{"title":"基于符号执行的硬件知识产权详尽信息流安全","authors":"Farhaan Fowze, Muhtadi Choudhury, Domenic Forte","doi":"10.1109/AsianHOST56390.2022.10022071","DOIUrl":null,"url":null,"abstract":"Hardware IPs are assumed to be roots-of-trust in complex SoCs. However, their design and security verification are still heavily dependent on manual expertise. Extensive research in this domain has shown that even cryptographic modules may lack information flow security, making them susceptible to remote attacks. Further, when an SoC is in the hands of the attacker, physical attacks such as fault injection are possible. This paper introduces EISec, a novel tool utilizing symbolic execution for exhaustive analysis of hardware IPs. EISec operates at the pre-silicon stage on the gate level netlist of a design. It detects information flow security violations and generates the exhaustive set of control sequences that reproduces them. We further expand its capabilities to quantify the confusion and diffusion present in cryptographic modules and to analyze an FSM's susceptibility to fault injection attacks. The proposed methodology efficiently explores the complete input space of designs utilizing symbolic execution. In short, EISec is a holistic security analysis tool to help hardware designers capture security violations early on and mitigate them by reporting their triggers.","PeriodicalId":207435,"journal":{"name":"2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"EISec: Exhaustive Information Flow Security of Hardware Intellectual Property Utilizing Symbolic Execution\",\"authors\":\"Farhaan Fowze, Muhtadi Choudhury, Domenic Forte\",\"doi\":\"10.1109/AsianHOST56390.2022.10022071\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Hardware IPs are assumed to be roots-of-trust in complex SoCs. However, their design and security verification are still heavily dependent on manual expertise. Extensive research in this domain has shown that even cryptographic modules may lack information flow security, making them susceptible to remote attacks. Further, when an SoC is in the hands of the attacker, physical attacks such as fault injection are possible. This paper introduces EISec, a novel tool utilizing symbolic execution for exhaustive analysis of hardware IPs. EISec operates at the pre-silicon stage on the gate level netlist of a design. It detects information flow security violations and generates the exhaustive set of control sequences that reproduces them. We further expand its capabilities to quantify the confusion and diffusion present in cryptographic modules and to analyze an FSM's susceptibility to fault injection attacks. The proposed methodology efficiently explores the complete input space of designs utilizing symbolic execution. In short, EISec is a holistic security analysis tool to help hardware designers capture security violations early on and mitigate them by reporting their triggers.\",\"PeriodicalId\":207435,\"journal\":{\"name\":\"2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AsianHOST56390.2022.10022071\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AsianHOST56390.2022.10022071","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
EISec: Exhaustive Information Flow Security of Hardware Intellectual Property Utilizing Symbolic Execution
Hardware IPs are assumed to be roots-of-trust in complex SoCs. However, their design and security verification are still heavily dependent on manual expertise. Extensive research in this domain has shown that even cryptographic modules may lack information flow security, making them susceptible to remote attacks. Further, when an SoC is in the hands of the attacker, physical attacks such as fault injection are possible. This paper introduces EISec, a novel tool utilizing symbolic execution for exhaustive analysis of hardware IPs. EISec operates at the pre-silicon stage on the gate level netlist of a design. It detects information flow security violations and generates the exhaustive set of control sequences that reproduces them. We further expand its capabilities to quantify the confusion and diffusion present in cryptographic modules and to analyze an FSM's susceptibility to fault injection attacks. The proposed methodology efficiently explores the complete input space of designs utilizing symbolic execution. In short, EISec is a holistic security analysis tool to help hardware designers capture security violations early on and mitigate them by reporting their triggers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
