Automatic Asset Identification for Assertion-Based SoC Security Verification

Automatic Asset Identification for Assertion-Based SoC Security Verification

The ubiquitous presence and utilization of System-on-Chips (SoCs) have made them critical to our daily lives. As SoCs become more complex, their susceptibility to security threats has also increased. The comprehensive security assurance of an SoC system requires a deep knowledge of the design and se...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on computer-aided design of integrated circuits and systems 2024-10, Vol.43 (10), p.3264-3277
Hauptverfasser: Ayalasomayajula, Avinash, Farzana Dipu, Nusrat, Tehranipoor, Mark M., Farahmandi, Farimah
Format: Artikel
Sprache:eng
Schlagworte:
Bus interconnections
Computer-aided design (CAD)
Design
Design analysis
Design standards
Designers
Encryption
Hardware
Measurement
presilicon security verification
Protection
Random access memory
Registers
Security
security assets
security metrics
System on chip
Threat evaluation
Threat modeling
Verification
vulnerability assessment
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 3277
container_issue 10
container_start_page 3264
container_title IEEE transactions on computer-aided design of integrated circuits and systems
container_volume 43
creator Ayalasomayajula, Avinash
Farzana Dipu, Nusrat
Tehranipoor, Mark M.
Farahmandi, Farimah
description The ubiquitous presence and utilization of System-on-Chips (SoCs) have made them critical to our daily lives. As SoCs become more complex, their susceptibility to security threats has also increased. The comprehensive security assurance of an SoC system requires a deep knowledge of the design and security-critical assets that must be protected. As SoC applications vary, the assets vary in number, type, importance level, and form based on the various hardware blocks that construct the SoC and their complex interactions. Some assets are distinctive in their definition and characteristics, making them easily identifiable, such as encryption/decryption keys, logic locking keys, etc. However, other assets, such as system bus control registers that are internal to the design, require a more complex design analysis. Automatic identification of these security assets at the presilicon stage can help designers take the necessary precautions to protect them. Equipped with the security assets, designers can then incorporate techniques to protect these security assets against various threats. This article presents the variation among security assets based on hardware design and defines attributes to help classify them. Then, we introduce security asset identification framework (SAIF), an automated framework that can help identify security assets for a design at the register-transfer level (RTL). We introduce a set of metrics into SAIF to perform comprehensive vulnerability analysis and identify security assets that are prone to specific vulnerabilities. Finally, we report our findings on the effectiveness of SAIF for various open-source hardware designs and the National Institute of Standards and Technology (NIST) lightweight crypto designs. We show that SAIF can automatically identify critical security assets in a design with high accuracy and performance. Moreover, we analyze the security implications of the identified secondary assets to show their importance in presilicon security verification.
doi_str_mv 10.1109/TCAD.2024.3387875
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_10497111</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10497111</ieee_id><sourcerecordid>3107254665</sourcerecordid><originalsourceid>FETCH-LOGICAL-c176t-38fa9a715e4d5ad2cce32c9d6610a53a54db5ab400ad9a7fe20ac9f45a340f023</originalsourceid><addsrcrecordid>eNpNkE1Lw0AQhhdRsFZ_gOAh4Dl1Zj-yyTHGr0LBQ6vXZbsfkGK7dTc59N-b2CKehpl53hl4CLlFmCFC9bBq6qcZBcpnjJWylOKMTLBiMuco8JxMgMoyB5BwSa5S2gAgF7SakEXdd2Gru9ZkdUquy-bW7brWt2aYhV3mQ_xdxLHLH3VyNluGJls608e2O2SfLv7R1-TC66_kbk51Sj5enlfNW754f5039SI3KIsuZ6XXlZYoHLdCW2qMY9RUtigQtGBacLsWes0BtB047yhoU3kuNOPggbIpuT_e3cfw3bvUqU3o4254qRiCpIIXhRgoPFImhpSi82of262OB4WgRmlqlKZGaeokbcjcHTOtc-4fzyuJiOwH-stosg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3107254665</pqid></control><display><type>article</type><title>Automatic Asset Identification for Assertion-Based SoC Security Verification</title><source>IEEE Electronic Library (IEL)</source><creator>Ayalasomayajula, Avinash ; Farzana Dipu, Nusrat ; Tehranipoor, Mark M. ; Farahmandi, Farimah</creator><creatorcontrib>Ayalasomayajula, Avinash ; Farzana Dipu, Nusrat ; Tehranipoor, Mark M. ; Farahmandi, Farimah</creatorcontrib><description>The ubiquitous presence and utilization of System-on-Chips (SoCs) have made them critical to our daily lives. As SoCs become more complex, their susceptibility to security threats has also increased. The comprehensive security assurance of an SoC system requires a deep knowledge of the design and security-critical assets that must be protected. As SoC applications vary, the assets vary in number, type, importance level, and form based on the various hardware blocks that construct the SoC and their complex interactions. Some assets are distinctive in their definition and characteristics, making them easily identifiable, such as encryption/decryption keys, logic locking keys, etc. However, other assets, such as system bus control registers that are internal to the design, require a more complex design analysis. Automatic identification of these security assets at the presilicon stage can help designers take the necessary precautions to protect them. Equipped with the security assets, designers can then incorporate techniques to protect these security assets against various threats. This article presents the variation among security assets based on hardware design and defines attributes to help classify them. Then, we introduce security asset identification framework (SAIF), an automated framework that can help identify security assets for a design at the register-transfer level (RTL). We introduce a set of metrics into SAIF to perform comprehensive vulnerability analysis and identify security assets that are prone to specific vulnerabilities. Finally, we report our findings on the effectiveness of SAIF for various open-source hardware designs and the National Institute of Standards and Technology (NIST) lightweight crypto designs. We show that SAIF can automatically identify critical security assets in a design with high accuracy and performance. Moreover, we analyze the security implications of the identified secondary assets to show their importance in presilicon security verification.</description><identifier>ISSN: 0278-0070</identifier><identifier>EISSN: 1937-4151</identifier><identifier>DOI: 10.1109/TCAD.2024.3387875</identifier><identifier>CODEN: ITCSDI</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Bus interconnections ; Computer-aided design (CAD) ; Design ; Design analysis ; Design standards ; Designers ; Encryption ; Hardware ; Measurement ; presilicon security verification ; Protection ; Random access memory ; Registers ; Security ; security assets ; security metrics ; System on chip ; Threat evaluation ; Threat modeling ; Verification ; vulnerability assessment</subject><ispartof>IEEE transactions on computer-aided design of integrated circuits and systems, 2024-10, Vol.43 (10), p.3264-3277</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2024</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c176t-38fa9a715e4d5ad2cce32c9d6610a53a54db5ab400ad9a7fe20ac9f45a340f023</cites><orcidid>0009-0005-5096-3766 ; 0009-0003-1915-0746</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10497111$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,778,782,794,27911,27912,54745</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10497111$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Ayalasomayajula, Avinash</creatorcontrib><creatorcontrib>Farzana Dipu, Nusrat</creatorcontrib><creatorcontrib>Tehranipoor, Mark M.</creatorcontrib><creatorcontrib>Farahmandi, Farimah</creatorcontrib><title>Automatic Asset Identification for Assertion-Based SoC Security Verification</title><title>IEEE transactions on computer-aided design of integrated circuits and systems</title><addtitle>TCAD</addtitle><description>The ubiquitous presence and utilization of System-on-Chips (SoCs) have made them critical to our daily lives. As SoCs become more complex, their susceptibility to security threats has also increased. The comprehensive security assurance of an SoC system requires a deep knowledge of the design and security-critical assets that must be protected. As SoC applications vary, the assets vary in number, type, importance level, and form based on the various hardware blocks that construct the SoC and their complex interactions. Some assets are distinctive in their definition and characteristics, making them easily identifiable, such as encryption/decryption keys, logic locking keys, etc. However, other assets, such as system bus control registers that are internal to the design, require a more complex design analysis. Automatic identification of these security assets at the presilicon stage can help designers take the necessary precautions to protect them. Equipped with the security assets, designers can then incorporate techniques to protect these security assets against various threats. This article presents the variation among security assets based on hardware design and defines attributes to help classify them. Then, we introduce security asset identification framework (SAIF), an automated framework that can help identify security assets for a design at the register-transfer level (RTL). We introduce a set of metrics into SAIF to perform comprehensive vulnerability analysis and identify security assets that are prone to specific vulnerabilities. Finally, we report our findings on the effectiveness of SAIF for various open-source hardware designs and the National Institute of Standards and Technology (NIST) lightweight crypto designs. We show that SAIF can automatically identify critical security assets in a design with high accuracy and performance. Moreover, we analyze the security implications of the identified secondary assets to show their importance in presilicon security verification.</description><subject>Bus interconnections</subject><subject>Computer-aided design (CAD)</subject><subject>Design</subject><subject>Design analysis</subject><subject>Design standards</subject><subject>Designers</subject><subject>Encryption</subject><subject>Hardware</subject><subject>Measurement</subject><subject>presilicon security verification</subject><subject>Protection</subject><subject>Random access memory</subject><subject>Registers</subject><subject>Security</subject><subject>security assets</subject><subject>security metrics</subject><subject>System on chip</subject><subject>Threat evaluation</subject><subject>Threat modeling</subject><subject>Verification</subject><subject>vulnerability assessment</subject><issn>0278-0070</issn><issn>1937-4151</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkE1Lw0AQhhdRsFZ_gOAh4Dl1Zj-yyTHGr0LBQ6vXZbsfkGK7dTc59N-b2CKehpl53hl4CLlFmCFC9bBq6qcZBcpnjJWylOKMTLBiMuco8JxMgMoyB5BwSa5S2gAgF7SakEXdd2Gru9ZkdUquy-bW7brWt2aYhV3mQ_xdxLHLH3VyNluGJls608e2O2SfLv7R1-TC66_kbk51Sj5enlfNW754f5039SI3KIsuZ6XXlZYoHLdCW2qMY9RUtigQtGBacLsWes0BtB047yhoU3kuNOPggbIpuT_e3cfw3bvUqU3o4254qRiCpIIXhRgoPFImhpSi82of262OB4WgRmlqlKZGaeokbcjcHTOtc-4fzyuJiOwH-stosg</recordid><startdate>20241001</startdate><enddate>20241001</enddate><creator>Ayalasomayajula, Avinash</creator><creator>Farzana Dipu, Nusrat</creator><creator>Tehranipoor, Mark M.</creator><creator>Farahmandi, Farimah</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0009-0005-5096-3766</orcidid><orcidid>https://orcid.org/0009-0003-1915-0746</orcidid></search><sort><creationdate>20241001</creationdate><title>Automatic Asset Identification for Assertion-Based SoC Security Verification</title><author>Ayalasomayajula, Avinash ; Farzana Dipu, Nusrat ; Tehranipoor, Mark M. ; Farahmandi, Farimah</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c176t-38fa9a715e4d5ad2cce32c9d6610a53a54db5ab400ad9a7fe20ac9f45a340f023</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Bus interconnections</topic><topic>Computer-aided design (CAD)</topic><topic>Design</topic><topic>Design analysis</topic><topic>Design standards</topic><topic>Designers</topic><topic>Encryption</topic><topic>Hardware</topic><topic>Measurement</topic><topic>presilicon security verification</topic><topic>Protection</topic><topic>Random access memory</topic><topic>Registers</topic><topic>Security</topic><topic>security assets</topic><topic>security metrics</topic><topic>System on chip</topic><topic>Threat evaluation</topic><topic>Threat modeling</topic><topic>Verification</topic><topic>vulnerability assessment</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Ayalasomayajula, Avinash</creatorcontrib><creatorcontrib>Farzana Dipu, Nusrat</creatorcontrib><creatorcontrib>Tehranipoor, Mark M.</creatorcontrib><creatorcontrib>Farahmandi, Farimah</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Ayalasomayajula, Avinash</au><au>Farzana Dipu, Nusrat</au><au>Tehranipoor, Mark M.</au><au>Farahmandi, Farimah</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Automatic Asset Identification for Assertion-Based SoC Security Verification</atitle><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle><stitle>TCAD</stitle><date>2024-10-01</date><risdate>2024</risdate><volume>43</volume><issue>10</issue><spage>3264</spage><epage>3277</epage><pages>3264-3277</pages><issn>0278-0070</issn><eissn>1937-4151</eissn><coden>ITCSDI</coden><abstract>The ubiquitous presence and utilization of System-on-Chips (SoCs) have made them critical to our daily lives. As SoCs become more complex, their susceptibility to security threats has also increased. The comprehensive security assurance of an SoC system requires a deep knowledge of the design and security-critical assets that must be protected. As SoC applications vary, the assets vary in number, type, importance level, and form based on the various hardware blocks that construct the SoC and their complex interactions. Some assets are distinctive in their definition and characteristics, making them easily identifiable, such as encryption/decryption keys, logic locking keys, etc. However, other assets, such as system bus control registers that are internal to the design, require a more complex design analysis. Automatic identification of these security assets at the presilicon stage can help designers take the necessary precautions to protect them. Equipped with the security assets, designers can then incorporate techniques to protect these security assets against various threats. This article presents the variation among security assets based on hardware design and defines attributes to help classify them. Then, we introduce security asset identification framework (SAIF), an automated framework that can help identify security assets for a design at the register-transfer level (RTL). We introduce a set of metrics into SAIF to perform comprehensive vulnerability analysis and identify security assets that are prone to specific vulnerabilities. Finally, we report our findings on the effectiveness of SAIF for various open-source hardware designs and the National Institute of Standards and Technology (NIST) lightweight crypto designs. We show that SAIF can automatically identify critical security assets in a design with high accuracy and performance. Moreover, we analyze the security implications of the identified secondary assets to show their importance in presilicon security verification.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TCAD.2024.3387875</doi><tpages>14</tpages><orcidid>https://orcid.org/0009-0005-5096-3766</orcidid><orcidid>https://orcid.org/0009-0003-1915-0746</orcidid></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0278-0070
ispartof IEEE transactions on computer-aided design of integrated circuits and systems, 2024-10, Vol.43 (10), p.3264-3277
issn 0278-0070
1937-4151
language eng
recordid cdi_ieee_primary_10497111
source IEEE Electronic Library (IEL)
subjects Bus interconnections
Computer-aided design (CAD)
Design
Design analysis
Design standards
Designers
Encryption
Hardware
Measurement
presilicon security verification
Protection
Random access memory
Registers
Security
security assets
security metrics
System on chip
Threat evaluation
Threat modeling
Verification
vulnerability assessment
title Automatic Asset Identification for Assertion-Based SoC Security Verification
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-15T19%3A01%3A09IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Automatic%20Asset%20Identification%20for%20Assertion-Based%20SoC%20Security%20Verification&rft.jtitle=IEEE%20transactions%20on%20computer-aided%20design%20of%20integrated%20circuits%20and%20systems&rft.au=Ayalasomayajula,%20Avinash&rft.date=2024-10-01&rft.volume=43&rft.issue=10&rft.spage=3264&rft.epage=3277&rft.pages=3264-3277&rft.issn=0278-0070&rft.eissn=1937-4151&rft.coden=ITCSDI&rft_id=info:doi/10.1109/TCAD.2024.3387875&rft_dat=%3Cproquest_RIE%3E3107254665%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3107254665&rft_id=info:pmid/&rft_ieee_id=10497111&rfr_iscdi=true