Efficient Control-Flow Subgraph Matching for Detecting Hardware Trojans in RTL Models
|
|
- Lenard Jones
- 6 years ago
- Views:
Transcription
1 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea Efficient Control-Flow Subgraph Matching for Detecting Hardware Trojans in RTL Models L. Piccolboni 1,2, A. Menon 2, and G. Pravadelli 2 1 Columbia University, New York, NY, USA 2 University of Verona, Verona, Italy
2 Hardware Trojans A Hardware Trojan is defined as a malicious and intentional alteration of an integrated circuit that results in undesired behaviors Hardware Trojan Trigger Logic Payload Logic activates the malicious behavior under specific conditions implements the actual malicious behavior ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 1 / 21
3 Hardware Trojans Limitations in Current Methodologies Several methodologies have been proposed to detect Trojans at Register-Transfer Level (RTL) Nevertheless, there are still some limitations: 1. Manual effort from designers is required 2. They focus on a specific type of threat, e.g., a particular payload or a trigger ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 2 / 21
4 Contributions We propose a verification approach based on a Control-Flow Subgraph Matching Algorithm RTL Verilog/VHDL Design Under Verification (DUV) RTL Verilog/VHDL Hardware Trojan Library 1 Hardware Trojan Report 2 3 Extraction Algorithm Detection Algorithm Get Control-Flow Graphs Search instances of the (CFGs) from DUV and HTs Trojan CFGs in the DUV ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 3 / 21
5 Background Control-Flow Graphs (CFGs) We build a CFG for each process of the DUV/HT basic block (node) = it is a sequence of instructions without any branch edge = connects the block with b 2 if the block can be executed after b 2 in at least one DUV/HT executions b ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 4 / 21
6 Background Control-Flow Graphs (CFGs) We build a CFG for each process of the DUV/HT first basic block of the process b 2 b 3 b 4 b 5 e 1 last basic block of the process ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 4 / 21
7 Background Control-Flow Graphs (CFGs) We build a CFG for each process of the DUV/HT b 2 b 3 b 4 b 5 Branch rule: left if true right if false e 1 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 4 / 21
8 Background Control-Flow Graphs (CFGs) We build a CFG for each process of the DUV/HT if (reset) a = 1 b = 0 a = 1 b++ b 2 b 3 b 4 b 5 e 1 if (c == 1) a++ b = 0 code associated with the basic blocks ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 4 / 21
9 Hardware Trojan Library RTL Verilog/VHDL Design Under Verification (DUV) RTL Verilog/VHDL Hardware Trojan Library 1 Hardware Trojan Report Extraction Algorithm Get Control-Flow Graphs (CFGs) from DUV and HTs Detection Algorithm Search instances of the Trojan CFGs in the DUV ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 5 / 21
10 Hardware Trojan Library We defined a Hardware Trojan (HT) Library that includes the RTL implementations of known HT triggers and their camouflaged variants ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 5 / 21
11 Hardware Trojan Library Trigger #1: Cheat Codes A cheat code is a value (or sequence of values) that triggers the payload when observed in a register trigger = v 1 & v 2 s 2 if (reset) if (c 1 ) v 1 = 0 v 2 = 0 b 2 b 3 b 4 b 5 if (c 2 & v 1 ) e 1 v 1 = 1 b 6 b 7 v 2 = 1 e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 6 / 21
12 Hardware Trojan Library Trigger #2: Dead Machines A dead machine code triggers the payload when specific state-based conditions are satisfied trigger = 1 if (cond) if (reset) s 2 reset vars b 2 b 3 b 4 e 1 case 1 b 4 b 5 case 2 b 7 b 6 case 3 e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 7 / 21
13 Hardware Trojan Library Trigger #3: Ticking Timebombs A ticking timebomb triggers the payload when a certain number of clock cycles has been passed ++cnt if (reset) if (reset) s 2 if (cnt == N) b 2 b 3 b 4 e 1 cnt = 0 trigger = 1 b 5 b 6 e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 8 / 21
14 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
15 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants trigger = v 1 & v 2 if (reset) Extension directives: s 2 if (c 1 ) 1. parametrizable 1 v 1 = 0 v 2 = 0 b 2 b 3 b 4 b 5 if (c 2 & v 1 ) e 1 v 1 = 1 b 6 b 7 v 2 = 1 e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
16 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants e 1 trigger = v 1 & v 2 v 1 = 0 v 2 = 0 v 1 = 1 v 2 = 1 s 2 b 2 b 3 b 4 if (reset) b 6 if (c 1 ) b 5 if (c 2 & v 1 ) b 7 Extension directives: 1. parametrizable 1 2. bound-number 10 e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
17 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants e 1 trigger = v 1 & v 2 v 1 = 0 v 2 = 0 v 1 = 1 v 2 = 1 s 2 b 2 b 3 b 4 if (reset) b 6 if (c 1 ) b 5 if (c 2 & v 1 ) b 7 $1 b 8 b 9 $2 Extension directives: 1. parametrizable 1 2. bound-number add-basic-blocks 2 e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
18 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants e 1 trigger = v 1 & v 2 v 1 = 0 v 2 = 0 v 1 = 1 v 2 = 1 s 2 b 2 b 3 b 4 if (reset) b 6 if (c 1 ) b 5 if (c 2 & v 1 ) b 7 $1 b 8 b 9 $2 Extension directives: 1. parametrizable 1 2. bound-number add-basic-blocks 2 4. add-edge (b 7, $1) e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
19 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants e 1 trigger = v 1 & v 2 v 1 = 0 v 2 = 0 v 1 = 1 v 2 = 1 s 2 b 2 b 3 b 4 if (reset) b 6 if (c 1 ) b 5 if (c 2 & v 1 ) b 7 $1 b 8 b 9 $2 Extension directives: 1. parametrizable 1 2. bound-number add-basic-blocks 2 4. add-edge (b 7, $1) 5. add-edge (b 7, $2) 6. add-edge ($1, e 2 ) 7. add-edge ($2, e 2 ) e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
20 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants e 1 trigger = v 1 & v 2 v 1 = 0 v 2 = 0 v 1 = 1 v 2 = 1 s 2 b 2 b 3 b 4 if (reset) b 6 if (c 1 ) b 5 if (c 2 & v 1 ) b 7 $1 b 8 b 9 $2 Extension directives: 1. parametrizable 1 2. bound-number add-basic-blocks 2 4. add-edge (b 7, $1) 5. add-edge (b 7, $2) 6. add-edge ($1, e 2 ) 7. add-edge ($2, e 2 ) 8. drop-edge (b 7, e 2 ) e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
21 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants e 1 trigger = v 1 & v 2 v 1 = 0 v 2 = 0 v 1 = 1 v 2 = 1 s 2 b 2 b 3 b 4 e 2 if (reset) b 6 $1 if (c 1 ) b 5 if (c 2 & v 1 ) b 7 b 8 b 9 source $2 Extension directives: 1. parametrizable 1 2. bound-number add-basic-blocks 2 4. add-edge (b 7, $1) 5. add-edge (b 7, $2) 6. add-edge ($1, e 2 ) 7. add-edge ($2, e 2 ) 8. drop-edge (b 7, e 2 ) 9. old-source-block b 7 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
22 Hardware Trojan Library Handling Camouflaged Variants We need an automatic way to extend such basic implementations to find camouflaged variants e 1 trigger = v 1 & v 2 v 1 = 0 v 2 = 0 v 1 = 1 v 2 = 1 s 2 b 2 b 3 b 4 e 2 if (reset) b 6 $1 if (c 1 ) b 5 if (c 2 & v 1 ) b 7 b 8 b 9 source $2 Extension directives: 1. parametrizable 1 2. bound-number add-basic-blocks 2 4. add-edge (b 7, $1) 5. add-edge (b 7, $2) 6. add-edge ($1, e 2 ) 7. add-edge ($2, e 2 ) 8. drop-edge (b 7, e 2 ) 9. old-source-block b up-source-block $2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 9 / 21
23 Hardware Trojan Library Pros and Cons We defined a Hardware Trojan (HT) Library that includes the RTL implementations of known HT triggers and their camouflaged variants Pros Unique verification approach Easy to extend the approach for new hardware Trojans Easy to customize the library to the needs of the user Cons Unique verification approach Need of the implementations of the hardware Trojans Only the hardware Trojans in the library or their variations can be detected ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 10 / 21
24 Hardware Trojan Detection Extraction Algorithm RTL Verilog/VHDL Design Under Verification (DUV) RTL Verilog/VHDL Hardware Trojan Library Hardware Trojan Report 2 Extraction Algorithm Get Control-Flow Graphs (CFGs) from DUV and HTs Detection Algorithm Search instances of the Trojan CFGs in the DUV ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 11 / 21
25 Hardware Trojan Detection Extraction Algorithm module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; end end ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 11 / 21
26 Hardware Trojan Detection Extraction Algorithm module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; end end ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 11 / 21
27 Hardware Trojan Detection Extraction Algorithm module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; end end if (reset == 1) ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 11 / 21
28 Hardware Trojan Detection Extraction Algorithm module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; end end trig <= 0 if (reset == 1) b 2 if (value == N) ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 11 / 21
29 Hardware Trojan Detection Extraction Algorithm module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; trig <= 1 end end trig <= 0 b 3 if (reset == 1) if (value == N) b 2 b 4 trig <= 0 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 11 / 21
30 Hardware Trojan Detection Extraction Algorithm module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; trig <= 1 end end trig <= 0 b 3 e 1 if (reset == 1) if (value == N) b 2 b 4 trig <= 0 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 11 / 21
31 Hardware Trojan Detection Extraction Algorithm: Probabilities To calculate the probabilities associated with the arcs, we use an approach based on a SMT solver Condition SMT Solver [A. Cimatti et al., The MathSAT5 SMT Solver ] e.g., var == N à Number of models = 1 Number of Models Scalability? YES, conditions are simple enough! Plus, simple conditions are short-circuited ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 12 / 21
32 Hardware Trojan Detection Extraction Algorithm: Probabilities module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; trig <= 1 end end trig <= 0 b 3 e 1 if (reset == 1) if (value == N) b 2 b 4 trig <= 0 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 12 / 21
33 Hardware Trojan Detection Extraction Algorithm: Probabilities module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; trig <= 1 end end trig <= ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 12 / 21 b 3 e 1 if (reset == 1) b 2 if (value == N) b 4 trig <= 0
34 Hardware Trojan Detection Extraction Algorithm: Probabilities module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; trig <= 1 end end trig <= ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 12 / 21 ~ 0 b 3 e 1 if (reset == 1) b 2 if (value == N) ~ 1 b 4 trig <= 0
35 Hardware Trojan Detection Extraction Algorithm: Probabilities module Trigger (input reset, input [127:0] value, output trig); parameter N = 128 hffff_ffff_..._ffff; value) begin if (reset == 1) begin trig <= 0; end else if (value == N) begin trig <= 1; end else begin trig <= 0; trig <= 1 end end trig <= ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 12 / 21 1 ~ 0 ~ b 3 e 1 1 if (reset == 1) b 2 1 if (value == N) ~ 1 b 4 trig <= 0
36 Hardware Trojan Detection Detection Algorithm RTL Verilog/VHDL Design Under Verification (DUV) RTL Verilog/VHDL Hardware Trojan Library Hardware Trojan Report Extraction Algorithm Get Control-Flow Graphs (CFGs) from DUV and HTs Detection Algorithm Search instances of the Trojan CFGs in the DUV 3 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
37 Hardware Trojan Detection Detection Algorithm trig <= 0 1 trig <= ~ 0 e 1 if (reset == 1) b 2 b 3 b 4 1 Trigger if (value == N) ~ 1 trig <= 0 1 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
38 Hardware Trojan Detection Detection Algorithm ~ 0 b 2 ~ 1 1 b 3 b 4 1 e 1 1 Trigger ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
39 Hardware Trojan Detection Detection Algorithm b 2 b 3 b 4 e 1 Trigger ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
40 Hardware Trojan Detection Detection Algorithm b 2 b 3 b 4 Abstracted Trigger ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
41 Hardware Trojan Detection Detection Algorithm t = 0 if (reset == 1) b 2 if (c 1 c 2 ) 0.25 if (v 1 == K) b 3 b 2 b b 3 ~ 0 b 4 ~ 1 Abstracted Trigger b 4 b 4 b 4 b e 1 DUV 1 t = 1 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
42 Hardware Trojan Detection Detection Algorithm b 2 b 2 b 3 b 4 b 3 b 4 Abstracted Trigger b 4 b 4 b 4 b 4 Abstracted DUV search the trigger in the DUV ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
43 Hardware Trojan Detection Detection Algorithm Match #1 b 2 b 2 b 3 b 4 b 3 b 4 Abstracted Trigger b 4 b 4 b 4 b 4 Abstracted DUV search the trigger in the DUV ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
44 Hardware Trojan Detection Detection Algorithm Match #2 b 2 b 2 b 3 b 4 b 3 b 4 Abstracted Trigger b 4 b 4 b 4 b 4 Abstracted DUV search the trigger in the DUV ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 13 / 21
45 Hardware Trojan Detection Detection Algorithm: Confidence Some Hardware Trojans can be similar to actual legal code: we need to give a confidence value for each match returned by the detection alg. The confidence value is in the range [0, 1] 1 à highest confidence that is a Trojan For each match we evaluate 4 conditions c 1, c 2, c 3 and c 4 à confidence is a linear combination of those conditions (weights vary with triggers) ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 14 / 21
46 Hardware Trojan Detection Detection Algorithm: Confidence c 1 : presence of variables with known behavior Trigger in the HT Library ++cnt if (!reset) if (reset) s 2 if (cnt == N) b 2 b 2 b 3 e 1 cnt = 0 trigger = 1 b 4 b 5 e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 15 / 21
47 Hardware Trojan Detection Detection Algorithm: Confidence c 1 : presence of variables with known behavior Match in the DUV var += k if (!reset) if (reset) s 2 if (var == N) b 2 b 2 b 3 e 1 var = 0 b 4 b 5 it is similar to a counter! e 2 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 15 / 21
48 Hardware Trojan Detection Detection Algorithm: Confidence c 2 : presence of suspicious reset logics Match in the DUV Trigger in the HT Library b if (reset) b 6 if (reset) Same reset mechanism of the process? Suspicious variables are reset? ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 16 / 21
49 Hardware Trojan Detection Detection Algorithm: Confidence c 3 : average distance of the probabilities Match in the DUV Trigger in the HT Library 0.5 b b b b b 8 b 9 b 3 b 4 confidence = 1 [ ] = ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 17 / 21
50 Hardware Trojan Detection Detection Algorithm: Confidence c 3 : average distance of the probabilities Match in the DUV Trigger in the HT Library 0.5 b b b b b 8 b 9 b 3 b 4 confidence = 1 [ ] = ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 17 / 21
51 Hardware Trojan Detection Detection Algorithm: Confidence c 4 : is there a payload that is affine to the trigger? RTL Verilog/VHDL Hardware Trojan Library Added known implementations of HT payloads The payloads are searched as well in the DUV Are there a matched payload and matched trigger that share some variables? ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 18 / 21
52 Experimental Results We verified the effectiveness of our approach by considering the Trust-HUB Benchmarks and the Cryptoplatform (component from OpenCores) We created a HT Library that includes the same types of HTs (but not the same code) of the HTs that have been included in the benchmarks The goal here is to show that our verification approach can help users to distinguish HTs ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 19 / 21
53 Experimental Results HT Library (Triggers) Cheat codes Name Blocks Edges Cheat-T Cheat-T Cheat-T Cheat-T Cheat-T Cheat-T Timebombs Name Blocks Edges Time-T Time-T Time-T Time-T Time-T Dead machines Name Blocks Edges Mach-T Mach-T ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 19 / 21
54 Experimental Results HT Library (Payloads) Payloads Name Effect Blocks Edges Payload-T001 Infor. leakage Payload-T002 Increase Power 8 9 Payload-T003 Covert Channel Payload-T004 Leakage Current Payload-T005 Modify memory 7 7 Payload-T006 Modify output 7 7 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 19 / 21
55 Experimental Results Characteristics of Benchmarks Name # Diff. Instances Min. # Blocks Trust-HUB Benchmarks Max. # Blocks Min. # Edges Max. # Edges AES RS BasicRSA Name Cryptoplatform (CPU + memory + 5 crypto cores) # Diff. Instances Min. # Blocks Max. # Blocks Min. # Edges Max. # Edges Crypto ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 19 / 21
56 Experimental Results Quantitative Evaluation Trust-HUB Benchmarks Family [A] [B] [C] [C]* This work AES 3/18 9/18 0/18 18/18 18/18 RS232 0/10 0/10 9/10 10/10 10/10 BasicRSA 0/4 2/4 4/4 4/4 4/4 A à [J. Rajendran et al., Detecting Malicious Modifications of Data in Third-Party Intellectual Property Cores, DAC 15] B à [J. Rajendran et al., Formal Security Verification of Third-Party Intellectual Property Cores for Information Leakage, VLSID 16] C à [S. K. Haider et al., HaTCh: Hardware Trojan Catcher, 14] * Assuming they are activated during the learning phase ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 19 / 21
57 Experimental Results Qualitative Evaluation Proposed Approach for Trust-HUB Benchmarks Name Matches Conf HT Conf MAX False+ Time (s) AES-T AES-T AES-T RS232-T BasicRSA-T (Full results in the paper or in the poster) ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 19 / 21
58 Experimental Results Qualitative Evaluation Proposed Approach for Cryptoplatform Name Matches Conf HT Conf MAX False+ Time (s) Crypto-T N/A 0.35 N/A Crypto-T Crypto-T Crypto-T Crypto-T ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 19 / 21
59 Conclusions We presented an automatic approach for the detection of hardware Trojans at RTL 1. Our approach is general: it adopts an approach independent from the specific hardware Trojan 2. Our approach is extendible: new Trojans can be easily added to the Hardware Trojan Library 3. Our approach is fast: it takes only few seconds to find hardware Trojans in large DUVs ACM/IEEE CODES + ISSS 2017, Seoul, South Korea 20 / 21
60 ACM/IEEE CODES + ISSS 2017, Seoul, South Korea Efficient Control-Flow Subgraph Matching for Detecting Hardware Trojans in RTL Models Questions? Speaker: Luca Piccolboni Columbia University, NY, USA University of Verona, Verona, Italy
HaTCh: State-of-the-Art in Hardware Trojan Detection
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 9a HaTCh follows http://arxiv.org/abs/1605.08413 and https://eprint.iacr.org/2014/943.pdf HaTCh: State-of-the-Art in Hardware Trojan Detection Marten
More informationBroadening the Exploration of the Accelerator Design Space in Embedded Scalable Platforms
IEEE High Performance Extreme Computing Conference (HPEC), 2017 Broadening the Exploration of the Design Space in Embedded Scalable Platforms Luca Piccolboni, Paolo Mantovani, Giuseppe Di Guglielmo, Luca
More informationStimuli Generation through Invariant Mining for Black-Box Verification
Stimuli through Invariant Mining for Black-Box Verification Luca Piccolboni Department of Computer Science University of Verona, Italy Email: luca.piccolboni@univr.it Graziano Pravadelli Department of
More informationA Score-Based Classification Method for Identifying Hardware-Trojans at Gate-Level Netlists
A Score-Based Classification Method for Identifying Hardware-Trojans at Gate-Level Netlists Masaru Oya, Youhua Shi, Masao Yanagisawa, Nozomu Togawa Department of Computer Science and Communications Engineering,
More informationHardware Design and Simulation for Verification
Hardware Design and Simulation for Verification by N. Bombieri, F. Fummi, and G. Pravadelli Universit`a di Verona, Italy (in M. Bernardo and A. Cimatti Eds., Formal Methods for Hardware Verification, Lecture
More informationPreventive Techniques for Hardware Trojans
Masaryk University Faculty of Informatics Preventive Techniques for Hardware Trojans Master Thesis Manoja Kumar Das Hyderabad, December 216 Masaryk University Faculty of Informatics Preventive Techniques
More informationCoverage Metrics for Functional Validation of Hardware Designs
Coverage Metrics for Functional Validation of Hardware Designs Serdar Tasiran, Kurt Keutzer IEEE, Design & Test of Computers,2001 Presenter Guang-Pau Lin What s the problem? What can ensure optimal use
More informationInvasion of Malware Evading the Behavior-based Analysis
Invasion of Malware Evading the Behavior-based Analysis Memory-Based Exploit Analysis of AhnLab MDS Feb. 21, 2014 Content Introduction... 3 Ever-evolving Malware Bypass Even Sandbox-based Behavior Analysis...
More informationDirected Test Generation using Concolic Testing on RTL models
Directed Test Generation using Concolic Testing on RTL models Alif Ahmed, Farimah Farahmandi and Prabhat Mishra Department of Computer & Information Science & Engineering University of Florida, USA Abstract
More informationArchitectural Primitives for Secure Computation Platforms
University of Connecticut OpenCommons@UConn Doctoral Dissertations University of Connecticut Graduate School 8-25-2017 Architectural Primitives for Secure Computation Platforms Syed Kamran Haider University
More informationTowards Automation of Timing-Model Derivation. AbsInt Angewandte Informatik GmbH
Towards Automation of Timing-Model Derivation Markus Pister Marc Schlickling AbsInt Angewandte Informatik GmbH Motivation Growing support of human life by complex embedded systems Safety-critical systems
More informationHardware Security. Chester Rebeiro IIT Madras
Hardware Security Chester Rebeiro IIT Madras 1 Physically Unclonable Functions Physical Unclonable Functions and Applications: A Tutorial http://ieeexplore.ieee.org/document/6823677/ Edge Devices 1000s
More informationOptimizing Blocks in an SoC Using
Optimizing Blocks in an SoC Using Symbolic Code-Statement t t Reachability Analysis Hong-Zu Chou January 21, 2010 Hong-Zu Chou, Kai-Hui Chang, Sy-Yen Kuo, National Taiwan Univ., Taipei, Taiwan Avery Design
More informationHECTOR: Formal System-Level to RTL Equivalence Checking
ATG SoC HECTOR: Formal System-Level to RTL Equivalence Checking Alfred Koelbl, Sergey Berezin, Reily Jacoby, Jerry Burch, William Nicholls, Carl Pixley Advanced Technology Group Synopsys, Inc. June 2008
More informationA Proposal for a More Generic, More Accountable, Verilog DCC 2010
A Proposal for a More Generic, More Accountable, Verilog Cherif Salama Walid Taha DCC 2010 Technology Gap Verilog/VHDL progress vs. manufacturing technology progress 2 Technology Gap Verilog/VHDL progress
More informationCombining Static and Dynamic Contract Checking for Curry
Michael Hanus (CAU Kiel) Combining Static and Dynamic Contract Checking for Curry LOPSTR 2017 1 Combining Static and Dynamic Contract Checking for Curry Michael Hanus University of Kiel Programming Languages
More informationEvaluating BFT Protocols for Spire
Evaluating BFT Protocols for Spire Henry Schuh & Sam Beckley 600.667 Advanced Distributed Systems & Networks SCADA & Spire Overview High-Performance, Scalable Spire Trusted Platform Module Known Network
More informationIntruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:
Intruders significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: masquerader misfeasor clandestine user varying levels of competence
More informationHow to (not) Share a Password:
How to (not) Share a Password: Privacy preserving protocols for finding heavy hitters with adversarial behavior Moni Naor Benny Pinkas Eyal Ronen Passwords First modern use in MIT's CTSS (1961) Passwords
More informationOptCE: A Counterexample-Guided Inductive Optimization Solver
Federal University of Amazonas (UFAM) Postgraduate Program in Electrical Engineering (PPGEE) OptCE: A Counterexample-Guided Inductive Optimization Solver Higo Albuquerque, Rodrigo Araújo, Iury Bessa, Lucas
More informationFormalization of Incremental Simplex Algorithm by Stepwise Refinement
Formalization of Incremental Simplex Algorithm by Stepwise Refinement Mirko Spasić, Filip Marić Faculty of Mathematics, University of Belgrade FM2012, 30. August 2012. Overview 1 Introduction 2 Approach
More informationCombinational Equivalence Checking Using Incremental SAT Solving, Output Ordering, and Resets
ASP-DAC 2007 Yokohama Combinational Equivalence Checking Using Incremental SAT Solving, Output ing, and Resets Stefan Disch Christoph Scholl Outline Motivation Preliminaries Our Approach Output ing Heuristics
More informationSymbolic Synthesis of Observability Requirements for Diagnosability
Symbolic Synthesis of Observability Requirements for Diagnosability B. Bittner 1,2 M.Bozzano 2 A. Cimatti 2 X. Olive 3 1 University of Amsterdam, Science Park 904, 1098XH Amsterdam, The Netherlands bittner@science.uva.nl
More informationDEMYSTIFYING INTEL IVY BRIDGE MICROARCHITECTURE
DEMYSTIFYING INTEL IVY BRIDGE MICROARCHITECTURE Roger Luis Uy College of Computer Studies, De La Salle University Abstract: Tick-Tock is a model introduced by Intel Corporation in 2006 to show the improvement
More informationECE468 Computer Organization and Architecture. Designing a Single Cycle Datapath
ECE468 Computer Organization and Architecture Designing a Single Cycle Datapath ECE468 datapath1 The Big Picture: Where are We Now? The Five Classic Components of a Computer Processor Control Input Datapath
More informationEfficient Circuit to CNF Conversion
Efficient Circuit to CNF Conversion Panagiotis Manolios and Daron Vroon College of Computing, Georgia Institute of Technology, Atlanta, GA, 30332, USA http://www.cc.gatech.edu/home/{manolios,vroon} Abstract.
More informationQualification of Verification Environments Using Formal Techniques
Qualification of Verification Environments Using Formal Techniques Raik Brinkmann DVClub on Verification Qualification April 28 2014 www.onespin-solutions.com Copyright OneSpin Solutions 2014 Copyright
More informationSupport for RISC-V. Lauterbach GmbH. Bob Kupyn Lauterbach Markus Goehrle - Lauterbach GmbH
Company Lauterbach Profile Debug Support for RISC-V Lauterbach GmbH Bob Kupyn Lauterbach USA @2016 Markus Goehrle - Lauterbach GmbH Leading Manufacturer of Microprocessor Development Tools Founded in 1979
More informationModel Checking Embedded C Software using k-induction and Invariants
FEDERAL UNIVERSITY OF RORAIMA and FEDERAL UNIVESITY OF AMAZONAS Model Checking Embedded C Software using k-induction and Invariants Herbert Rocha, Hussama Ismail, Lucas Cordeiro and Raimundo Barreto Agenda
More informationLeveraging Formal Verification Throughout the Entire Design Cycle
Leveraging Formal Verification Throughout the Entire Design Cycle Verification Futures Page 1 2012, Jasper Design Automation Objectives for This Presentation Highlight several areas where formal verification
More informationAdministrivia. ECE/CS 5780/6780: Embedded System Design. Acknowledgements. What is verification?
Administrivia ECE/CS 5780/6780: Embedded System Design Scott R. Little Lab 8 status report. Set SCIBD = 52; (The Mclk rate is 16 MHz.) Lecture 18: Introduction to Hardware Verification Scott R. Little
More informationLecture 9. VHDL, part IV. Hierarchical and parameterized design. Section 1 HIERARCHICAL DESIGN
Lecture 9 VHDL, part IV Hierarchical and parameterized design Section 1 HIERARCHICAL DESIGN 2 1 Dealing with Large Digital System Design 1. Apply hierarchy to the design At the highest level use larger
More informationCh 5: Designing a Single Cycle Datapath
Ch 5: esigning a Single Cycle path Computer Systems Architecture CS 365 The Big Picture: Where are We Now? The Five Classic Components of a Computer Processor Control Memory path Input Output Today s Topic:
More informationNITGEN FIM5360. Datasheet FIM5360. Version Supported Firmware Version: 1.11 or above
NITGEN FIM5360 Stand-Alone Fingerprint Identification Device with Built-in CPU Datasheet Supported Firmware Version: 1.11 or above Version 1.04 NITGEN Page: 1 Copyright 2011 NITGEN Co., Ltd. ALL RIGHTS
More informationTowards a Search-based Interactive Configuration of Cyber Physical. System Product Lines 1
Towards a Search-based Interactive Configuration of Cyber Physical System Product Lines Kunming Nie, Tao Yue, Shaukat Ali Software Engineering Institute, Beihang University, Beijing, China niekunming@cse.buaa.edu.cn
More informationChapter 18: Evaluating Systems
Chapter 18: Evaluating Systems Goals Trusted Computer System Evaluation Criteria FIPS 140 Common Criteria SSE-CMM Slide #18-1 Overview Goals Why evaluate? Evaluation criteria TCSEC (aka Orange Book) FIPS
More informationTrust, but Verify. Two-Phase Typing for Dynamic Languages. Panagiotis Vekris, Benjamin Cosman, Ranjit Jhala. University of California, San Diego
Trust, but Verify Two-Phase Typing for Dynamic Languages Panagiotis Vekris, Benjamin Cosman, Ranjit Jhala University of California, San Diego Scripting Languages Then Perl is the duct tape of the Internet.
More informationEfficient Static Timing Analysis Using a Unified Framework for False Paths and Multi-Cycle Paths
Efficient Static Timing Analysis Using a Unified Framework for False Paths and Multi-Cycle Paths Shuo Zhou, Bo Yao, Hongyu Chen, Yi Zhu and Chung-Kuan Cheng University of California at San Diego La Jolla,
More informationMapping-Aware Constrained Scheduling for LUT-Based FPGAs
Mapping-Aware Constrained Scheduling for LUT-Based FPGAs Mingxing Tan, Steve Dai, Udit Gupta, Zhiru Zhang School of Electrical and Computer Engineering Cornell University High-Level Synthesis (HLS) for
More informationApplying Multi-Core Model Checking to Hardware-Software Partitioning in Embedded Systems
V Brazilian Symposium on Computing Systems Engineering Applying Multi-Core Model Checking to Hardware-Software Partitioning in Embedded Systems Alessandro Trindade, Hussama Ismail, and Lucas Cordeiro Foz
More informationEECS 219C: Formal Methods Syntax-Guided Synthesis (selected/adapted slides from FMCAD 13 tutorial by R. Alur) Sanjit A. Seshia EECS, UC Berkeley
EECS 219C: Formal Methods Syntax-Guided Synthesis (selected/adapted slides from FMCAD 13 tutorial by R. Alur) Sanjit A. Seshia EECS, UC Berkeley Solving SyGuS Is SyGuS same as solving SMT formulas with
More informationBlock-wise abstract interpretation by combining abstract domains with SMT
Block-wise abstract interpretation by combining abstract domains with SMT Jiahong Jiang, Liqian Chen, Xueguang Wu, Ji Wang National University of Defense Technology, China 01/16/2017 VMCAI 2017 Overview
More informationOpenVera Assertions. March Synopsys, Inc.
OpenVera Assertions March 2003 2003 Synopsys, Inc. Introduction The amount of time and manpower that is invested in finding and removing bugs is growing faster than the investment in creating the design.
More informationCSE507. Practical Applications of SAT. Computer-Aided Reasoning for Software. Emina Torlak
Computer-Aided Reasoning for Software CSE507 Practical Applications of SAT courses.cs.washington.edu/courses/cse507/18sp/ Emina Torlak emina@cs.washington.edu Today Past 2 lectures The theory and mechanics
More informationReasoning about Timed Systems Using Boolean Methods
Reasoning about Timed Systems Using Boolean Methods Sanjit A. Seshia EECS, UC Berkeley Joint work with Randal E. Bryant (CMU) Kenneth S. Stevens (Intel, now U. Utah) Timed System A system whose correctness
More informationBM214E Object Oriented Programming Lecture 4
BM214E Object Oriented Programming Lecture 4 Computer Numbers Integers (byte, short, int, long) whole numbers exact relatively limited in magnitude (~10 19 ) Floating Point (float, double) fractional often
More informationA Controller Testability Analysis and Enhancement Technique
A Controller Testability Analysis and Enhancement Technique Xinli Gu Erik Larsson, Krzysztof Kuchinski and Zebo Peng Synopsys, Inc. Dept. of Computer and Information Science 700 E. Middlefield Road Linköping
More informationAdvanced Verification Topics. Bishnupriya Bhattacharya John Decker Gary Hall Nick Heaton Yaron Kashai Neyaz Khan Zeev Kirshenbaum Efrat Shneydor
шт Bishnupriya Bhattacharya John Decker Gary Hall Nick Heaton Yaron Kashai Neyaz Khan Zeev Kirshenbaum Efrat Shneydor Preface xv 1 Introduction to Metric-Driven Verification 1 1.1 Introduction 1 1.2 Failing
More informationThe MIPS Processor Datapath
The MIPS Processor Datapath Module Outline MIPS datapath implementation Register File, Instruction memory, Data memory Instruction interpretation and execution. Combinational control Assignment: Datapath
More informationBasics of Performance Engineering
ERLANGEN REGIONAL COMPUTING CENTER Basics of Performance Engineering J. Treibig HiPerCH 3, 23./24.03.2015 Why hardware should not be exposed Such an approach is not portable Hardware issues frequently
More informationAXI4-Stream Verification IP v1.0
AXI4-Stream Verification IP v1.0 LogiCORE IP Product Guide Vivado Design Suite Table of Contents IP Facts Chapter 1: Overview Feature Summary..................................................................
More informationVID (Voltage ID) features require timing analysis on even more corners
Mehmet Avci Number of Corners for Typical Part Introduction The number of signoff PVT corners is increasing VID (Voltage ID) features require timing analysis on even more corners Designers try to reduce
More informationAutomata-based Model Counting for String Constraints. Abdulbaki Aydin, Lucas Bang, Tevfik Bultan
Automata-based Model Counting for String Constraints Abdulbaki Aydin, Lucas Bang, Tevfik Bultan https://vlab.cs.ucsb.edu Model Counting for String Constraints Automata-Based model Counter (ABC) 2 Can you
More informationQuantitative Timing Analysis of UML Activity Digrams using Statistical Model Checking
Quantitative Timing Analysis of UML Activity Digrams using Statistical Model Checking Fan Gu 1, Xinqian Zhang 1, Mingsong Chen 1, Daniel Grosse 2 and Rolf Drechsler 2 1 Institute of CS & SE, East China
More informationOutline. EEL-4713 Computer Architecture Designing a Single Cycle Datapath
Outline EEL-473 Computer Architecture Designing a Single Cycle path Introduction The steps of designing a processor path and timing for register-register operations path for logical operations with immediates
More informationModule 4. Constraint satisfaction problems. Version 2 CSE IIT, Kharagpur
Module 4 Constraint satisfaction problems Lesson 10 Constraint satisfaction problems - II 4.5 Variable and Value Ordering A search algorithm for constraint satisfaction requires the order in which variables
More informationTimed Compiled-Code Functional Simulation of Embedded Software for Performance Analysis of SOC Design
IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 22, NO. 1, JANUARY 2003 1 Timed Compiled-Code Functional Simulation of Embedded Software for Performance Analysis of
More information12. Use of Test Generation Algorithms and Emulation
12. Use of Test Generation Algorithms and Emulation 1 12. Use of Test Generation Algorithms and Emulation Jacob Abraham Department of Electrical and Computer Engineering The University of Texas at Austin
More informationPredicate Refinement Heuristics in Program Verification with CEGAR
Predicate Refinement Heuristics in Program Verification with CEGAR Tachio Terauchi (JAIST) Part of this is joint work with Hiroshi Unno (U. Tsukuba) 1 Predicate Abstraction with CEGAR Iteratively generate
More informationA Scalable Algorithm for Minimal Unsatisfiable Core Extraction
A Scalable Algorithm for Minimal Unsatisfiable Core Extraction Nachum Dershowitz 1, Ziyad Hanna 2, and Alexander Nadel 1,2 1 School of Computer Science, Tel Aviv University, Ramat Aviv, Israel {nachumd,
More informationRTA-OSEK Texas Instruments TMS570 with the TI Compiler
RTA-OSEK Texas Instruments TMS570 with the TI Compiler Features at a Glance OSEK/VDX OS v2.2 Certified OS RTOS overhead: 28 bytes RAM, 176 bytes ROM Category 2 interrupt latency: 214 CPU cycles Applications
More informationNITGEN FIM40 Series. Datasheet FIM40N. Version Stand-Alone Fingerprint Identification Device with Built-in CPU. Standalone with built-in CPU
NITGEN FIM40 Series Stand-Alone Fingerprint Identification Device with Built-in CPU Datasheet Version 1.01 NITGEN Page: 1 Copyright 2011 NITGEN Co., Ltd. ALL RIGHTS RESERVED Serial Number: Specifications
More informationTHE globalization of the semiconductor supply chain
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 12, NO. 2, FEBRUARY 2017 405 Eliminating the Hardware-Software Boundary: A Proof-Carrying Approach for Trust Evaluation on Computer Systems
More informationSIMCom: Statistical Sniffing of Inter-Module Communications for Runtime Hardware Trojan Detection
arxiv:191.7299v1 [cs.cr] 4 Nov 218 SIMCom: Statistical Sniffing of Inter-Module Communications for Runtime Hardware Trojan Detection Faiq Khalid, Syed Rafay Hasan, Osman Hasan, Falah Awwad, Muhammad Shafique
More informationSignal Connections CHAPTER
2 CHAPTER 3 Signal Connections This chapter provides useful information on how to connect input and output signals to the USB-4704 via the I/O connectors. Sections include: Overview I/O Connectors Analog
More informationDocumentation for LISP in BASIC
Documentation for LISP in BASIC The software and the documentation are both Copyright 2008 Arthur Nunes-Harwitt LISP in BASIC is a LISP interpreter for a Scheme-like dialect of LISP, which happens to have
More informationRTA-OSEK Texas Instruments TMS470R1x with the TI Compiler
RTA-OSEK Texas Instruments TMS470R1x with the TI Compiler Features at a Glance OSEK/VDX OS v2.2 Certified OS RTOS overhead: 30 bytes RAM, 144 bytes ROM Category 2 interrupt latency: 87 CPU cycles Applications
More informationCisco Advanced Malware Protection (AMP) for Endpoints
Cisco Advanced Malware Protection (AMP) for Endpoints Endpoints continue to be the primary point of entry for attacks! 70% of breaches start on endpoint devices WHY? Gaps in protection Gaps in visibility
More informationScalable Test Generation by Interleaving Concrete and Symbolic Execution
Scalable Test Generation by Interleaving Concrete and Symbolic Execution Xiaoke Qin and Prabhat Mishra Department of Computer and Information Science and Engineering University of Florida, Gainesville
More informationHow to (not) Share a Password:
How to (not) Share a Password: Privacy preserving protocols for finding heavy hitters with adversarial behavior Moni Naor Benny Pinkas Eyal Ronen Passwords First modern use in MIT's CTSS (1961) Passwords
More informationAdvanced Computer Architecture
Advanced Computer Architecture Lecture No. 22 Reading Material Vincent P. Heuring&Harry F. Jordan Chapter 5 Computer Systems Design and Architecture 5.3 Summary Microprogramming Working of a General Microcoded
More informationEfficiently Solving Bit-Vector Problems Using Model Checkers
Efficiently Solving Bit-Vector Problems Using Model Checkers Institute for Formal Models and Verification Johannes Kepler University, Linz, Austria http://fmv.jku.at SMT 2013 July 8 - July 9, 2013 Helsinki,
More informationRegister Transfer Methodology II
Register Transfer Methodology II Chapter 12 1 Outline 1. Design example: One shot pulse generator 2. Design Example: GCD 3. Design Example: UART 4. Design Example: SRAM Interface Controller 5. Square root
More informationOutline. Register Transfer Methodology II. 1. One shot pulse generator. Refined block diagram of FSMD
Outline Register Transfer Methodology II 1. Design example: One shot pulse generator 2. Design Example: GCD 3. Design Example: UART 4. Design Example: SRAM Interface Controller 5. Square root approximation
More informationNITGEN FIM5360. Datasheet FIM5360. Version Stand-Alone Fingerprint Identification Device with Built-in CPU. Standalone with built-in CPU
NITGEN FIM5360 Stand-Alone Fingerprint Identification Device with Built-in CPU Datasheet Version 1.00 NITGEN Page: 1 Copyright 2010 NITGEN Co., Ltd. ALL RIGHTS RESERVED Serial Number: Specifications can
More informationThe Big Picture: Where are We Now? EEM 486: Computer Architecture. Lecture 3. Designing a Single Cycle Datapath
The Big Picture: Where are We Now? EEM 486: Computer Architecture Lecture 3 The Five Classic Components of a Computer Processor Input Control Memory Designing a Single Cycle path path Output Today s Topic:
More informationEnd-to-end formal ISA verification of RISC-V processors with riscv-formal. Clifford Wolf
End-to-end formal ISA verification of RISC-V processors with riscv-formal Clifford Wolf About RISC-V RISC-V is an Open Instruction Set Architecture (ISA) Can be freely used for any purpose Many implementations
More informationSystem LAV and Its Applications
Progress in Decision Procedures: From Formalizations to Applications Belgrade, March 30, 2013. Overview, Viktor Kuncak Development and Evaluation of : an SMT-Based Error Finding Platform. Verified Software:
More informationVortex: A New Family of One-way Hash Functions Based on AES Rounds and Carry-less Multiplication
Vortex: A New Family of One-way Hash Functions Based on AES Rounds and Carry-less ultiplication Shay Gueron 2, 3, 4 and ichael E. Kounavis 1 1 Corresponding author, Corporate Technology Group, Intel Corporation,
More informationMEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING
FEDERAL UNIVERSITY OF AMAZONAS INSTITUTE OF COMPUTING GRADUATE PROGRAM IN COMPUTER SCIENCE MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING Herbert Rocha, Raimundo Barreto,
More informationInsider Threats. Nathalie Baracaldo. School of Information Sciences. March 26 th, 2015
Insider Threats Nathalie Baracaldo Ph.D. Candidate date School of Information Sciences March 26 th, 2015 1 Insider Attacks According to CERT insider attackers are defined as: Currently or previously employed
More informationExtracting the K-most Critical Paths in Multi-corner Multi-mode for Fast Static Timing Analysis
JOURNAL OF SEMICONDUCTOR TECHNOLOGY AND SCIENCE, VOL.16, NO.6, DECEMBER, 2016 ISSN(Print) 1598-1657 https://doi.org/10.5573/jsts.2016.16.6.771 ISSN(Online) 2233-4866 Extracting the K-most Critical Paths
More informationSYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet
SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document
More informationUNDERSTANDING PROGRAMMING BUGS IN ANSI-C SOFTWARE USING BOUNDED MODEL CHECKING COUNTER-EXAMPLES
FEDERAL UNIVERSITY OF AMAZONAS INSTITUTE OF COMPUTING GRADUATE PROGRAM IN COMPUTER SCIENCE UNDERSTANDING PROGRAMMING BUGS IN ANSI-C SOFTWARE USING BOUNDED MODEL CHECKING COUNTER-EXAMPLES Herbert Oliveira
More informationA VHDL Error Simulator for Functional Test Generation
A Error Simulator for Functional Test Generation Alessandro Fin Franco Fummi DST Informatica Università di Verona, 37134 Verona, ITALY Abstract This paper describes an efficient error simulator able to
More informationKey Security Issues for implementation of Digital Currency, including ITU-T SG17 activities
ITU Workshop on FG DFC Workshop on Standards for Digital Fiat Currency (DFC) () Key Issues for implementation of Digital Currency, including ITU-T SG17 activities Heung Youl Youm, PhD. Chairman of ITU-T
More informationSTANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange
STANDARD INFORMATION SHARING FORMATS Will Semple Head of Threat and Vulnerability Management New York Stock Exchange AGENDA Information Sharing from the Practitioner s view Changing the focus from Risk
More informationUnderstanding Layer 2 Encryption
Understanding Layer 2 Encryption TECHNICAL WHITEPAPER Benefits of Layer 2 Encryption Lowest cost of ownership Better bandwith efficiency (up to 50%) Minimal ongoing maintenance routing updates transparent
More informationPluggable SAT-Solvers for SMT-Solvers
Pluggable SAT-Solvers for SMT-Solvers Bas Schaafsma DISI, University of Trento & Fondazione Bruno Kessler May 29, 2013 http://mathsat.fbk.eu/ 1 The SAT/SMT problem Applications of SAT/SMT-Solvers Motivation
More informationLS4600 INSTRUCTION MANUAL. Thank you for choosing another quality product from Amperes Electronics. Speaker Line Surveillance
INSTRUCTION MANUAL LS4600 Speaker Line Surveillance Thank you for choosing another quality product from Amperes Electronics. LS4600 was produced out of extensive research and development effort in which
More informationCOMPUTER SCIENCE/INFORMATION SYSTEMS DEGREE PLAN
COMPUTER SCIENCE/INFORMATION SYSTEMS DEGREE PLAN YEAR 1, SEMESTER 1 YEAR 1, SEMESTER 2 Composition I 3 Composition II 3 Calculus I 5 Calculus II 5 Humanistic (Religion) 3 Physics I 5 Total Wellness 2 Statistics
More informationComputer Security CS 426 Lecture 17
Computer Security CS 426 Lecture 17 Trusted Computing Base. Orange Book, Common Criteria Elisa Bertino Purdue University IN, USA bertino@cs.purdue.edu 1 Trusted vs. Trustworthy A component of a system
More informationTrigger on TSW1400 DAC and ADC HSDC Pro
Trigger on TSW1400 DAC and ADC HSDC Pro 4.10 + DAC Trigger functionality The DAC functionality for Triggering allows and external trigger on the J11 External Trig Input SMA. This rising edge will cause
More informationCounterexample Guided Inductive Optimization Applied to Mobile Robot Path Planning SBR/LARS 2017
Cnterexample Guided Inductive Optimization Applied to Mobile Robot Path Planning SBR/LARS 2017 Rodrigo Araújo, Alexandre Ribeiro, Iury Bessa, Lucas Cordeiro, and João Edgar Chaves Filho Federal University
More informationGenerating High Coverage Tests for SystemC Designs Using Symbolic Execution. Bin Lin Department of Computer Science Portland State University
Generating High Coverage Tests for SystemC Designs Using Symbolic Execution Bin Lin Department of Computer Science Portland State University 1 Agenda Introduction Related work and Background Our Approach
More informationModel Checking and Its Applications
Model Checking and Its Applications Orna Grumberg Technion, Israel Verification and Deduction Mentoring Workshop July 13, 2018 1 Personal data Ph.d. in (non-automated) verification Postdoc in Model Checking
More informationVariability Modeling and Resolution in Component-based Robotics Systems
Variability Modeling and Resolution in Component-based Robotics Systems Luca Gherardi, Davide Brugali University Of Bergamo, Italy - Sankt Augustin - May 09, 2012 1 Agenda Application and Application Family
More informationHardware-Software Codesign. 9. Worst Case Execution Time Analysis
Hardware-Software Codesign 9. Worst Case Execution Time Analysis Lothar Thiele 9-1 System Design Specification System Synthesis Estimation SW-Compilation Intellectual Prop. Code Instruction Set HW-Synthesis
More informationQuteSat. A Robust Circuit-Based SAT Solver for Complex Circuit Structure. Chung-Yang (Ric) Huang National Taiwan University
QuteSat A Robust Circuit-Based SAT Solver for Complex Circuit Structure Chung-Yang (Ric) Huang National Taiwan University To appear: DATE 27 2/1/27 Fact Sheet (Background) Boolean Satisfiability (SAT)
More informationAn Evaluation of the Advantages of Moving from a VHDL to a UVM Testbench by Shaela Rahman, Baker Hughes
An Evaluation of the Advantages of Moving from a VHDL to a UVM Testbench by Shaela Rahman, Baker Hughes FPGA designs are becoming too large to verify by visually checking waveforms, as the functionality
More information