|
Computing hardware including processors, memory banks, and communication busses can harbor vulnerabilities that allow an attacker to gain unauthorized access to the programs and data on a machine. Hardware designers and security experts expend considerable time and effort to eliminate these vulnerabilities early in the design stage. The focus of this research is to support these activities towards improving efficiency and outcomes. In developing the methodologies and tools to find and contextualize hardware security vulnerabilities, this research will move the field of security validation of hardware designs forward.
The research targets the security validation of central processing units in the design stage. The project has two goals: 1) To identify security critical properties of a processor. These properties will be stated in a temporal logic over the register transfer level design. 2) To develop the methodology and tools to automatically find and contextualize violations of those properties. A key innovation of this research will be the application of symbolic execution to hardware designs. In order to make symbolically executing a complex hardware design through multiple clock cycles feasible, the research will develop a targeted, backward search strategy.
If successful, the project has the potential to significantly reduce the opportunity for a malicious actor to launch an effective attack against hardware, improving the security of computer systems.
The tools, testbenches, papers, and presentations resulting from this research will be available at a site linked from https://cs.unc.edu/~csturton.
|
SaTC: STARSS: Small: Tackling the Corner Cases: Finding Security Vulnerabilities in CPU Designs