Automating Asset Identification in SystemVerilog Hardware Designs

Abstract

The increasing complexity of hardware designs and the growing demand for secure systems have extended the responsibility of the designers. The early detection and mitigation of security flaws and vulnerabilities in the designs have increased the need for robust methodologies to identify and protect security-critical assets in the Register Transfer Level (RTL) source code. Knowing the security assets in a design is fundamental to downstream security analyses, such as threat modeling, weakness and attack point identification, and verification. This thesis presents two frameworks for automating the identification of potential primary security assets within RTL code in an Intellectual Property (IP) block. The asset identification process is traditionally performed manually and is highly resource-intensive. The first framework uses IP-specific keywords and behavioral patterns we manually identified by analyzing open-source hardware designs. The second framework identifies the signal’s behavioral and structural patterns, flow, and distribution throughout an IP block. We apply both frameworks to open-source hardware design projects and explore the outcomes. Through complex algorithms and iterative refinement, the frameworks provide a potential set of primary security assets and thus help to reduce the manual search space.