SteelWool: Next-Generation Hardware Fuzzers

Abstract

Modern processors are becoming increasingly complex with sophisticated functional and security mechanisms and extensions. This devel,opment, however, increases the chance of introducing vulnerabilities into the hardware design and implementation, which can lead to,ritical vulnerabilities that have been uncovered and exploited, and both affect commodity processors and their dedicated security ex,tensions. It is crucial to discover hardware vulnerabilities in the early stages of the design cycle. Various hardware vulnerability, detection techniques and tools have been proposed or developed by both academia and industry, such as formal verification, runtime, detection, and information flow tracking. These techniques are unable to cope with the increasing complexity of modern, large desig,ns and are becoming less efficient in detecting bugs, especially in detecting security vulnerabilities. For instance, when evaluated, at a competition, the popular industrial formal verification tool Cadences JasperGold detected 48% of the bugs, manual inspection,with simulation detected 61% of the bugs. Research Problem Statement and Objectives. To improve the state-of-the-art of hardware,vulnerability detection, we need new tools and methodologies that can detect hidden security bugs and vulnerabilities. These tools n,eed to have the following characteristics: (i) Be scalable to large and complex designs, highly automatic, effective, and efficient,in detecting securitycritical vulnerabilities that are exploitable (and not just only functional bugs). (ii) Be compatible with exi,sting chip design and verification flows, applicable to different hardware models (register transfer level, gate level, transistor, level, taped out chip). (iii) Account for different hardware behaviors (signal transitions, finite state machines, and floating w,ires). Proposed Technical Approach. We present the design and implementation of a novel, shortcomings of the current hardware fuzzing proposals. We analyze the intrinsic behaviors of hardware designs and describe appropr,iate coverage metrics of the Hardware Definition Language (HDL) to capture such behaviors. Given the importance of software-exploit,ugs that are exploitable by the software code which executes such instruction sequences. If successful, this project will create a n,ovel hardware fuzzing methodology namely, SteelWool that (i) supports commonly used HDLs like Verilog and VHDL, (ii) is compatible,with conventional industry-standard integrated circuit (IC) design and verification flow, (iii) detects software-exploitable hardwa,re vulnerabilities, (iv) accounts for different hardware behaviors, (v) does not require knowledge of the design, (vi) is scalable t,o large-scale designs, and (vii) does not need human intervention. Impact on DoD capabilities. By providing a mechanism to automati,cally identify vulnerabilities in processors and other computing devices acquired by the Navy, this proposed project provides greate,r visibility and more effective controls across the entire supply chain supporting the Navys needs. The framework can aid defenses,during runtime or after an attack to determine what vulnerabilities are exploited. It can aid in identifying vulnerabilities in lega,cy hardware or recovered adversaries computers without extensive manual effort by experts. Sensitive applications in the Department, of Defense (DoD)/Navy domain designed using the proposed vulnerability-detection approach can externally source third-party intelle,ctual property (IP) designs used in these designs, and can perform security checks using the proposed mechanism.

Document Details

Document Type

DoD Grant Award

Publication Date

Apr 01, 2022

Source ID

N000142212279

Entities

Tags