Abstract

Digital hardware lies in the heart of systems deployed in finance, medical care, basic infrastructure and national defense systems. However, due to the lack of effective security verification tools, hardware designs may contain security vulnerabilities resulting from performance optimizations, side channels, insecure debug ports and hardware Trojans, which provide attackers low level access to critical resources and effective attack surface to compromise a system. To address these security threats, we propose a theorem proof based gate level information flow tracking (GLIFT) method for formal verification of security properties and identifying security vulnerabilities that cause security property violations. Our method integrates a precise information flow tracking (IFT) model with the Coq theorem proof environment, inheriting the accuracy of GLIFT and the scalability of theorem proving based formal verification. We formalize semantic circuits and security theorems for proving security properties in order to detect security violations. The proposed method has been demonstrated on an OpenRISC development interface core and an RSA implementation both from OpenCores as well as several Trojan benchmarks from Trust-HUB. Experimental results show that the proposed method detects insecure debug port, timing channel and hardware Trojans that cause violation of important security properties such as confidentiality, integrity and isolation and also derives the trigger condition of hardware Trojans.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.