Detecting Malicious Logic Through Structural Checking

Hardware is just as susceptible as software to "hacker attacks", through inclusion of malicious logic; and the consequences of such an attack could be disastrous! The impact of software viruses has been felt, at one time or another, by the entire computerized world, through loss of productivity, loss of system resources or data, or mere inconvenience. However, the nature of malicious logic and defending against it is fundamentally different from its software counterpart. Malicious logic has the added dimension of not being removable once encapsulated in the system. This paper will identify hardware vulnerabilities and will outline an automated method, called structural checking, to detect and prevent malicious logic from becoming incorporated into an ASIC, which could cause catastrophic system failure, security breaches, or other dire consequences.

[1]  Abelardo Pardo,et al.  Incremental CTL model checking using BDD subsetting , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[2]  Jae-Young Jang,et al.  Tearing based abstraction for CTL model checking , 1996, ICCAD 1996.

[3]  Aarti Gupta,et al.  Formal hardware verification methods: A survey , 1992, Formal Methods Syst. Des..

[4]  David L. Dill,et al.  CMC: a model checker for network protocol implementations , 2004 .

[5]  A. Prasad Sistla,et al.  Symmetry and model checking , 1993, Formal Methods Syst. Des..

[6]  Francisco Corella Automated Verification of Behavioral Equivalence for Microprocessors , 1994, IEEE Trans. Computers.

[7]  Mark R. Greenstreet,et al.  Formal verification in hardware design: a survey , 1999, TODE.

[8]  Doron A. Peled,et al.  Using partial-order methods in the formal validation of industrial concurrent programs , 1996, ISSTA '96.

[9]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[10]  David L. Dill,et al.  Better verification through symmetry , 1996, Formal Methods Syst. Des..

[11]  C. A. J. van Eijk,et al.  Sequential Equivalence Checking Based on Structural Similarities , 2000 .

[12]  Doron A. Peled,et al.  All from One, One for All: on Model Checking Using Representatives , 1993, CAV.

[13]  David L. Dill What's between simulation and formal verification? , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[14]  Somesh Jha,et al.  Exploiting Symmetry In Temporal Logic Model Checking , 1993, CAV.

[15]  John Rushby,et al.  Model Checking and Other Ways of Automating Formal Methods , 1995 .

[16]  M. Abadir,et al.  Enhanced Equivalence Checkinga Solidarity of Functional Verification and , 2004 .

[17]  Jia Di,et al.  A Hardware Threat Modeling Concept for Trustable Integrated Circuits , 2007, 2007 IEEE Region 5 Technical Conference.

[18]  Harry Foster Applied Boolean Equivalence Verification and RTL Static Sign-Off , 2001, IEEE Des. Test Comput..

[19]  Warren A. Hunt FM8501: A Verified Microprocessor , 1994, Lecture Notes in Computer Science.

[20]  Malay K. Ganai,et al.  Robust Boolean reasoning for equivalence checking and functional property verification , 2002, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[21]  Patrick Cousot,et al.  Refining Model Checking by Abstract Interpretation , 2004, Automated Software Engineering.

[22]  Michael S. Hsiao,et al.  VERISEC: verifying equivalence of sequential circuits using SAT , 2005, Tenth IEEE International High-Level Design Validation and Test Workshop, 2005..

[23]  Shi-Yu Huang,et al.  AQUILA: An Equivalence Checking System for Large Sequential Designs , 2000, IEEE Trans. Computers.

[24]  Edmund M. Clarke,et al.  Model checking, abstraction, and compositional verification , 1993 .

[25]  Karem A. Sakallah,et al.  Principles of sequential-equivalence verification , 2005, IEEE Design & Test of Computers.

[26]  Robert P. Kurshan,et al.  Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach , 2014 .

[27]  E. Allen Emerson,et al.  From Asymmetry to Full Symmetry: New Techniques for Symmetry Reduction in Model Checking , 1999, CHARME.

[28]  C. Zheng,et al.  ; 0 ; , 1951 .

[29]  Doron A. Peled,et al.  Using partial-order methods in the formal validation of industrial concurrent programs , 1996, ISSTA '96.

[30]  Jun Sawada,et al.  Verifying the FM9801 microarchitecture , 1999, IEEE Micro.

[31]  Magdy S. Abadir,et al.  Enhanced equivalence checking: toward a solidarity of functional verification and manufacturing test generation , 2004, IEEE Design & Test of Computers.

[32]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[33]  Dawson R. Engler,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation Cmc: a Pragmatic Approach to Model Checking Real Code , 2022 .

[34]  Kurt Jensen Condensed state spaces for symmetrical Coloured Petri Nets , 1996, Formal Methods Syst. Des..

[35]  Bernd Finkbeiner,et al.  Abstraction and Modular Verification of Infinite-State Reactive Systems , 1997, Requirements Targeting Software and Systems Engineering.

[36]  Nikil D. Dutt,et al.  A methodology for validation of microprocessors using equivalence checking , 2003, Proceedings. 4th International Workshop on Microprocessor Test and Verification - Common Challenges and Solutions.

[37]  Robert K. Brayton,et al.  On the verification of sequential equivalence , 2003, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[38]  Donald S. Fussell,et al.  Formal verification of an advanced pipelined machine , 1999 .