Tortuga Logic is hosting a webinar on Tuesday, August 18th from 12 to 1PM PDT, in which Xilinx will present their experiences in using the Tortuga Logic Radix-S and Radix-M products for security verification of root of trust in their advanced SoC FPGAs. REGISTER HERE to attend the webinar.
In general security verification is problematic for several reasons:
- Traditional dynamic methods, even with constrained random, struggle to find the “abuse” type of problems that are common in security attacks. Even the best of directed+random tests still explore around nominal expected behaviors.
- Directed (+random) tests only exercise specific behavior instances, lacking the completeness you want for robust security signoff.
- Security problems often span between hardware and software. Formal would be helpful for completeness in the hardware but cannot help with the software part of the problem.
By their nature, Xilinx products are highly configurable, which makes security verification an even more challenging problem. That Xilinx considers the Radix products an effective way to address these challenges is a pretty hefty endorsement.
XILINX USE TO VERIFY ROT SECURITY
From an advanced viewing I know that Nathan will be talking about application to security testing in several key areas:
- To zeroize key material so that confidential information cannot be leaked. Previous methods depended on sampling which was necessarily incomplete.
- To verify that flows of key material will be restricted within the root of trust
- To verify that the integrity of key information will be controlled through access controls, so that for example key data cannot be modified from the outside.
- I also know he will address the bitstream security question, always a concern for FPGA-based logic.
A key point Nathan will discuss in all of this is the importance of the Tortuga Logic information flow verification in this security testing, a capability which goes right to the heart of the completeness challenge I mentioned earlier.
Xilinx products are popular in a wide range of applications where hardware-enabled system security is a requirement. Security for Xilinx platforms is provided by a root of trust subsystem, for which a large number of security requirements must be verified to provide a sufficient level of assurance. Pre-silicon security verification is a difficult problem due to design complexity, the fact that security issues often span hardware and software, and that existing tools target functional verification and not security verification. This presentation will cover how Xilinx uses Tortuga Logic’s Radix to verify several root of trust security requirements more efficiently throughout the development lifecycle. Radix extends existing simulation and emulation flows to efficiently verify confidentiality and integrity requirements enabling an effective secure development lifecycle for hardware.
SPEAKERS: Dr. Nicole Fern is a Senior Hardware Security Engineer at Tortuga Logic. Her primary role is providing security expertise and defining future features and applications for the product line. Before joining Tortuga Logic in 2018 she was a postdoc at UC Santa Barbara. Her research focused on the topics of hardware verification and security.
Nathan Bolger is a Senior Verification Engineer at Xilinx Inc. He has been with Xilinx for 8 years as part of the front-end verification team. He is responsible for the processor subsystem of Xilinx’s SoC devices. Primarily responsible for verification of our security and configuration center for two generations of products; focusing on verification of cryptographic algorithm accelerators and device root of trust.
REGISTER HERE to attend the webinar.