Naval Postgraduate School
Security Checkers: Detecting Processor Malicious Inclusions at Runtime
bilzor_security_checkers_2011.pdf (568.5Kb)Date
2011Metadata
Show full item recordAbstract
To counter the growing threat of malicious subversions
to the design of a microprocessor, there is a great need for
simple, automated methods for detecting such malevolent changes.
Based on the adoption of the Property Specification Language
(PSL) for behavioral verification, and the advent of tools for
automatically generating synthesizable hardware design language
(HDL) constructs for verifying a PSL assertion, we propose a new
method called Security Checkers, which uses security-focused PSL
assertions to create hardware design units for detecting malicious
inclusions at runtime.
We describe the process flow for creating Security Checkers and
demonstrate by example how they can be used to detect malicious
inclusions in a processor design. Because the checkers can be
used in simulation, FPGA emulation, or as part of a fabricated
design, we illustrate how this technique can be used to detect
malicious inclusions over a much broader segment of the
Description
In Hardware-Oriented Security and Trust (HOST), 2011 IEEE International Symposium on, 2011, pp. 34-39.
Collections
Related items
Showing items related by title, author, creator and subject.
-
Evaluating Security Requirements in a General-Purpose Processor by Combining Assertion Checkers with Code Coverage
(2012-06);The problem of malicious inclusions in hardware is an emerging threat, and detecting them is a difficult challenge. In this research, we enhance an existing method for creating assertion-based dynamic checkers, and ... -
Defining and enforcing hardware security requirements
(Monterey, California. Naval Postgraduate School, 2011-12);Security in computing systems to date has focused mostly on software. In this research, we explore the application and enforceability of well-defined security requirements in hardware designs. The principal threats to ... -
An approach for detecting malicious emails using runtime monitoring with hidden data
(Monterey, California: Naval Postgraduate School, 2016-09);Computer systems continue to be at risk of attack by malicious software that are attached to email. Email has been determined to be the cause of 80% of computer virus infections. Millions of dollars are lost yearly due to ...
