Quantifiable Assurance: From IPs to Platforms

04/17/2022
by   Bulbul Ahmed, et al.
0

Hardware vulnerabilities are generally considered more difficult to fix than software ones because they are persistent after fabrication. Thus, it is crucial to assess the security and fix the vulnerabilities at earlier design phases, such as Register Transfer Level (RTL) and gate level. The focus of the existing security assessment techniques is mainly twofold. First, they check the security of Intellectual Property (IP) blocks separately. Second, they aim to assess the security against individual threats considering the threats are orthogonal. We argue that IP-level security assessment is not sufficient. Eventually, the IPs are placed in a platform, such as a system-on-chip (SoC), where each IP is surrounded by other IPs connected through glue logic and shared/private buses. Hence, we must develop a methodology to assess the platform-level security by considering both the IP-level security and the impact of the additional parameters introduced during platform integration. Another important factor to consider is that the threats are not always orthogonal. Improving security against one threat may affect the security against other threats. Hence, to build a secure platform, we must first answer the following questions: What additional parameters are introduced during the platform integration? How do we define and characterize the impact of these parameters on security? How do the mitigation techniques of one threat impact others? This paper aims to answer these important questions and proposes techniques for quantifiable assurance by quantitatively estimating and measuring the security of a platform at the pre-silicon stages. We also touch upon the term security optimization and present the challenges for future research directions.

READ FULL TEXT
research
07/20/2019

Defense-in-Depth: A Recipe for Logic Locking to Prevail

Logic locking has emerged as a promising solution for protecting the sem...
research
05/08/2020

Convergence of IT and SCADA: Associated Security Threats and Vulnerabilities

As many industries shift towards centralised controlled information syst...
research
10/11/2020

ASSURE: RTL Locking Against an Untrusted Foundry

Semiconductor design companies are integrating proprietary intellectual ...
research
06/06/2019

3D Integration: Another Dimension Toward Hardware Security

We review threats and selected schemes concerning hardware security at d...
research
11/22/2021

Threat Modeling and Security Analysis of Containers: A Survey

Traditionally, applications that are used in large and small enterprises...
research
10/25/2020

Security Assessment of Interposer-based Chiplet Integration

With transistor scaling reaching its limits, interposer-based integratio...
research
01/30/2022

Making Secure Software Insecure without Changing Its Code: The Possibilities and Impacts of Attacks on the DevOps Pipeline

Companies are misled into thinking they solve their security issues by u...

Please sign up or login with your details

Forgot password? Click here to reset