Tutorial T2: Validation and Debug of Security and Trust Issues in Embedded Systems

Abstract

Summary form only given. Reusable hardware intellectual property (IP) based System-on-Chip (SoC) design has emerged as a pervasive design practice in the industry to dramatically reduce design/verification cost while meeting aggressive time-to-market constraints. However, growing reliance on reusable pre-verified hardware IPs and wide array of CAD tools during SoC design - often gathered from untrusted 3rd party vendors - severely affects the security and trustworthiness of SoC computing platforms. Major security issues in the hardware IPs at different stages of SoC life cycle include piracy during IP evaluation, reverse engineering, cloning, counterfeiting, as well as malicious hardware modifications. The global electronic piracy market is growing rapidly and is now estimated to be $1B/day, of which a significant part is related to hardware IPs. Furthermore, use of untrusted foundry in a fabless business model greatly aggravates the SoC security threats by introducing vulnerability of malicious modifications or piracy during SoC fabrication. Due to ever-growing computing demands, modern SoCs tend to include many heterogeneous processing cores, scalable communication network, together with reconfigurable cores e.g. embedded FPGA in order to incorporate logic that is likely to change as standards and requirements evolve. Such design practices greatly increase the number of untrusted components in the SoC design flow and make the overall system security a pressing concern. There is a critical need to analyze the SoC security issues and attack models due to involvement of multiple untrusted entities in SoC design cycle - IP vendors, CAD tool developers, and foundries - and develop low-cost effective countermeasures. These countermeasures would encompass encryption, obfuscation, watermarking and fingerprinting, and certain analytic methods derived from the behavioral aspects of SoC to enable trusted operation with untrusted components. In this tutorial, we plan to provide a comprehensive coverage of both fundamental concepts and recent advances in validation of security and trust of hardware IPs. The tutorial also covers the security and debug trade-offs in modern SoCs e.g., more observability is beneficial for debug whereas limited observability is better for security. It examines the state-of-the-art in research in this challenging area as well as industrial practice, and points to important gaps that need to be filled in order to develop a validation and debug flow for secure SoC systems. The tutorial presenters (one industry expert and two faculty members) will be able to provide unique perspectives on both academic research and industrial practices. The selection of topics covers a broad spectrum and will be of interest to a wide audience including design, validation, security, and debug engineers. The proposed tutorial consists of five parts. The first part introduces security vulnerabilities and various challenges associated with trust validation for hardware IPs. Part II covers various security attacks and countermeasures. Part III covers both formal methods and simulation-based approaches for security and trust validation. Part IV presents the conflicting requirements between security and debug during SoC development and ways to address them. Part V covers real-life examples of security failures and successful countermeasures in industry. Finally, Part VI concludes this tutorial with discussion on emerging issues and future directions.