SVH: Security Verification of Heterogeneous Integrated Systems

Abstract

The continuous minimization of transistors, also known as Moore s Law, has been slowing down due to various physical and technologic,al limitations. Furthermore, for advanced technology nodes like 14nm and lower, the cost per transistor is increasing because of dec,reasing yield in advanced nodes. Heterogeneous integration (HI) is a novel solution to this problem. It refers to combining chiplets,ibility advantages over monolithic System-on-Chip (SoC) development and can pursue aggressive time-to-market. This is particularly i,mportant to DoD since DoD?s volume is low. Hence, HI allows DoD to get access to state-of-the-art technology node devices. Three pri,m,ious chiplets with different technology nodes and foundries can be integrated on the same package using an intermediate silicon laye,tive passive interposers can be integrated into a single package. Third, materials diversity - this allows the usage of newer materi,als to optimize that chiplet for a specific function and achieve enhanced capabilities. Despite many advantages, heterogeneous integ,ration requires further research in packaging, standardization of chiplet interfaces, communication protocols, and security verifica,tion. Most importantly, design and verification for security of heterogeneous integration present unique challenges that traditional, security solutions and methodologies are incapable of addressing. The three fundamental security risks in heterogeneous integration, design lifecycle are: (1) use of diverse, mostly untrusted and insecure, chiplets that might contain malicious functionality, (2) s,hared resources between chiplets introduces new attack surfaces, e.g., access control violations and information leakage, and (3) va,riety of in-field and physical attacks.In this project, we aim to develop novel security verification techniques to check against in,tegration and lifecycle threats that impact the confidentiality, integrity, and availability of SiPs. Unfortunately, the conventiona,l pre- and post-silicon verification techniques researched for SoCs will not be applicable to fabricated chiplets, making SiP securi,ty verification quite challenging and unique. To address these concerns, we will pursue the following two approaches in this project,: (1) static security verification: utilizing the system specification, security policies/properties will be developed to ensure con,fidentiality, integrity, and availability requirements for target security-critical assets and provide mitigation strategies if any,of the policies are violated. (2) Runtime security property monitoring: a promising solution would be to add at-speed security monit,oring capability to the package to enable runtime security policy/property checking and enforcement. Runtime security policy can be,done using an innovatively designed and integrated chiplet hardware security module (CHSM), implemented using an embedded FPGA fabri,c, to execute the synthesized properties constructed in this project. In addition, the CHSM can be updated to respond to unknown and, zero-day attacks. We believe that our proposed solution is the first-ever comprehensive security verification technique for SiPs th,at is capable of identifying and mitigating vulnerabilities during pre- and post-silicon, and runtime.We believe our proposed soluti,on will have a significant impact on DoD core mission by reducing the risk of security failures in military and naval systems. It en,sures that no security vulnerability would escape detection and manifest in SiPs to harm a system functionality and expose its sensi,tive information to adversaries.

Document Details

Document Type

DoD Grant Award

Publication Date

Jul 13, 2022

Source ID

N000142212560

Entities

Tags