SaTC: STARSS: Collaborative: IPTrust: A Comprehensive Framework for IP Integrity Validation

SaTC：STARSS：协作：IPTrust：IP 完整性验证的综合框架

• 批准号: 1603483
• 负责人: Swarup Bhunia
• 金额: $ 19.1万
• 依托单位: University of Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2020-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1603483&HistoricalAwards=false
• 关键词: SaTC; STARSS; Collaborative; IPTrust; Comprehensive

To reduce production cost while meeting time-to-market constraints, semiconductor companies usually design hardware systems with reusable hardware modules, popularly known as Intellectual Property (IP) blocks. Growing reliance on these hardware IPs, often gathered from untrusted third-party vendors, severely affects the security and trustworthiness of the final system. The hardware IPs acquired from external sources may come with deliberate malicious implants, undocumented interfaces working as hidden backdoor, or other integrity issues. Tampered hardware IPs can lead to security and privacy concerns (e.g., when used in handheld devices) as well as life-threatening consequences (e.g., when used in safety-critical systems). It is extremely difficult to verify the integrity and trustworthiness of hardware IPs due to incomplete functional specifications and lack of golden reference models. To address this critical need, in this project, we develop a comprehensive and scalable framework for IP trust analysis and verification. We evaluate IPs of diverse types and forms and develop threat models, taxonomy and instances of IP trust/integrity issues. We investigate an integrative IP trust validation framework that combines the complementary abilities of functional, structural and parametric verification. We employ both statistical as well as judicious directed tests to sensitize rarely triggered malicious changes and observe their effects. The unified validation framework is flexible to detect diverse tampering efforts, scalable to large designs, and eliminates the need for a golden model. A platform for IP trust validation, threat analysis, and trust metrics would provide enabling technology to future designers to implement secure and trusted systems for diverse applications.

为了降低生产成本，同时满足上市时间的限制，半导体公司通常使用可重复使用的硬件模块（通常称为知识产权（IP）块）设计硬件系统。对这些硬件IP（通常从不受信任的第三方供应商处收集）的依赖日益增加，严重影响了最终系统的安全性和可信度。从外部来源获取的硬件IP可能带有故意的恶意植入，未记录的接口作为隐藏的后门或其他完整性问题。篡改的硬件IP可能导致安全和隐私问题（例如，当用于手持设备时）以及危及生命的后果（例如，在安全关键系统中使用时）。由于硬件IP的功能规范不完整，缺乏黄金参考模型，因此验证硬件IP的完整性和可信性非常困难。为了满足这一关键需求，在这个项目中，我们开发了一个全面的和可扩展的框架，IP信任分析和验证。我们评估不同类型和形式的IP，并开发威胁模型，分类和IP信任/完整性问题的实例。我们研究了一个综合的IP信任验证框架，它结合了功能，结构和参数验证的互补能力。我们采用统计以及明智的定向测试，以敏感很少触发恶意的变化，并观察其影响。统一的验证框架可以灵活地检测各种篡改行为，可扩展到大型设计，并消除了对黄金模型的需求。IP信任验证、威胁分析和信任度量的平台将为未来的设计人员提供支持技术，以便为各种应用程序实现安全和可信的系统。