Building a Comprehensive Hardware Security Methodology
Tortuga Logic
There has been an exponential growth in hardware security vulnerabilities over the last several years. To address this, many companies have created dedicated security teams that span across the organization. For example, marketing, legal departments and design and verification engineers are frequently involved to effectively mitigate and understand the security risks. For this entire process to be productive, an end-to-end methodology from security requirement specification to security sign-off is required.
In this short workshop, we will propose a robust security program that helps prevent semiconductor security vulnerabilities during chip design and verification. The proposed steps can broadly be broken down into three concise steps:
Defining Security Requirements
Executing Security Verification
Performing a Security Sign-off
For step 1, security requirements are collected before or during the early stages of architecture design and include specifying relevant business requirements, identifying critical design assets, and addressing known hardware weaknesses from industry established weakness databases such as the Common Weakness Enumeration (CWE) list maintained by MITRE.
For step 2, the security requirements are encoded into verifiable rules which are regularly applied as the chip is designed and verified.
Lastly, in step 3, a security signoff phase is executed before tape-out to ensure compliance against all specified security requirements, and proper execution of the specified security rules.
Throughout the workshop, participants will learn about security verification challenges and limitations of existing approaches as well as the steps required for an efficient methodology.
They will also learn how Tortuga Logic’s information flow based security verification technology can provide a powerful and natural approach to verify security requirements. Attendees will learn how security requirements can be easily translated to verifiable rules which are integrated in existing verification environments from Cadence, Synopsys, and Siemens EDA.
Finally, to demonstrate this by example, several customer case studies showing real identified security vulnerabilities and a comprehensive live demo on an Arm Cortex-M3 based SoC will be shown. This will allow participants to understand the scope of real vulnerabilities and the operation of Radix to identify and debug SoC security issues.