Issue |
JNWPU
Volume 42, Number 3, June 2024
|
|
---|---|---|
Page(s) | 506 - 513 | |
DOI | https://doi.org/10.1051/jnwpu/20244230506 | |
Published online | 01 October 2024 |
Register transfer level hardware design information flow modeling and security verification method
寄存器传输级硬件设计信息流建模与安全验证
1
School of Computer Science and Engineering, Xi'an Technological University, Xi'an 710021, China
2
School of Cybersecurity, Northwestern Polytechnical University, Xi'an 710072, China
Received:
27
May
2023
Information flow analysis can effectively model the security behavior and security properties of hardware design. However, the existing gate level information flow analysis methods cannot deal with large-scale designs due to computing power and verification effectiveness, and the register transfer level (RTL) information flow analysis methods require formal languages to rewrite hardware designs. This paper proposes a RTL hardware design information flow modeling and security verification method. Based on the RTL functional model, this method develops an information flow tracking logical model to model security behavior and security properties of RTL hardware designs from the perspective of information flow. This method can be integrated into EDA flows and uses EDA testing and verification tools to capture security property violations and detect security vulnerabilities based on non-interference security policy. The results on experiments with Trust-Hub hardware Trojan benchmarks show that the proposed method can effectively detect hardware Trojans.
摘要
近年来, 已有大量研究证明信息流分析能够有效地对设计安全属性与安全行为进行建模。然而, 现有的门级抽象层次的信息流分析方法往往受制于算力和验证效力等因素难以应对大规模设计, 而RTL抽象层次的信息流分析方法需借助类型系统等形式化语言对硬件设计进行重新描述。因此, 提出了一种寄存器传输级硬件设计信息流建模与安全验证方法。该方法在寄存器传输级功能模型的基础上构建附加安全属性的信息流跟踪逻辑模型, 从信息流角度建模设计安全行为和安全属性, 并利用EDA测试验证工具, 以无干扰为策略捕捉违反安全策略的有害信息流, 检测硬件设计安全漏洞。以Trust-Hub硬件木马测试集为测试对象的实验结果表明: 所提方法能够有效检测设计内潜藏的硬件木马。
Key words: hardware design / information flow security model / information flow security verification / security vulnerability detection
关键字 : 硬件安全 / 信息流安全模型 / 信息流安全验证 / 安全漏洞检测
© 2024 Journal of Northwestern Polytechnical University. All rights reserved.
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.