Leveraging Gate-Level Properties to Identify Hardware Timing Channels
- 18 August 2014
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
- Vol. 33 (9), 1288-1301
- https://doi.org/10.1109/tcad.2014.2331332
Abstract
Modern embedded computing systems such as medical devices, airplanes, and automobiles continue to dominate some of the most critical aspects of our lives. In such systems, the movement of information throughout a device must be tightly controlled to prevent violations of privacy or integrity. Unfortunately, bounding the flow of information can often present a significant challenge, as information can flow through channels that are difficult to detect, such as timing channels. As has been demonstrated by recent research in hardware security, information flow tracking techniques deployed at the hardware or gate level show promise at identifying these “timing flows” but provide no formal statements about this claim NOR mechanisms for separating out timing information from other types of flows. In this paper, we first prove that gate-level information flow tracking can in fact detect timing flows. In addition, we work to identify these timing flows separately from other flows by presenting a framework for identifying a different type of flow that we call functional flows. By using this framework to either confirm or rule out the existence of such flows, we leverage the previous work in hardware information flow tracking to effectively isolate timing flows. To show the effectiveness of this model, we demonstrate its usage on three practical examples: a shared bus (I 2 C), a cache in a MIPS-based processor, and an RSA encryption core, all of which were written in Verilog/VHDL and then simulated in a variety of scenarios. In each scenario, we demonstrate how our framework can be used to identify timing and functional flows and also analyze our model's overhead.Keywords
This publication has 27 references indexed in Scilit:
- A Practical Testing Framework for Isolating Hardware Timing ChannelsPublished by EDAA ,2013
- SPEC CPU2006 benchmark descriptionsACM SIGARCH Computer Architecture News, 2006
- Cache Attacks and Countermeasures: The Case of AESLecture Notes in Computer Science, 2006
- Language-based information-flow securityIEEE Journal on Selected Areas in Communications, 2003
- On introducing noise into the bus-contention channelPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- A framework for comparing models of computationIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 1998
- Principles and methods of testing finite state machines-a surveyProceedings of the IEEE, 1996
- A retrospective on the VAX VMM security kernelIEEE Transactions on Software Engineering, 1991
- Shared resource matrix methodologyACM Transactions on Computer Systems, 1983
- A method for obtaining digital signatures and public-key cryptosystemsCommunications of the ACM, 1978