Ensuring Hardware Robustness via Security Verification
Date
Authors
ORCID
Journal Title
Journal ISSN
Volume Title
Publisher
item.page.doi
Abstract
System-on-Chips (SoCs) play a pivotal role in modern computing systems, integrating multiple Intellectual Property (IP) cores to deliver diverse functionalities. However, this integration presents unique security challenges that can result in vulnerabilities escaping the verification phase and becoming potential exploits. Moreover, the integration of commercial off-the-shelf (COTS) components into system designs provides cost-effective solutions but introduces the risk of hidden malicious hardware. On the other hand, asynchronous events in complex SoC design introduce challenges for security verification. Furthermore, Network-on-Chip (NoC) architectures introduce new vulnerabilities during message transmission across on-chip networks. Although security properties are introduced to address these vulnerabilities, generating security properties for SoCs can be a daunting task, typically requiring extensive developer expertise and time. This dissertation extends and explores various approaches to current hardware verification in multiple aspects. First, we introduce RTL-ConTest, a Register Transfer Level (RTL) security vulnerability detection algorithm, that extracts critical process flows from a design and executes RTL-level Concolic testing to generate security test cases for identifying critical exploits. Second, we address the asynchronous resets by extending the concept of control flow graph (CFG) and extraction of reset-controlled events while avoiding combinatorial explosion. Third, by utilizing CFG extraction and security properties, we develop a framework for systematic detection of security violations in NoC designs resulting from vulnerabilities in NoC communication through formal state exploration. Fourth, We propose an information tracking framework to identify potential information flow violations in COTS integrated circuits by analyzing their designs and demonstrating their effectiveness in experimental results. Lastly, we introduce a language-based machine-learning framework that extracts essential security information from processor documentation and converts them into security constraints at the RTL level, enhancing the robustness and efficiency of security property generation.