Scalable Verification of Security Properties in SoCs

Slide Note
Embed
Share

Contemporary SoCs pose challenges in verifying security properties due to the combination of hardware and firmware components. This work discusses the complexities of verifying SoCs, the construction of Instruction-Level Abstraction (ILA), and the synthesis of ILA using advanced techniques. Security verification is particularly challenging, focusing on confidentiality and integrity aspects. Information flow properties play a crucial role in specifying security requirements for SoCs.

well342
well342 Follow

Uploaded on Sep 22, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Specification and Scalable Verification of Security Properties in Contemporary SoCs Pramod Subramanyan This work was supported in part by CFAR, one of the six SRC STARTnet centers, sponsored by MARCO and DARPA

  2. Birds Eye View of an SoC CPU GPU Camera Touch Flash Microcontroller On-chip Interconnect Memory MMU+ DRAM DMA WiFi/3G SCIP HW accelerators SoC functionality is implemented by a combination of hardware and firmware NoC interface 2

  3. SoC Verification is Challenging CPU GPU Camera Touch Flash On-chip Interconnect MMU+ DRAM Complete verification is not scalable DMA WiFi/3G SCIP Separate verification misses bugs! FW 3

  4. Constructing an ILA Insight: Treat MMIO reads/writes as part of an extended ISA aka ILA ; start AES state machine MOV ACC, #01 MOV DPTR, #0xFF00 MOVX @DPTR, ACC IDLE READ ; poll for completion wait_finish: MOV MOVX ACC, @DPTR CMPI ACC, #00 JNZ WRITE ENC DPTR, #0xFF01 Instruction-Level Model of HW accelerators wait_finish Instruction-Level Model of c ISA Instruction-Level Abstraction (ILA) of SoC 4

  5. Synthesizing an ILA [FMCAD 15] It s too hard to manually construct an ILA so synthesize it instead! FW verification Template abstraction Synthesis Algorithm Instruction-Level Abstraction Golden Model Model Checker Simulator RTL Refinement Relations Bugs/counter examples 5

  6. Security Verification is Harder! Confidentiality: HW/FW secrets must not leak to untrusted entities secret SoC Integrity: Untrusted entities must not influence sensitive registers reg Specifying these in LTL is hard! Not predicates of state, instead these properties refer to information flow! 6

  7. Specifying Information Flow Properties Information flow property specifies that src cannot influence dst src dst Specified on an augmented ILA Properties High-level system state such as user/su mode, current thread and VM ids, and son Convert events such as user/su state-transitions into state variables HW model HW model FW model aux stat e Augmented System Model FW model Original System Model 7

  8. Proving Information Flow Properties In the security community: static and dynamic taint analysis Can different values at the source result in different values at the destination? T src1 dst1 inp T src2 dst2 Can we do better with a taint+CEGAR hybrid? 8

  9. HW/FW Security Concerns are an Important and Exciting Research Area http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ Come to the poster to talk more! 9

Related


Importance of Timely Verification in Care After Death

Importance of Timely Verification in Care After Death

willow
Program Verification via an Intermediate Verification Language

Program Verification via an Intermediate Verification Language

dee_ana
Automated and Modular Refinement Reasoning for Concurrent Programs

Automated and Modular Refinement Reasoning for Concurrent Programs

jayliann
Integrated Verification and Repair in Control Plane

Integrated Verification and Repair in Control Plane

buddy
Formal Verification and Automata Abstraction in Esterel

Formal Verification and Automata Abstraction in Esterel

edelweiss
Comprehensive Solution for EU Digital COVID Certificate Verification

Comprehensive Solution for EU Digital COVID Certificate Verification

mall878
Automated Static Verification of Higher-order Functional Programs

Automated Static Verification of Higher-order Functional Programs

aaka860
Understanding Transport Layer Security (TLS)

Understanding Transport Layer Security (TLS)

amabel
Electors Verification Programme Overview

Electors Verification Programme Overview

fionn
Criticisms and Defenses of Verification and Falsification Principles

Criticisms and Defenses of Verification and Falsification Principles

esmee
Software Bugs and Formal Verification in Critical Systems

Software Bugs and Formal Verification in Critical Systems

jama_ico
Formal Verification of Cyberphysical Systems and Future Certification Methods

Formal Verification of Cyberphysical Systems and Future Certification Methods

knox_roy
Gradual Program Verification and its Techniques

Gradual Program Verification and its Techniques

adi_sco
Bounded Satisfiability Checking for Early Legal Compliance Verification

Bounded Satisfiability Checking for Early Legal Compliance Verification

nicksongi
DAVA Drugs Authentication & Verification Application by National Informatics Centre

DAVA Drugs Authentication & Verification Application by National Informatics Centre

ruxt_322
Scalable Causal Consistency for Wide-Area Storage with COPS

Scalable Causal Consistency for Wide-Area Storage with COPS

sydney
Understanding the Role of Security Champions in Organizations

Understanding the Role of Security Champions in Organizations

irvin
Understanding the Roles of a Security Partner

Understanding the Roles of a Security Partner

zaara
Understanding Physical and Chemical Properties of Matter

Understanding Physical and Chemical Properties of Matter

kenn_3
Exploring Automotive Networks and ECUs in the World of SOME/IP

Exploring Automotive Networks and ECUs in the World of SOME/IP

kenji
Understanding Multicore Processors: Hardware and Software Perspectives

Understanding Multicore Processors: Hardware and Software Perspectives

fiona
Unveiling Archetypes in

Unveiling Archetypes in "The Outsiders" Mid-Book Review

moer318
Navigating Financial Aid Verification for 2024-25

Navigating Financial Aid Verification for 2024-25

promise
Verification Environment for ALTIROC3 ASIC in ATLAS High Granularity Timing Detector

Verification Environment for ALTIROC3 ASIC in ATLAS High Granularity Timing Detector

special

More Related Content

Updates on Accounting and Verification Activities in HN Groups
Updates on Accounting and Verification Activities in HN Groups
Electors Verification Program and Special Summary Revision Activities
Electors Verification Program and Special Summary Revision Activities
Guidelines for Verification and Assessment Process in 2019
Guidelines for Verification and Assessment Process in 2019
Formal Verification and Reasoning in Computer Science
Formal Verification and Reasoning in Computer Science
Understanding Verification Methods in Spring 2022 Tufts University Lectures
Understanding Verification Methods in Spring 2022 Tufts University Lectures
Importance of Side and Site Verification in Medical Procedures
Importance of Side and Site Verification in Medical Procedures
Safety Verification Using Barrier Certificates in Autonomous Cyber-Physical Systems
Safety Verification Using Barrier Certificates in Autonomous Cyber-Physical Systems
Automatic Program Verification: Isar and Dafny Methods
Automatic Program Verification: Isar and Dafny Methods
Next-Generation Logic for Program Verification Challenges
Next-Generation Logic for Program Verification Challenges
Maternal Levels of Care Verification Leadership Overview
Maternal Levels of Care Verification Leadership Overview
Third Party Verification Requests - What CPAs Can Provide
Third Party Verification Requests - What CPAs Can Provide
Advanced Program Optimization Techniques for Efficient Verification and Goal-Directed Search
Advanced Program Optimization Techniques for Efficient Verification and Goal-Directed Search
Carnegie Mellon Secure Systems Verification Research
Carnegie Mellon Secure Systems Verification Research
Understanding Security in World Politics
Understanding Security in World Politics
Scalable Task Pool with Adjustable Fairness
Scalable Task Pool with Adjustable Fairness
Overview of Scalable Heat Engine using Convergence
Overview of Scalable Heat Engine using Convergence
Exploring Distributed Solvers for Scalable Computing in UG
Exploring Distributed Solvers for Scalable Computing in UG
Chi: A Scalable and Programmable Control Plane for Distributed Stream Processing
Chi: A Scalable and Programmable Control Plane for Distributed Stream Processing
Understanding the Rule of Mixtures in Composite Materials
Understanding the Rule of Mixtures in Composite Materials
Understanding Physical and Chemical Properties of Matter
Understanding Physical and Chemical Properties of Matter
Understanding Nonelectrolytes in Solutions
Understanding Nonelectrolytes in Solutions
Ensuring Platform Integrity and Trust in Cloud Computing Environments
Ensuring Platform Integrity and Trust in Cloud Computing Environments
Modern Solution for Enhanced Security - Face Lock Technology
Modern Solution for Enhanced Security - Face Lock Technology
Exploring SymDiff: A Differential Program Verifier
Exploring SymDiff: A Differential Program Verifier