SoC Security Evaluation: Reflections on Methodology and Tooling

Nassim Corteggiani*, Giovanni Camurati, Marius Muench, Sebastian Poeplau, Aurelien Francillon

*Corresponding author for this work

Research output: Contribution to JournalArticleAcademicpeer-review

Abstract

This article details a methodology to find bugs across multiple abstraction layers of the system, specifically at the hardware–software boundary. It describes how existing tools can help with such methodology and limitations. It describes he setup and the objectives of the security evaluation before discussing the methodology. The goal of any security evaluation is to establish a system’s conformance to a specification of security properties. This article focuses on a methodology that is targeted at finding precisely those bugs that arise from cross-layer interplay between software and hardware. In the context of system-on-chip (SoCs), both hardware and software play an important role. The security specification of the system under test may or may not be available. Its level of detail can vary and security properties may be expressed in a formal or informal way.

Original languageEnglish
Article number9154736
Pages (from-to)7-13
Number of pages7
JournalIEEE Design and Test
Volume38
Issue number1
Early online date3 Aug 2020
DOIs
Publication statusPublished - Feb 2021

Bibliographical note

Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.

Keywords

  • dynamic analysis
  • HardFails
  • security evaluation
  • System-on-Chip

Fingerprint

Dive into the research topics of 'SoC Security Evaluation: Reflections on Methodology and Tooling'. Together they form a unique fingerprint.

Cite this