Information flow tracking in analog/mixed-signal designs through proof-carrying hardware IP

Information flow tracking (IFT) is a widely used methodology for ensuring data confidentiality in electronic systems and numerous such methods have been developed at various software or hardware description levels. Among them, proof-carrying hardware intellectual property (PCHIP) introduced an IFT methodology for digital hardware designs described in hardware description languages (HDLs). The risk of accidental information leakage, however, is not restricted to the digital domain. Indeed, analog signals originating from sources of sensitive information, such as biometric sensors, as well as analog outputs of a circuit, could carry or leak secrets. Moreover, similar to digital designs, analog circuits can also be contaminated with malicious information leakage channels capable of evading traditional manufacturing test. Compounding the problem, in analog/mixed-signal circuits such information leakage channels can cross the analog/digital or digital/analog interface, making their detection even harder. To this end, in this paper we introduce a PCHIP-based methodology which enables systematic formal evaluation of information flow policies in analog/mixed-signal designs. As we demonstrate, by integrating IFT across the digital and analog domain, our method is able to detect sensitive data leakage from the digital domain to the analog domain and vice versa, without requiring any modification of the current analog/mixed-signal circuit design flow.

[1]  Yiorgos Makris,et al.  Toward automatic proof generation for information flow policies in third-party hardware IP , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[2]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[3]  Yiorgos Makris,et al.  VeriCoq: A Verilog-to-Coq converter for proof-carrying hardware automation , 2015, 2015 IEEE International Symposium on Circuits and Systems (ISCAS).

[4]  Yiorgos Makris,et al.  Proof-Carrying Hardware Intellectual Property: A Pathway to Trusted Module Acquisition , 2012, IEEE Transactions on Information Forensics and Security.

[5]  Osman Hasan,et al.  Framework for Formally Verifying Analog and Mixed-Signal Designs , 2015 .

[6]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[7]  Frederic T. Chong,et al.  Complete information flow tracking from the gates up , 2009, ASPLOS.

[8]  Sayak Ray,et al.  ABCD-NL : Approximating Non-Linear Analog / Mixed-Signal Systems using Purely Boolean Models for High-speed Simulation and Formal Verification , 2014 .

[9]  Yue Lu,et al.  Design Techniques for a 60 Gb/s 173 mW Wireline Receiver Frontend in 65 nm CMOS Technology , 2016, IEEE Journal of Solid-State Circuits.

[10]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[11]  Chenming Calvin Hu,et al.  Modern Semiconductor Devices for Integrated Circuits , 2009 .

[12]  Yiorgos Makris,et al.  A proof-carrying based framework for trusted microprocessor IP , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[13]  Michael S. Hsiao,et al.  Hardware Trojan Attacks: Threat Analysis and Countermeasures , 2014, Proceedings of the IEEE.

[14]  Bo Yang,et al.  Cycle-accurate information assurance by proof-carrying based signal sensitivity tracing , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[15]  M. Tehranipoor,et al.  Hardware Trojans: Lessons Learned after One Decade of Research , 2016, TODE.

[16]  Tzi-cker Chiueh,et al.  A General Dynamic Information Flow Tracking Framework for Security Applications , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[17]  Mani B. Srivastava,et al.  Privacy risks emerging from the adoption of innocuous wearable sensors in the mobile environment , 2011, CHI.

[18]  Yu Liu,et al.  Hardware Trojans in wireless cryptographic ICs: Silicon demonstration & detection method evaluation , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[19]  Dennis Sylvester,et al.  A2: Analog Malicious Hardware , 2016, 2016 IEEE Symposium on Security and Privacy (SP).