Collaborative Research: SaTC: CORE: Medium: Hardware Security Insights: Analyzing Hardware Designs to Understand and Assess Security Weaknesses and Vulnerabilities

协作研究：SaTC：核心：中：硬件安全见解：分析硬件设计以了解和评估安全弱点和漏洞

• 批准号: 2247755
• 负责人: Ryan Kastner
• 金额: $ 57.1万
• 依托单位: University of California-San Diego
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-07-01 至 2027-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2247755&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Medium

This project’s goal is to develop better methods for understanding how information flows in computer hardware designs, and thus increase their security. The microprocessors, wireless modems, graphics processing units, and other hardware components at the heart of all computing devices are designed by engineers using low-level hardware description languages. These designs are complex, making it difficult to reason about security vulnerabilities that may allow attackers to extract valuable secret information like cryptographic keys and personally identifiable information. Hardware security verification aims to identify hardware weaknesses, patch potential vulnerabilities, and mitigate the harm of attacks. Understanding how information flows in hardware designs can help verification engineers to assess whether secret data can be extracted by an attacker and to develop designs that prevent those vulnerable flows.The project is structured around three main aims that together will lead to improved tools for insights around hardware information flow tracking. The first aim is to automate the generation of information-flow properties, which can then be verified by existing tools. The second is to develop testbenches that fully exercise possible information flows through a design, using angelic execution oracles designed to maximize coverage of possible information flows. The third is to develop a new “hyperflow analysis” framework that provides both analytic representations to support algorithms for hardware design and verification, and visual representations that help verification engineers explore hardware vulnerabilities through an information-flow lens. The work will involve a number of undergraduate and graduate students, contributing to the development of the computer security workforce.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该项目是为了理解计算机硬件设计中的流动方法复杂的是，很难推理toat的安全漏洞，这可能会使铲球可以提取诸如密码和个人信息之类的秘密信息，以识别硬件弱点，补丁潜在的脆弱性，并察觉到硬件设计中的烦恼如何帮助验证工程师评估数据由攻击者提取并开发脆弱流动的设计。该项目围绕三个主要目的，这些目标共同导致改进的工具福特软件信息流跟踪。第二个是开发通过Desigha Desigh Desigh Desigh Desigh Desigh的测试板，使用天使般的执行来最大程度地覆盖可能的信息流量。硬件脆弱性工作于工作人员和毕业生的工作人员安全劳动力。该奖项反映了NSF'Stutory Mission，值得支持Thalugh评估我们的优点和更广泛的影响。

项目成果

Isadora: automated information-flow property generation for hardware security verification

• DOI: 10.1007/s13389-022-00306-w
• 发表时间: 2022-11
• 期刊: Journal of Cryptographic Engineering
• 影响因子: 1.9
• 作者: Calvin Deutschbein;Andres Meza;Francesco Restuccia;R. Kastner;C. Sturton

Special Session: CAD for Hardware Security - Promising Directions for Automation of Security Assurance

• DOI: 10.1109/vts56346.2023.10140100
• 发表时间: 2023-04
• 期刊: 2023 IEEE 41st VLSI Test Symposium (VTS)
• 作者: Sohrab Aftabjahani;M. Tehranipoor;Farimah Farahmandi;Bulbul Ahmed;R. Kastner;Francesco Restuccia;Andres Meza;Kaki Ryan;Nicole Fern;J. V. Woudenberg;Rajesh Velegalati;Cees-Bart Breunesse;C. Sturton;Calvin Deutschbein

Automated Generation, Verification, and Ranking of Secure SoC Access Control Policies

安全 SoC 访问控制策略的自动生成、验证和排序

• DOI: 10.1145/3576914.3587508
• 发表时间: 2023
• 期刊: CPS-IoT Week '23: Cyber-Physical Systems and Internet of Things
• 作者: Meza, Andres;Kastner, Ryan
• 通讯作者: Kastner, Ryan