# **Toward Trusted 3rd-Party Microprocessor Cores:** A Proof Carrying Code Approach

Pls: Dr. Yier Jin, Department of Electrical and Computer Engineering, University of Central Florida, <u>yier.jin@eecs.ucf.edu</u> Dr. Yiorgos Makris, Department of Electrical Engineering, The University of Texas at Dallas, yiorgos.makris@utdallas.edu

The objective of this project is to eliminate the security concern due to the prevailing usage of hardware Intellectual Property (IP) cores from third-parties (untrusted) vendors.

Existing approaches rarely secure the entire computer system because of the semantic gap between the hardware and the software.

Existing formal verification frameworks for IP trustworthiness evaluation are often not scalable to microprocessors and SoC designs.

## **ATTACK MODEL**

Malicious logic/Design faults may be inserted by an untrusted agent at the design stage in the third party IP design house. Payloads: sensitive information leakage, design functionality modification, and/or denial-of-service to the hardware.



Figure 1. Proof-Carrying Hardware IP Working Procedure.

### Approach

Proof-Carrying Hardware (PCH) The PCH framework certifies that soft IPs are trustworthy if certain carefully specified security properties hold [1].

A Theorem Prover - Coq Coq proof assistant is used to represent security properties, hardware designs, and formal proofs.



Type 1



Lemma Development Lemma Development for Individual Inst for Individual Inst Type M

Lemma Development

#### Theorem Proving and Model Checking Integration Theorem BufferOverflow Cycle 1:

Reduce the amount of effort required for translating the HDL design and proving the security theorem through combining theorem prover (Coq) and model checker (IFV) together. [4]



#### **REFERENCES**

[1] X. Guo, R. Dutta, Y. Jin, F. Farahmandi, and P. Mishra, "Pre-silicon security verification and validation: A formal perspective," in Design Automation Conference (DAC), 52nd ACM/EDAC/IEEE, June 2015, pp.1–6.

[2] X. Guo, R. Dutta, and Y. Jin, "Eliminating the Hardware-Software Boundary: A Proof-Carrying Approach for Trust Evaluation on Computer Systems," IEEE Transactions on Information Forensics and Security (TIFS) (to appear).

[3] M.-M. Bidmeshki, and Y. Makris, "Toward automatic proof generation for information flow policies in third-party hardware IP," in IEEE Symposium on Hardware-Oriented Security and Trust (HOST), 2015, pp. 163–168.

[4] X. Guo, R. Dutta, P. Mishra, and Y. Jin, "Scalable SoC Trust Verification using Integrated Theorem Proving and Model Checking," IEEE Symposium on Hardware Oriented Security and Trust (HOST), 2016, pp. 124-129.

Interested in meeting the PIs? Attach post-it note below!



National Science Foundation WHERE DISCOVERIES BEGIN

NSF Secure and Trustworthy Cyberspace 3<sup>rd</sup> Biennial Principal Investigator Meeting Jan. 9<sup>th</sup> - 11<sup>th</sup> 2017 Arlington, VA