Formal Security Verification of Concurrent Firmware in SoCs using Instruction-Level Abstraction for Hardware*

2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC) Pub Date : 2018-06-24 DOI:10.1145/3195970.3196055

Bo-Yuan Huang, Sayak Ray, Aarti Gupta, Jason M. Fung, S. Malik

{"title":"Formal Security Verification of Concurrent Firmware in SoCs using Instruction-Level Abstraction for Hardware*","authors":"Bo-Yuan Huang, Sayak Ray, Aarti Gupta, Jason M. Fung, S. Malik","doi":"10.1145/3195970.3196055","DOIUrl":null,"url":null,"abstract":"Formal security verification of firmware interacting with hardware in modern Systems-on-Chip (SoCs) is a critical research problem. This faces the following challenges: (1) design complexity and heterogeneity, (2) semantics gaps between software and hardware, (3) concurrency between firmware/hardware and between Intellectual Property Blocks (IPs), and (4) expensive bit-precise reasoning. In this paper, we present a co-verification methodology to address these challenges. We model hardware using the Instruction-Level Abstraction (ILA), capturing firmware-visible behavior at the architecture level. This enables integrating hardware behavior with firmware in each IP into a single thread. The co-verification with multiple firmware across IPs is formulated as a multi-threaded program verification problem, for which we leverage software verification techniques. We also propose an optimization using abstraction to prevent expensive bit-precise reasoning. The evaluation of our methodology on an industry SoC Secure Boot design demonstrates its applicability in SoC security verification.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"32 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3195970.3196055","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 28

Abstract

Formal security verification of firmware interacting with hardware in modern Systems-on-Chip (SoCs) is a critical research problem. This faces the following challenges: (1) design complexity and heterogeneity, (2) semantics gaps between software and hardware, (3) concurrency between firmware/hardware and between Intellectual Property Blocks (IPs), and (4) expensive bit-precise reasoning. In this paper, we present a co-verification methodology to address these challenges. We model hardware using the Instruction-Level Abstraction (ILA), capturing firmware-visible behavior at the architecture level. This enables integrating hardware behavior with firmware in each IP into a single thread. The co-verification with multiple firmware across IPs is formulated as a multi-threaded program verification problem, for which we leverage software verification techniques. We also propose an optimization using abstraction to prevent expensive bit-precise reasoning. The evaluation of our methodology on an industry SoC Secure Boot design demonstrates its applicability in SoC security verification.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于硬件指令级抽象的soc并发固件形式化安全验证*

在现代片上系统(soc)中，固件与硬件交互的正式安全验证是一个关键的研究问题。这面临着以下挑战:(1)设计复杂性和异质性，(2)软件和硬件之间的语义差距，(3)固件/硬件之间以及知识产权块(ip)之间的并发性，以及(4)昂贵的位精确推理。在本文中，我们提出了一种共同验证方法来解决这些挑战。我们使用指令级抽象(Instruction-Level Abstraction, ILA)对硬件进行建模，在体系结构级别捕获固件可见的行为。这允许将每个IP中的硬件行为与固件集成到单个线程中。跨ip的多个固件的协同验证被制定为多线程程序验证问题，为此我们利用软件验证技术。我们还提出了一种使用抽象的优化方法，以防止昂贵的位精确推理。我们的方法在一个工业SoC安全启动设计上的评估表明了它在SoC安全验证中的适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)

自引率

0.00%

发文量