Method and System for Detecting Hardware Trojans and Unintentional Design Flaws
First Claim
1. A method performed by data processing apparatus, the method comprising:
- receiving a hardware design specifying an implementation for information flow in a hardware configuration, wherein the hardware design comprises at least two variables relating to the information flow;
receiving one or more labels annotating the hardware design, wherein each of the one or more labels corresponds to a respective variable of the at least two variables;
receiving one or more security properties specifying a restriction relating to the one or more labels for implementing an information flow model;
generating the information flow model, wherein generating comprises translating the one or more security properties to automatically assign a respective label value to each of the one or more labels based on the one or more security properties;
performing verification using the information flow model, wherein verification comprises verifying whether the information flow model passes or fails against the one of more security properties; and
upon verifying that the information flow model passes, determining that an unintentional design flaw is not identified in the hardware design.
3 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure includes systems and methods relating to information flow tracking and detection of unintentional design flaws of digital devices and microprocessor systems. In general, in one implementation, a technique includes: receiving a hardware design specifying an implementation for information flow in a hardware configuration; receiving one or more labels annotating the hardware design; receiving one or more security properties specifying a restriction relating to the one or more labels for implementing an information flow model; generating the information flow model; performing verification using the information flow model, wherein verification comprises verifying whether the information flow model passes or fails against the one of more security properties; and upon verifying that the information flow model passes, determining that an unintentional design flaw is not identified in the hardware design.
32 Citations
13 Claims
-
1. A method performed by data processing apparatus, the method comprising:
-
receiving a hardware design specifying an implementation for information flow in a hardware configuration, wherein the hardware design comprises at least two variables relating to the information flow; receiving one or more labels annotating the hardware design, wherein each of the one or more labels corresponds to a respective variable of the at least two variables; receiving one or more security properties specifying a restriction relating to the one or more labels for implementing an information flow model; generating the information flow model, wherein generating comprises translating the one or more security properties to automatically assign a respective label value to each of the one or more labels based on the one or more security properties; performing verification using the information flow model, wherein verification comprises verifying whether the information flow model passes or fails against the one of more security properties; and upon verifying that the information flow model passes, determining that an unintentional design flaw is not identified in the hardware design. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification