P11_21: Scalable Security Verification Framework for Digital and Analog/Mixed-Signal System-on-Chips
Principal investigator: Dr. Kanad Basu, University of Texas at Dallas
Co-Principal investigator: Dr. Yiorgos Makris, University of Texas at Dallas
System-on-Chip (SoC) is the brain behind modern computing devices, which are being extensively used in recording, analyzing, and communicating some of our most intimate personal information including health, location, activity, etc. A typical SoC consists of multiple Intellectual Property (IP) cores including processor, memory, network-on-chip, controllers, converters, input/output devices, etc. . Drastic increase in SoC design complexity has led to significant increase in SoC validation complexity. Reusable hardware IP-based SoC design has emerged as a pervasive design practice in the industry to dramatically reduce design and verification cost while meeting aggressive time-to-market constraints. Growing reliance on these pre-verified hardware IPs, often gathered from untrusted third-party vendors (3PIPs), severely affects the security and trustworthiness of SoC computing platforms. Hardware-level vulnerabilities should be fixed before deployment, since they affect the overall system security. Based on Common Vulnerability Exposure (CVE-MITRE) estimates, if hardware-level vulnerabilities are removed, the overall system vulnerability will reduce by 43%. Given the widespread acceptance of SoC designs in the electronic industry, it is critical to validate their correctness from the security perspective. SoC verification is already a major bottleneck in the modern chip design life cycle where more than 70% of the resources and engineering time are spent on verification efforts. Existing research has demonstrated that commercial EDA tools fall short in executing security validation on a full-scale SoC [2,3].
This research effort seeks to validate the security of SoCs by developing a comprehensive verification framework that is scalable across contemporary SoC designs, incorporated with untrusted 3PIPs in the digital as well as in the analog/mixed-signals domains. We propose a Register Transfer Level (RTL) security vulnerability detection technique that will extract critical process flows from an RTL design and then execute RTL-level concolic testing to generate security test cases. This will aid in identifying security-critical exploits in the early design stage of a SoC. In order to detect the security bugs in the Hard IP post-fabrication, we propose a post-silicon security validation framework that will incorporate assertion-based test generation techniques to verify the security primitives. Furthermore, we will introduce an extension to this framework to include abstractions of continuous-domain behavior, to enable systematic formal evaluation of information flow policies in analog/mixed-signal designs.