Formal Verification of Security Properties on RISC-V Processors

Hardware Security and trustworthiness are becoming ever more important, especially for security-critical applications like autonomous driving and service robots. With the increase in distribution of RISC-V processors, security issues in them arise. Security vulnerabilities and design flaws in proces...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings (ACM and IEEE International Conference on Formal Methods and Models for Co-Design) pp. 159 - 168
Main Authors: Chuah, Czea Sie, Appold, Christian, Leinmueller, Tim
Format: Conference Proceeding
Language:English
Published: ACM 21.09.2023
Subjects:
Formal Verification
Hardware Security
Model Checking
Processor
RISC-V
Security-Critical Functionality
ISSN:2832-6520
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Hardware Security and trustworthiness are becoming ever more important, especially for security-critical applications like autonomous driving and service robots. With the increase in distribution of RISC-V processors, security issues in them arise. Security vulnerabilities and design flaws in processors can be exploited by attackers, e.g. by running software exploiting the vulnerabilities. This can lead to drastic consequences like damaging whole system functionality and even human lives can be endangered. Hence, it is very important to verify compliance of processors with the design specification and microarchitecture intent to harden the hardware against malicious attacks. Detection and removal of design bugs results in improved processor security. Therefore, we formally verify in this paper the security-critical functionality of a commercial RISC-V processor using model checking based formal verification with the formal verification tool Jasper. For this, we determined and implemented a comprehensive list of properties for security-critical functionality, derived from RISC-V specification and processor microarchitecture intent. The properties cover the security-critical functionality within a RISC-V processor. With our verification experiments, we detected design bugs which have been confirmed by the design team.CCS CONCEPTS*Computer systems organization \rightarrow System on a chip; Embedded systems;*Security and privacy \rightarrow Logic and verification; Embedded systems security;*Hardware \rightarrow Assertion checking; Model checking.
ISSN:2832-6520
DOI:10.1145/3610579.3611085