Automatic Implementation of Secure Silicon

Overview

The Automatic Implementation of Secure Silicon (AISS) program aims to ease the burden of developing secure chips. AISS seeks to create a novel, automated chip design flow that will allow security mechanisms to scale consistently with the goals of a chip design. The target design flow will provide a means of rapidly evaluating architectural alternatives that best address the required design and security metrics, as well as varying cost models to optimize the economics versus security trade-off. The target system on chip (SoC) will be automatically generated, integrated, and optimized, and will consist of two partitions – an application specific processor partition and a security partition implementing the on-chip security features. By bringing greater automation to the chip design process, the burden of security inclusion can be profoundly decreased.



The above figure shows an overview of the AISS platform that incorporates three major components: on-chip security, security tools, and integration. A successful implementation of this project will lead to a secure silicon as shown below.



This is an interdisciplinary project involving multiple companies and universities. My group is involved in two research tasks: threat heuristics and security IP. The Threat Heuristics task developed tools to check five specific vulnerabilities (malicious implants, FSM vulnersbility, information leakage, clock/reset vulnerability, and data flow vulnerability) in RTL designs. The Security IP task involves design and mitigation of both hardware and software cryptographic IPs. The first two phases are over and we have just started the third phase.
  • TA1.1.5 (Cryptographic Cores): Creation of foundational Security IP.
  • TA1.1.10 (Threat Heuristics Library): Develop a library of techniques to detect suspect circuits in RTL.
  • TA1.2.4 (Configurable Security IP): Develop parameterized security IP cores that allow a designer to configure PASS features of cores to meet security and PASS objectives.
  • TA1.2.9 (Threat Detection Tool): Develop threat detection tools using static, dynamic as well as formal analysis to detect and report security vulnerabilities in RTL and gate level IPs.
  • TA1.3.5 (Multiple Threat Scoring): Analyze and score the effectiveness of IP security against multiple attack threats utilizing various threat detection algorithms.
  • TA1.3.6 (Configurable Security IP): Develop generators for security IP cores that enables optimization to meet security and PASS objectives.
The AISS is performed in three phases and validated by IV&V team (see below). The first two phases are over. We have just started teh third phase.




Members

   Faculty (PI)    Graduate Students    Undergraduate Researchers
   Prof. Prabhat Mishra    Aruna Jayasena    Laura Chang
         Emma Andrews    Lydia Chung
         Sahan Sanjaya    Richard Bachmann
         Daniel Volya    Emmett Kogan

Downloads

Stay tuned ...


Publications

Stay tuned ...


Research Sponsors

DARPA This project is funded by DARPA (DARPA). The views expressed on the site are those of the members of this project and do not necessarily represent those of DARPA.