Paper 2021/1654
Quantifiable Assurance: From IPs to Platforms
Bulbul Ahmed, Md Kawser Bepary, Nitin Pundir, Mike Borza, Oleg Raikhman, Amit Garg, Dale Donchin, Adam Cron, Mohamed A Abdel-moneum, Farimah Farahmandi, Fahim Rahman, and Mark Tehranipoor
Abstract
Hardware vulnerabilities are generally considered more difficult to fix than software ones because of their persistent nature after fabrication. Thus, it is crucial to assess the security and fix the potential vulnerabilities in the earlier design phases, such as Register Transfer Level (RTL), gate-level or physical layout. The focus of the existing security assessment techniques is mainly twofold. First, they check the security of Intellectual Property (IP) blocks separately (they can be applied on a single module). Second, they aim to assess the security against individual threats considering the threats are orthogonal. We argue that IP-level security assessment is not sufficient. Eventually, the IPs are placed in a platform, such as a system-on-chip (SoC), where each IP is surrounded by other IPs connected through glue logic and shared/private buses. This has a substantial impact on the platform's security. Hence, we must develop a methodology to assess the platform-level security by considering both the IP-level security and the impact of the additional parameters introduced during the transition from IP to the platform. Another important factor to consider is that the threats are not always orthogonal. Improving security against one threat may affect the security against other threats. Hence, to build a secure platform, we must first fully understand the impact of IP communications on security while considering the following questions: What type of additional parameters are introduced during the platform integration? How to define and characterize the impact of these parameters on security? How do the mitigation techniques of one threat impact others? This paper aims to answer these important questions and proposes techniques for quantifiable assurance by quantitatively estimating and measuring the security of a platform at pre-silicon stages. We also touch upon the term security optimization and present the challenges towards future research directions.
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- Security EstimationSecurity MeasurementSecurity OptimizationSecurity Metric
- Contact author(s)
- ahmed b @ ufl edu
- History
- 2022-04-07: last of 2 revisions
- 2021-12-17: received
- See all versions
- Short URL
- https://ia.cr/2021/1654
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/1654, author = {Bulbul Ahmed and Md Kawser Bepary and Nitin Pundir and Mike Borza and Oleg Raikhman and Amit Garg and Dale Donchin and Adam Cron and Mohamed A Abdel-moneum and Farimah Farahmandi and Fahim Rahman and Mark Tehranipoor}, title = {Quantifiable Assurance: From {IPs} to Platforms}, howpublished = {Cryptology {ePrint} Archive, Paper 2021/1654}, year = {2021}, url = {https://eprint.iacr.org/2021/1654} }