Collaborative Research: SaTC: CORE: Small: SOCIAL: System-on-Chip Information Flow Validation under Asynchronous Events

协作研究：SaTC：CORE：小型：SOCIAL：异步事件下的片上系统信息流验证

• 批准号: 2223045
• 负责人: Sandip Ray
• 金额: $ 30.5万
• 依托单位: University of Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2025-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2223045&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Small

We live in an era where smart, connected computing devices pervade many critical applications, including transportation systems, industrial automation, health and biomedical systems, etc. Naturally, these devices create, process, and exchange significant sensitive information. Unauthorized or malicious access to these assets can result in disastrous consequences, including loss of human life in the case of health monitoring systems. The goal of this project is to create a comprehensive infrastructure for information flow validation, i.e., ensuring that sensitive assets in modern System-on-Chip designs cannot be accessed or corrupted by an unauthorized or untrusted agent. The ove r-arching goal is to develop a scientific foundation and a comprehensive automated framework of integrated tools for systematically addressing the spectrum of challenges in information flow validation. The research objectives are tightly integrated into teaching and outreach activities, in the form of new curriculum development, organizing security competitions in premier conferences, recruitment of female and underrepresented minority students, and involving high-school graduates in research. The project has three technical objectives. The first objective is to develop a core foundation for information flow analysis that accounts for real-world complexities. In particular, many hard-to-detect real-world information flow violations result from interruptions of functional flow by a variety of asynchronous events, to subvert the integrity of hardware assets. The project addresses this critical issue by incorporating new, innovative approaches to specify, analyze, and integrate the role of asynchronous events and hardware-firmware interaction within the foundation. The second objective is to develop a comprehensive automated framework of integrated tools for systematically addressing the spectrum of challenges in information flow validation. The project addresses this goal through a combination of dynamic and formal analysis techniques that draw inspiration from advances in formal methods, testing, and machine learning. Third, the project targets smooth integration of the analysis infrastructure with industrial validation flows.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

我们生活在这样一个时代，智能、互联的计算设备遍及许多关键应用，包括交通系统、工业自动化、健康和生物医学系统等。当然，这些设备创建、处理和交换重要的敏感信息。未经授权或恶意访问这些资产可能导致灾难性后果，包括在卫生监测系统中造成人员生命损失。该项目的目标是为信息流验证创建一个全面的基础设施，即确保现代片上系统设计中的敏感资产不会被未经授权或不受信任的代理访问或损坏。首要目标是开发一个科学基础和综合自动化框架的集成工具，以系统地解决信息流验证中的各种挑战。研究目标与教学和外联活动紧密结合，其形式是制定新课程、在主要会议上组织安全竞赛、征聘女性和代表性不足的少数民族学生以及让高中毕业生参与研究。该项目有三个技术目标。第一个目标是为考虑现实世界复杂性的信息流分析开发一个核心基础。特别是，许多难以检测的现实世界信息流违规是由于各种异步事件对功能流的中断造成的，从而破坏了硬件资产的完整性。该项目通过采用新的、创新的方法来指定、分析和集成基础内异步事件和硬件-固件交互的角色，解决了这个关键问题。第二个目标是开发一个集成工具的综合自动化框架，用于系统地解决信息流验证中的各种挑战。该项目通过动态和形式化分析技术的结合来实现这一目标，这些技术从形式化方法、测试和机器学习的进步中汲取灵感。第三，项目的目标是分析基础设施与工业验证流的顺利集成。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。