Efficient Methods for SoC Trust Validation Using Information Flow Verification

2021 IEEE 39th International Conference on Computer Design (ICCD) Pub Date : 2021-10-01 DOI:10.1109/ICCD53106.2021.00098

Khitam M. Alatoun, Shanmukha Murali Achyutha, R. Vemuri

{"title":"Efficient Methods for SoC Trust Validation Using Information Flow Verification","authors":"Khitam M. Alatoun, Shanmukha Murali Achyutha, R. Vemuri","doi":"10.1109/ICCD53106.2021.00098","DOIUrl":null,"url":null,"abstract":"Information flow properties are essential to identify security vulnerabilities in System-on-Chip (SoC) designs. Verifying information flow properties, such as integrity and confidentiality, is challenging as these properties cannot be handled using traditional assertion-based verification techniques. This paper proposes two novel approaches, a universal method and a property-driven method, to verify and monitor information flow properties. Both methods can be used for formal verification, dynamic verification during simulation, post-fabrication validation, and run-time monitoring. The universal method expedites implementing the information flow model and has less complexity than the most recently published technique. The property-driven method reduces the overhead of the security model, which helps speed up the verification process and create an efficient run-time hardware monitor. More than 20 information flow properties from 5 different designs were verified and several bugs were identified. We show that the method is scalable for large systems by applying it to an SoC design based on an OpenRISC-1200 processor.","PeriodicalId":154014,"journal":{"name":"2021 IEEE 39th International Conference on Computer Design (ICCD)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 39th International Conference on Computer Design (ICCD)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCD53106.2021.00098","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Information flow properties are essential to identify security vulnerabilities in System-on-Chip (SoC) designs. Verifying information flow properties, such as integrity and confidentiality, is challenging as these properties cannot be handled using traditional assertion-based verification techniques. This paper proposes two novel approaches, a universal method and a property-driven method, to verify and monitor information flow properties. Both methods can be used for formal verification, dynamic verification during simulation, post-fabrication validation, and run-time monitoring. The universal method expedites implementing the information flow model and has less complexity than the most recently published technique. The property-driven method reduces the overhead of the security model, which helps speed up the verification process and create an efficient run-time hardware monitor. More than 20 information flow properties from 5 different designs were verified and several bugs were identified. We show that the method is scalable for large systems by applying it to an SoC design based on an OpenRISC-1200 processor.

查看原文本刊更多论文

基于信息流验证的SoC信任验证方法

信息流属性对于识别片上系统(SoC)设计中的安全漏洞至关重要。验证信息流属性(如完整性和机密性)具有挑战性，因为这些属性不能使用传统的基于断言的验证技术来处理。本文提出了两种验证和监控信息流属性的新方法:通用方法和属性驱动方法。这两种方法都可以用于形式验证、仿真过程中的动态验证、制造后验证和运行时监控。通用方法加快了信息流模型的实现速度，并且比最新发表的技术具有更低的复杂性。属性驱动的方法减少了安全模型的开销，这有助于加快验证过程并创建高效的运行时硬件监视器。验证了来自5种不同设计的20多个信息流属性，并发现了几个错误。我们通过将该方法应用于基于OpenRISC-1200处理器的SoC设计，证明该方法可扩展到大型系统。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2021 IEEE 39th International Conference on Computer Design (ICCD)

自引率

0.00%

发文量