Hyperfuzzing for SoC security validation

Muduli, Sujit Kumar; Takhar, Gourav; Subramanyan, Pramod

doi:10.1145/3400302.3415709

Cited by 21 publications

(1 citation statement)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There exists a plethora of works [15,53,60] that have improved the performance of greybox fuzzing by augmenting various program analysis techniques. Fuzz testing has recently been explored for testing RTL designs [12,33,47,65], although not much used to test SystemC designs. In [36] Le et al has proposed a fuzzing-based framework, AFL-SHT, for test generation to detect hardware trojans in high level SystemC designs.…”

Section: Greybox Fuzzingmentioning

confidence: 99%

GreyConE: Greybox Fuzzing + Concolic Execution Guided Test Generation for High Level Designs

Debnath

Chowdhury

Saha

et al. 2022

2022 IEEE International Test Conference (ITC)

View full text Add to dashboard Cite

High-Level Synthesis (HLS) has transformed the development of complex Hardware IPs (HWIP) by offering abstraction and configurability through languages like SystemC/C++, particularly for Field Programmable Gate Array (FPGA) accelerators in high-performance and cloud computing contexts. These IPs can be synthesized for different FPGA boards in cloud, offering compact area requirements and enhanced flexibility. HLS enables designs to execute directly on ARM processors within modern FPGAs without the need for Register Transfer Level (RTL) synthesis, thereby conserving FPGA resources. While HLS offers flexibility and efficiency, it also introduces potential vulnerabilities such as the presence of hidden circuitry, including the possibility of hosting hardware trojans within designs.In cloud environments, these vulnerabilities pose significant security concerns such as leakage of sensitive data, IP functionality disruption and hardware damage, necessitating the development of robust testing frameworks. This research presents an advanced testing approach for HLS-developed cloud IPs, specifically targeting hidden malicious functionalities that may exist in rare conditions within the design. The proposed method leverages selective instrumentation, combining greybox fuzzing and concolic execution techniques to enhance test generation capabilities. Evaluation conducted on various HLS benchmarks, possessing characteristics of FPGA-based cloud IPs with embedded cloud related threats, demonstrates the effectiveness of our framework in detecting trojans and rare scenarios, showcasing improvements in coverage, time efficiency, memory usage, and testing costs compared to existing methods.

show abstract