1 / 1

Security Checkers

Security Checkers Using the Property Specification Language (PSL) to Create Synthesizable, Security-Focused, Dynamic Verification Units. Michael Bilzor Ted Huffmire Cynthia Irvine Tim Levin. U.S. Naval Postgraduate School. Architectural Specification: Security Reqmts.

yaron
Download Presentation

Security Checkers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Checkers Using the Property Specification Language (PSL) to Create Synthesizable, Security-Focused, Dynamic Verification Units • Michael Bilzor • Ted Huffmire • Cynthia Irvine • Tim Levin U.S. Naval Postgraduate School ArchitecturalSpecification:Security Reqmts. assert always { ~ `A_SM; `A_SM } |-> (except_start || rst) ; assert always { ~ spr_we; spr_we } |-> `A_SM ; assert always ({ { ( ex_pc >= `A_IVT ) } | { rst !== 0 } | { `A_SM !== 0 } || { ( except_start ; ex_pc < `A_IVT ) ; `A_RFE } }); assert always { ~ we_o } |-> ( { true ; true ; stable( `A_UART_OUT ) } ); assert always except_start -> ( (except_type > 0) && (except_type < 16) ) ; assert always {(dtlb_done && ((~dcpu_we_i && ~supv && ~dtlb_ure) || (~dcpu_we_i && supv && ~dtlb_sre))) } |-> fault ; assert always {(dtlb_done && ((dcpu_we_i && ~supv && ~dtlb_uwe) || (dcpu_we_i && supv && ~dtlb_swe))) } |-> fault ; assert always ( {(mtxd_pad_o !== 4'h0)} |-> ( (WillTransmit) || (`A_SM === 1'b1) || (prev(eth_top.txethmac1.TxData[0]) != 1'bX)) ); assert always ( { stable(dvr_0[0]) } |-> ( (rst) || (`A_SM) ); assert always ({ ( if_insn === 32'hXXXXXXXX ) || ( ~ ( ( (if_insn[31:26] > 10) && (if_insn[31:26] < 17) ) || ( (if_insn[31:26] < 28) && (if_insn[31:26] > 21) ) ) }); PSL Parser and Rewrite Rules ProcessorImplementation:HDL Design PSL Assertions (Temporal Logic) Parse Tree module SERE3 (clk, reset, c, b, a, holds); ... // Original assertion = assert always ({a} |=> ({{b}[*3]; c})) @ (rose(clk)); // Rewritten assertion = assert {[+]} |-> ({{a} ; true} |-> ({{b} ; {b} ; {b} ; c})) @ (rose (clk)) ; always @(posedge clk, posedge reset) begin if (reset) begin SERE3_q0 <= 0; SERE3_q3 <= 0; ... end else if (clk) begin ... Automata Construction and Combination "Checker"Automata Automata to HDL Conversion ExperimentPlatforms Synthesizable HDL Checkers ProcessorImplementationWith Checkers Built In • Plasma (MIPS-1) • OpenRISC • PROBLEM: How to express security requirements in a hardware design. • GOAL: Provide a method for expressing and enforcing security requirements in a processor at runtime. • IDEA: Complement existing functional verification methods by using assertions in the Property Specification Language (PSL) to map architectural security requirements to a processor's implementation. Then convert the PSL assertions into synthesizable HDL security checkers, so the checkers can remain part of the design through FPGA evaluation and silicon fabrication, if desired. • ANTICIPATED BENEFITS: A methodology that makes it easier to transcribe architectural security requirements into dynamic verification units. The ability to detect some hardware malicious inclusions at runtime. • FUTURE RESEARCH: Evaluate on more processor platforms. Experiment against adversary malicious-inclusion designers. Fabricate demonstrations in silicon. FPGAEmulation Simulation Monitor Layer Target Layer Fabricated3D-IC Fabrication

More Related