Quantifiable Assurance: From IPs to Platforms

Bulbul Ahmed, Md Kawser Bepary, Nitin Pundir, Mike Borza, Oleg Raikhman, Amit Garg, Dale Donchin, Adam Cron, Mohamed A Abdel-moneum, Farimah Farahmandi, Fahim Rahman, and Mark Tehranipoor

Abstract

Hardware vulnerabilities are generally considered more difficult to fix than software ones because of their persistent nature after fabrication. Thus, it is crucial to assess the security and fix the potential vulnerabilities in the earlier design phases, such as Register Transfer Level (RTL), gate-level or physical layout. The focus of the existing security assessment techniques is mainly twofold. First, they check the security of Intellectual Property (IP) blocks separately (they can be applied on a single module). Second, they aim to assess the security against individual threats considering the threats are orthogonal. We argue that IP-level security assessment is not sufficient. Eventually, the IPs are placed in a platform, such as a system-on-chip (SoC), where each IP is surrounded by other IPs connected through glue logic and shared/private buses. This has a substantial impact on the platform's security. Hence, we must develop a methodology to assess the platform-level security by considering both the IP-level security and the impact of the additional parameters introduced during the transition from IP to the platform. Another important factor to consider is that the threats are not always orthogonal. Improving security against one threat may affect the security against other threats. Hence, to build a secure platform, we must first fully understand the impact of IP communications on security while considering the following questions: What type of additional parameters are introduced during the platform integration? How to define and characterize the impact of these parameters on security? How do the mitigation techniques of one threat impact others? This paper aims to answer these important questions and proposes techniques for quantifiable assurance by quantitatively estimating and measuring the security of a platform at pre-silicon stages. We also touch upon the term security optimization and present the challenges towards future research directions.

Available format(s)
Publication info
Preprint. MINOR revision.
Keywords
Security EstimationSecurity MeasurementSecurity OptimizationSecurity Metric
Contact author(s)
ahmed b @ ufl edu
History
2022-04-07: last of 2 revisions
See all versions
Short URL
https://ia.cr/2021/1654

CC BY

BibTeX

@misc{cryptoeprint:2021/1654,
author = {Bulbul Ahmed and Md Kawser Bepary and Nitin Pundir and Mike Borza and Oleg Raikhman and Amit Garg and Dale Donchin and Adam Cron and Mohamed A Abdel-moneum and Farimah Farahmandi and Fahim Rahman and Mark Tehranipoor},
title = {Quantifiable Assurance: From IPs to Platforms},
howpublished = {Cryptology ePrint Archive, Paper 2021/1654},
year = {2021},
note = {\url{https://eprint.iacr.org/2021/1654}},
url = {https://eprint.iacr.org/2021/1654}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.