Skip to main content
SpringerLink
Log in

Integrating Information Flow Tracking into High-Level Synthesis Design Flow

  • Chapter
  • First Online:
Behavioral Synthesis for Hardware Security

Abstract

Information flow analysis plays an important role in hardware security verification as it enables reasoning about properties related to confidentiality, integrity, and availability. This book chapter describes techniques for integrating information flow tracking into the high-level synthesis (HLS) design flow. Specifically, we develop precise information flow tracking methods that target the HLS backend and verify the security of HLS design outputs. We discuss the benefits of performing information flow tracking at the register transfer level, present fine-granularity information flow model formalizations in a common hardware description language, and illustrate how hardware security properties are formally verified using standard EDA verification tools. We present experimental results to show the effectiveness of our secure hardware design flow in proving security properties related to confidentiality, integrity, isolation, constant time, and malicious design modification. This provides a promising approach for enhancing the traditional functional HLS design flow to consider security as an additional design constraint.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 139.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kastner, R., Matai, J., Neuendorffer, S.: Parallel programming for FPGAs (2018). Preprint, arXiv:1805.03648

    Google Scholar 

  2. Bulck, J.V., Minkin, M., Weisse, O., Genkin, D., Kasikci, B., Piessens, F., Silberstein, M., Wenisch, T.F., Yarom, Y., Strackx, R.: Foreshadow: extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In: 2018 27th USENIX Security Symposium (USENIX Security 18), pp. 991–1008. USENIX Association, Baltimore, MD (2018). https://www.usenix.org/conference/usenixsecurity18/presentation/bulck

  3. Weisse, O., Bulck, J.V., Minkin, M., Genkin, D., Kasikci, B., Piessens, F., Silberstein, M., Strackx, R., Wenisch, T.F., Yarom, Y.: Foreshadow-NG: breaking the virtual memory abstraction with transient out-of-order execution (2018). https://foreshadowattack.eu/foreshadow-NG.pdf

  4. Skorobogatov, S., Woods, C.: Breakthrough Silicon Scanning Discovers Backdoor in Military Chip, pp. 23–40. Springer, Heidelberg (2012)

    Google Scholar 

  5. Andreou, A., Bogdanov, A., Tischhauser, E.: Cache timing attacks on recent microarchitectures. In: 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 155–155 (2017)

    Google Scholar 

  6. Hu, W., Althoff, A., Ardeshiricham, A., Kastner, R.: Towards property driven hardware security. In: 2016 17th International Workshop on Microprocessor and SOC Test and Verification (MTV), pp. 51–56. IEEE, Piscataway (2016)

    Google Scholar 

  7. Hu, W., Ardeshiricham, A., Gobulukoglu, M.S., Wang, X., Kastner, R.: Property specific information flow analysis for hardware security verification. In: 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 1–8 (2018)

    Google Scholar 

  8. Ma, H., He, J., Liu, Y., Zhao, Y., Jin, Y.: CAD4EM-P: security-driven placement tools for electromagnetic side channel protection. In: 2019 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), pp. 1–6 (2019)

    Google Scholar 

  9. Tiwari, M., Wassel, H.M., Mazloom, B., Mysore, S., Chong, F.T., Sherwood, T.: Complete information flow tracking from the gates up. In: the 14th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 109–120 (2009)

    Google Scholar 

  10. Bidmeshki, M., Makris, Y.: Toward automatic proof generation for information flow policies in third-party hardware IP. In: 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 163–168 (2015)

    Google Scholar 

  11. Zhang, D., Wang, Y., Suh, G.E., Myers, A.C.: A hardware design language for timing-sensitive information-flow security. In: Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 503–516. ACM, New York, NY (2015)

    Google Scholar 

  12. Ardeshiricham, A., Hu, W., Marxen, J., Kastner, R.: Register transfer level information flow tracking for provably secure hardware design. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1691–1696 (2017)

    Google Scholar 

  13. Sefton, S., Siddiqui, T., Amour, N.S., Stewart, G., Kodi, A.K.: GARUDA: designing energy-efficient hardware monitors from high-level policies for secure information flow. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 37(11), 2509–2518 (2018)

    Article  Google Scholar 

  14. Jiang, Z., Dai, S., Suh, G.E., Zhang, Z.: High-level synthesis with timing-sensitive information flow enforcement. In: Proceedings of the International Conference on Computer-Aided Design (ICCAD), pp. 88:1–88:8. ACM, New York, NY (2018)

    Google Scholar 

  15. Pilato, C., Wu, K., Garg, S., Karri, R., Regazzoni, F.: TaintHLS: high-level synthesis for dynamic information flow tracking. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 38(5), 798–808 (2019)

    Article  Google Scholar 

  16. Ravi, P., Najm, Z., Bhasin, S., Khairallah, M., Gupta, S.S., Chattopadhyay, A.: Security is an architectural design constraint. Microprocess. Microsyst. 68, 17–27 (2019)

    Article  Google Scholar 

  17. Knechtel, J., Kavun, E.B., Regazzoni, F., Heuser, A., Chattopadhyay, A., Mukhopadhyay, D., Dey, S., Fei, Y., Belenky, Y., Levi, I., Güneysu, T., Schaumont, P., Polian, I.: Towards Secure Composition of Integrated Circuits and Electronic Systems: On the Role of EDA. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 508–513 (2020).

    Google Scholar 

  18. Pilato, C., Garg, S., Wu, K., Karri, R., Regazzoni, F.: Securing hardware accelerators: a new challenge for high-level synthesis. IEEE Embed. Syst. Lett. 10(3), 77–80 (2018)

    Article  Google Scholar 

  19. Deng, S., Gümüşoğlu, D., Xiong, W., Sari, S., Gener, Y.S., Lu, C., Demir, O., Szefer, J.: SecChisel framework for security verification of secure processor architectures. In: Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy (HASP), pp. 7:1–7:8. ACM, New York, NY (2019)

    Google Scholar 

  20. Ardeshiricham, A., Hu, W., Kastner, R.: Clepsydra: modeling timing flows in hardware designs. In: 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 147–154 (2017)

    Google Scholar 

  21. Jin, Y., Guo, X., Dutta, R.G., Bidmeshki, M., Makris, Y.: Data secrecy protection through information flow tracking in proof-carrying hardware IP–Part I: framework fundamentals. IEEE Trans. Inf. Forensics Secur. 12(10), 2416–2429 (2017)

    Article  Google Scholar 

  22. Hu, W., Oberg, J., Irturk, A., Tiwari, M., Sherwood, T., Mu, D., Kastner, R.: Theoretical fundamentals of gate level information flow tracking. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 30(8), 1128–1140 (2011)

    Article  Google Scholar 

  23. Bidmeshki, M., Antonopoulos, A., Makris, Y.: Information flow tracking in analog/mixed-signal designs through proof-carrying hardware IP. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1703–1708 (2017)

    Google Scholar 

  24. Li, X., Tiwari, M., Hardekopf, B., Sherwood, T., Chong, F.T.: Secure information flow analysis for hardware design: using the right abstraction for the job. In: Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), pp. 8:1–8:7. ACM, New York, NY (2010)

    Google Scholar 

  25. Stroud, C.E., Wang, L.T., Chang, Y.W.: Introduction. In: Wang, L.T., Chang, Y.W., Cheng, K.T.T. (eds.) Electronic Design Automation, Chap. 1, pp. 1–38. Morgan Kaufmann, Boston (2009)

    Google Scholar 

  26. Oberg, J., Meiklejohn, S., Sherwood, T., Kastner, R.: Leveraging gate-level properties to identify hardware timing channels. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 33(9), 1288–1301 (2014)

    Article  Google Scholar 

  27. Hu, W., Mao, B., Oberg, J., Kastner, R.: Detecting hardware trojans with gate-level information-flow tracking. Computer 49(8), 44–52 (2016)

    Article  Google Scholar 

  28. Shakya, B., He, T., Salmani, H., Forte, D., Bhunia, S., Tehranipoor, M.: Benchmarking of hardware trojans and maliciously affected circuits. J. Hardware Syst. Secur. 1, 85–102 (2017)

    Article  Google Scholar 

  29. Hu, W., Oberg, J., Irturk, A., Tiwari, M., Sherwood, T., Mu, D., Kastner, R.: On the complexity of generating gate level information flow tracking logic. IEEE Trans. Inf. Forensics Secur. 7(3), 1067–1080 (2012)

    Article  Google Scholar 

  30. Wolf, C., Glaser, J.: Yosys - a free Verilog synthesis suite (2013). http://www.clifford.at/yosys/

  31. Ameli, R.: Present Cipher Encryption IP Core (2011). https://opencores.org/ocsvn/present_encryptor/present_encryptor/trunk

  32. Percival, C.: Cache missing for fun and profit. In: Proc. of BSDCan 2005 (2005)

    Google Scholar 

  33. Bernstein, D.J.: Cache-timing attacks on AES. VLSI Des. IEEE Comput. Soc. 51(2), 218–221 (2005)

    Google Scholar 

  34. Wang, Z., Lee, R.B.: New cache designs for thwarting software cache-based side channel attacks. SIGARCH Comput. Archit. News 35(2), 494–505 (2007)

    Article  Google Scholar 

  35. Hu, W., Zhang, L., Ardeshiricham, A., Blackstone, J., Hou, B., Tai, Y., Kastner, R.: Why you should care about don’t cares: exploiting internal don’t care conditions for hardware trojans. In: IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 707–713 (2017)

    Google Scholar 

  36. Satoh, A.: AES Encryption/Decryption Macro (2007). http://www.aoki.ecei.tohoku.ac.jp/crypto/

  37. IWLS: IWLS Benchmarks Ver. 3.0 (2005). http://iwls.org/iwls2005/benchmarks.html

  38. Berkeley Logic Synthesis and Verification Group: ABC: A System for Sequential Synthesis and Verification (2020). http://www.eecs.berkeley.edu/~alanmi/abc

Download references

Acknowledgements

This work was supported in part by the Natural Science Foundation of Shaanxi Province under Grant 2019JM-244, NSF award 1718586, and the Semiconductor Research Corporation Task 2770.001.

Author information

Authors and Affiliations

  1. Northwestern Polytechnical University, Xi’an, China

    Wei Hu

  2. UC San Diego, La Jolla, CA, USA

    Armaiti Ardeshiricham & Ryan Kastner

  3. Huazhong Agricultural University, Wuhan, China

    Lingjuan Wu

Authors
  1. Wei Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Armaiti Ardeshiricham
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lingjuan Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ryan Kastner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ryan Kastner .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, University of South Florida, Tampa, FL, USA

    Srinivas Katkoori

  2. Department of Computer Science, University of Texas Rio Grande Valley, Edinburg, TX, USA

    Sheikh Ariful Islam

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Hu, W., Ardeshiricham, A., Wu, L., Kastner, R. (2022). Integrating Information Flow Tracking into High-Level Synthesis Design Flow. In: Katkoori, S., Islam, S.A. (eds) Behavioral Synthesis for Hardware Security. Springer, Cham. https://doi.org/10.1007/978-3-030-78841-4_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-78841-4_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-78840-7

  • Online ISBN: 978-3-030-78841-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation