1,860 research outputs found
LO-FAT: Low-Overhead Control Flow ATtestation in Hardware
Attacks targeting software on embedded systems are becoming increasingly
prevalent. Remote attestation is a mechanism that allows establishing trust in
embedded devices. However, existing attestation schemes are either static and
cannot detect control-flow attacks, or require instrumentation of software
incurring high performance overheads. To overcome these limitations, we present
LO-FAT, the first practical hardware-based approach to control-flow
attestation. By leveraging existing processor hardware features and
commonly-used IP blocks, our approach enables efficient control-flow
attestation without requiring software instrumentation. We show that our
proof-of-concept implementation based on a RISC-V SoC incurs no processor
stalls and requires reasonable area overhead.Comment: Authors' pre-print version to appear in DAC 2017 proceeding
Symbolic QED Pre-silicon Verification for Automotive Microcontroller Cores: Industrial Case Study
We present an industrial case study that demonstrates the practicality and
effectiveness of Symbolic Quick Error Detection (Symbolic QED) in detecting
logic design flaws (logic bugs) during pre-silicon verification. Our study
focuses on several microcontroller core designs (~1,800 flip-flops, ~70,000
logic gates) that have been extensively verified using an industrial
verification flow and used for various commercial automotive products. The
results of our study are as follows: 1. Symbolic QED detected all logic bugs in
the designs that were detected by the industrial verification flow (which
includes various flavors of simulation-based verification and formal
verification). 2. Symbolic QED detected additional logic bugs that were not
recorded as detected by the industrial verification flow. (These additional
bugs were also perhaps detected by the industrial verification flow.) 3.
Symbolic QED enables significant design productivity improvements: (a) 8X
improved (i.e., reduced) verification effort for a new design (8 person-weeks
for Symbolic QED vs. 17 person-months using the industrial verification flow).
(b) 60X improved verification effort for subsequent designs (2 person-days for
Symbolic QED vs. 4-7 person-months using the industrial verification flow). (c)
Quick bug detection (runtime of 20 seconds or less), together with short
counterexamples (10 or fewer instructions) for quick debug, using Symbolic QED
When a Patch is Not Enough - HardFails: Software-Exploitable Hardware Bugs
In this paper, we take a deep dive into microarchitectural security from a
hardware designer's perspective by reviewing the existing approaches to detect
hardware vulnerabilities during the design phase. We show that a protection gap
currently exists in practice that leaves chip designs vulnerable to
software-based attacks. In particular, existing verification approaches fail to
detect specific classes of vulnerabilities, which we call HardFails: these bugs
evade detection by current verification techniques while being exploitable from
software. We demonstrate such vulnerabilities in real-world SoCs using RISC-V
to showcase and analyze concrete instantiations of HardFails. Patching these
hardware bugs may not always be possible and can potentially result in a
product recall. We base our findings on two extensive case studies: the recent
Hack@DAC 2018 hardware security competition, where 54 independent teams of
researchers competed world-wide over a period of 12 weeks to catch inserted
security bugs in SoC RTL designs, and an in-depth systematic evaluation of
state-of-the-art verification approaches. Our findings indicate that even
combinations of techniques will miss high-impact bugs due to the large number
of modules with complex interdependencies and fundamental limitations of
current detection approaches. We also craft a real-world software attack that
exploits one of the RTL bugs from Hack@DAC that evaded detection and discuss
novel approaches to mitigate the growing problem of cross-layer bugs at design
time
- …