Proof-Carrying Hardware via Inductive Invariants

Proof-carrying hardware (PCH) is a principle for achieving safety for dynamically reconfigurable hardware systems. The producer of a hardware module spends huge effort when creating a proof for a safety policy. The proof is then transferred as a certificate together with the configuration bitstream to the consumer of the hardware module, who can quickly verify the given proof. Previous work utilized SAT solvers and resolution traces to set up a PCH technology and corresponding tool flows. In this article, we present a novel technology for PCH based on inductive invariants. For sequential circuits, our approach is fundamentally stronger than the previous SAT-based one since we avoid the limitations of bounded unrolling. We contrast our technology to existing ones and show that it fits into previously proposed tool flows. We conduct experiments with four categories of benchmark circuits and report consumer and producer runtime and peak memory consumption, as well as the size of the certificates and the distribution of the workload between producer and consumer. Experiments clearly show that our new induction-based technology is superior for sequential circuits, whereas the previous SAT-based technology is the better choice for combinational circuits.

[1]  Manish Mahajan,et al.  Proof carrying code , 2015 .

[2]  George C. Necula,et al.  Safe, Untrusted Agents Using Proof-Carrying Code , 1998, Mobile Agents and Security.

[3]  Andrew W. Appel,et al.  Access control on the Web using proof-carrying authorization , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[4]  George C. Necula,et al.  Temporal-Safety Proofs for Systems Code , 2002, CAV.

[5]  Kedar S. Namjoshi,et al.  Certifying Model Checkers , 2001, CAV.

[6]  Yiorgos Makris,et al.  Proof-Carrying Hardware Intellectual Property: A Pathway to Trusted Module Acquisition , 2012, IEEE Transactions on Information Forensics and Security.

[7]  Marie-Christine Jakobs,et al.  Speed Up Configurable Certificate Validation by Certificate Reduction and Partitioning , 2015, SEFM.

[8]  Doron A. Peled,et al.  From model checking to a temporal proof , 2001, SPIN '01.

[9]  George C. Necula,et al.  Enforcing Resource Bounds via Static Verification of Dynamic Checks , 2005, ESOP.

[10]  Marco Platzner,et al.  On-The-Fly Verification of Reconfigurable Image Processing Modules Based on a Proof-Carrying Hardware Approach , 2015, ARC.

[11]  Martin Suda Triggered Clause Pushing for IC3 , 2013, ArXiv.

[12]  Heike Wehrheim,et al.  Certification for configurable program analysis , 2014, SPIN.

[13]  George C. Necula,et al.  Research on proof-carrying code for untrusted-code security , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[14]  Aaron R. Bradley,et al.  SAT-Based Model Checking without Unrolling , 2011, VMCAI.

[15]  Joël Ouaknine,et al.  Computational challenges in bounded model checking , 2005, International Journal on Software Tools for Technology Transfer.

[16]  Andrew W. Appel,et al.  A Certificate Infrastructure for Machine-Checked Proofs of Conditional Information Flow , 2012, POST.

[17]  Robert K. Brayton,et al.  Efficient implementation of property directed reachability , 2011, 2011 Formal Methods in Computer-Aided Design (FMCAD).

[18]  Eva Rose,et al.  Lightweight Bytecode Verification , 2004, Journal of Automated Reasoning.

[19]  Karl Crary,et al.  Resource bound certification , 2000, POPL '00.

[20]  Marco Platzner,et al.  Proof-Carrying Hardware: Concept and Prototype Tool Flow for Online Verification , 2010, Int. J. Reconfigurable Comput..

[21]  Yiorgos Makris,et al.  Proof carrying-based information flow tracking for data secrecy protection and hardware trust , 2012, 2012 IEEE 30th VLSI Test Symposium (VTS).

[22]  Ryan Kastner,et al.  Enforcing memory policy specifications in reconfigurable hardware , 2008, Comput. Secur..

[23]  Marco Platzner,et al.  Proof-Carrying Hardware: Towards Runtime Verification of Reconfigurable Modules , 2009, 2009 International Conference on Reconfigurable Computing and FPGAs.

[24]  Marco Platzner,et al.  Memory security in reconfigurable computers: Combining formal verification with monitoring , 2014, 2014 International Conference on Field-Programmable Technology (FPT).

[25]  Fabio Somenzi,et al.  Better generalization in IC3 , 2013, 2013 Formal Methods in Computer-Aided Design.

[26]  Marco Platzner,et al.  Verifying worst-case completion times for reconfigurable hardware modules using proof-carrying hardware , 2016, 2016 11th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC).

[27]  Manuel V. Hermenegildo,et al.  Abstraction-Carrying Code , 2005, LPAR.

[28]  Yiorgos Makris,et al.  A proof-carrying based framework for trusted microprocessor IP , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).