Standard Security Metric Definition for Hardware Design

Abstract

The research problem this project is addressing is the lack of standardized methods to measureand simulate hardware security. This l,ack of support leaves the community without a way to compare security guarantees of different architectural designs. The objectives,of this proposal are to develop and establish a standard method for evaluating tradeoffs between security guarantees and performance, within the hardware design cycle. The proposed project will establish and promote a fundamental shift in the way computer architect,ure research is conducted to include security as a first-class design requirement. The PI will enable microarchitectural measurement,s of security to concurrently evaluate both the performance and security implications of potential computer architectures during the, design stage. The project?s concrete technical approaches are:1.Investigate Commonalities Across Microarchitectural Attacks: For re,searchers to be able to properly investigate root sources of security vulnerabilities there has to be standard metrics for security,for microarchitecture designs. The first step in establishing standard security metrics is to find characteristics that are shared a,cross attacks to determine what needs to be measured. One of the difficulties of establishing security metrics is the fact that ther,e exists many different forms of microarchitectural attacks. Each attack leverages different microarchitectural constructs to launch, a successful attack. In this project the PI will extrapolate the fundamental characteristics that enable these types of attacks to,come up with a few components that can be measured to indicate how the hardware design deviates from the behavioral expectations of,the functional description.2.Establish Requisite Security Metrics: As a second step, once the fundamental characteristics of microar,chitectural attacks are established, the PI will establish metrics that will enable an idea of the level of security of a particular, hardware design.Similar to how power and latency can be measured in processor simulators, one key idea of this project is to come u,p with a set of metrics that can help your average computer architect understand security guarantees of the microarchitecture. To ac,complish this challenging goal first we need to understand what kind of metrics can provide a holistic view of the security of a har,dware design. Given that most attacks that involve the hardware, in some way or another, rely on a certain structure to leak informa,tion (directly or indirectly) we turn to information theory and formal security constructs to start investigating a potential avenue, to defining a standard measure of hardware security.The anticipated outcome of the project if successful is a collection of standar,d security metrics that can be easily incorporated into the hardware design cycle, with particular focus on processor simulators. Th,e potential impact on ONR capabilities is to enable informed decisions on hardware questionswith respect to risk assessments. Enabli,ng an understanding of the security level of a certain hardware design will allow ONR to make hardware decisions based on metrics ra,ther than relying on assumptions.

Document Details

Document Type

DoD Grant Award

Publication Date

Dec 06, 2022

Source ID

N000142312074

Entities

Tags