Skip to main content
SpringerLink
Log in

Security Validation in Modern SoC Designs

  • Chapter
  • First Online:
Fundamentals of IP and SoC Security

Abstract

Modern SoC designs include a large number of sensitive data and collateral that must be protected against unauthorized or malicious access. Unauthorized access can happen in the design/integration supply chain as well as on-field through exploitation of system and platform errors, physical access, malicious software execution, etc. Validation entails ensuring that the system is robust against all of these attacks, and even unanticipated ones. It is one of the most critical and time-consuming activities in the SoC design methodology. In this chapter, we provide a general overview of validation activities and challenges, discuss limitations in our current validation practices, and identify requirements and opportunities for research in this space.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 139.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ramamoorthy, G.: Market share analysis: semiconductor design intellectual property, worldwide (2012). https://www.gartner.com/doc/2403015/market-share-analysis-semiconductor-design

  2. Skorobogatov, S., Woods, C.: Breakthrough silicon scanning discovers backdoor in military chip. In: CHES, pp. 23–40 (2012)

    Google Scholar 

  3. Messmer, E.: RSA security attack demo deep-fries Apple Mac components (2014). http://www.networkworld.com/news/2014/022614-rsa-apple-attack-279212.html

  4. Nahiyan, A., Xiao, K., Forte, D., Jin, Y., Tehranipoor, M.: AVFSM: a framework for identifying and mitigating vulnerabilities in FSMs. In: Design Automation Conference (DAC) (2016)

    Google Scholar 

  5. Tehranipoor, M., Guin, U., Forte, D.: Counterfeit Integrated Circuits: Detection and Avoidance. Springer (2014)

    Google Scholar 

  6. Greenwald, S.J.: Discussion topic: what is the old security paradigm. In: Workshop on New Security Paradigms, pp. 107–118 (1998)

    Google Scholar 

  7. Davi, L., Sadeghi, A.R., Winandy, M.: Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks. In: Proceedings of the 2009 ACM workshop on Scalable trusted computing, STC’09 (2009)

    Google Scholar 

  8. Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.R., Holz, T.: Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications. In: Proceedings of the 36th IEEE Symposium on Security and Privacy (2015)

    Google Scholar 

  9. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: 16th Annual International Cryptology Conference, pp. 104–113 (1996)

    Google Scholar 

  10. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: 19th Annual International Cryptology Conference, pp. 398–412 (1999)

    Google Scholar 

  11. Ray, S., Yang, J., Basak, A., Bhunia, S.: Correctness and security at odds: post-silicon validation of modern SoC designs. In: Proceedings of the 52nd Annual Design Automation Conference (2015)

    Google Scholar 

  12. Homebrew Development Wiki: JTAG-Hack. http://dev360.wikia.com/wiki/JTAG-Hack

  13. Hernandez, G., Arias, O., Buentello, D., Jin, Y.: Smart nest thermostat: a smart spy in your home. In: Black Hat USA (2014)

    Google Scholar 

  14. Rowlette, R., Eiles, T.: Critical timing analysis in microprocessors using near-IR laser assisted device alteration (LADA). In: IEEE International Test Conference, pp. 264–273 (2003)

    Google Scholar 

  15. http://www.chipworks.com/

  16. Chakraborty, R.S., Wolff, F., Paul, S., Papachristou, C., Bhunia, S.: MERO: A statistical approach for hardware trojan detection. In: Workshop on Cryptographic Hardware and Embedded Systems (2009)

    Google Scholar 

  17. Mishra, P., Bhunia, S., Tehranipoor, M.: Hardware IP Security and Trust. Springer (2016)

    Google Scholar 

  18. Guo, X., Dutta, R.G., Jin, Y., Farahmandi, F., Mishra, P.: Pre-silicon security verification and validation: a formal perspective. In: ACM/IEEE Design Automation Conference (DAC) (2015)

    Google Scholar 

  19. Hicks, M., Finnicum, M., King, S., Martin, M., Smith, J.: Overcoming an untrusted computing base: detecting and removing malicious hardware automatically. In: IEEE Symposium on Security and Privacy (SP), pp. 159–172 (2010)

    Google Scholar 

  20. Oya, M., Shi, Y., Yanagisawa, M., Togawa, N.: A score-based classification method for identifying hardware-trojans at gate-level netlists. In: Design Automation and Test in Europe (DATE), pp. 465–470 (2015)

    Google Scholar 

  21. Waksman, A., Suozzo, M., Sethumadhavan, S.: Fanci: identification of stealthy malicious logic using boolean functional analysis. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 697–708 (2013)

    Google Scholar 

  22. Trust-HUB. https://www.trust-hub.org/

  23. Sturton, C., Hicks, M., Wagner, D., King, S.: Defeating UCI: building stealthy and malicious hardware. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 64–77 (2011)

    Google Scholar 

  24. Saha, S., Chakraborty, R., Nuthakki, S., Anshul, Mukhopadhyay, D.: Improved test pattern generation for hardware trojan detection using genetic algorithm and boolean satisfiability. In: Cryptographic Hardware and Embedded Systems (CHES), pp. 577–596 (2015)

    Google Scholar 

  25. Aarestad, J., Acharyya, D., Rad, R., Plusquellic, J.: Detecting trojans through leakage current analysis using multiple supply pad \({I}_{\rm ddq}\)s. In: IEEE Transactions on Information Forensics and Security, pp. 893–904 (2010)

    Google Scholar 

  26. Narasimhan, S., Wang, X., Du, D., Chakraborty, R., Bhunia, S.: Tesr: a robust temporal self-referencing approach for hardware trojan detection. In: Hardware-Oriented Security and Trust (HOST), pp. 71–74 (2011)

    Google Scholar 

  27. Farahmandi, F., Mishra, P.: Automated test generation for debugging arithmetic circuits. In: Design Automation and Test in Europe (DATE) (2016)

    Google Scholar 

  28. Lv, J., Kalla, P., Enescu, F.: Efficient groebner basis reductions for formal verification of galois field arithmetic circuits. IEEE Trans. CAD (TCAD) 32, 1409–1420 (2013)

    Article  Google Scholar 

  29. Cadence Berkeley Lab: The cadence SMV model checker. http://www.kenmcmil.com

  30. Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic model checking without BDDs. In: Tools and Algorithms for the Construction and Analysis of Systems, p. 193207 (1999)

    Google Scholar 

  31. Jin, Y.: Design-for-security vs. design-for-testability: A case study on dft chain in cryptographic circuits. In: IEEE Computer Society Annual Symposium on VLSI (ISVLSI) (2014)

    Google Scholar 

  32. Jin, Y., Yang, B., Makris, Y.: Cycle-accurate information assurance by proof-carrying based signal sensitivity tracing. In: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 99–106 (2013)

    Google Scholar 

  33. Love, E., Jin, Y., Makris, Y.: Proof-carrying hardware intellectual property: a pathway to trusted module acquisition. IEEE Trans. Inf. Forensics Secur. 7(1), 25–40 (2012)

    Article  Google Scholar 

  34. INRIA: The coq proof assistant (2010). http://coq.inria.fr/

  35. Necula, G.C.: Proof-carrying code. In: POPL ’97: Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 106–119 (1997)

    Google Scholar 

  36. Guo, X., Dutta, R., Mishra, P., Jin, Y.: Scalable SoC trust verification using integrated theorem proving and model checking. In: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) (2016)

    Google Scholar 

  37. Bhadra, J., Abadir, M.S., Wang, L., Ray, S.: A survey of hybrid technqiues for functional verification. IEEE Des. Test Comput. 24(2), 112–122 (2007)

    Article  Google Scholar 

  38. Gupta, A.: Formal hardware verification methods: a survey. Formal Methods Syst. Des. 2(3), 151–238 (1992)

    Article  MathSciNet  Google Scholar 

  39. Takanen, A., DeMott, J.D., Mille, C.: Fuzzing for Software Security Testing and Quality Assurance. Artech House (2008)

    Google Scholar 

  40. Corporation, M.: Microsoft free security tools microsoft baseline security analyzer (2015). https://blogs.microsoft.com/cybertrust/2012/10/22/microsoft-free-security-tools-microsoft-baseline-security-analyzer/

  41. Software, F.: (2012). http://secunia.com

  42. Clarke, E.M., Grumberg, O., Peled, D.A.: Model-Checking. The MIT Press, Cambridge, MA (2000)

    Google Scholar 

  43. Krstic, S., Yang, J., Palmer, D.W., Osborne, R.B., Talmor, E.: Security of SoC firmware load protocol. In: IEEE HOST (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Strategic CAD Labs, Intel Corporation, Hillsboro, OR, 97124, USA

    Sandip Ray

  2. Department of ECE, University of Florida, Gainesville, FL, 32611, USA

    Swarup Bhunia & Prabhat Mishra

Authors
  1. Sandip Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Swarup Bhunia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Prabhat Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sandip Ray .

Editor information

Editors and Affiliations

  1. University of Florida , Gainesville, Florida, USA

    Swarup Bhunia

  2. NXP Semiconductors (United States) , Austin, Texas, USA

    Sandip Ray

  3. Advanced Computing and Microelectronics, Indian Statistical Institute, Kolkata, India

    Susmita Sur-Kolay

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Ray, S., Bhunia, S., Mishra, P. (2017). Security Validation in Modern SoC Designs. In: Bhunia, S., Ray, S., Sur-Kolay, S. (eds) Fundamentals of IP and SoC Security. Springer, Cham. https://doi.org/10.1007/978-3-319-50057-7_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-50057-7_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-50055-3

  • Online ISBN: 978-3-319-50057-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation