Special Session: CAD for Hardware Security - Automation is Key to Adoption of Solutions

Aftabjahani, Sohrab; Kastner, Ryan; Tehranipoor, Mohammad; Farahmandi, Farimah; Oberg, Jason; Nordström, Anders; Fern, Nicole; Althoff, Alric

doi:10.1109/vts50974.2021.9441032

Cited by 12 publications

(2 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are many efforts to describe the steps of the hardware security verification process [2,4,11,13]. In general, this process involves: 1) Creating Threat Model, 2) Identifying Assets, 3) Articulating Common Weaknesses, 4) Defining Security Requirements, 5) Specifying Security Properties, and 6) Verifying Security Properties.…”

Section: Verification Processmentioning

confidence: 99%

Automating hardware security property generation

Kastner

Restuccia

Meza

et al. 2022

Proceedings of the 59th ACM/IEEE Design Automation Conference

View full text Add to dashboard Cite

Security verification is an important part of the hardware design process. Security verification teams can uncover weaknesses, vulnerabilities, and flaws. Unfortunately, the verification process involves substantial manual analysis to create the threat model, identify important security assets, articulate weaknesses, define security requirements, and specify security properties that formally describe security requirements upon the hardware. This work describes current hardware security verification practices. Many of these rely on manual analysis. We argue that the property generation process is a first step towards scalable and reproducible hardware security verification.

show abstract

Section: Verification Processmentioning

confidence: 99%

Automating hardware security property generation

Kastner

Restuccia

Meza

et al. 2022

Proceedings of the 59th ACM/IEEE Design Automation Conference

View full text Add to dashboard Cite

show abstract

“…Identifying these weaknesses is often challenging and time-consuming since it requires designers to understand the design's specification, the design's implementation, the subtleties in the correlation between these two, and which parts of the design are most relevant to the threat model. In an effort to increase the chance of identifying security critical weaknesses, we use the threat model and design to find relevant CWEs from MITRE's extensive database following to the CWE-IFT methodology [14].…”

Section: B Ip-level Security Verificationmentioning

confidence: 99%

AKER: A Design and Verification Framework for Safe andSecure SoC Access Control

Restuccia¹,

Meza²,

Kastner³

2021

Preprint

Self Cite

View full text Add to dashboard Cite

Modern systems on a chip (SoCs) utilize heterogeneous architectures where multiple IP cores have concurrent access to on-chip shared resources. In security-critical applications, IP cores have different privilege levels for accessing shared resources, which must be regulated by an access control system. AKER is a design and verification framework for SoC access control. AKER builds upon the Access Control Wrapper (ACW) -a high performance and easy-to-integrate hardware module that dynamically manages access to shared resources. To build an SoC access control system, AKER distributes the ACWs throughout the SoC, wrapping controller IP cores, and configuring the ACWs to perform local access control. To ensure the access control system is functioning correctly and securely, AKER provides a property-driven security verification using MITRE common weakness enumerations. AKER verifies the SoC access control at the IP level to ensure the absence of bugs in the functionalities of the ACW module, at the firmware level to confirm the secure operation of the ACW when integrated with a hardware root-of-trust (HRoT), and at the system level to evaluate security threats due to the interactions among shared resources. The performance, resource usage, and security of access control systems implemented through AKER is experimentally evaluated on a Xilinx UltraScale+ programmable SoC, it is integrated with the OpenTitan hardware root-of-trust, and it is used to design an access control system for the OpenPULP multicore architecture.

show abstract