Skip to main content
SpringerLink
Log in

A game theory approach for RTL security verification resources allocation

  • Regular Paper
  • Published:
CCF Transactions on High Performance Computing Aims and scope Submit manuscript

Abstract

Many Trojan detection technologies are too time-consuming to cover the entire state space in complex designs. The valuable verification resources should be allocated to regions vulnerable to security threats. However, there are few studies on security verification resources allocation. To fill in this gap, we design a security game framework to guide the security verification resources allocation. The framework utilizes the Trojan vulnerability measurement as player utilities, so the utility value determination doesn't need any expert prior knowledge to the specific design under test. A new Stackelberg security game specific to hardware security is also proposed. The new game model minimizes the defender utility loss with the limited verification resources restriction. Due to the lack of study on RTL Trojan vulnerability measurement, we also propose a RTL security vulnerability measurement to measure each logic propagation path vulnerability quantitatively and efficiently. We apply the proposed Stackelberg security game framework to Trust-hub Trojan benchmarks written by Verilog RTL code. The experiments demonstrate that the most suspicious logic propagation path is one part of Trojan in most cases and the proposed RTL security vulnerability measurement is effective. Also, the allocation strategy calculated by security game could get security confidence as high as possible with all available resources and may also cover the Trojan even when the carefully design Trojan evade the vulnerability measurement.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  • Ardeshiricham, A., Wei, H., Marxen, J., Kastner, R.: Register transfer level information flow tracking for provably secure hardware design. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1691–1696 (2017)

  • Boubezari, S., Cerny, E., Kaminska, B., Nadeau-Dostie, B.: Testability analysis and test-point insertion in rtl vhdl specifications for scan-based bist. IEEE Trans. Computer Aided Des. Integr. Circuits Syst. 18(9), 1327–1340 (1999)

    Article  Google Scholar 

  • Dupuis, S., Flottes, M.L., Natale, G.D., Rouzeyre, B.: Protection against hardware trojans with logic testing: proposed solutions and challenges ahead. IEEE Des. Test 99, 1 (2018)

    Google Scholar 

  • Fern, N., Kulkarni, S., Cheng, K.T.: Hardware trojans hidden in RTL don’t cares-automated insertion and prevention methodologies. In: 2015 IEEE International Test Conference (ITC), pp. 1–8 (2015)

  • Fern, N., San, I., Cheng, K.T.: Detecting hardware trojans in unspecified functionality through solving satisfiability problems. In: 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 598–504 (2017)

  • Graf, J.: Trust games: How game theory can guide the development of hardware trojan detection methods. In: 2016 IEEE International Symposium on Hardware Oriented Security & Trust (HOST), pp. 91–96 (2016)

  • Guo, X., Dutta, R.G., Mishra, P., Jin, Y.: “Scalable soc trust verification using integrated theorem proving and model checking. In: 2016 IEEE International Symposium on Hardware Oriented Security & Trust (HOST), pp. 124–129 (2016)

  • Gupte, A., Ahmed, S., Cheon, M.S., Dey, S.: Solving mixed integer bilinear problems using milp formulations. Siam J. Optim. 23(2), 721–744 (2011)

    Article  MathSciNet  Google Scholar 

  • Hicks, M., Finnicum, M., King, S.T., Martin, M.M.K., Smith, J.M.: Overcoming an untrusted computing base: Detecting and removing malicious hardware automatically. In: IEEE Symposium on Security and Privacy, S&P, pp. 159–172 (2010)

  • Hu, W., Mao, B., Oberg, J., Kastner, R.: Detecting hardware trojans with gate-level information-flow tracking. IEEE Comput. 49(8), 44–52 (2016)

    Article  Google Scholar 

  • Hu, W., Ardeshiricham, A., Gobulukoglu, M.S., Wang, X., Kastner, R.: Property specific information flow analysis for hardware security verification. In: 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 1–8 (2018)

  • Huang, Z., Wang, Q., Yang, P.: Hardware trojan: reasearch progress and new trends on key problems. Chin. J. Comput. 42(05), 993–1017 (2019)

    Google Scholar 

  • Jian, L., Smith, A.M., Vorobeychik, Y.: Multidefender security games. IEEE Intell. Syst. 32(1), 50–60 (2017)

    Article  Google Scholar 

  • Kamhoua, C.A., Rodriguez, M., Kwiat, K.A.: Testing for hardware trojans: a game-theoretic approach, Decision and Game Theory for Security, pp. 360–369 (2014)

  • Li, H., Liu, Q., Zhang, J.: A survey of hardware trojan threat and defense. Integr. VLSI J. 55(SEP), 426–437 (2016)

    Article  Google Scholar 

  • Rajendran, J., Vedula, V., Karri, R.: Detecting malicious modifications of data in third-party intellectual property cores. In: 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 112:1–112:6 (2015)

  • Rajendran, J., Vedula, V., Karri, R.: Formal security verification of third party intellectual property cores for information leakage. In: 2016 29th International Conference on VLSI Design & International Conference on Embedded Systems (VLSID), pp. 547–552 (2016)

  • Rathmair, M., Schupfer, F.: Hardware trojan detection by specifying malicious circuit properties. In: 2013 IEEE 4th International Conference on Electronics Information & Emergency Communication, pp. 317–320 (2013)

  • Saad, W., Sanjab, A., Wang, Y., Kamhoua, C., Kwiat, K.: Hardware trojan detection game: a prospect-theoretic approach. IEEE Trans. Veh. Technol. 99, 1–1 (2017)

    Google Scholar 

  • Salmani, H., Tehranipoor, M.: Analyzing circuit vulnerability to hardware trojan insertion at the behavioral level. In: 2013 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS), pp. 190–195 (2013)

  • Saha, S., Chakraborty, R.S., Mukhopadhyay, D.: Testability based metric for hardware trojan vulnerability assessment. In: 2016 Euromicro Conference on Digital System Design (DSD), pp. 503–510 (2016)

  • Sinha, A., Nguyen, T.H., Kar, D., Brown, M., Tambe, M., Jiang, A.X.: From physical security to cybersecurity. J. Cybersecur. 1, tvy007 (2015)

    Article  Google Scholar 

  • Smith, A., Vorobeychik, Y., Letchford, J.: Multidefender security games on networks. ACM Sigmetrics Perform. Eval. Rev. 41(4), 4–7 (2014)

    Article  Google Scholar 

  • Smith, A.M., Mayo, J.R., Kammler, V., Armstrong, R.C., Vorobeychik, Y.: Using computational game theory to guide verification and security in hardware designs. In: 2017 IEEE International Symposium on Hardware Oriented Security & Trust (HOST), pp. 110–115 (2017)

  • Tang, Y., Wang, J., Li, S., Liu, Y.: Analysis on infrared spectrum based hardware trojan detection approach. Comput. Eng. Appl. 53(12), 110–132 (2017)

  • Trust-hub.: http://www.trust-hub.org. Accessed 7 June 2020

  • Vorobeychik, Y., Letchford, J.: Securing interdependent assets. Auton. Agents Multiagent Syst. 29(2), 305–333 (2015)

    Article  Google Scholar 

  • Waksman, A., Suozzo, M., Sethumadhavan, S.: FANCI: identification of stealthy malicious logic using boolean functional analysis. In: 2013 ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 697–708 (2013)

  • Wang, C., Cai, Y., Zhou, Q., Wang, H.: Asax: Automatic security assertion extraction for detecting hardware trojans. In: 2018 23rd Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 84–89 (2018)

  • Wolf, C.: Yosys open synthesis suite. http://www.clifford.at/yosys/. Accessed 7 June 2020

  • Xiao, K., Forte, D., Jin, Y., Karri, R., Bhunia, S., Tehranipoor, M.: Hardware trojans: lessons learned after one decade of research. Acm Trans. Des. Autom. Electron. Syst. 22(1), 6 (2016)

    Article  Google Scholar 

  • Yao, S., Chen, X., Zhang, J., Liu, Q., Wang, J., Xu, Q., Wang, Y., Yang, H.: FASTrust: feature analysis for third-party IP trust verification. In: 2015 IEEE International Test Conference (ITC), pp. 1–10 (2015)

  • Zhang, X., Tehranipoor, M.: Case study: Detecting hardware trojans in third-party digital ip cores. In: 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 67–70 (2011)

  • Zhang, J., Yuan, F., Wei, L., Liu, Y., Xu, Q.: VeriTrust: verification for hardware trust. IEEE Trans. CAD Integr. Circuits Syst. 34(7), 1148–1161 (2015)

    Article  Google Scholar 

Download references

Funding

Funding was provided by National Natural Science Foundation of China (61774091).

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Tsinghua University, Beijing, 100091, China

    Haoyi Wang, Yici Cai & Qiang Zhou

Authors
  1. Haoyi Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yici Cai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qiang Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haoyi Wang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, H., Cai, Y. & Zhou, Q. A game theory approach for RTL security verification resources allocation. CCF Trans. HPC 3, 57–69 (2021). https://doi.org/10.1007/s42514-020-00054-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s42514-020-00054-5

Keywords

Search

Navigation