PAC Learnability of iPUF Variants

Interpose PUF~(iPUF) is a strong PUF construction that was shown to be vulnerable against empirical machine learning as well as PAC learning attacks. In this work, we extend the PAC Learning results of Interpose PUF to prove that the variants of iPUF are also learnable in the PAC model under the Linear Threshold Function representation class

Systematically Quantifying Cryptanalytic Non-Linearities in Strong PUFs

Physically Unclonable Functions~(PUFs) with large challenge space~(also called Strong PUFs) are promoted for usage in authentications and various other cryptographic and security applications. In order to qualify for these cryptographic applications, the Boolean functions realized by PUFs need to possess a high non-linearity~(NL). However, with a large challenge space~(usually $\geq 64$ bits), measuring NL by classical techniques like Walsh transformation is computationally infeasible. In this paper, we propose the usage of a heuristic-based measure called non-homomorphicity test which estimates the NL of Boolean functions with high accuracy in spite of not needing access to the entire challenge-response set. We also combine our analysis with a technique used in linear cryptanalysis, called Piling-up lemma, to measure the NL of popular PUF compositions. As a demonstration to justify the soundness of the metric, we perform extensive experimentation by first estimating the NL of constituent Arbiter/Bistable Ring PUFs using the non-homomorphicity test, and then applying them to quantify the same for their XOR compositions namely XOR Arbiter PUFs and XOR Bistable Ring PUF. Our findings show that the metric explains the impact of various parameter choices of these PUF compositions on the NL obtained and thus promises to be used as an important objective criterion for future efforts to evaluate PUF designs. While the framework is not representative of the machine learning robustness of PUFs, it can be a useful complementary tool to analyze the cryptanalytic strengths of PUF primitives

Physically Related Functions: A New Paradigm for Light-weight Key-Exchange

In this paper, we propose a novel concept named Physically Related Function(PReF) which are devices with hardware roots of trust. It enables secure key-exchange with no pre-established/embedded secret keys. This work is motivated by the need to perform key-exchange between lightweight resource-constrained devices. We present a proof-of-concept realization of our contributions in hardware using FPGAs

Reliability annotations to formal specifications of context-sensitive safety properties in embedded systems

As the aspect of reliability is becoming increasingly important in the context of safety-critical embedded systems, developing formalism for specifying the reliability requirements for such systems has become very relevant. We present a formalism for modeling the reliability requirement succinctly for safety-critical embedded systems and propose the semantics over the task schedule of the embedded systems controller. We introduce the notion of reliability deficiency to represent the difference between the specified and the actual value of the reliability achieved by a schedule and present techniques to make up the reliability deficiency. The presented approach is primarily applicable to specify the reliability requirements of context-sensitive tasks executed by a real-time software system so that they can overcome transient failures using temporal redundancy, i.e., repetitive execution of the same task. We illustrate our formalism and the proposed techniques using suitable scenarios from the automotive domain

Reliability guarantees in automata-based scheduling for embedded control software

Automata-based scheduling is a recent technique for online scheduling of software control components in embedded systems. This letter studies one important aspect of automata-based scheduling that has not been studied in the past, namely resilience to faults. The goal of the proposed technique is to create an automaton that recommends the scheduling patterns that are admissible with respect to control performance requirements, when the state of the system has been mutated by faults. The problem has been formulated as a game between the scheduler and the (possibly faulty) system, where a winning strategy of the scheduler prevents the system from reaching bad states forever. We present a method for analyzing the structure of the game and extracting an automaton that captures the winning strategies of the scheduler, namely the automaton to be used for automata-based scheduling

Cohesive coverage management: simulation meets formal methods

It has been advocated by many experts in design verification that the key to successful verification convergence lies in developing the verification plan with adequate formal rigor. Traditionally, the verification plans for simulation and formal property verification (FPV) are developed in different ways, using different formalisms, and with different coverage goals. In this paper, we propose a framework where the difference between formal properties and simulation test points is diluted by using methods for translating one form of the specification to the other. This allows us to reuse simulation coverage to facilitate formal verification and to reuse proven formal properties to cover simulation test points. We also propose the use of inline assertions in procedural (possibly randomized) test benches, and show that it facilitates the use of hybrid verification techniques between simulation and bounded model checking. We propose the use of promising combinations of formal methods presented in our earlier papers to shape a hierarchical verification flow where simulation and formal methods aim to cover a common design intent specification. The proposed flow is demonstrated using a detailed case study of the ARM AMBA verification benchmark. We believe that the methods presented in this work will stimulate new thought processes and ultimately lead to wider adoption of cohesive coverage management techniques in the design intent validation flow

Inline assertions - embedding formal properties in a test bench

The scope of immediate assertions in SystemVerilog is restricted to Boolean properties, where as temporal properties are specified as concurrent assertions. Concurrent assertion statements can also be embedded in a procedural block - known as procedural concurrent assertions which are used under restricted situations. This paper introduces the notion of inline assertions which generalizes the embedding of temporal properties within the procedural code of a test bench. The paper proposes verification methodologies for inline assertions and compares them with the traditional approaches of formal property verification and dynamic assertion based verification. The paper also focuses on coverage related issues when the intent of a concurrent assertion is modeled as an inline assertion

Formal verification of architectural power intent

This paper presents a verification framework that attempts to bridge the disconnect between high-level properties capturing the architectural power management strategy and the implementation of the power management control logic using low-level per-domain control signals. The novelty of the proposed framework is in demonstrating that the architectural power intent properties developed using high-level artifacts can be automatically translated into properties over low-level control sequences gleaned from UPF specifications of power domains, and that the resulting properties can be used to formally verify the global on-chip power management logic. The proposed translation uses a considerable amount of domain knowledge and is also not purely syntactic, because it requires formal extraction of timing information for the low-level control sequences. We present a tool, called POWER-TRUCTOR which enables the proposed framework, and several test cases of significant complexity to demonstrate the feasibility of the proposed framework