Evaluating Security Requirements in a General-Purpose Processor by Combining Assertion Checkers with Code Coverage

Abstract

The problem of malicious inclusions in hardware is an emerging threat, and detecting them is a difficult challenge. In this research, we enhance an existing method for creating assertion-based dynamic checkers, and demonstrate how behavioral security requirements can be derived from a processor's architectural specification, then converted into security checkers that are part of the processor's design. The novel contributions of this research are - We demonstrate the method using a set of assertions, derived from the architectural specification, on a full-scale open-source general-purpose processor design, called OpenRISC. Previous work used only a single assertion on a toy processor design. - We demonstrate the use of our checker-generator tool, called psl2hdl, which was created for this research. - We illustrate how the method can be used in concert with code coverage techniques, to either detect malicious inclusions or greatly narrow the search for malicious inclusions that use rare-event triggers.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2012
Accession Number
ADA570802

Entities

People

  • Cynthia E. Irvine
  • Michael Bilzor
  • Ted Huffmire
  • Tim Levin

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Abstracts
  • Automata
  • Circuits
  • Computer Programs
  • Computing System Architectures
  • Demonstrations
  • Electronic Circuits
  • Generators
  • Inclusions
  • Instructions
  • Language
  • Logic
  • Logic Gates
  • Security
  • Simulations
  • Specifications
  • Threats

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Applied Combinatorial Optimization and Logic Circuit Design.
  • Software Engineering.