Security of SoC firmware load protocols

The security architecture of modern systems-on-a-chip (SoC) is complex and critical to be done right and quickly. SoC security architects feel an acute need for new tool-supported specification and validation technologies. Aiming to stimulate research into creation of these technologies, in this paper we provide some industrial insights and initial solutions. Focusing on a concrete non-trivial example of security sensitive firmware load protocols, we show how to: (1) concisely specify the communication between IP blocks; (2) model the adversary; (3) debug and verify the protocol.

[1]  Rahul Kumar,et al.  Verifying Communication Protocols Using Live Sequence Chart Specifications , 2009, Electron. Notes Theor. Comput. Sci..

[2]  P. S. Thiagarajan,et al.  Message Sequence Charts , 2003, UML for Real.

[3]  Ganesh Gopalakrishnan,et al.  Live sequence charts applied to hardware requirements specification and verification , 2005, International Journal on Software Tools for Technology Transfer.

[4]  Salvatore J. Stolfo,et al.  When Firmware Modifications Attack: A Case Study of Embedded Exploitation , 2013, NDSS.

[5]  Sergey Bratus,et al.  TOCTOU, Traps, and Trusted Computing , 2008, TRUST.

[6]  Mark von Rosing,et al.  Business Process Model and Notation - BPMN , 2015, The Complete Business Process Handbook, Vol. I.

[7]  David Harel,et al.  LSCs: Breathing Life into Message Sequence Charts , 1999, Formal Methods Syst. Des..

[8]  David L. Dill,et al.  The Murphi Verification System , 1996, CAV.