Security Policy in System-on-Chip Designs

1. Front Matter

   Pages i-ix

   PDF

2. SoC Security Policies: The State of the Practice

   • Sandip Ray, Abhishek Basak, Swarup Bhunia

   Pages 1-12

3. E-IIPS: A Centralized Policy Implementation Architecture

   • Sandip Ray, Abhishek Basak, Swarup Bhunia

   Pages 13-28

4. Exploiting Design-for-Debug in SoC Security Policy Architecture

   • Sandip Ray, Abhishek Basak, Swarup Bhunia

   Pages 29-44

5. Security Assurance in SoC in the Presence of Untrusted Components

   • Sandip Ray, Abhishek Basak, Swarup Bhunia

   Pages 45-79

6. A Move Towards a Hardware Patch

   • Sandip Ray, Abhishek Basak, Swarup Bhunia

   Pages 81-92

7. SoC Security Policy Verification

   • Sandip Ray, Abhishek Basak, Swarup Bhunia

   Pages 93-106

8. SoC Security Policies: Summary and Future Directions

   • Sandip Ray, Abhishek Basak, Swarup Bhunia

   Pages 107-108

9. Back Matter

   Pages 109-116

   PDF

This book offers readers comprehensive coverage of security policy specification using new policy languages, implementation of security policies in Systems-on-Chip (SoC) designs – current industrial practice, as well as emerging approaches to architecting SoC security policies and security policy verification. The authors focus on a promising security architecture for implementing security policies, which satisfies the goals of flexibility, verification, and upgradability from the ground up, including a plug-and-play hardware block in which all policy implementations are enclosed. Using this architecture, they discuss the ramifications of designing SoC security policies, including effects on non-functional properties (power/performance), debug, validation, and upgrade. The authors also describe a systematic approach for “hardware patching”, i.e., upgrading hardware implementations of security requirements safely, reliably, and securely in the field, meeting a critical need for diverse Internet of Things (IoT) devices.

• Provides comprehensive coverage of SoC security requirements, security policies, languages, and security architecture for current and emerging computing devices;
  
• Explodes myths and ambiguities in SoC security policy implementations, and provide a rigorous treatment of the subject;
  
• Demonstrates a rigorous, step-by-step approach to developing a diversity of SoC security policies;
  
• Introduces a rigorous, disciplined approach to “hardware patching”, i.e., secure technique for updating hardware functionality of computing devices in-field;
  
• Includes discussion of current and emerging approaches for security policy verification.
  

• IP and SoC Security
• SoC Security Architecture
• Hardware Security and Trust
• Hardware and Systems Security
• Hardware Protection through Obfuscation

• University of Florida, Austin, USA

  Sandip Ray

• Intel Corporation, Hilsboro, USA

  Abhishek Basak

• Electrical and Computer Engineering, University of Florida, Larsen Hall 216, Gainesville, USA

  Swarup Bhunia

Sandip Ray is an Endowed IoT Term Professor at the Department of Electrical and Computer Engineering, University of Florida. His research involves developing correct, dependable, secure, and trustworthy computing through cooperation of specification, synthesis, architecture and validation technologies. His research targets next-generation computing applications, including autonomous automotive systems, smart homes, intelligent implants, etc. Before joining University of Florida, Dr. Ray was a Senior Principal Engineer at NXP Semiconductors, where he led the R&D on security validation for automotive and Internet- of-Things applications. Prior to that, he was a Research Scientist at Intel Strategic CAD Labs, where he worked on pre-silicon and post-silicon validation of security and functional correctness of SoC designs, design-for-security and design-for-debug architectures, CAD tools, and specifications for SoC design requirements. Prior to joining industry, Dr. Ray was a Research Scientist at University of Texas at Austin, where he led several sponsored projects from DARPA, SRC, and National Science Foundation. Dr. Ray is the author of three books (one upcoming) and over 60 publications in peer-reviewed premier international journals and conferences. He served as guest editors for an IEEE Transactions on Multi-Scale Systems (TMSCS) special issue on Wearables, Implants, and Internet-of-Things, as well as special issues of ACM Transactions on Design Automation of Electronic Systems (TODAES) and Springer Journal on Electronic Testing Theory and Applications (JETTA).  He has given number of invited, tutorial, and keynote presentations at several international forums on security, validation, and energy challenges in the IoT regime. During his tenure in industry, Dr. Ray served as Intel and NXP representative in Semiconductor Research Consortium (SRC) technical advisory board, and as semiconductor industry representative on trustworthy systems to the Semiconductor Industry Association (SIA). He has served as a program committee member for more than 50 international meetings and conferences, and as program chair for Formal Methods in Computer-Aided Design (FMCAD). He currently serves as an Associate Editor for IEEE TMSCS and Springer Journal on Hardware and Systems Security. He has a Ph.D. from University of Texas at Austin and is a Senior Member of IEEE.

Abhishek Basak is a research scientist in Security and Privacy Research, Intel Labs. He completed his PhD in Computer Engineering from Case Western Reserve University in 2016. Before that, he got his Bachelors in Electrical Engineering from Jadavpur University, India in 2010. Dr. Basak’s research interests lie in the fields of hardware assists for security of S/W layer stacks, trustworthy compute platforms, reconfigurable hardware architectures and energy efficient, reliable hardware design methodologies. He has more than 15 research publications, including conferenceslike DAC, ICCAD, VTS, ITC as well as journals like IEEE TCAD, TIFS, D&T. He currently holds 2 patents and is a member of IEEE.

Swarup Bhunia received his B.E. (Hons.) from Jadavpur University, Kolkata, India, and the M.Tech. degree from the Indian Institute of Technology (IIT), Kharagpur. He received his Ph.D. from Purdue University, IN, USA, in 2005. Currently, Dr. Bhunia is a Preeminence Professor and Steven Yatauro Faculty Fellow in the department of Electrical and Computer Engineering at University of Florida, Gainesville, FL, USA. Earlier, Dr. Bhunia has served as the T. and A. Schroeder Associate Professor of Electrical Engineering and Computer Science at Case Western Reserve University, Cleveland, OH, USA. He has over 250 publications in peer-reviewed journals and premier conferences and four books (three edited) in the area of VLSI design, CAD and test techniques. His research interests include low power and robust design, hardware security and trust, adaptivenanocomputing and novel test methodologies. He has worked in the semiconductor industry on RTL synthesis, verification, and low power design for about three years. Dr. Bhunia received IBM Faculty Award (2013), National Science Foundation (NSF) career development award (2011), Semiconductor Research Corporation (SRC) technical excellence award (2005) as a team member, best paper award in IEEE BioMedical Circuits and Systems Conference (BioCAS 2016), best paper award in International Conference on VLSI Design (VLSI Design 2012), best paper award in International Conference on Computer Design (ICCD 2004), best paper award in Latin American Test Workshop (LATW 2003), and best paper nomination in Asia and South Pacific Design Automation Conference (ASP-DAC 2006) and in Hardware Oriented Test and Security (HOST 2010), nomination for John S. Diekhoff Award, Case Western Reserve University (2010) and SRC Inventor Recognition Award (2009). Dr. Bhunia has been serving as founding editor-in-chief in Journal of Hardware and Systems Security (HaSS), an associate editor of IEEE Transactions on CAD (TCAD), IEEE Transactions on Multi-Scale Computing Systems (TMSCS), ACM Journal of Emerging Technologies (JETC), and Journal of Low Power Electronics (JOLPE). He has served as a guest editor of IEEE Design & Test of Computers (2010, 2013), IEEE Computer Magazine (2016), IEEE Transcation on CAD (2015), and IEEE Journal on Emerging and Selected Topics in Circuits and Systems (2014). He has served as co-program chair of IEEE IMS3TW 2011, IEEE NANOARCH 2013, IEEE VDAT 2014, and IEEE HOST 2015, and in the technical program committee of many top-tier international conferences on design automation and security. He is a senior member of IEEE.

Policies and ethics