Biblio

Modern SoC applications include a variety of sensitive modules in which data must be protected against malicious access. Security vulnerabilities, when exercised during the SoC operation, lead to denial of service or disclosure of protected data. Hence, it is essential to undertake security validation before and after SoC fabrication and make provisions for continuous security assessment during operation. This paper presents a methodology for optimized post-deployment monitoring of SoC's security properties by migrating pre-fab design security assertions to post-fab run-time security monitors. We show that the method is scalable for large systems and complex properties by optimizing the hardware monitors and applying it to a large SoC design based on a OpenRISC-1200 SoC. About 40 security assertions were specified in System Verilog Assertions (SVA). Following formal verification, the assertions were synthesized into finite state machines and cross optimized. Following code generation in Verilog, commercial logic and layout synthesis tools were used to generate hardware monitors which were then integrated with the SoC design ready for fabrication.

Logic encryption is a method to improve hardware security by inserting key gates on carefully selected signals in a logic design. Various logic encryption schemes have been proposed in the past decade. Many attack methods to thwart these logic locking schemes have also emerged. The satisfiability (SAT) attack can recover correct keys for many logic obfuscation methods. Recently proposed sensitivity analysis attack can decrypt stripped functionality based logic encryption schemes. This article presents a new encryption scheme named SRTLock, which is resilient against both attacks. SRTLock method first generates 0-injection circuits and encrypts the functionality of these nodes with the key inputs. In the next step, these values are used to control the sensitivity of the functionally stripped output for specific input patterns. The resultant locked circuit is resilient against the SAT and sensitivity analysis attacks. Experimental results demonstrating this on several attacks using standard benchmark circuits are presented.

In this paper, we propose a methodology for post-silicon validation through the evaluation of security assertions for systems-on-chip (SoC). The methodology is centered around a security architecture in which a "security capsule" is attached to each IP core in the SoC. The security capsule consists of a set of on-line and off-line assertion monitors, a dynamic trace-buffer to trace selected groups of signals, and a dynamic trace controller. The architecture is supported by a trace signal selection and grouping algorithm and a dynamic signal tracing method to evaluate the off-chip monitors. This paper presents the security capsule architecture, the signal selection and grouping algorithm, and the run-time signal tracing method. Results of using the methodology on two SoC architectures based on the OpenRISC-1200 and RISC-V processors are presented.