Xingyu Meng, Mahmudul Hasan, K. Basu, Tamzidul Hoque
{"title":"用于分析COTS集成系统中秘密资产传播的半形式化信息流验证","authors":"Xingyu Meng, Mahmudul Hasan, K. Basu, Tamzidul Hoque","doi":"10.1145/3526241.3530328","DOIUrl":null,"url":null,"abstract":"Integration of off-the-shelf components from commercial sources during system design provides a drastic reduction of product cost and development time. It also allows faster adoption of new technologies without the risks associated with research and development. Therefore, commercial off-the-shelf (COTS) components can be found in a wide range of applications, including military, aerospace, etc. However, any untrusted vendors could include hidden malicious hardware to compromise the functionality of the system or leak secret information through COTS integrated circuits (ICs). Existing trust-verification solutions are generally inapplicable for COTS hardware due to the absence of golden models for analysis. In this paper, we propose a semi-formal validation technique to protect the secret assets in a system that integrates COTS IC. Our framework identifies the paths that could propagate secret assets to surrounding COTS ICs in the system by analyzing the IC design. Our experimental results on a significantly large microprocessor core demonstrate that the proposed approach is effective in determining information flow violations within a short time and provides greater coverage and accurate identification.","PeriodicalId":188228,"journal":{"name":"Proceedings of the Great Lakes Symposium on VLSI 2022","volume":"87 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Semi-formal Information Flow Validation for Analyzing Secret Asset Propagation in COTS IC Integrated Systems\",\"authors\":\"Xingyu Meng, Mahmudul Hasan, K. Basu, Tamzidul Hoque\",\"doi\":\"10.1145/3526241.3530328\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Integration of off-the-shelf components from commercial sources during system design provides a drastic reduction of product cost and development time. It also allows faster adoption of new technologies without the risks associated with research and development. Therefore, commercial off-the-shelf (COTS) components can be found in a wide range of applications, including military, aerospace, etc. However, any untrusted vendors could include hidden malicious hardware to compromise the functionality of the system or leak secret information through COTS integrated circuits (ICs). Existing trust-verification solutions are generally inapplicable for COTS hardware due to the absence of golden models for analysis. In this paper, we propose a semi-formal validation technique to protect the secret assets in a system that integrates COTS IC. Our framework identifies the paths that could propagate secret assets to surrounding COTS ICs in the system by analyzing the IC design. Our experimental results on a significantly large microprocessor core demonstrate that the proposed approach is effective in determining information flow violations within a short time and provides greater coverage and accurate identification.\",\"PeriodicalId\":188228,\"journal\":{\"name\":\"Proceedings of the Great Lakes Symposium on VLSI 2022\",\"volume\":\"87 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-06-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Great Lakes Symposium on VLSI 2022\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3526241.3530328\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Great Lakes Symposium on VLSI 2022","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3526241.3530328","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Semi-formal Information Flow Validation for Analyzing Secret Asset Propagation in COTS IC Integrated Systems
Integration of off-the-shelf components from commercial sources during system design provides a drastic reduction of product cost and development time. It also allows faster adoption of new technologies without the risks associated with research and development. Therefore, commercial off-the-shelf (COTS) components can be found in a wide range of applications, including military, aerospace, etc. However, any untrusted vendors could include hidden malicious hardware to compromise the functionality of the system or leak secret information through COTS integrated circuits (ICs). Existing trust-verification solutions are generally inapplicable for COTS hardware due to the absence of golden models for analysis. In this paper, we propose a semi-formal validation technique to protect the secret assets in a system that integrates COTS IC. Our framework identifies the paths that could propagate secret assets to surrounding COTS ICs in the system by analyzing the IC design. Our experimental results on a significantly large microprocessor core demonstrate that the proposed approach is effective in determining information flow violations within a short time and provides greater coverage and accurate identification.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
