System-on-Chip Security Assertions
This addresses security vulnerabilities in System-on-Chip designs, which is a domain-specific and incremental improvement over existing assertion techniques.
The paper tackles the problem of monitoring System-on-Chip security vulnerabilities by defining classes of assertions for runtime checking, and the result shows that their generated security assertions detect all inserted vulnerabilities, whereas state-of-the-art functional assertions fail to detect most.
Assertions are widely used for functional validation as well as coverage analysis for both software and hardware designs. Assertions enable runtime error detection as well as faster localization of errors. While there is a vast literature on both software and hardware assertions for monitoring functional scenarios, there is limited effort in utilizing assertions to monitor System-on-Chip (SoC) security vulnerabilities. In this paper, we identify common SoC security vulnerabilities by analyzing the design. To monitor these vulnerabilities, we define several classes of assertions to enable runtime checking of security vulnerabilities. Our experimental results demonstrate that the security assertions generated by our proposed approach can detect all the inserted vulnerabilities while the functional assertions generated by state-of-the-art assertion generation techniques fail to detect most of them.