Enhancing HW-SW Confidentiality Verification for Embedded Processors with SoftFlow’s Advanced Memory Range Feature

Enhancing HW-SW Confidentiality Verification for Embedded Processors with SoftFlow’s Advanced Memory Range Feature

연구 분야: Cryptography

학회: IFIP/IEEE International Conference on Very Large Scale Integration - System on a Chip

In contemporary electronic design automation (EDA), security often takes a backseat, leaving critical vulnerabilities unaddressed. This deficiency leads to the inadvertent oversight of vulnerabilities throughout the software-hardware design process. Specifically, vulnerabilities that allow leakage of sensitive data might stay unnoticed by standard testing, as the leakage itself might not result in evident functional changes. Consequently, there arises a crucial need for EDA tools that comprehensively address the confidentiality of sensitive data during the design phase. Presently, prevailing implementations tend to focus exclusively on hardware aspects or impose limitations on the expressive capacity of the security properties that require validation. Consequently, more proficient tools are required to assist in the software and hardware design. To tackle this challenge, we introduce an improved version of SoftFlow, an advanced analysis framework that utilizes model checking to identify software exploits in hardware leakage paths across various memory hierarchies. Based on our analysis, the leakage paths can be retained if proven not to be exploited by software. This proves beneficial in scenarios where removal would significantly impact the design’s performance or functionality, or when eliminating the path is not feasible due to the chip’s already completed manufacturing. A notable advancement over the original SoftFlow lies in the methodology introduced in this work, enabling the placement of sensitive information in any memory region—a capability previously constrained in SoftFlow. Furthermore, SoftFlow is now compatible with any open-source RISC-V compiler. For demonstration, we identify vulnerabilities in OpenSSL cryptographic C programs using SoftFlow, and redesign them to prevent cryptographic key leakage across RISC-V architectures.