Phase Transition Material (PTM) assisted novel soft switching transistor architecture named "Soft-FET" is proposed for supply voltage droop mitigation. By utilizing the abrupt phase transition mechanism in PTMs, the proposed Soft-FET achieves soft switching of the gate input of a logic gate resulting in reduced peak switching current as well as steep current variations (di/dt). In addition, the Soft-FET incurs lower delay penalty across a wide voltage range compared to various baseline Complementary Metal Oxide Semiconductor (CMOS) logic gate variants for the same peak current. We perform a detailed PTM parameter optimization for optimum Soft-FET performance. Soft-FETs when used as power gates achieve ~20mV lower supply droop and when used as an I/O buffer achieves 46% lower ground bounce with 8.8% improved energy efficiency.
{"title":"Soft-FET: Phase transition material assisted Soft switching F ield E ffect T ransistor for supply voltage droop mitigation","authors":"S. Teja, J. Kulkarni","doi":"10.1145/3195970.3196117","DOIUrl":"https://doi.org/10.1145/3195970.3196117","url":null,"abstract":"Phase Transition Material (PTM) assisted novel soft switching transistor architecture named \"Soft-FET\" is proposed for supply voltage droop mitigation. By utilizing the abrupt phase transition mechanism in PTMs, the proposed Soft-FET achieves soft switching of the gate input of a logic gate resulting in reduced peak switching current as well as steep current variations (di/dt). In addition, the Soft-FET incurs lower delay penalty across a wide voltage range compared to various baseline Complementary Metal Oxide Semiconductor (CMOS) logic gate variants for the same peak current. We perform a detailed PTM parameter optimization for optimum Soft-FET performance. Soft-FETs when used as power gates achieve ~20mV lower supply droop and when used as an I/O buffer achieves 46% lower ground bounce with 8.8% improved energy efficiency.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"16 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73505849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Physically Unclonable Functions (PUFs) are still considered promising technology as building blocks in cryptographic protocols. While most PUFs require dedicated circuitry, recent research leverages DRAM hardware for PUFs due to its intrinsic properties and wide deployment. Recently, a new memory-based PUF was proposed that utilizes the infamous Rowhammer effect in DRAM. In this paper, we show two remote attacks on DRAM-based PUFs. First, a DoS attack that exploits the Rowhammer effect to manipulate PUF responses. Second, a modeling attack that predicts PUF responses by observing few challenge-response pairs. Our results indicate that DRAM may not be suitable for PUFs.
{"title":"It’s Hammer Time: How to Attack (Rowhammer-based) DRAM-PUFs","authors":"Shaza Zeitouni, David Gens, A. Sadeghi","doi":"10.1145/3195970.3196065","DOIUrl":"https://doi.org/10.1145/3195970.3196065","url":null,"abstract":"Physically Unclonable Functions (PUFs) are still considered promising technology as building blocks in cryptographic protocols. While most PUFs require dedicated circuitry, recent research leverages DRAM hardware for PUFs due to its intrinsic properties and wide deployment. Recently, a new memory-based PUF was proposed that utilizes the infamous Rowhammer effect in DRAM. In this paper, we show two remote attacks on DRAM-based PUFs. First, a DoS attack that exploits the Rowhammer effect to manipulate PUF responses. Second, a modeling attack that predicts PUF responses by observing few challenge-response pairs. Our results indicate that DRAM may not be suitable for PUFs.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"93 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85503498","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xavier Carpent, Karim Eldefrawy, Norrathep Rattanavipanon, A. Sadeghi, G. Tsudik
Remote attestation (RA) is a means of malware detection, typically realized as an interaction between a trusted verifier and a potentially compromised remote device (prover). RA is especially relevant for low-end embedded devices that are incapable of protecting themselves against malware infection. Most current RA techniques require on-demand and uninterruptible (atomic) operation. The former fails to detect transient malware that enters and leaves between successive RA instances; the latter involves performing potentially time-consuming computation over prover's memory and/or storage, which can be harmful to the device's safety-critical functionality and general availability. However, relaxing either on-demand or atomic RA operation is tricky and prone to vulnerabilities. This paper identifies some issues that arise in reconciling requirements of safety-critical operation with those of secure remote attestation, including detection of transient and self-relocating malware. It also investigates mitigation techniques, including periodic self-measurements as well as interruptible attestation modality that involves shuffled memory traversals and various memory locking mechanisms.
{"title":"Invited: Reconciling Remote Attestation and Safety-Critical Operation on Simple IoT Devices","authors":"Xavier Carpent, Karim Eldefrawy, Norrathep Rattanavipanon, A. Sadeghi, G. Tsudik","doi":"10.1145/3195970.3199853","DOIUrl":"https://doi.org/10.1145/3195970.3199853","url":null,"abstract":"Remote attestation (RA) is a means of malware detection, typically realized as an interaction between a trusted verifier and a potentially compromised remote device (prover). RA is especially relevant for low-end embedded devices that are incapable of protecting themselves against malware infection. Most current RA techniques require on-demand and uninterruptible (atomic) operation. The former fails to detect transient malware that enters and leaves between successive RA instances; the latter involves performing potentially time-consuming computation over prover's memory and/or storage, which can be harmful to the device's safety-critical functionality and general availability. However, relaxing either on-demand or atomic RA operation is tricky and prone to vulnerabilities. This paper identifies some issues that arise in reconciling requirements of safety-critical operation with those of secure remote attestation, including detection of transient and self-relocating malware. It also investigates mitigation techniques, including periodic self-measurements as well as interruptible attestation modality that involves shuffled memory traversals and various memory locking mechanisms.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"144 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82917066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The emerging design requirements with the FinFET technology, along with traditional geometrical constraints, make the FinFET-based analog placement even more challenging. Previous works can handle only partial FinFET-induced design constraints because some new constraints are intrinsically different from the traditional ones; as a result, directly extending previous methods to handle FinFET-induced constraints would incur solution quality degradation and runtime overhead. To remedy these disadvantages, we present a new hybrid graph (meshed tree) representation of a window mesh and CB-trees (namely, WB-trees) and a new placement flow with effective and efficient schemes to simultaneously handle FinFET-based design constraints and traditional ones. Experimental results based on industrial designs with various constraints show that our placer outperforms published works in both solution quality and runtime.
{"title":"WB-Trees: A Meshed Tree Representation for FinFET Analog Layout Designs*","authors":"Yu-Sheng Lu, Yu-Hsuan Chang, Yao-Wen Chang","doi":"10.1145/3195970.3196137","DOIUrl":"https://doi.org/10.1145/3195970.3196137","url":null,"abstract":"The emerging design requirements with the FinFET technology, along with traditional geometrical constraints, make the FinFET-based analog placement even more challenging. Previous works can handle only partial FinFET-induced design constraints because some new constraints are intrinsically different from the traditional ones; as a result, directly extending previous methods to handle FinFET-induced constraints would incur solution quality degradation and runtime overhead. To remedy these disadvantages, we present a new hybrid graph (meshed tree) representation of a window mesh and CB-trees (namely, WB-trees) and a new placement flow with effective and efficient schemes to simultaneously handle FinFET-based design constraints and traditional ones. Experimental results based on industrial designs with various constraints show that our placer outperforms published works in both solution quality and runtime.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"39 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83041525","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We propose a Standard Template Library (STL) for synthesizeable SystemVerilog that sharply reduces the time required to design digital circuits. We overview the principles that underly the design of the open-source BaseJump STL, including light-weight latency-insensitive interfaces that yield fast microarchitectures and low bug density; thin handshaking rules; fast porting of hardened chip regions across nodes; pervasive parameterization and specialization, and static error checking. We suggest extensions to SystemVerilog that will make it a more functional design language, and discuss our validation, including with the DARPA CRAFT-sponsored 16nm TSMC Celerity SoC with 511 RISC-V cores and 385M transistors. 80% of the modules for the design were instantiated directly from BaseJump STL, reducing verification time, accelerating development, and showing the promise of the approach.
{"title":"INVITED: BaseJump STL: SystemVerilog Needs a Standard Template Library for Hardware Design","authors":"M. Taylor","doi":"10.1145/3195970.3199848","DOIUrl":"https://doi.org/10.1145/3195970.3199848","url":null,"abstract":"We propose a Standard Template Library (STL) for synthesizeable SystemVerilog that sharply reduces the time required to design digital circuits. We overview the principles that underly the design of the open-source BaseJump STL, including light-weight latency-insensitive interfaces that yield fast microarchitectures and low bug density; thin handshaking rules; fast porting of hardened chip regions across nodes; pervasive parameterization and specialization, and static error checking. We suggest extensions to SystemVerilog that will make it a more functional design language, and discuss our validation, including with the DARPA CRAFT-sponsored 16nm TSMC Celerity SoC with 511 RISC-V cores and 385M transistors. 80% of the modules for the design were instantiated directly from BaseJump STL, reducing verification time, accelerating development, and showing the promise of the approach.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"32 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84375572","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
As integrated circuit technology nodes continue to shrink, dense via distribution becomes a severe challenge, requiring multiple masks to avoid spacing violations in via layers. Meanwhile, the directed self-assembly (DSA) technique shows a great promise in via printing by employing feasible guiding templates. Combining DSA with double patterning lithography can significantly reduce the number of masks for via layers. In this paper, we propose a detailed routing algorithm considering DSA with DPL based on a conflict and compatibility graph model. A net planning algorithm is developed to reduce via-dense areas and determines a prerouting nets order, while the graph model is employed to capture the feature of DSA and DPL to better guide detailed routing. Besides, DSA grouping is performed for critical vias during detailed routing to avoid attracting more vias inserted in surrounding grids to reduce via-spacing violations. Experimental results demonstrate that our routing algorithm can effectively minimize the number of via spacing violations, with an even smaller total via count.
{"title":"DSA-Friendly Detailed Routing Considering Double Patterning and DSA Template Assignments*","authors":"H. Yu, Yao-Wen Chang","doi":"10.1145/3195970.3196030","DOIUrl":"https://doi.org/10.1145/3195970.3196030","url":null,"abstract":"As integrated circuit technology nodes continue to shrink, dense via distribution becomes a severe challenge, requiring multiple masks to avoid spacing violations in via layers. Meanwhile, the directed self-assembly (DSA) technique shows a great promise in via printing by employing feasible guiding templates. Combining DSA with double patterning lithography can significantly reduce the number of masks for via layers. In this paper, we propose a detailed routing algorithm considering DSA with DPL based on a conflict and compatibility graph model. A net planning algorithm is developed to reduce via-dense areas and determines a prerouting nets order, while the graph model is employed to capture the feature of DSA and DPL to better guide detailed routing. Besides, DSA grouping is performed for critical vias during detailed routing to avoid attracting more vias inserted in surrounding grids to reduce via-spacing violations. Experimental results demonstrate that our routing algorithm can effectively minimize the number of via spacing violations, with an even smaller total via count.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"11 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85398351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Global placement dominates the circuit placement process in its solution quality and efficiency. With increasing design complexity and various design constraints, it is desirable to develop an efficient, high-quality global placement algorithm for modern large-scale circuit designs. In this paper, we first analyze the properties of four nonlinear optimization methods (the quadratic penalty method, the Lagrange multiplier method, and two augmented Lagrangian methods) for global placement, and then develop a generalized augmented Lagrangian method to solve this problem. Our proposed method preserves the advantages of the quadratic penalty method and the augmented Lagrangian method, and provides a smooth progress from the quadratic penalty method to the augmented Lagrangian method. We prove that the proposed generalized augmented Lagrangian method is globally convergent for the original global placement problem, even with different constraints. Compared with the other four popular optimization methods, experimental results show that our method achieves the best quality and is robust for handling different objectives. In particular, our generalized augmented Lagrangian formulation is theoretically sound and can solve generic large-scale constrained nonlinear optimization problems, which are widely used in many fields.
{"title":"Generalized Augmented Lagrangian and Its Applications to VLSI Global Placement*","authors":"Ziran Zhu, Jianli Chen, Zheng Peng, Wen-xing Zhu, Yao-Wen Chang","doi":"10.1145/3195970.3196057","DOIUrl":"https://doi.org/10.1145/3195970.3196057","url":null,"abstract":"Global placement dominates the circuit placement process in its solution quality and efficiency. With increasing design complexity and various design constraints, it is desirable to develop an efficient, high-quality global placement algorithm for modern large-scale circuit designs. In this paper, we first analyze the properties of four nonlinear optimization methods (the quadratic penalty method, the Lagrange multiplier method, and two augmented Lagrangian methods) for global placement, and then develop a generalized augmented Lagrangian method to solve this problem. Our proposed method preserves the advantages of the quadratic penalty method and the augmented Lagrangian method, and provides a smooth progress from the quadratic penalty method to the augmented Lagrangian method. We prove that the proposed generalized augmented Lagrangian method is globally convergent for the original global placement problem, even with different constraints. Compared with the other four popular optimization methods, experimental results show that our method achieves the best quality and is robust for handling different objectives. In particular, our generalized augmented Lagrangian formulation is theoretically sound and can solve generic large-scale constrained nonlinear optimization problems, which are widely used in many fields.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"110 9 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75695200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Side-channel attacks are performed on increasingly complex targets, starting to threaten superscalar CPUs supporting a complete operating system. The difficulty of both assessing the vulnerability of a device to them, and validating the effectiveness of countermeasures is increasing as a consequence. In this work we prove that assessing the side-channel vulnerability of a software implementation running on a CPU should take into account the microarchitectural features of the CPU itself. We characterize the impact of microarchitectural features and prove the effectiveness of such an approach attacking a dual-core superscalar CPU.
{"title":"Side-channel security of superscalar CPUs : Evaluating the Impact of Micro-architectural Features","authors":"Alessandro Barenghi, Gerardo Pelosi","doi":"10.1145/3195970.3196112","DOIUrl":"https://doi.org/10.1145/3195970.3196112","url":null,"abstract":"Side-channel attacks are performed on increasingly complex targets, starting to threaten superscalar CPUs supporting a complete operating system. The difficulty of both assessing the vulnerability of a device to them, and validating the effectiveness of countermeasures is increasing as a consequence. In this work we prove that assessing the side-channel vulnerability of a software implementation running on a CPU should take into account the microarchitectural features of the CPU itself. We characterize the impact of microarchitectural features and prove the effectiveness of such an approach attacking a dual-core superscalar CPU.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"38 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78556146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Run-Yi Wang, C. Pai, Jun-Jie Wang, Hsiang-Ting Wen, Yu-Cheng Pai, Yao-Wen Chang, James CM Li, J. H. Jiang
As Engineering Change Order (ECO) has attracted substantial attention in modern VLSI design, the open net problem, which aims at constructing a shortest obstacle-avoiding path to reconnect the net shapes in an open net, becomes more critical in the ECO stage. This paper addresses a multi-layer obstacle-avoiding region-to-region Steiner minimal tree (SMT) construction problem that connects all net shapes by edges on a layer or vias between layers, and avoids running through any obstacle with a minimal total cost. Existing multi-layer obstacle-avoiding SMT algorithms consider pin-to-pin connections instead of region-to-region ones, which would limit the solution quality due to its lacking region information. In this paper, we present an efficient algorithm based on our new multi-layer obstacle-avoiding region-to-region spanning graph to solve the addressed problem, which guarantees to find an optimal solution for a net connecting two regions on a single layer. Experimental results show that our algorithm outperforms all the participating routers of the 2017 CAD Contest at ICCAD in both solution quality and runtime.
{"title":"Efficient Multi-Layer Obstacle-Avoiding Region-to-Region Rectilinear Steiner Tree Construction*","authors":"Run-Yi Wang, C. Pai, Jun-Jie Wang, Hsiang-Ting Wen, Yu-Cheng Pai, Yao-Wen Chang, James CM Li, J. H. Jiang","doi":"10.1145/3195970.3196040","DOIUrl":"https://doi.org/10.1145/3195970.3196040","url":null,"abstract":"As Engineering Change Order (ECO) has attracted substantial attention in modern VLSI design, the open net problem, which aims at constructing a shortest obstacle-avoiding path to reconnect the net shapes in an open net, becomes more critical in the ECO stage. This paper addresses a multi-layer obstacle-avoiding region-to-region Steiner minimal tree (SMT) construction problem that connects all net shapes by edges on a layer or vias between layers, and avoids running through any obstacle with a minimal total cost. Existing multi-layer obstacle-avoiding SMT algorithms consider pin-to-pin connections instead of region-to-region ones, which would limit the solution quality due to its lacking region information. In this paper, we present an efficient algorithm based on our new multi-layer obstacle-avoiding region-to-region spanning graph to solve the addressed problem, which guarantees to find an optimal solution for a net connecting two regions on a single layer. Experimental results show that our algorithm outperforms all the participating routers of the 2017 CAD Contest at ICCAD in both solution quality and runtime.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"50 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84550224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Bo-Yuan Huang, Sayak Ray, Aarti Gupta, Jason M. Fung, S. Malik
Formal security verification of firmware interacting with hardware in modern Systems-on-Chip (SoCs) is a critical research problem. This faces the following challenges: (1) design complexity and heterogeneity, (2) semantics gaps between software and hardware, (3) concurrency between firmware/hardware and between Intellectual Property Blocks (IPs), and (4) expensive bit-precise reasoning. In this paper, we present a co-verification methodology to address these challenges. We model hardware using the Instruction-Level Abstraction (ILA), capturing firmware-visible behavior at the architecture level. This enables integrating hardware behavior with firmware in each IP into a single thread. The co-verification with multiple firmware across IPs is formulated as a multi-threaded program verification problem, for which we leverage software verification techniques. We also propose an optimization using abstraction to prevent expensive bit-precise reasoning. The evaluation of our methodology on an industry SoC Secure Boot design demonstrates its applicability in SoC security verification.
{"title":"Formal Security Verification of Concurrent Firmware in SoCs using Instruction-Level Abstraction for Hardware*","authors":"Bo-Yuan Huang, Sayak Ray, Aarti Gupta, Jason M. Fung, S. Malik","doi":"10.1145/3195970.3196055","DOIUrl":"https://doi.org/10.1145/3195970.3196055","url":null,"abstract":"Formal security verification of firmware interacting with hardware in modern Systems-on-Chip (SoCs) is a critical research problem. This faces the following challenges: (1) design complexity and heterogeneity, (2) semantics gaps between software and hardware, (3) concurrency between firmware/hardware and between Intellectual Property Blocks (IPs), and (4) expensive bit-precise reasoning. In this paper, we present a co-verification methodology to address these challenges. We model hardware using the Instruction-Level Abstraction (ILA), capturing firmware-visible behavior at the architecture level. This enables integrating hardware behavior with firmware in each IP into a single thread. The co-verification with multiple firmware across IPs is formulated as a multi-threaded program verification problem, for which we leverage software verification techniques. We also propose an optimization using abstraction to prevent expensive bit-precise reasoning. The evaluation of our methodology on an industry SoC Secure Boot design demonstrates its applicability in SoC security verification.","PeriodicalId":6491,"journal":{"name":"2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)","volume":"32 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85492790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: