SaTC: STARSS: Collaborative: IPTrust: A Comprehensive Framework for IP Integrity Validation

SaTC：STARSS：协作：IPTrust：IP 完整性验证的综合框架

• 批准号: 1441705
• 负责人: Swarup Bhunia
• 金额: $ 19.33万
• 依托单位: Case Western Reserve University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2014
• 资助国家: 美国
• 起止时间: 2014-10-01 至 2016-02-29
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1441705&HistoricalAwards=false
• 关键词: SaTC; STARSS; Collaborative; IPTrust; Comprehensive

To reduce production cost while meeting time-to-market constraints, semiconductor companies usually design hardware systems with reusable hardware modules, popularly known as Intellectual Property (IP) blocks. Growing reliance on these hardware IPs, often gathered from untrusted third-party vendors, severely affects the security and trustworthiness of the final system. The hardware IPs acquired from external sources may come with deliberate malicious implants, undocumented interfaces working as hidden backdoor, or other integrity issues. Tampered hardware IPs can lead to security and privacy concerns (e.g., when used in handheld devices) as well as life-threatening consequences (e.g., when used in safety-critical systems). It is extremely difficult to verify the integrity and trustworthiness of hardware IPs due to incomplete functional specifications and lack of golden reference models. To address this critical need, in this project, we develop a comprehensive and scalable framework for IP trust analysis and verification. We evaluate IPs of diverse types and forms and develop threat models, taxonomy and instances of IP trust/integrity issues. We investigate an integrative IP trust validation framework that combines the complementary abilities of functional, structural and parametric verification. We employ both statistical as well as judicious directed tests to sensitize rarely triggered malicious changes and observe their effects. The unified validation framework is flexible to detect diverse tampering efforts, scalable to large designs, and eliminates the need for a golden model. A platform for IP trust validation, threat analysis, and trust metrics would provide enabling technology to future designers to implement secure and trusted systems for diverse applications.

为了在满足上市时间限制的同时降低生产成本，半导体公司通常设计具有可重复使用的硬件模块的硬件系统，通常称为知识产权(IP)模块。对这些硬件IP(通常来自不受信任的第三方供应商)的日益依赖严重影响了最终系统的安全性和可信性。从外部来源获取的硬件IP可能带有故意的恶意植入、作为隐藏后门工作的未记录接口或其他完整性问题。被篡改的硬件IP可能会导致安全和隐私问题(例如，在手持设备中使用时)以及危及生命的后果(例如，当在安全关键系统中使用时)。由于硬件IP的功能规范不完整，缺乏黄金参考模型，验证硬件IP的完整性和可信性极其困难。为了满足这一迫切的需求，在这个项目中，我们开发了一个全面的、可扩展的IP信任分析和验证框架。我们评估不同类型和形式的IP，并开发IP信任/完整性问题的威胁模型、分类和实例。本文研究了一种综合了功能验证、结构验证和参数验证功能的IP信任验证框架。我们使用统计测试和明智的定向测试来敏感很少触发的恶意更改，并观察它们的影响。统一验证框架可以灵活地检测不同的篡改工作，可扩展到大型设计，并且不再需要黄金模型。一个用于IP信任验证、威胁分析和信任度量的平台将为未来的设计人员提供使能技术，以便为不同的应用程序实现安全和可信的系统。