An approach to develop SoC-level security measurement and estimation, including how the transition from IP to SoC affects overall SoC security. Also, presents the step-by-step procedure for measuring and estimating security against two threats: IP Hacking and Side-Channel Power Analysis.
“Hardware vulnerabilities are generally considered more difficult to fix than software vulnerabilities due to their persistent nature after manufacture. Thus, it is crucial to assess security and fix potential vulnerabilities in earlier design phases, such as register transfer level (RTL), gate level, or physical layout. The objective of existing security assessment techniques is mainly twofold. First, they check the security of intellectual property (IP) blocks separately (they can be applied on a single module). Second, they aim to assess security against individual threats by considering that the threats are orthogonal. We argue that assessing security at the IP level is not sufficient. Eventually, the IP addresses are placed in a platform, such as a system-on-chip (SoC), where each IP address is surrounded by other IP addresses connected through bonding logic and shared/private buses. This has a substantial impact on platform security. Therefore, we need to develop a methodology to assess platform-level security by considering both IP-level security and the impact of additional parameters introduced when transitioning from IP to platform. . Another important factor to consider is that threats are not always orthogonal. Improving security against one threat can affect security against other threats. Thus, to build a secure platform, we must first fully understand the impact of IP communications on security while considering the following questions: What kinds of additional parameters are introduced when integrating the platform? How to define and characterize the impact of these parameters on safety? How do mitigation techniques for one threat affect others? This article aims to answer these important questions and proposes quantifiable assurance techniques by estimating and quantitatively measuring the security of a platform in the pre-silicon stages. We also discuss the term security optimization and present the challenges towards future research directions.
Find the technical document link here.
B. Ahmed, K. Bepary, N. Pundir, M. Borza, O. Raikhman, A. Garg, D. Dunchin, A. Cron, M. Abdel-Moneum, F. Farahmandi, F. Rahman and M. Tehranipoor, “Quantifiable Assurance: From IP Addresses to Platforms”, 2021