Cryptology ePrint Archive: Report 2021/693

Hardware Penetration Testing Knocks Your SoCs Off

Mark Fischer and Fabian Langer and Johannes Mono and Clemens Nasenberg and Nils Albartus

Abstract: Today’s society depends on interconnected electronic devices, which handle various sensitive information. Due to the knowledge needed to develop these devices and the economic advantage of reusable solutions, most of these systems contain Third-Party Intellectual Property (3PIP) cores that might not be trustworthy. If one of these 3PIP cores is vulnerable, the security of the entire device is potentially affected. As a result, sensitive data that is processed by the device can be leaked to an attacker. Competitions like Hack@DAC serve as a playground to develop and examine novel approaches and computer-aided tools that identify security vulnerabilities in System-on-Chip (SoC) Register-Transfer-Level (RTL) designs. In this paper, we present a successful divide and conquer approach to test SoC security which is illustrated by exemplary RTL vulnerabilities in the competition’s SoC design. Additionally, we craft real-world software attacks that exploit these vulnerabilities.

Category / Keywords: applications / Hack@DAC 2019, Hardware Penetration Testing, RTL Bugs, SoC Design, Hardware Security, RISC-V CPU

Original Publication (in the same form): IEEE Design & Test ( Volume: 38, Issue: 1, Feb. 2021)

Date: received 26 May 2021

Contact author: clemens nasenberg at rub de

Available format(s): PDF | BibTeX Citation

Version: 20210528:091309 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]