research-article

Open access

Arbitrary Precision and Complexity Tradeoffs for Gate-Level Information Flow Tracking

Authors:

Andrew Becker,

Wei Hu,

Yu Tai,

Philip Brisk,

Ryan Kastner,

Paolo IenneAuthors Info & Claims

DAC '17: Proceedings of the 54th Annual Design Automation Conference 2017

Article No.: 5, Pages 1 - 6

https://doi.org/10.1145/3061639.3062203

Published: 18 June 2017 Publication History

PDF eReader

Abstract

Hardware has become an increasingly attractive target for attackers, yet we still largely lack tools that enable us to analyze large designs for security flaws. Information flow tracking (IFT) models provide an approach to verifying a hardware design's adherence to security properties related to isolation and reachability.

However, existing precise IFT models are usually too complex to actually use. Queries may fail to finish even for small designs when verifying relatively simple properties. It is possible to create less complex models, but these come at the cost of a severe loss of precision---they frequently indicate a property fails when in fact it passes, which means verification requires extensive additional manual investigation.

We present a new method to bridge the chasm between precision and complexity in a finer-grained, controlled, and disciplined manner. Our method allows using the most appropriate precision/complexity tradeoff for the design size and available computing resources, meaning it is now possible to create models that are not too complex to be usable, but which offer more precision (fewer false positives) than was previously possible.

References

[1]

S. Adee. The hunt for the kill switch. Spectrum, IEEE, 45(5):34--39, May 2008.

Digital Library

Google Scholar

[2]

G. T. Becker, F. Regazzoni, C. Paar, and W. P. Burleson. Stealthy dopant-level hardware trojans. In the 15th International Conference on Cryptographic Hardware and Embedded Systems, CHES'13, pages 197--214, Berlin, Heidelberg, 2013. Springer-Verlag.

Digital Library

Google Scholar

[3]

M. Bidmeshki and Y. Makris. Vericoq: A verilog-to-coq converter for proof-carrying hardware automation. In 2015 IEEE International Symposium on Circuits and Systems, ISCAS 2015, Lisbon, Portugal, May 24-27, 2015, pages 29--32, 2015.

Crossref

Google Scholar

[4]

G. Bloom, E. Leontie, B. Narahari, and R. Simha. Hardware and security: Vulnerabilities and solutions, 2012.

Google Scholar

[5]

B. Dutertre. Yices 2.2. In A. Biere and R. Bloem, editors, Computer-Aided Verification (CAV'2014), volume 8559 of Lecture Notes in Computer Science, pages 737--744. Springer, July 2014.

Digital Library

Google Scholar

[6]

J. A. Goguen and J. Meseguer. Security policies and security models. In 1982 IEEE Symposium on Security and Privacy, Oakland, CA, USA, April 26-28, 1982, pages 11--20, 1982.

Crossref

Google Scholar

[7]

W. Hu, A. Becker, A. Ardeshiricham, Y. Tai, P. Ienne, D. Mu, and R. Kastner. Imprecise security: Quality and complexity tradeoffs for hardware information flow tracking. In Proceedings of the 35th International Conference on Computer-Aided Design, ICCAD '16, pages 95:1--95:8, New York, NY, USA, 2016. ACM.

Digital Library

Google Scholar

[8]

W. Hu, J. Oberg, A. Irturk, M. Tiwari, T. Sherwood, D. Mu, and R. Kastner. Theoretical fundamentals of gate level information flow tracking. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 30(8):1128--1140, Aug 2011.

Digital Library

Google Scholar

[9]

W. Hu, J. Oberg, A. Irturk, M. Tiwari, T. Sherwood, D. Mu, and R. Kastner. On the complexity of generating gate level information flow tracking logic. IEEE Transactions on Information Forensics and Security, 7(3):1067--1080, June 2012.

Digital Library

Google Scholar

[10]

M. Tiwari, H. M. Wassel, B. Mazloom, S. Mysore, F. T. Chong, and T. Sherwood. Complete information flow tracking from the gates up. In international conference on Architectural support for programming languages and operating systems, ASPLOS'09, pages 109--120, New York, NY, USA, 2009.

Digital Library

Google Scholar

[11]

D. Zhang, Y. Wang, G. E. Suh, and A. C. Myers. A hardware design language for timing-sensitive information-flow security. In the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '15, pages 503--516, New York, NY, USA, 2015.

Digital Library

Google Scholar

Cited By

View all

Pevtsov EDemenkova TIndrishenok AFilimonov V(2024)Identification of digital device hardware vulnerabilities based on scanning systems and semi-natural modelingRussian Technological Journal10.32362/2500-316X-2024-12-4-23-3912:4(23-39)Online publication date: 5-Aug-2024
https://doi.org/10.32362/2500-316X-2024-12-4-23-39
Deutschbein CMeza ARestuccia FKastner RSturton CHong Chang CRührmair UKatzenbeisser SMukhopadhyay D(2021)IsadoraProceedings of the 5th Workshop on Attacks and Solutions in Hardware Security10.1145/3474376.3487286(5-15)Online publication date: 19-Nov-2021
https://dl.acm.org/doi/10.1145/3474376.3487286
Hu WArdeshiricham AKastner R(2021)Hardware Information Flow TrackingACM Computing Surveys10.1145/344786754:4(1-39)Online publication date: 3-May-2021
https://dl.acm.org/doi/10.1145/3447867
Show More Cited By

Recommendations

Hardware Information Flow Tracking

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, ...
Gate-Level Information Flow Tracking for Security Lattices

High-assurance systems found in safety-critical infrastructures are facing steadily increasing cyber threats. These critical systems require rigorous guarantees in information flow security to prevent confidential information from leaking to an ...
On the Complexity of Generating Gate Level Information Flow Tracking Logic

Hardware-based side channels are known to expose hard-to-detect security holes enabling attackers to get a foothold into the system to perform malicious activities. Despite this fact, security is rarely accounted for in hardware design flows. As a ...

Comments

Information & Contributors

Information

Published In

DAC '17: Proceedings of the 54th Annual Design Automation Conference 2017

June 2017

533 pages

ISBN:9781450349277

DOI:10.1145/3061639

This work is licensed under a Creative Commons Attribution-ShareAlike International 4.0 License.

In-Cooperation

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 June 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Conference

DAC '17

Sponsor:

EDAC
SIGDA

DAC '17: The 54th Annual Design Automation Conference 2017

June 18 - 22, 2017

TX, Austin, USA

Acceptance Rates

Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

Upcoming Conference

DAC '25

Sponsor:
sigda

62nd ACM/IEEE Design Automation Conference

June 22 - 26, 2025

San Francisco , CA , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
341
Total Downloads

Downloads (Last 12 months)60
Downloads (Last 6 weeks)10

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Pevtsov EDemenkova TIndrishenok AFilimonov V(2024)Identification of digital device hardware vulnerabilities based on scanning systems and semi-natural modelingRussian Technological Journal10.32362/2500-316X-2024-12-4-23-3912:4(23-39)Online publication date: 5-Aug-2024
https://doi.org/10.32362/2500-316X-2024-12-4-23-39
Deutschbein CMeza ARestuccia FKastner RSturton CHong Chang CRührmair UKatzenbeisser SMukhopadhyay D(2021)IsadoraProceedings of the 5th Workshop on Attacks and Solutions in Hardware Security10.1145/3474376.3487286(5-15)Online publication date: 19-Nov-2021
https://dl.acm.org/doi/10.1145/3474376.3487286
Hu WArdeshiricham AKastner R(2021)Hardware Information Flow TrackingACM Computing Surveys10.1145/344786754:4(1-39)Online publication date: 3-May-2021
https://dl.acm.org/doi/10.1145/3447867
Zhang RSturton C(2020)Transys: Leveraging Common Security Properties Across Hardware Designs2020 IEEE Symposium on Security and Privacy (SP)10.1109/SP40000.2020.00030(1713-1727)Online publication date: May-2020
https://doi.org/10.1109/SP40000.2020.00030
Pilato CWu KGarg SKarri RRegazzoni F(2018)TaintHLS: High-Level Synthesis For Dynamic Information Flow TrackingIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2018.2834421(1-1)Online publication date: 2018
https://doi.org/10.1109/TCAD.2018.2834421

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Hardware Information Flow Tracking

Gate-Level Information Flow Tracking for Security Lattices

On the Complexity of Generating Gate Level Information Flow Tracking Logic

Comments

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF

eReader

Login options

Full Access

Abstract

References

Cited By

Recommendations

Hardware Information Flow Tracking

Gate-Level Information Flow Tracking for Security Lattices

On the Complexity of Generating Gate Level Information Flow Tracking Logic

Comments

Information

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations