels. Consequently, packet latencies are decreased, and attacks aimed at depleting bandwidth or launching denial-of-service attacks are mitigated.

D. STUDIES ON CRITIC
There are several uses of the CRITIC approach in recent studies. Bertozzi and Benini [13] used the combinative distancebased assessment method coupled with CRITIC to investigate the end-milling operation of AISI 1522H steel grade under minimum-quantity lubrication conditions. Wolf et al. [14] employed the CRITIC technique to provide a trust evaluation method for service composition in cloud manufacturing. Ali et al. [10] presented a stakeholder assessment based on the qualities that stakeholders possessed, mainly relying on the evaluation of attribute weights utilizing the CRITIC technique to resolve any potential link between the attributes in estimating their weight. Zhou et al. [15] analyzed the effectiveness of delta-shaped barriers in a solar water heating system using CRITIC. The complex proportional assessment technique was used to identify the best design option. Diakoulaki et al. [16] established a thorough evaluation strategy to assess and rank the energy sources using statistical data and the CRITIC technique to weigh qualities. In Gaur et al. [17] used CRITIC to determine the relative importance of the multidimensional values to estimate the architectural heritage value for its management. In addition, Silvius and Schipper [18] utilized the hybrid criteria significance through CRITIC and multiplicative exponent weighting optimization techniques to choose the best brake friction formulation that achieves the highest performance standards. Stević et al. [19] suggested a solution to address the double normalizationbased multiple aggregation approach of linguistic D numbers using the CRITIC technique.
In our study, it is a significant contribution given that, to the best of our knowledge, this is the first time the CRITIC approach was utilized for weighting DoS A-CTs DM criteria.

E. STUDIES ON FDOSM
The FDOSM is a novel MCDM method for ranking the alternatives [20]. FDOSM was proposed recently by Salih, and several notable articles have been dedicated and implemented as a valid alternative to MCDM techniques, resulting in practical applications in different research areas. FDOSM has already been applied to evaluate the sign language system of recognition-based data glove wearable electronic devices in using an Interval-Valued Pythagorean Fuzzy Set with FDOSM as IVP-FDOSM with an assistance of a panel of three experts [23]. In particular, an increasing number of articles deal with applications of FDOSM for efficient (COVID-19) vaccine distribution and related aspects. Among others, [21], [27], [28] utilize FDOSM with FWZIC + q-Rung Orthopair Fuzzy and Pythagorean Fuzzy, respectively, to either prioritize the vaccine recipients or assess the vaccine doses distribution also with the help of three experts panel. In addition, Mahmoud et al. proposed a model using the Intuitionistic FDOSM method to evaluate the data equation system types for supporting the designers and industries of auto-drive vehicles with the help of three experts [25]. Moreover, Mahmood et al. proposed a benchmarking framework for evaluating network congestion control methods of active queue management approach using FDOSM with interval type-2 trapezoidal fuzzy decision with the support of six experts. Furthermore, Alamoodi et al. developed a benchmarking model for innovative electronic-tourism applications using FDOSM with fuzzy weighted with zero inconsistency method and supported the opinion of eleven expert panels [24].

F. STUDIES ON FFSs
Zadeh laid the basis of the Fuzzy Set (FS) theory in [55]. FS is presented to employ language concepts and degrees of membership in decision-making methods to deal with the ambiguity and imprecision that are a part of human judgment. A class of items with gradations of membership is known as an FS. These rankings show a particular element's stability inside an FS [56]. However, increasing MCDM approaches and methods have introduced what are called Fermatean Fuzzy Sets (FFSs) [57] that can manage uncertain information more readily throughout the decision-making to assess the DoS A-CTs in the current study.  FFSs have five general definitions [29], as in below:

1) DEFINITION 1
The non-empty set (X) is defined as the intuitionistic fuzzy sets with objects in the form of: where α A (x) :X → [0, 1] and β A (x) :X → [0, 1], depicts the degree of membership and non-membership of each element x ∈ X to the set (A) individually, as well as (0 ≤ α A (x) + β A (x) ≤ 1) for all (x ∈ X ). Explicitly, the set (A) becomes a fuzzy set when β A (x) = 1−α A (x) for every (x∈X ).

4) DEFINITION 4
Let FFsĀ = (α A + β A ) expresses the FFs complement; then the complement can be defined as:

5) DEFINITION 5
As mentioned in definition 3, the score Equation (7) of FFs has defined assuming FFs isĀ = (α A , β A ) where the value of (SÄ) should be withing the range of (-1 to 1). Equation (9) shows the positive score function

III. METHODOLOGY
This section contains a comprehensive overview of the suggested methodology. This methodology aims to achieve an MPSoCs-based IoT DoS A-CTs evaluation framework depending on the utilized CRITIC and Fermatean-FDOSM methods. The first phase of this methodology is detailed in Section A, which describes the DoS A-CTs DM construction and definition process. Afterward, Section B shows the CRITIC objective weighting method of the DoS A-CTs DM phase. Finally, Section C presents the ranking process by using the Fermatean-FDOSM method to the alternatives of DM mentioned in Phase 1 and using criteria weights resulting in Phase 2. The evaluation framework of DoS A-CTs using CRITIC and Fermatean-FDOSM is illustrated in FIGURE 4. Methodology phases.

A. PHASE 1: DM BUILD AND DEFINITION
In this phase, the DM in was used to evaluate DoS attack Countermeasure techniques based on their Design Metrics, Performance Metrics, Design Overhead, and Security Metrics as criteria and defenses methods as an alternative were discussed. The standard selection of mentioned aspects was conducted according to a comprehensive investigation of the prior studies mentioned in Section II. Authors in the previous studies pay more attention to the design metrics of MPSoC when they propose a new defense approach against DoS attacks in MPSoC. Also, they check the platform performance metrics by applying different applications, task mapping, and comparing the results before/after implementing the defense approach. In addition, there are high constraints on the additional costs resulting from applying such countermeasure techniques, which refers to design overhead. Furthermore, the methodology and threat models followed by an adversary to compromise NoC-based MPSoC platforms to implement the DoS attack are the security metrics of platform vulnerabilities in order to implement the DoS attack. Consequently, the mentioned aspects are considered vital and should be available in any countermeasure technique against a DoS attack in MPSoC to be eligible for the MCDM evaluation process.

1) DESIGN METRICS
Topology. An interconnection scheme used by System-on-Chip designers to localize IP cores of MPSoC platform in an array form with rows and columns denotes by (m×n) (e.g., 2 × 2 and 4 × 4) using NoC links and routers for communication purposes [68], [69]. Routing Algorithm. An NoC communication approach governs the data routing between source and destination IP cores. The routing algorithm plays a significant role in NoC operations used by NoC routers to determine the routing decisions [70]. Most routing algorithms implemented in NoCbased MPSoC are involved in DoS attack scenarios testing deterministic routing algorithms (XY or YX) just because it is common in implementation (simple) and strong to avoid NoC deadlock scenarios.
Location of Implementation. Pre-defined strategy to identify the implementation location (e.g., NoC router or NoC network interface) of countermeasures technique during chip design according to the predicted or proposed DoS threat model or attack scenario as in [45], [54], and [71].

Latency (cycles).
A transport latency is the period of time between when a message header is sent into the network at the source node and when a tail flit is received at the destination node. This time is measured by cycles [72]. Frequency (MHz). The clock rate of operating frequency utilized by MPSoC-based IoT IP cores. In order to achieve the highly MPSoC-based IoT security levels during realtime task scheduling, designers assign an operating frequency rate measured by Hertz (e.g., MHz) to enhance the MPSoC resources operating frequency [73].
Area (µm 2 ) and Power (mW). Both area and power are vital performance metrics for NoC-based MPSoC. The area cost represents the required occupied area for the current buffer design according to the utilized technology. For example, Compromise-NoC (C-NoC) was designed based on (4917 µm 2 ) as a baseline chip before implementing Fort-NoC as a defense approach against DoS attack [74]. In terms of power, it represents the amount of consumed power due to the typical functional operations of NoC-based MPSoC (the communication among MPSoC IP cores). However, NoC suffers significantly from power consumption induced by switching operations and power leakage of the resources, NoC routers in particular [75].

Area and Power Overhead (%).
Additional cost of an area and power consumption rate due to implementing a countermeasure technique against DoS attack from the perspective of chip design. For example, Run-time Latency Auditor for NoCs (RLAN) costs (12.73%) for the area and (9.844%) for power overhead, respectively [76].
Overhead. A scale with three-step (low, average, and high) in comparison to the default MPSoC design overhead without any proposed security (default architecture) [77], [78].

Area and Power Overhead (%).
Additional cost of an area and power consumption rate due to implementing a countermeasure technique against DoS attack from the perspective of chip design. For example, Run-time Latency Auditor for NoCs (RLAN) costs (12.73%) for the area and (9.844%) for power overhead, respectively [76].
Overhead. A scale with three-step (low, average, and high) in comparison to the default MPSoC design overhead without any proposed security (default architecture) [77], [78].

5) SECURITY METRICS
Technique Effectiveness. The security guarantees against DoS attacks are rated on a sliding scale from low (very low) to moderate (average) to high (very high) [79].
Evaluation. Three security metrics to evaluate the proposed security approach against DoS attack called:

1) Collision Point: it is a vital security metric from
the perspective of a DoS attacker, where at this point, the DoS attack traffic is involved in the sensitive NoC communication path to collide with normal traffic [80]. 2) Information Leakage: it is a security metric to evaluate an MPSoC security vulnerability that enables the DoS attacker from leaking confidential information stored in the memory locations to the external world using malicious circuits like Hardware Trojan [81].

3) Probability of Detection: it is the ratio of how many
Trojans the technique finds to how many Trojans are in the design as a whole [82]. Localization. Is a security metric based on the Malicious IP (MIP) core location, where the most significant network latency and prior DoS suspect reports determine it.
Their solution is less efficient for altering network circumstances since it is based on an experimentally determined threshold [3].

6) DM ALTERNATIVES
Sniffer: is a DoS A-CT based on ML approach to detect and localize malicious IP core [71].
SeRA: Secure Router Architecture: is a DoS A-CT based on discarding or masking infected NoC buffers model to avoid NoC DoS attack [49].
Verification Flow: is a DoS A-CT based on unbounded checking framework to monitor NoC system behaviour to avoid NoC DoS attacks [51].
SMCs: Secure Model Checkers and Switch-to-Switch, are a DoS A-CT based on functionality correctness and control VOLUME 11, 2023  logic verification methods to detect Hardware Trojan (HT) in MPSoC platforms [83].
Runtime Latency Auditor for NoCs: is a DoS A-CT based on NoC system behavioral monitoring to give an indicate regarding the malicious Rouge NoC third-party IPs insertion scenarios to avoid DoS attack [46]. DPU: Data Protection Unit is DoS A-CT based on memory access filtering to the memory access requests during realtime running scenarios to avoid DoS attacks [84].
Runtime-monitor, Restart-monitor, Intermediate manager, and Auditor: are DoS A-CT based on monitoring methodologies to the routing tables for different NoC router architectures with the aim of detecting DoS attacks [85].
CPDD and CPRD: Collision Point Direction Detection and Collision Point Router Detection: are DoS A-CT based on attacker's packets collied with regular NoC traffic during real-runtime as well as monitor router architectures in order to extend the report of the malicious traffic direction to mitigate and avoid DoS attack [11].
L.W. DDoS Detection: Light-weight DoS Detection, is a DoS A-CT based on NoC traffic monitoring and flagging to detect and localize MIP core to avoid distributed DoS attack [86].

L.W. DoS Detection:
Light-weight DoS Detection, is a DoS A-CT based on NoC traffic monitoring and flagging to detect and localize MIP core to avoid DoS attack [87].
SurfNoC: is a DoS A-CT based on NoC latency-reducing methodology to prevent communicating domains from interfering and time division multiplexing (Surf-Scheduling), then prevent communication overhead to avoid DoS attack [88].
Bit Shuffling: is a DoS A-CT based on the bit-shuffling method to mitigate HT effect on NoC system and keep the interactive performance of MPSoC, then mitigate the impact of the DoS attack [44].
Hardened NoC: is a DoS A-CT based on NoC flit integrity check model to ensure and check the potential HT insertion to the NoC system in the design house or third-party system in the integration company to mitigate DoS attack probability [44].
Threat Detector and L.O: Threat Detector and Link Obfuscation, are a DoS A-CT based on a heuristic fault injection detection model to detect HT infect NoC links and L.O. for HT affects mitigation based on switch-to-switch and bit shuffling techniques in order to avoid NoC communication system degradation then avoid DoS attack [87].

B. PHASE 2: CRITERIA WEIGHTING
Phase 2 presents the criteria weighting process of the DM using criteria importance through the inter-criteria correlation (CRITIC) technique, as displayed in FIGURE 4. In order to weight the DM criteria that shown in TABLE 2, there are six stages of the CRITIC technique should be applying [89], as in below: Using Equation (11) and ranges between (0 and 1), the DM will normalize to prevent numerical fluctuations of the output values.d (11) whered ij denotes the normalized value of i th alternative of j th criterion. And d best j , d worst j denotes the best and worst values of j th criterion.

3) STAGE 3: CONTRAST INTENSITY DETERMINATION
The intensity of the contrast can be determined using the standard deviation of normalized criterion values in the columns d j . The estimation of the standard deviation of each criterion can be obtained by using Equation (12).
whered j is the average output value of j th criterion and (m) represent the number of experiments.

4) STAGE 4: SYMMETRIC MATRIX CONSTRUCTION
In this stage, a symmetric matrix (m × n) will build involving a term r jk to express correlation coefficients such as the criteria's correlation coefficient as in Equation (12).

5) STAGE 5: CRITERION INFORMATION PRODUCTION
This stage depicts the results of Equation (12) as well as Equation (13) and for specifying the criterion information (C j ). As in Equation (14).

6) STAGE 6: WEIGHT CALCULATION
This stage shows the weight of individual outputs using criterion information and a normalizing approach, as shown in Equation (15).

C. PHASE 3: ALTERNATIVES RANKING
This phase explains the stages of Fermatean-FDOSM used in DoS A-CTs DM ranking, as shown in FIGURE 4. We can summarize the procedure of the Fermatean-FDOSM ranking method in three stages as below: This stage includes the following steps: 1) Select the ideal solution among criteria in the form of a 'min, max, critical' range using Equation (16).
Fundamentally, (max) refers to the ideal value with the benefit of criteria, (min) refers to the ideal solution, the criteria cost, finally (Op jj ) is the critical value, while the ideal value falls between (max) and (min). and other values per criterion to produce the expert's opinion matrix with linguistic terms. 4) Transform the expert's opinion matrix to the equivalent numerical matrix using the linguistic Likert scale. The Likert scale suggests that the DoS A-CTs criteria vary in the level of importance that should be assigned to the expert. The aim of using linguistic terms is to determine the level of importance of the criteria assessment procedure. There are five levels of importance from ('NoDifference to HugeDifference') as in below Equation (17) and TABLE 3. where ⊗ refers to the establishment comparison between ideal solution and alternatives [20]. 5) Adopt the opinion matrix that is based on expert opinion, as shown in FIGURE 4, then get the final output of this stage just as transformed to the fuzzy opinion matrix using Fermatean Fuzzy Set (FFS) as below: where the term (Op Lang ) represent the expert's (decision maker) opinion.

3) STAGE 3: DATA PROCESSING
1) This stage represents the final stage for fuzzy decision matrix ranking, as shown in FIGURE 4. 2) There are two approaches for ranking based on individual and group experts' opinions [20]. Individual decision-making is an approach based on expert opinion to select the best alternative among the others. Group decision-making is an approach based on aggregating the result of multiple decisions from different experts into a unique decision and be calculated using Equation (18) wherex refers to the arithmetic mean.
3) The final rank and score achievement by the defuzzification process for alternatives occurred based on DEF-INITION 3 and DEFINITION 5, in addition to use  Equation (6) and Equation (9) where the best alternative (countermeasure technique) is associated with a high score.

IV. DISCUSSION AND RESULTS
This section exhibits the evaluation and classification results of DoS A-CTs to improve security in the context of MPSoCsbased IoT platforms. This section is separated into three 100 VOLUME 11, 2023 This section presents the DoS A-CTs DM criteria weighting results using CRITIC method as developed in Section III. As we mentioned, the CRITIC approach has six steps to be applied to compute the DM criteria weights. The obtained weights after applying Equation (11) to normalize the DM into the interval of (0 to 1) then using Equation (12) to determine the intensity of the contrast using the standard deviation of normalized criterion values. Moreover, Equation (13) was VOLUME 11, 2023 FIGURE 6. Graph of group decision-making ranking.
utilized after obtaining a symmetric matrix to express the criteria's correlation coefficient. Furthermore, Equation (14) and Equation (15) were used for criterion information production and weight calculation for every thirteen criteria, respectively. Both TABLE 4 and FIGURE 5 are depicts weighting results, which indicate the vital (significant) variation of thirteen criteria of DoS A-CTs based on the CRITIC technique. The NoC routing algorithm received the highest weight as the first vital criterion, followed by the technique effectiveness as a security metric to evaluate a DoS attacks on MPSoCs-based IoT platforms as a second vital criterion. the size, power, NoC architecture overhead, and localization have received the same importance as the lowest importance criteria.
Consequently, the NoC area and latency received the lowest weight as an important criterion. Besides, the size, power, NoC architecture overhead, and localization have received the same importance as the lowest importance criteria. The final evaluation results can be obtained by using the Fermatean-FDOSM method as described in the next section; realistically, in order, these CRITIC weight values must be feed to Fermatean-FDOSM to calculate the final rank of the eighteen DoS A-CTs.

B. ALTERNATIVES RANKING RESULTS
The results and discussion in this section relate to evaluating the DoS A-CTs based on Fermatean-FDOSM individual and group of experts' opinions. Each expert records his opinion using the data of DM in (TABLE 2), to determine the ideal solution of each criterion, then apply Equation (16) and Equation (17) to compare the ideal solution with other values per criterion or each alternative using linguist terms. Using the Likert five scale approach, the three experts presented the opinion matrix as illustrated in TABLE 5.
The resulting three experts' opinion matrices will be converted to a fuzzy opinion matrix using the Fermatean fuzzy set (FFS) by applying Equation (2). In order to aggregate the FFS values of each alterative, there are two approaches, as mentioned in Section III: 1) Individual decision-making can be calculated using Equation (4) and Equation (5), and the results are shown in TABLE 6. The first rank 2) From the perspective of the first expert is given to 'Light Weight DoS Detection' countermeasure technique, while the first rank from the second expert point of view is for 'Intermediate Manager' countermeasure technique, whereas the third expert has appointed 'Collision Point Router Detection' is the first ranked countermeasure technique. From what aforementioned, there was a verity regarding individual decision-making approach results. To reach the fair consensus using a group decision-making approach, the three experts were able to come to a mutual agreement, and their findings are summarized in TABLE 7. 3) Group decision-making can be calculated using Equation (18), and the results are shown in TABLE 7. The 'Collision Point Router Detection (A12)' countermeasure technique is earned the first rank (rank 1) as the best defense against MPSoC-based IoT DoS attacks.

V. VALIDATION
The group decision-making approach prioritization results of DoS A-CTs were used to prove that the Fermatean FDOSM outputs were correct. This method has been used by researchers to prove that their results are correct [90], [91]. For numerical verification, the group decision-making of DoS A-CTs with each design and security metrics were put into different groups. The number of groups or CTs in each group did not change the validation results. To verify the group decision-making prioritizing results, the following steps were taken: (1) combining the opinion matrices by adding up each one; (2) sorting a DoS A-CTs based on the group decision-making results in the combined opinion matrix; (3) dividing the sorted CTs into six equal groups; and (4) using Equation (18) to find the arithmetic mean (x) for each group across all eighteen CTs as displayed in TABLE 8. The six groups' ranking results were systematically allocated between the countermeasure techniques of DoS attack categories. TABLE 8 shows that the mean value of the 1 st Group followed by 2 nd Group and so on for the other groups. Thus, the suggested Fermatean-FDOSM that utilized is valid and ranked the groups systematically.

VI. CONCLUSION
The evaluation of the DoS A-CTs in terms of MPSoCsbased IoT, which is based on the new MCDM method called Fermatean-FDOSM, was conducted. The methodology of this study included three phases, as illustrated in FIGURE 4. The first phase is DoS A-CTs decision matrix construction. The second phase consists of six steps of DM criteria weighting using the CRITIC method, and the third phase includes the steps of DM alternative ranking using the Fermatean-FDOSM method. The main contribution of this study is the proposed evaluation framework to tackle the challenge of selecting the most potent countermeasure technique against DoS attacks in terms of MPSoCs-based IoT. The validation of evaluation results is performed utilizing an arithmetic mean statistical approach.