An IP core RTL level code security vulnerability detection method based on information flow

Abstract

The invention relates to an information flow-based IP core RTL level code security vulnerability detection method. The method comprises the steps of inputting a to-be-detected RTL code; carrying out lexical parsing on the RTL code to generate a grammatical abstract tree; carrying out information flow processing on the expression according to the data flow of the grammar abstraction tree, adding astain label for the operand, and adding label propagation logic;combining the expressions of the single operators subjected to information flow processing to generate a total information flow expression of the assignment statement; judging whether the code is completely processed or not; generating a code with an information flow label and propagation logic; compiling a security attribute according to the security requirement, and generating the security attribute on the basis of the code with the information flow label and the propagation logic; performing simulation verification / formalized verification on the security attribute assertion and the code with the information flow label and the propagation logic; obtaining safety verification conclusion. According to the invention, the detection of security vulnerabilities existing in the RTL-level codes designed by the IP core is realized.

Description

technical field [0001] The invention relates to the field of integrated circuit security detection, in particular to a security loophole detection method for IP core RTL level codes. Background technique [0002] In the register transfer level (RTL) code of the IP core contained in the integrated circuit design, there may be some security risks. These security risks can be divided into two categories: (1) design loopholes. Due to the developer's mistake or improper design, there are some design loopholes in the IP core, and there are hidden channels directly between key registers and external outputs. If exploited by an attacker, it may be used for the purpose of stealing key information of registers or destroying functions. (2) Hardware Trojan horse or malicious code. Attackers can implant hardware Trojan horses or malicious codes in the RTL design of integrated circuit IP cores through some uncontrollable links of developers. After these codes meet the trigger conditions...

AI Technical Summary

Problems solved by technology

Due to the developer's mistake or improper design, there are some design loopholes in the IP core, and there are hidden channels directly between key registers and external outputs. If exploited by an attacker, it may be used for the purpose of stealing key information of registers or destroying functions.

(2) Hardware Trojan horse or malicious code

[0008] (1) The destructive detection method is very time-consuming and requires a huge investment, which will cause irreversible damage to the circuit, etc.

With the rapid development of integrated circuit technology, the interior of the chip is becoming more and more refined, even exceeding the observation range of existing precision equipment, which makes the detection method of destructive hardware Trojans face great challenges

[0009] (2) The effectiveness of the functional test method depends on the quality of incentives applied to the IP core. Common hardware Trojan horses or security risks are often difficult to be easily triggered, and a large number of incentives need to be tried, which takes a lot of time

[0010] (3) Bypass analysis and detection When the overall scale of the circuit to be tested is large, and the scale of hardware Trojans implanted inside the circuit is small, some bypass information, such as current and path delay, have a very small change range, and bypass analysis and detection Hard to spot hardware Trojans

[0011] (4) At present, the methods for detecting the security of IP cores are mainly focused on the back-end, and there is a lack of complete and mature detection methods for hardware Trojan horses and design vulnerabilities at the code level, especially at the RTL level.

Images