Paper 2021/1014

SoC Security Properties and Rules

Nusrat Farzana Dipu
Farimah Farahmandi
Mark Tehranipoor

A system-on-chip (SoC) security can be weakened by exploiting the potential vulnerabilities of the intellectual property (IP) cores used to implement the design and interaction among the IPs. These vulnerabilities not only increase the security verification effort but also can increase design complexity and time-to-market. The design and verification engineers should be knowledgeable about potential vulnerabilities and threat models at the early SoC design life cycle to protect their designs from potential attacks. However, currently, there is no publicly available repository that can be used as a base to develop such knowledge in practice. In this paper, we develop ‘SoC Security Property/Rule Database’ and make it available publicly to all researchers to facilitate and extend security verification effort to address this need. The database gathers a comprehensive security vulnerability and property list. It also provides all the corresponding design behavior that should be held in the design to ensure such vulnerabilities do not exist. The database contains 67 different vulnerability scenarios for which 105 corresponding security properties have been developed till now. This paper reviews the existing database and presents the methodologies we used to gather vulnerabilities and develop such comprehensive security properties. Additionally, this paper discusses the challenges for security verification and the utilization of this database to overcome the research challenges.

Available format(s)
Publication info
A minor revision of an IACR publication in CRYPTO 2021
VulnerabilitiesThreat ModelsSecurity PropertiesVerificationProperty PackageAssertion
Contact author(s)
ndipu @ ufl edu
2023-05-19: revised
2021-08-06: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nusrat Farzana Dipu and Farimah Farahmandi and Mark Tehranipoor},
      title = {SoC Security Properties and Rules},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1014},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.