Skip to main content
SpringerLink
Log in

SoC Security Verification Using Property Checking

  • Chapter
  • First Online:
System-on-Chip Security

Abstract

In this chapter, we focus on developing security properties for automatically identifying System-on-Chip (SoC) vulnerabilities as well as measuring the security of the SoC. We show how to develop a comprehensive set of security properties covering a broad set of vulnerabilities, metrics, design functionality, and security requirements to create an automatic platform for security assessments among different designs, implementations, and abstraction levels.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 119.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. A. Ahmed, P. Mishra, QUEBS: Qualifying event based search in Concolic testing for validation of RTL models, in IEEE International Conference on Computer Design (ICCD) (IEEE, Piscataway, 2017), pp. 185–192

    Google Scholar 

  2. A. Ahmed, F. Farahmandi, P. Mishra, Directed test generation using Concolic testing of RTL models, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2018), pp. 1538–1543

    Google Scholar 

  3. A. Ahmed, F. Farahmandi, Y. Iskander, P. Mishra, Scalable hardware Trojan activation by interleaving concrete simulation and symbolic execution, in IEEE International Test Conference (ITC), Phoenix (IEEE, Piscataway, 2018), pp. 1–10

    Google Scholar 

  4. A. Ardeshiricham, W. Hu, J. Marxen, R. Kastner, Register transfer level information flow tracking for provably secure hardware design, in Design, Automation and Test in Europe Conference and Exhibition (DATE) (IEEE, Piscataway, 2017), pp. 1695–1700

    Google Scholar 

  5. A. Biere, A. Cimatti, E.M. Clarke, O. Strichman, Y. Zhu, Bounded model checking. Adv. Comput. 58, 117–148 (2003)

    Article  Google Scholar 

  6. M. Chen, P. Mishra, Functional test generation using efficient property clustering and learning techniques. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. (TCAD) 29(3), 396–404 (2010)

    Article  Google Scholar 

  7. M. Chen, P. Mishra, Property learning techniques for efficient generation of directed tests. IEEE Trans. Comput. (TC) 60(6), 852–864 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  8. M. Chen, P. Mishra, Decision ordering based property decomposition for functional test generation, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2011), pp. 167–172

    Google Scholar 

  9. M. Chen, P. Mishra, Assertion-based functional consistency checking between TLM and RTL models, in International Conference on VLSI Design (IEEE, Piscataway, 2013), pp. 320–325

    Google Scholar 

  10. M. Chen, X. Qin, P. Mishra, Efficient decision ordering techniques for SAT-based test generation, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2010), pp. 490–495

    Google Scholar 

  11. M. Chen, P. Mishra, D. Kalita, Automatic RTL test generation from SystemC TLM specifications. ACM Trans. Embed. Comput. Syst. (TECS) 11(2), article 38 (2012)

    Article  Google Scholar 

  12. M. Chen, X. Qin, P. Mishra, Learning-oriented property decomposition for automated generation of directed tests. Springer J. Electron. Test. (JETTA) 30(3), 287–306 (2014)

    Article  Google Scholar 

  13. A. Cimatti, E. Clarke, F. Giunchiglia, M. Roveri, Nusmv: a new symbolic model checker. Int. J. Softw. Tools Technol. Transfer 2(4), 410–425 (2000)

    Article  MATH  Google Scholar 

  14. E.M. Clarke, E.A. Emerson, A.P. Sistla, Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Trans. Program. Lang. Syst. (TOPLAS) 8(2), 244–263 (1986)

    Article  MATH  Google Scholar 

  15. G.K. Contreras, A. Nahiyan, S. Bhunia, D. Forte, M. Tehranipoor, Security vulnerability analysis of design-for-test exploits for asset protection in SoCs, in Asia and South Pacific Design Automation Conference (ASP-DAC) (IEEE, Piscataway, 2017), pp. 617–622

    Google Scholar 

  16. J. Cruz, F. Farahmandi, A. Ahmed, P. Mishra, Hardware Trojan detection using ATPG and model checking, in International Conference on VLSI Design (VLSI Design) (IEEE, Piscataway, 2018), pp. 91–96

    Google Scholar 

  17. N. Dang, A. Roychoudhury, T. Mitra, P. Mishra, Generating test programs to cover pipeline interactions, in ACM/IEEE Design Automation Conference (DAC) (2009), pp. 142–147

    Google Scholar 

  18. C. Dunbar, G. Qu, Designing Trusted Embedded Systems from Finite State Machines. ACM Trans. Embed. Comput. Syst. (TECS) 13(5s), 153:1–153:20 (2014)

    Article  Google Scholar 

  19. F. Farahmandi, P. Mishra, Automated test generation for debugging arithmetic circuits, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2016), pp. 1351–1356

    Google Scholar 

  20. F. Farahmandi, P. Mishra, Automated debugging of arithmetic circuits using incremental gröbner basis reduction, in 2017 IEEE 35th International Conference on Computer Design (ICCD) (IEEE, Piscataway, 2017), pp. 193–200

    Book  Google Scholar 

  21. F. Farahmandi, P. Mishra, Automated test generation for debugging multiple bugs in arithmetic circuits. IEEE Trans. Comput. (TC) 68(2), 182–197 (2019)

    Article  MathSciNet  MATH  Google Scholar 

  22. F. Farahmandi, R. Morad, A. Ziv, Z. Nevo. P. Mishra, Cost-effective analysis of post-silicon functional coverage events, in Design, Automation and Test in Europe Conference and Exhibition (DATE) (IEEE, Piscataway, 2017), pp. 392–397

    Google Scholar 

  23. M. Gruninger, C. Menzel, The process specification language (PSL) theory and applications. AI Mag. 24(3), 63–74 (2003)

    Google Scholar 

  24. S.R. Hasan, C.A. Kamhoua, K.A. Kwiat, L. Njilla, Translating circuit behavior manifestations of hardware trojans using model checkers into run-time trojan detection monitors, in IEEE Asian Hardware-Oriented Security and Trust (AsianHOST) (IEEE, Piscataway, 2016), pp. 1–6

    Google Scholar 

  25. W. Hu, B. Mao, J. Oberg, R. Kastner, Detecting hardware trojans with gate-level information-flow tracking. Computer 49(8) 44–52 (2016)

    Article  Google Scholar 

  26. W. Hu, A. Ardeshiricham, M.S. Gobulukoglu, X. Wang, R. Kastner, Property specific information flow analysis for hardware security verification, in 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), San Diego, CA (IEEE, Piscataway, 2018), pp. 1–8

    Google Scholar 

  27. H.-M. Koo, P. Mishra, Functional test generation using property decompositions for validation of pipelined processors, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2006), pp. 1240–1245

    Google Scholar 

  28. H.-M. Koo, P. Mishra, Functional test generation using design and property decomposition techniques. ACM Trans. Embed. Comput. Syst. (TECS) 8(4), article 32 (2009)

    Article  Google Scholar 

  29. C. Li, J. Gaudiot, Online detection of Spectre attacks using microarchitectural traces from performance counters, in 2018 30th International Symposium on Computer Architecture and High Performance Computing (SBAC-PAD), Lyon, France (2018), pp. 25–28

    Google Scholar 

  30. X. Li, V. Kashyap, J.K. Oberg, M. Tiwari, V.R. Rajarathinam, R. Kastner, T. Sherwood, B. Hardekopf, Ben, F.T. Chong, Sapper: a language for hardware-level security policy enforcement. ACM SIGPLAN Not. 49(4), 97–112 (2014)

    Google Scholar 

  31. M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, A. Fogh, J. Horn, S. Mangard, P. Kocher, D. Genkin, Y. Yarom, M. Hamburg, Meltdown: reading kernel memory from user space, in 27th Security Symposium (USENIX Security) (IEEE, Piscataway, 2018), pp. 973–990

    Google Scholar 

  32. Y. Lyu, X. Qin, M. Chen, P. Mishra, Directed test generation for validation of cache coherence protocols, in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), February 2018 (IEEE, Piscataway, 2018)

    Google Scholar 

  33. Y. Lyu, A. Ahmed, P. Mishra, Automated activation of multiple targets in RTL models using Concolic testing, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2019)

    Google Scholar 

  34. P. Mishra, M. Chen, Efficient techniques for directed test generation using incremental satisfiability, in International Conference on VLSI Design (2009), pp. 65–70

    Google Scholar 

  35. P. Mishra, N. Dutt, Graph-based functional test program generation for pipelined processors, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2004), pp. 182–187

    Google Scholar 

  36. P. Mishra, N. Dutt, Functional coverage driven test generation for validation of pipelined processors, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2005), pp. 678–683

    Google Scholar 

  37. P. Mishra, N. Dutt, Specification-driven directed test generation for validation of pipelined processors. ACM Trans. Des. Autom. Electron. Syst. (TODAES) 13(2), 36, article 42 (2008)

    Article  Google Scholar 

  38. A. Nahiyan, K. Xiao, K. Yang, Y. Jin, D. Forte, M. Tehranipoor, AVFSM: a framework for identifying and mitigating vulnerabilities in FSMS, in 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC) (IEEE, Piscataway, 2016), pp. 1–6

    Google Scholar 

  39. A. Nahiyan, F. Farahmandi, D. Forte, P. Mishra, M. Tehranipoor, Security-aware FSM design flow for identifying and mitigating vulnerabilities to fault attacks, in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD) (IEEE, Piscataway, 2018)

    Google Scholar 

  40. A. Pnueli, The temporal logic of programs, in 18th Annual Symposium on Foundations of Computer Science (SFCS 1977) (IEEE, Piscataway, 1977), pp. 46–57

    Book  Google Scholar 

  41. S. Proch, P. Mishra, Test generation for hybrid systems using clustering and learning techniques, in International Conference on VLSI Design (2016), pp. 589–590

    Google Scholar 

  42. X. Qin, P. Mishra, Directed test generation for validation of multicore architectures. ACM Trans. Des. Autom. Electron. Syst. (TODAES) 17(3), article 24, 21 (2012)

    Article  Google Scholar 

  43. X. Qin, P. Mishra, Automated generation of directed tests for transition coverage in cache coherence protocols, in Design Automation and Test in Europe (DATE) (IEEE, Piscataway, 2012)

    Google Scholar 

  44. X. Qin, P. Mishra, Scalable test generation by interleaving concrete and symbolic execution, in International Conference on VLSI Design (IEEE, Piscataway, 2014), pp. 104–109

    Google Scholar 

  45. X. Qin, M. Chen, P. Mishra, Synchronized generation of directed tests using satisfiability solving, in International Conference on VLSI Design (2010), pp. 351–356

    Google Scholar 

  46. Y. Qiu, H. Li, T. Wang, B. Liu, Y. Gao, X. Li, Property coverage analysis based trustworthiness verification for potential threats from eda tools, in 2016 IEEE 25th Asian Test Symposium (ATS) (IEEE, Piscataway, 2016), pp. 43–48

    Google Scholar 

  47. J. Rajendran, V. Vedula, R. Karri, Detecting malicious modifications of data in third-party intellectual property cores, in Proceedings of the 52nd Annual Design Automation Conference (ACM, New York, 2015), pp. 1–6

    Google Scholar 

  48. J. Rajendran, A.M. Dhandayuthapany, V. Vedula, R. Karri, Formal security verification of third party intellectual property cores for information leakage, in 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems (VLSID) (IEEE, Piscataway, 2016), pp. 547–552

    Google Scholar 

  49. M. Rathmair, F. Schupfer, Hardware trojan detection by specifying malicious circuit properties, in 2013 IEEE 4th International Conference on Electronics Information and Emergency Communication (ICEIEC) (IEEE, Piscataway, 2013), pp. 317–320

    Google Scholar 

  50. M. Tehranipoor, F. Koushanfar, A Survey of Hardware Trojan Taxonomy and Detection. IEEE Des. Test Comput. 27(1), pp. 10–25 (2010)

    Article  Google Scholar 

  51. M. Tiwari, H.M.G. Wassel, B. Mazloom, S. Mysore, F.T. Chong, T. Sherwood, Complete information flow tracking from the gates up. ACM Sigplan Not. 44(3), 109–120 (2009)

    Article  Google Scholar 

  52. Tutorial on SystemVerilog Assertions. https://www.project-veripage.com/sva_1.php

  53. S. Vasudevan, E.A. Emerson, J.A. Abraham, Efficient model checking of hardware using conditioned slicing, Electron. Notes Theor. Comput. Sci. 128(6), 279–294 (2005)

    Article  MATH  Google Scholar 

  54. S. Vijayaraghavan, M. Ramanathan, A Practical Guide for SystemVerilog Assertions (Springer Science and Business Media, Berlin, 2005)

    Google Scholar 

  55. D. Zhang, Y. Wang, G.E. Suh, A.C. Myers, A hardware design language for timing-sensitive information-flow security. ACM SIGARCH Comput. Arch. News 43(1), 501–516 (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Florida, Gainesville, FL, USA

    Farimah Farahmandi & Prabhat Mishra

  2. Google, Mountain View, CA, USA

    Yuanwen Huang

Authors
  1. Farimah Farahmandi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuanwen Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Prabhat Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Farahmandi, F., Huang, Y., Mishra, P. (2020). SoC Security Verification Using Property Checking. In: System-on-Chip Security. Springer, Cham. https://doi.org/10.1007/978-3-030-30596-3_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30596-3_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30595-6

  • Online ISBN: 978-3-030-30596-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation