Transys: Leveraging Common Security Properties Across Hardware Designs

Zhang, Rui; Sturton, Cynthia

doi:10.1109/sp40000.2020.00030

Cited by 11 publications

(7 citation statements)

References 59 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

“…While identifying security-critical features in a design is an orthogonal problem-and an ongoing area of research [17,23,35,53,66,67]identifying the nets (wires) that comprise said features is the first step in deploying T-TER. Currently, there exist two techniques for identifying security-critical nets: 1) manual [17,23,35] or 2) semi-autonomous [66,67]. In manual identification, a human expert analyzes the design's specification, and the corresponding HDL, and flags nets that implement features critical to the security of software or other hardware that interface to the design [17,23,35].…”

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

See 1 more Smart Citation

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing

Trippel

Shin

Bush

et al. 2023

Proceedings of the ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

Since the inception of the Integrated Circuit (IC), the size of the transistors used to construct them has continually shrunk. While this advancement significantly improves computing capability, fabrication costs have skyrocketed. As a result, most IC designers must now outsource fabrication. Outsourcing, however, presents a security threat: comprehensive post-fabrication inspection is infeasible given the size of modern ICs, so it is nearly impossible to know if the foundry has altered the original design during fabrication (i.e., inserted a hardware Trojan). Defending against a foundry-side adversary is challenging because-even with as few as two gateshardware Trojans can completely undermine software security. Researchers have attempted to both detect and prevent foundryside attacks, but all existing defenses are ineffective against additive Trojans with footprints of a few gates or less.We present Targeted Tamper-Evident Routing (T-TER), a layoutlevel defense against untrusted foundries, capable of thwarting the insertion of even the stealthiest hardware Trojans. T-TER is directed and routing-centric: it prevents foundry-side attackers from routing Trojan wires to, or directly adjacent to, security-critical wires by shielding them with guard wires. Unlike shield wires commonly deployed for cross-talk reduction, T-TER guard wires pose an additional technical challenge: they must be tamper-evident in both the digital (deletion attacks) and analog (move and jog attacks) domains. We address this challenge by developing a class of designed-in guard wires that are added to the design specifically to protect securitycritical wires. T-TER's guard wires incur minimal overhead, scale with design complexity, and provide tamper-evidence against attacks. We implement automated tools (on top of commercial CAD tools) for deploying guard wires around targeted nets within an open-source System-on-Chip. Lastly, using an existing IC threat assessment toolchain, we show T-TER defeats even the stealthiest known hardware Trojan, with ≈ 1% overhead. CCS CONCEPTS• Security and privacy → Tamper-proof and tamper-resistant designs; Malicious design modifications; • Hardware → Interconnect.

show abstract

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing

Trippel

Shin

Bush

et al. 2023

Proceedings of the ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…SCIFinder (Zhang et al, 2017) semi-automatically generates security critical properties by using machine learning to label generated invariants based on similarity to known bugs. Transys (Zhang and Sturton, 2020) is able to automatically generate security properties for a target design by translating known properties from some other design to analogous properties on the original design, but does require some initial set of known security properties.…”

Section: Automatic Hardware Securitymentioning

confidence: 99%

“…Additionally, the labelling system required manual efforts in translating across designs and this manual effort introduced the possibility of human error. Translating across designs is a significant research problem that is addressed directly in other research efforts, particularly Transys (Zhang and Sturton, 2020).…”

Section: Labelling Limitationsmentioning

confidence: 99%

Mining Secure Behavior of Hardware Designs

Deutschbein

2021

Preprint

View full text Add to dashboard Cite

Calvin Deutschbein: Mining Secure Behavior of Hardware Designs (Under the direction of Cynthia Sturton)Hardware presents an enticing target for attackers attempting to gain access to a secured computer system. Software-only exploits of hardware vulnerabilities may bypass software level security features. Hardware must be made secure. However, to understand whether a hardware design is secure, security specifications must be generated to define security on that design.Micro-architectural design elements, undocumented or under-documented features, debug interfaces, and information-flow side channels all may introduce new vulnerabilities. The secure behavior of each must be specified in order ensure the design meets its security requirements and contains no vulnerabilities. However, manual efforts can be overwhelmed by design complexity, and many hardware vulnerabilities, such as Memory Sinkhole, SYSRET privilege escalation, and most recently Spectre/Meltdown, persisted in product lines for decades despite extensivetesting. An automated solution is needed to specify secure designs. Specification mining offers a solution by automating security specification for hardware. Specification miners use a form of machine learning to specify behaviors of a system by studying a system in execution. However, specification mining was first developed for use with software. Complex hardware designs offer unique challenges for this technique. Further, specification miners traditionally capture functional specifications without a notion of security, and may not use the specification logics necessary to describe some security requirements.This work demonstrates specification mining for hardware security. On CISC architectures such as x86, I demonstrate that a miner partitioning the design state space along control signals discovers a specification that includes manually defined properties and, if followed, would secure CPU designs against Memory Sinkhole and SYSRET privilege escalation. For temporal propiii

show abstract

“…European Processor Initiative (EPI), one of the cornerstones of the EuroHPC Joint Undertaking, a new European Union strategic entity focused on pooling the Union's and national resources on HPC to build and deploy the most powerful supercomputers within Europe, is preparing to adopt RISC-V as its core solution for exascale embedded HPC platform [9]. protection [54,56,57,59,61,[69][70][71][72], ISA security extensions [66,67,[73][74][75][76][77][78][79][80][81][82][83][84], cryptographic engines and primitives [78][79][80][81][82][83][85][86][87][88][89][90][91][92][93][94][95][96][97][98], and side-channel prevention [99][100][101]…”

Section: Introductionmentioning

confidence: 99%

A Survey on RISC-V Security: Hardware and Architecture

2021

Preprint

View full text Add to dashboard Cite

The Internet of Things (IoT) is an ongoing technological revolution. Embedded processors are the processing engines of smart IoT devices. For decades, these processors were mainly based on the Arm instruction set architecture (ISA). In recent years, the free and open RISC-V ISA standard has attracted the attention of industry and academia and is becoming the mainstream. Many companies have already owned or are designing RISC-V processors. Many important operating systems and major tool chains have supported RISC-V. Data security and user privacy protection are common challenges faced by all IoT devices. In order to deal with foreseeable security threats, the RISC-V community is studying security solutions aimed at achieving a root of trust (RoT) and ensuring that sensitive information on RISC-V devices is not tampered with or leaked. Many RISC-V security research projects are underway, but the academic community has not yet conducted a comprehensive survey of RISC-V security solutions. The latest technology and future development direction of RICS-V security research are still unclear. In order to fill this research gap, this paper presents an in-depth survey on RISC-V security technologies. This paper summarizes the representative security mechanisms of RISC-V hardware and architecture. Specifically, we first briefly introduce the background and development status of RISC-V, and compare the RISC-V mechanisms with the most relevant Arm mechanisms, highlighting their similarities and differences. Then, we investigate the security research of RISC-V around the theme of hardware and architecture security. Our survey covers hardware and physical access security, hardware-assisted security units, ISA security extensions, memory protection, cryptographic primitives, and side-channel attack protection. Based on our survey, we predict the future research and development directions of RISC-V security. We hope that our research can inspire RISC-V researchers and developers.CCS Concepts: • Security and privacy → Embedded systems security; Cryptography.

show abstract

Transys: Leveraging Common Security Properties Across Hardware Designs

Cited by 11 publications

References 59 publications

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing

Mining Secure Behavior of Hardware Designs

A Survey on RISC-V Security: Hardware and Architecture

Contact Info

Product

Resources

About