skip to main content

Search for: All records

Award ID contains: 2019310

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. The increasing complexity of System-on-Chip (SoC) designs and the rise of third-party vendors in the semiconductor industry have led to unprecedented security concerns. Traditional formal methods struggle to address software-exploited hardware bugs, and existing solutions for hardware-software co-verification often fall short. This paper presents Microscope, a novel framework for inferring software instruction patterns that can trigger hardware vulnerabilities in SoC designs. Microscope enhances the Structural Causal Model (SCM) with hardware features, creating a scalable Hardware Structural Causal Model (HW-SCM). A domain-specific language (DSL) in SMT-LIB represents the HW-SCM and predefined security properties, with incremental SMT solving deducing possible instructions. Microscope identifies causality to determine whether a hardware threat could result from any software events, providing a valuable resource for patching hardware bugs and generating test input. Extensive experimentation demonstrates Microscope's capability to infer the causality of a wide range of vulnerabilities and bugs located in SoC-level benchmarks. 
    more » « less
    Free, publicly-accessible full text available April 1, 2025
  2. This paper presents LLM4SecHW, a novel framework for hardware debugging that leverages domain-specific Large Language Model (LLM). Despite the success of LLMs in automating various software development tasks, their application in the hardware security domain has been limited due to the constraints of commercial LLMs and the scarcity of domain-specific data. To address these challenges, we propose a unique approach to compile a dataset of open-source hardware design defects and their remediation steps, utilizing version control data. This dataset provides a substantial foundation for training machine learning models for hardware. LLM4SecHW employs fine-tuning of medium-sized LLMs based on this dataset, enabling the identification and rectification of bugs in hardware designs. This pioneering approach offers a reference workflow for the application of fine-tuning domain-specific LLMs in other research areas. We evaluate the performance of our proposed system on various open-source hardware designs, demonstrating its efficacy in accurately identifying and correcting defects. Our work brings a new perspective on automating the quality control process in hardware design. 
    more » « less
    Free, publicly-accessible full text available December 1, 2024
  3. Hardware IP verification requires collaboration from several parties, including the 3PIP vendor, IP user, and EDA tool vendor, all of whom could threaten the design's integrity and confidentiality. Various frameworks and tools, including the IEEE 1735 standard, have been developed to address these concerns. However, these solutions fall short of the zero trust model's requirements. To overcome this, we propose a novel zero trust formal verification framework that incorporates secure multiparty computation to ensure the privacy of all the parties involved in the verification process. The efficiency of the framework is demonstrated by checking various open-source IP-level benchmarks. 
    more » « less
  4. null (Ed.)
    The hardware intellectual property (IP) cores from untrusted vendors are widely used, which has raised security concerns for system designers. Although formal methods provide powerful solutions for detecting malicious behaviors in hardware, the participation of manual work prevents the methods from practical applications. Information Flow Tracking (IFT) is a powerful approach to prevent sensitive information leakage. However, existing IFT solutions are either introducing overhead in hardware or lacking practical automatic working procedures. To alleviate these challenges, we propose a framework that fully automates information leakage detection in the gate level of hardware. This framework introduces Z3, an SMT solver, in checking the violation of the confidentiality automatically. On the other hand, a parser converting the gate-level hardware to the formal model is developed to further remove the manual workload. To validate the effectiveness, the proposed solution is tested on 11 gate-level netlist benchmarks. The Trojans leaking information from circuit outputs can be automatically detected. We also account for time consumption during the whole working procedure to show the efficiency of the proposed approach. 
    more » « less