NSPG: Natural language Processing-based Security Property Generator for Hardware Security Assurance
Authors: 
Xingyu Meng, Amisha Srivastava, Ayush Arunachalam, Avik Ray, Pedro Henrique Silva, Rafail Psiakis, Yiorgos Makris, Kanad BasuAuthors Info & Claims
Xingyu Meng, Amisha Srivastava, Ayush Arunachalam, Avik Ray, Pedro Henrique Silva, Rafail Psiakis, Yiorgos Makris, Kanad BasuAuthors Info & ClaimsArticle No.: 154, Pages 1 - 6
Abstract
The efficiency of validating complex System-on-Chips (SoCs) is contingent on the quality of the security properties provided. Generating security properties with traditional approaches often requires expert intervention and is limited to a few IPs, thereby resulting in a time-consuming and non-robust process. To address this issue, we, for the first time, propose a novel and automated Natural Language Processing (NLP)-based Security Property Generator (NSPG). Specifically, our approach utilizes hardware documentation in order to propose the first hardware security-specific language model, HS-BERT, for extracting security properties dedicated to hardware design. It is capable of phasing a significant amount of hardware specification, and the generated security properties can be easily converted into hardware assertions, thereby reducing the manual effort required for hardware verification. NSPG is trained using sentences from several SoC documentations and achieves up to 88% accuracy for property classification, outperforming ChatGPT. When assessed on five untrained OpenTitan hardware IP documents, NSPG aided in identifying eight security vulnerabilities in the buggy OpenTitan SoC presented in Hack@DAC 2022.
References
[1]
Iz Beltagy et al. 2019. SciBERT: A pretrained language model for scientific text. arXiv preprint arXiv:1903.10676 (2019).
[2]
Mohammad-Mahdi Bidmeshki et al. 2017. Data secrecy protection through information flow tracking in proof-carrying hardware IP---Part II: Framework automation. IEEE TIFS (2017).
[3]
CWE. [n. d.]. CWE - CWE-1194: Hardware Design (4.0). https://cwe.mitre.org/data/definitions/1194.html. (Accessed on 05/15/2020).
[4]
Ghada Dessouky et al. 2019. {HardFails}: Insights into {Software-Exploitable} Hardware Bugs. In 28th USENIX Security. 213--230.
[5]
Calvin Deutschbein et al. 2021. Isadora: Automated information flow property generation for hardware designs. In Proceedings of the 5th ASHES Workshop. 5--15.
[6]
Steven Y Feng et al. 2021. A survey of data augmentation approaches for NLP. arXiv preprint arXiv:2105.03075 (2021).
[7]
Anthony Gillioz et al. 2020. Overview of the Transformer-based Models for NLP Tasks. In 15th FedCSIS. IEEE.
[8]
HACK@DAC22. [n. d.]. HACK@DAC22 - Hack@EVENT HW CTF. https://hackatevent.org/hackdac22/.
[9]
Rahul Kande et al. 2023. LLM-assisted Generation of Hardware Assertions. arXiv preprint arXiv:2306.14027 (2023).
[10]
George A Miller. 1995. WordNet: a lexical database for English. Commun. ACM 38, 11 (1995), 39--41.
[11]
Robert C Moore et al. 2010. Intelligent selection of language model training data. In Proceedings of the ACL 2010 conference short papers.
[12]
OpenTitan. [n. d.]. OpenTitan | OpenTitan Documentation. https://docs.opentitan.org/.
[13]
John Schulman et al. 2022. ChatGPT: Optimizing language models for dialogue. OpenAI blog (2022).
[14]
Rico Sennrich et al. 2016. Neural Machine Translation of Rare Words with Subword Units. In Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers). Association for Computational Linguistics, Berlin, Germany, 1715--1725.
[15]
Rui Zhang et al. 2017. Identifying security critical properties for the dynamic verification of a processor. ACM SIGARCH Computer Architecture News 45, 1 (2017), 541--554.
Index Terms
- NSPG: Natural language Processing-based Security Property Generator for Hardware Security Assurance
Index terms have been assigned to the content through auto-classification.
Recommendations
Automating hardware security property generation: invited
DAC '22: Proceedings of the 59th ACM/IEEE Design Automation ConferenceSecurity verification is an important part of the hardware design process. Security verification teams can uncover weaknesses, vulnerabilities, and flaws. Unfortunately, the verification process involves substantial manual analysis to create the threat ...
Security Primitives for Reconfigurable Hardware-Based Systems
Computing systems designed using reconfigurable hardware are increasingly composed using a number of different Intellectual Property (IP) cores, which are often provided by third-party vendors that may have different levels of trust. Unlike traditional ...
A Security Property Decomposition Argument Pattern for Structured Assurance Case Models
EuroPLoP '21: Proceedings of the 26th European Conference on Pattern Languages of ProgramsDemonstrating that a system satisfies a complete, adequate, and consistent set of security requirements to protect its critical assets is an essential aspect of security evaluation and assurance. Arguing that each of the security properties for a given ...
Comments
Information & Contributors
Information
Published In
This work is licensed under a Creative Commons Attribution International 4.0 License.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 November 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- Technology Innovation Institute
Conference
DAC '24
Sponsor:
Acceptance Rates
Overall Acceptance Rate 1,770 of 5,499 submissions, 32%
Upcoming Conference
DAC '25
- Sponsor:
- sigda
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 186Total Downloads
- Downloads (Last 12 months)186
- Downloads (Last 6 weeks)79
Reflects downloads up to 03 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in