research-article

Analyzing Security Vulnerabilities Induced by High-level Synthesis

Authors:

Sohrab Aftabjahani,

Rosario Cammarota,

Mark Tehranipoor,

Farimah FarahmandiAuthors Info & Claims

ACM Journal on Emerging Technologies in Computing Systems (JETC), Volume 18, Issue 3

Article No.: 47, Pages 1 - 22

https://doi.org/10.1145/3492345

Published: 29 January 2022 Publication History

Abstract

High-level synthesis (HLS) is essential to map the high-level language (HLL) description (e.g., in C/C++) of hardware design to the corresponding Register Transfer Level (RTL) to produce hardware-independent design specifications with reduced design complexity for ASICs and FPGAs. Adopting HLS is crucial for industrial and government applications to lower development costs, verification efforts, and time-to-market. Current research practices focus on optimizing HLS for performance, power, and area constraints. However, the literature does not include an analysis of the security implications carried through HLS-generated RTL translations (e.g., from an untimed high-level sequential specification to a fully scheduled implementation). This article demonstrates the evidence of security vulnerabilities that emerge during the HLS translation of a high-level description of system-on-chip (SoC) intellectual properties to their corresponding RTL. The evidence provided in this manuscript highlights the need for (a) guidelines for high-level programmers to prevent these security issues at the design time and (b) automated HLS verification solutions that cover security in their optimization flow.

References

[1]

Alessandro Barenghi, Luca Breveglieri, Israel Koren, and David Naccache. 2012. Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. Proc. IEEE 100, 11 (2012), 3056–3076.

[2]

Eric Brier, Christophe Clavier, and Francis Olivier. 2004. Correlation power analysis with a leakage model. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 16–29.

[3]

Andrew Canis, Jongsok Choi, Mark Aldham, Victor Zhang, Ahmed Kammoona, Jason H. Anderson, Stephen Brown, and Tomasz Czajkowski. 2011. LegUp: High-level synthesis for FPGA-based processor/accelerator systems. In Proceedings of the 19th ACM/SIGDA International Symposium on Field Programmable Gate Arrays. 33–36.

Digital Library

[4]

Philippe Coussy, Daniel D. Gajski, Michael Meredith, and Andres Takach. 2009. An introduction to high-level synthesis. IEEE Des. Test Comput. 26, 4 (2009), 8–17.

Digital Library

[5]

Philippe Coussy and Adam Morawiec. 2008. High-level Synthesis: From Algorithm to Digital Circuit. Springer Science & Business Media.

Digital Library

[6]

Xiaotong Cui, Kun Ma, Liang Shi, and Kaijie Wu. 2014. High-level synthesis for run-time hardware Trojan detection and recovery. In Proceedings of the 51st ACM/EDAC/IEEE Design Automation Conference (DAC). IEEE, 1–6.

Digital Library

[7]

J. C. Li Frans Sijstermans. 2019. Working Smarter, Not Harder: NVIDIA Closes Design Complexity Gap with High-Level Synthesis. Retrieved from https://go.mentor.com/4N9cP.

[8]

Daniel D. Gajski and Loganath Ramachandran. 1994. Introduction to high-level synthesis. IEEE Des. Test Comput. 11, 4 (1994), 44–54.

Digital Library

[9]

github. 1998–2021. openssl. Retrieved from https://github.com/openssl/openssl/tree/master/crypto/aes.

[10]

Mentor Graphics. 2021. Catapult HLS. Retrieved from https://www.mentor.com/hls-lp/catapult-high-level-synthesis/.

[11]

Xiaolong Guo, Raj Gautam Dutta, Jiaji He, Mark M. Tehranipoor, and Yier Jin. 2019. QIF-Verilog: Quantitative information-flow based hardware description languages for pre-silicon security assessment. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, 91–100.

[12]

Peter Gutmann. 2014. Encrypt-then-MAC for transport layer security (TLS) and datagram transport layer security (DTLS). Req. Comm. 7366.

[13]

Yuko Hara-Azumi, Toshinobu Matsuba, Hiroyuki Tomiyama, Shinya Honda, and Hiroaki Takada. 2014. Impact of resource sharing and register retiming on area and performance of FPGA-based designs. Inf. Media Technol. 9, 1 (2014), 26–34.

[14]

Miao He, Jungmin Park, Adib Nahiyan, Apostol Vassilev, Yier Jin, and Mark Tehranipoor. 2019. RTL-PSC: Automated power side-channel leakage assessment at register-transfer level. In Proceedings of the IEEE 37th VLSI Test Symposium (VTS). IEEE, 1–6.

[15]

M. Horowitz. 2014. 1.1 Computing’s energy problem (and what we can do about it). In Proceedings of the IEEE International Solid-State Circuits Conference Digest of Technical Papers (ISSCC). 10–14. DOI:DOI:

[16]

Zhenghong Jiang, Steve Dai, G. Edward Suh, and Zhiru Zhang. 2018. High-level synthesis with timing-sensitive information flow enforcement. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design (ICCAD). IEEE, 1–8.

Digital Library

[17]

S. T. Choden Konigsmark, Deming Chen, and Martin D. F. Wong. 2017. High-level synthesis for side-channel defense. In Proceedings of the IEEE 28th International Conference on Application-specific Systems, Architectures and Processors (ASAP). IEEE, 37–44.

[18]

Andrew J. Leiserson, Mark E. Marson, and Megan A. Wachs. 2014. Gate-level masking under a path-based leakage metric. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 580–597.

Digital Library

[19]

Xun Li, Mohit Tiwari, Jason K. Oberg, Vineeth Kashyap, Frederic T. Chong, Timothy Sherwood, and Ben Hardekopf. 2011. Caisson: A hardware description language for secure information flow. ACM SIGPLAN Not. 46, 6 (2011), 109–120.

Digital Library

[20]

Michael C. McFarland, Alice C. Parker, and Raul Camposano. 1988. Tutorial on high-level synthesis. In Proceedings of the 25th ACM/IEEE Design Automation Conference. 330–336.

Digital Library

[21]

Mentor. 2020. Machine Learning at the Edge: Using HLS to Optimize Power and Performance. Retrieved from https://s3.amazonaws.com/s3.mentor.com/public_documents/whitepaper/resources/mentorpaper_106005.pdf.

[22]

M. Rafid Muttaki, Nitin Pundir, Mark Tehranipoor, and Farimah Farahmandi. 2021. Security assessment of high-level synthesis. In Emerging Topics in Hardware Security. Springer, 147–170.

[23]

Adib Nahiyan, Farimah Farahmandi, Prabhat Mishra, Domenic Forte, and Mark Tehranipoor. 2018. Security-aware FSM design flow for identifying and mitigating vulnerabilities to fault attacks. IEEE Trans. Comput.-aid. Des. Integ. Circ. Syst. 38, 6 (2018), 1003–1016.

Digital Library

[24]

Adib Nahiyan, Kan Xiao, Kun Yang, Yeir Jin, Domenic Forte, and M. Tehranipoor. 2016. AVFSM: A framework for identifying and mitigating vulnerabilities in FSMs. In Proceedings of the 53rd Annual Design Automation Conference. 1–6.

Digital Library

[25]

Daniel H. Noronha, Bahar Salehpour, and Steven J. E. Wilton. 2018. LeFlow: Enabling flexible FPGA high-level synthesis of tensorflow deep neural networks. In Proceedings of the 5th International Workshop on FPGAs for Software Programmers. VDE, 1–8.

[26]

Steffen Peter and Tony Givargis. 2016. Towards a timing attack aware high-level synthesis of integrated circuits. In Proceedings of the IEEE 34th International Conference on Computer Design (ICCD). IEEE, 452–455.

[27]

Christian Pilato, Francesco Regazzoni, Ramesh Karri, and Siddharth Garg. 2018. TAO: Techniques for algorithm-level obfuscation during high-level synthesis. In Proceedings of the 55th Annual Design Automation Conference. 1–6.

Digital Library

[28]

Christian Pilato, Kaijie Wu, Siddharth Garg, Ramesh Karri, and Francesco Regazzoni. 2018. TaintHLS: High-level synthesis for dynamic information flow tracking. IEEE Trans. Comput.-aid. Des. Integ. Circ. Syst. 38, 5 (2018), 798–808.

[29]

Nitin Pundir, Farimah Farahmandi, and Mark Tehranipoor. 2021. Secure high-level synthesis: Challenges and solutions. In Proceedings of the 22nd International Symposium on Quality Electronic Design (ISQED). IEEE, 164–171.

[30]

Nitin Pundir, Fahim Rahman, Farimah Farahmandi, and Mark Tehranipoor. 2021. What is all the FaaS about? Remote exploitation of FPGA-as-a-service platforms. Cryptology ePrint Archive (2021). https://eprint.iacr.org/2021/74.

[31]

Rajat Sadhukhan, Paulson Mathew, Debapriya Basu Roy, and Debdeep Mukhopadhyay. 2019. Count your toggles: A new leakage model for pre-silicon power analysis of crypto designs. J. Electron. Test. 35, 5 (2019), 605–619.

Digital Library

[32]

Robert C. Seacord. 2008. The CERT C Secure Coding Standard. Pearson Education.

Digital Library

[33]

Leon Stok. 1994. Data path synthesis. Integration 18, 1 (1994), 1–71.

Digital Library

[34]

M. Tehranipoor and F. Koushanfar. 2010. A survey of hardware trojan taxonomy and detection. IEEE Des. Test Comput. 27, 1 (2010), 10–25.

Digital Library

[35]

M. Tehranipoor and Cliff Wang. 2011. Introduction to Hardware Security and Trust. Springer Science & Business Media.

Digital Library

[36]

Huanyu Wang, Henian Li, Fahim Rahman, Mark M. Tehranipoor, and Farimah Farahmandi. 2021. SoFI: Security property-driven vulnerability assessments of ICs against fault-injection attacks. IEEE Trans. Comput.-aid. Des. Integ. Circ. Syst.DOI:10.1109/TCAD.2021.3063998

[37]

Xilinx. 2021. Vivado HLS. Retrieved from https://www.xilinx.com/products/design-tools/vivado/integration/esl-design.html.

[38]

David Zaretsky. 2007. A high level synthesis tool for FPGA design from software binaries. SBIR Award, Department of Defense. https://www.sbir.gov/sbirsearch/detail/106849

[39]

Danfeng Zhang, Yao Wang, G. Edward Suh, and Andrew C. Myers. 2015. A hardware design language for timing-sensitive information-flow security. ACM SIGPLAN Not. 50, 4 (2015), 503–516.

Digital Library

[40]

Lu Zhang, Wei Hu, Armaiti Ardeshiricham, Yu Tai, Jeremy Blackstone, Dejun Mu, and Ryan Kastner. 2018. Examining the consequences of high-level synthesis optimizations on power side-channel. In Proceedings of the Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 1167–1170.

[41]

Lu Zhang, Dejun Mu, Wei Hu, Yu Tai, Jeremy Blackstone, and Ryan Kastner. 2019. Memory-based high-level synthesis optimizations security exploration on the power side-channel. IEEE Trans. Comput.-aid. Des. Integ. Circ. Syst. 39, 10 (2019), 2124–2137.

[42]

Haissam Ziade, Rafic A. Ayoubi, and Raoul Velazco. 2004. A survey on fault injection techniques. Int. Arab J. Inf. Technol. 1, 2 (2004), 171–186.

Cited By

Sarma NThakur AKarfa C(2024)MaskedHLS: Domain-Specific High-Level Synthesis of Masked Cryptographic DesignsIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.344722343:11(3973-3984)Online publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1109/TCAD.2024.3447223
Inagaki SYang MLi YSakiyama KHara-Azumi Y(2023)Power Side-channel Attack Resistant Circuit Designs of ARX Ciphers Using High-level SynthesisACM Transactions on Embedded Computing Systems10.1145/360950722:5(1-17)Online publication date: 26-Sep-2023
https://dl.acm.org/doi/10.1145/3609507
Aftabjahani STehranipoor MFarahmandi FAhmed BKastner RRestuccia FMeza ARyan KFern Nvan Woudenberg JVelegalati RBreunesse CSturton CDeutschbein C(2023)Special Session: CAD for Hardware Security - Promising Directions for Automation of Security Assurance2023 IEEE 41st VLSI Test Symposium (VTS)10.1109/VTS56346.2023.10140100(1-10)Online publication date: 24-Apr-2023
https://doi.org/10.1109/VTS56346.2023.10140100
Show More Cited By

Recommendations

SecHLS: Enabling Security Awareness in High-Level Synthesis
ASPDAC '23: Proceedings of the 28th Asia and South Pacific Design Automation Conference

In their quest for further optimization, High-level synthesis (HLS) utilizes advanced automatic optimization algorithms to achieve lower implementation time/effort for even more complex designs. These optimization algorithms are for the HLS tools' ...
FPGA HLS Today: Successes, Challenges, and Opportunities
The year 2011 marked an important transition for FPGA high-level synthesis (HLS), as it went from prototyping to deployment. A decade later, in this article, we assess the progress of the deployment of HLS technology and highlight the successes in several ...
Secure by construction: addressing security vulnerabilities introduced during high-level synthesis: invited
DAC '22: Proceedings of the 59th ACM/IEEE Design Automation Conference

Working towards a higher level of abstraction (C/C++) facilitates designers to execute and validate complex designs faster in response to highly demanding time-to-market requirements. High-Level Synthesis (HLS) is an automatic process that translates the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Journal on Emerging Technologies in Computing Systems

ACM Journal on Emerging Technologies in Computing Systems Volume 18, Issue 3

July 2022

428 pages

ISSN:1550-4832

EISSN:1550-4840

DOI:10.1145/3508463

Editor:
Ramesh Karri
Polytechnic Institute of New York University, USA

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 29 January 2022

Accepted: 01 October 2021

Revised: 01 July 2021

Received: 01 February 2021

Published in JETC Volume 18, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Refereed

Funding Sources

Semiconductor Research Corporation (SRC)

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
1,369
Total Downloads

Downloads (Last 12 months)198
Downloads (Last 6 weeks)17

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sarma NThakur AKarfa C(2024)MaskedHLS: Domain-Specific High-Level Synthesis of Masked Cryptographic DesignsIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.344722343:11(3973-3984)Online publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1109/TCAD.2024.3447223
Inagaki SYang MLi YSakiyama KHara-Azumi Y(2023)Power Side-channel Attack Resistant Circuit Designs of ARX Ciphers Using High-level SynthesisACM Transactions on Embedded Computing Systems10.1145/360950722:5(1-17)Online publication date: 26-Sep-2023
https://dl.acm.org/doi/10.1145/3609507
Aftabjahani STehranipoor MFarahmandi FAhmed BKastner RRestuccia FMeza ARyan KFern Nvan Woudenberg JVelegalati RBreunesse CSturton CDeutschbein C(2023)Special Session: CAD for Hardware Security - Promising Directions for Automation of Security Assurance2023 IEEE 41st VLSI Test Symposium (VTS)10.1109/VTS56346.2023.10140100(1-10)Online publication date: 24-Apr-2023
https://doi.org/10.1109/VTS56346.2023.10140100
Muttaki MIbnat ZShi SKamali HFarahmandi F(2023)Security of Hardware Generators: Enabling Assurance in High-Level Synthesis2023 IEEE 66th International Midwest Symposium on Circuits and Systems (MWSCAS)10.1109/MWSCAS57524.2023.10405962(816-820)Online publication date: 6-Aug-2023
https://doi.org/10.1109/MWSCAS57524.2023.10405962
Collini LAh-Kiow JPilato CKarri RTan B(2023)Using Static Analysis for Enhancing HLS SecurityIEEE Embedded Systems Letters10.1109/LES.2023.332941716:2(166-169)Online publication date: 3-Nov-2023
https://dl.acm.org/doi/10.1109/LES.2023.3329417
Ibnat ZKamali HFarahmandi F(2023)Iterative Mitigation of Insecure Resource Sharing Produced by High-level Synthesis2023 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT)10.1109/DFT59622.2023.10313550(1-6)Online publication date: 3-Oct-2023
https://doi.org/10.1109/DFT59622.2023.10313550
Koufopoulou APapadimitriou APikrakis APsarakis MHely D(2023)On the Prediction of Hardware Security Properties of HLS Designs Using Graph Neural Networks2023 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT)10.1109/DFT59622.2023.10313544(1-6)Online publication date: 3-Oct-2023
https://doi.org/10.1109/DFT59622.2023.10313544
Farahmandi FRahman MRajendran STehranipoor MFarahmandi FRahman MRajendran STehranipoor M(2023)The Future of CAD for Hardware SecurityCAD for Hardware Security10.1007/978-3-031-26896-0_18(397-403)Online publication date: 28-Jan-2023
https://doi.org/10.1007/978-3-031-26896-0_18
Tehranipoor MPundir NVashistha NFarahmandi FTehranipoor MPundir NVashistha NFarahmandi F(2022)Lightweight CryptographyHardware Security Primitives10.1007/978-3-031-19185-5_12(213-227)Online publication date: 12-Oct-2022
https://doi.org/10.1007/978-3-031-19185-5_12

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View full text|Download PDF

View Issue’s Table of Contents