CAPSL: A Tool for Automatic Generation of Hardware Sandboxes for IP Security

Abstract

We propose a design flow for automatic generation of hardware sandboxes. Our tool, the Component Authentication Process for Sandboxed Layouts (CAPSL), generates sandboxes capable of detecting trojan activation and nullifying potential damage to a system at run-time. Our approach captures the behavioral properties of non-trusted IPs with formal models that are translated to checker automata and implemented within a untrusted partition of the system to isolate sandbox-system interactions upon deviation from the behavioral checkers.