An Effective Methodology To Enable Security Evaluation At Rtl Level And Automate Vulnerability Detection In Future Hardware presented at HITBSecConf Malaysia 2008

by Mary Yeoh ( Intel Corporation),

Tags: Security Analysis Development Testing

Summary : Presentation Title:Presentation Abstract:One of the major problems of the security evaluation is the dependencies on actual silicon and firmware to run penetration testing. Typically the security team is only given a short time frame to uncover security vulnerabilities at the post silicon phase. Any hardware fixes requiring a new stepping is very expensive. This work presents a new methodology to uncover and fix the hardware vulnerabilities at RTL level while the cost is still u201cfreeu201d, before the first tape-out of silicon.A threat model is defined during the design and pre-silicon validation phase. With the Adversary, Access Control and the Asset identified, a penetration test plan is created after analysis on the RTL design. Using Coverage Based Validation (CBV), coverage points and e-checking are written, tests are generated and executed in the simulation environment. The detection of hardware vulnerability is now automated. Number of coverage points hit can be used to measure the product quality before the ship release. Dependencies of actual silicon and firmware have been removed and thus improve the overall throughout of security evaluation, i.e. finding more critical security vulnerabilities.The methodology was first applied in the evaluation of the ICH10 Danbury Technology. The result is promising. Two security vulnerabilities were identified and fixed in Design Change Notice (DCN) before the A-0 silicon tape-out. First vulnerability exposes the protecting keys to external entity which defeats the security objective of Danbury Technology while the second vulnerability demonstrates an implementation issue that could render the use of Electronic Cookbook (ECB) mode of operation during data encryption. A group of coverage points were developed and integrated into the simulation environment to detect the same vulnerability in future hardware.The methodology is capable to find vulnerabilities effectively. New stepping might be needed during post-silicon if the above vulnerabilities were discovered at the post-silicon phase. This methodology allows security vulnerabilities detection before the silicon tape-out and would save Intel the cost of fixes in the steppings.About MaryMary Yeoh is security evaluation lead at Intel Malaysia working as part of Intelu2019s Security Center of Excellence (SeCoE). She specializes in hardware evaluation, pre-silicon penetration testing and exploit development. Currently she is leading the effort on security evaluation at RTL level. Prior to her involvement in security, she was a key hardware designer and validation architect in the development of several generation of Intel chipset, in which she also pioneered cluster level gate level simulation in Intel. She hold a degree from Monash University, Australia, in the field of Electrical & Computer Systems Engineering.