FastPath: A Hybrid Approach for Efficient Hardware Security Verification

By Lucas Deutschmann ¹, Andres Meza ², Dominik Stoffel ¹, Wolfgang Kunz ¹ and Ryan Kastner ^2
1 RPTU Kaiserslautern-Landau, Germany 
² UC San Diego, USA

Abstract

Many verification methods have been proposed to detect microarchitectural information leakage in response to the surge of security breaches in hardware designs. These sophisticated efforts have gone a long way toward preventing attackers from breaking the system’s confidentiality. However, each approach has its own set of weaknesses: it may not be scalable enough, exhaustive enough, flexible enough to meet changing requirements or fit well into existing verification flows.

We propose FastPath, a hybrid verification methodology that combines the efficiency of simulation with the exhaustive nature of formal verification. FastPath employs a structural analysis framework to automate the method further. Our experimental results compare FastPath to a state of-the-art formal approach, showing a significant reduction in manual effort while achieving the same level of exhaustive confidence. We also discovered and contributed a fix for a previously unknown leak of internal operands in cv32e40s, a RISC-V processor intended for security applications.

Index Terms — Hardware Security, Information Flow Tracking, Simu lation, Formal Verification, Data-Oblivious Computing.

To read the full article, click here