Comprehensive processor security verification: A CIA problem
Event Type
Designer, IP and Embedded Systems Track Presentations
Virtual Programs
Hosted in Virtual Platform
DescriptionSecurity for hardware is a growing challenge distributed across IP, sub-systems, and the full chip (SoC). The CWE view of the security for hardware designs categorizes different hardware vulnerabilities based on the type of hardware design. We believe a systematic approach to security verification for processors is still lacking because there is no consistent security verification plan that is used to verify processors for security, though useful investigations do certainly exist.

In this paper, we present a novel security verification framework specifically targeted at processors. Functional verification is a problem of establishing conformance against a known set of requirements. Security verification involves establishing resilience against an unknown and theoretically infinite set of negative unintended actions. In practice, we believe that we can define a comprehensive set of negative threats that can impact security by carrying out a systematic assessment of attacks and risks. The process involves characterizing the security requirements as CIA goals as formal requirements that are verified in a formal verification tool producing a definite outcome on vulnerability. We associate a vulnerability score using the CVSS online calculator to compute the severity for each vulnerability. We will report on different issues found with multiple processors in our paper.