Paper 2021/1014

SoC Security Properties and Rules

Nusrat Farzana, Farimah Farahmandi, and Mark Tehranipoor

Abstract

A system-on-chip (SoC) security can be weakened by exploiting the potential vulnerabilities of the intellectual property (IP) cores used to implement the design and interaction among the IPs. These vulnerabilities not only increase the security verification effort but also can increase design complexity and time-to-market. The design and verification engineers should be knowledgeable about potential vulnerabilities and threat models at the early SoC design life cycle to protect their designs from potential attacks. However, currently, there is no publicly available repository that can be used as a base to develop such knowledge in practice. In this paper, we develop ‘SoC Security Property/Rule Database’ and make it available publicly to all researchers to facilitate and extend security verification effort to address this need. The database gathers a comprehensive security vulnerability and property list. It also provides all the corresponding design behavior that should be held in the design to ensure such vulnerabilities do not exist. The database contains 67 different vulnerability scenarios for which 105 corresponding security properties have been developed till now. This paper reviews the existing database and presents the methodologies we used to gather vulnerabilities and develop such comprehensive security properties. Additionally, this paper discusses the challenges for security verification and the utilization of this database to overcome the research challenges.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
VulnerabilitiesThreat ModelsSecurity PropertiesVerificationProperty PackageAssertion
Contact author(s)
ndipu @ ufl edu
History
2021-08-06: received
Short URL
https://ia.cr/2021/1014
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1014,
      author = {Nusrat Farzana and Farimah Farahmandi and Mark Tehranipoor},
      title = {SoC Security Properties and Rules},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1014},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1014}},
      url = {https://eprint.iacr.org/2021/1014}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.