Yangdi Lyu,Prabhat Mishra

DOI: https://doi.org/10.48550/arXiv.2001.06719

2020-01-18

Systems and Control

Abstract:Assertions are widely used for functional validation as well as coverage analysis for both software and hardware designs. Assertions enable runtime error detection as well as faster localization of errors. While there is a vast literature on both software and hardware assertions for monitoring functional scenarios, there is limited effort in utilizing assertions to monitor System-on-Chip (SoC) security vulnerabilities. In this paper, we identify common SoC security vulnerabilities by analyzing the design. To monitor these vulnerabilities, we define several classes of assertions to enable runtime checking of security vulnerabilities. Our experimental results demonstrate that the security assertions generated by our proposed approach can detect all the inserted vulnerabilities while the functional assertions generated by state-of-the-art assertion generation techniques fail to detect most of them.

Aruna Jayasena,Prabhat Mishra

DOI: https://doi.org/10.1145/3638046

IF: 16.6

2024-01-14

ACM Computing Surveys

Abstract:The complexity of hardware designs has increased over the years due to the rapid advancement of technology coupled with the need to support diverse and complex features. The increasing design complexity directly translates to difficulty in verifying functional behaviors as well as non-functional requirements. Simulation is the most widely used form of validation using both random and constrained-random test patterns. The random nature of test sequences can cover a vast majority of scenarios, however, it can introduce unacceptable overhead to cover all possible functional and non-functional scenarios. Directed tests are promising to cover the remaining corner cases and hard-to-detect scenarios. Manual development of directed tests can be time-consuming and error-prone. A promising avenue is to perform automated generation of directed tests. In this article, we provide a comprehensive survey of directed test generation techniques for hardware validation. Specifically, we first introduce the complexity of hardware verification to highlight the need for directed test generation. Next, we describe directed test generation using various automated techniques, including formal methods, concolic testing, and machine learning. Finally, we discuss how to effectively utilize the generated test patterns in different validation scenarios, including pre-silicon functional validation, post-silicon debug, as well as validation of non-functional requirements.

computer science, theory & methods

Rahul Kande,Hammond Pearce,Benjamin Tan,Brendan Dolan-Gavitt,Shailja Thakur,Ramesh Karri,Jeyavijayan Rajendran

DOI: https://doi.org/10.1109/tifs.2024.3372809

IF: 7.231

2024-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The security of computer systems typically relies on a hardware root of trust. As vulnerabilities in hardware can have severe implications on a system, there is a need for techniques to support security verification activities. Assertion-based verification is a popular verification technique that involves capturing design intent in a set of assertions that can be used in formal verification or testing-based checking. However, writing security-centric assertions is a challenging task. In this work, we investigate the use of emerging large language models (LLMs) for code generation in hardware assertion generation for security, where primarily natural language prompts, such as those one would see as code comments in assertion files, are used to produce SystemVerilog assertions. We focus our attention on a popular LLM and characterize its ability to write assertions out of the box, given varying levels of detail in the prompt. We design an evaluation framework that generates a variety of prompts, and we create a benchmark suite comprising real-world hardware designs and corresponding golden reference assertions that we want to generate with the LLM.

computer science, theory & methods,engineering, electrical & electronic

Kuo-Kai Hsieh,Li-C. Wang,Wen Chen,Jayanta Bhadra

DOI: https://doi.org/10.1145/3061639.3062271

2017-01-01

Abstract:Security verification relies on using direct tests manually prepared. Test preparation often requires intensive efforts from experts with in-depth domain knowledge. This work presents an approach to learn from direct tests written by an expert. After the learning, the learned model acts as a surrogate for the expert to produce new tests. The learning software comprises a database for accumulating and sharing security verification knowledge. The learning approach uses process discovery to build an upper-bound model and continuously adds constraints to refine it. We demonstrate the feasibility and effectiveness of the learning approach in a commercial SoC verification environment.

Haoyi Wang,Qiang Zhou,Yici Cai

DOI: https://doi.org/10.1145/3566097.3567921

2023-01-01

Abstract:Directed test generation is an effective method to detect potential hardware Trojan (HT) in RTL. While the existing works are able to activate hard-to-cover Trojans by covering security targets, the effectiveness and efficiency of identifying the targets to cover are ignored. We propose a static probability analysis method for identifying the hard-to-active data channel targets and generating the corresponding assertions for the HT test generation. Our method could generate test vectors to trigger Trojans from Trusthub, DeTrust, and OpenCores in 1 minute and get 104.33X time improvement on average compared with the existing method.

Yu Zhang,Wenlong Feng,Mengxing Huang

DOI: https://doi.org/10.48550/arXiv.1602.06038

2016-02-19

Abstract:Register Transfer Level (RTL) design validation is a crucial stage in the hardware design process. We present a new approach to enhancing RTL design validation using available software techniques and tools. Our approach converts the source code of a RTL design into a C++ software program. Then a powerful symbolic execution engine is employed to execute the converted C++ program symbolically to generate test cases. To better generate efficient test cases, we limit the number of cycles to guide symbolic execution. Moreover, we add bit-level symbolic variable support into the symbolic execution engine. Generated test cases are further evaluated by simulating the RTL design to get accurate coverage. We have evaluated the approach on a floating point unit (FPU) design. The preliminary results show that our approach can deliver high-quality tests to achieve high coverage.

Software Engineering,Hardware Architecture

Vaishnavi Pulavarthi,Deeksha Nandal,Soham Dan,Debjit Pal

2024-06-26

Abstract:Assertions have been the de facto collateral for simulation-based and formal verification of hardware designs for over a decade. The quality of hardware verification, \ie, detection and diagnosis of corner-case design bugs, is critically dependent on the quality of the assertions. There has been a considerable amount of research leveraging a blend of data-driven statistical analysis and static analysis to generate high-quality assertions from hardware design source code and design execution trace data. Despite such concerted effort, all prior research struggles to scale to industrial-scale large designs, generates too many low-quality assertions, often fails to capture subtle and non-trivial design functionality, and does not produce any easy-to-comprehend explanations of the generated assertions to understand assertions' suitability to different downstream validation tasks. Recently, with the advent of Large-Language Models (LLMs), there has been a widespread effort to leverage prompt engineering to generate assertions. However, there is little effort to quantitatively establish the effectiveness and suitability of various LLMs for assertion generation. In this paper, we present AssertionBench, a novel benchmark to evaluate LLMs' effectiveness for assertion generation quantitatively. AssertioBench contains 100 curated Verilog hardware designs from OpenCores and formally verified assertions for each design generated from GoldMine and HARM. We use AssertionBench to compare state-of-the-art LLMs to assess their effectiveness in inferring functionally correct assertions for hardware designs. Our experiments demonstrate how LLMs perform relative to each other, the benefits of using more in-context exemplars in generating a higher fraction of functionally correct assertions, and the significant room for improvement for LLM-based assertion generators.

Software Engineering,Machine Learning

Hasini Witharana,Daniel Volya,Prabhat Mishra

2023-03-03

Abstract:Functional validation is necessary to detect any errors during quantum computation. There are promising avenues to debug quantum circuits using runtime assertions. However, the existing approaches rely on the expertise of the verification engineers to manually design and insert the assertions in suitable locations. In this paper, we propose automated generation and placement of quantum assertions based on static analysis and random sampling of quantum circuits. Specifically, this paper makes two important contributions. We automatically uncover special properties of a quantum circuit, such as purely classical states, superposition states, and entangled states using statistical methods. We also perform automated placement of quantum assertions to maximize the functional coverage as well as minimize the hardware overhead. We demonstrate the effectiveness of the generated assertions in error detection using a suite of quantum benchmarks, including Shor's factoring algorithm and Grover's search algorithm.

Quantum Physics,Software Engineering

Wang Haoyi,Cai Yici,Zhou Qiang

DOI: https://doi.org/10.1007/s42514-020-00054-5

2020-01-01

CCF Transactions on High Performance Computing

Abstract:Many Trojan detection technologies are too time-consuming to cover the entire state space in complex designs. The valuable verification resources should be allocated to regions vulnerable to security threats. However, there are few studies on security verification resources allocation. To fill in this gap, we design a security game framework to guide the security verification resources allocation. The framework utilizes the Trojan vulnerability measurement as player utilities, so the utility value determination doesn't need any expert prior knowledge to the specific design under test. A new Stackelberg security game specific to hardware security is also proposed. The new game model minimizes the defender utility loss with the limited verification resources restriction. Due to the lack of study on RTL Trojan vulnerability measurement, we also propose a RTL security vulnerability measurement to measure each logic propagation path vulnerability quantitatively and efficiently. We apply the proposed Stackelberg security game framework to Trust-hub Trojan benchmarks written by Verilog RTL code. The experiments demonstrate that the most suspicious logic propagation path is one part of Trojan in most cases and the proposed RTL security vulnerability measurement is effective. Also, the allocation strategy calculated by security game could get security confidence as high as possible with all available resources and may also cover the Trojan even when the carefully design Trojan evade the vulnerability measurement.

Chenguang Wang,Yici Cai,Qiang Zhou,Haoyi Wang

DOI: https://doi.org/10.1109/aspdac.2018.8297287

2018-01-01

Abstract:Hardware Trojans (HT) has been one of the major concerns of IC designers, and formal methods have been applied to the HT detection. In general, the assertions for detecting HT are manually defined, which is time-consuming and error-prone even for an expert engineer. However, there is a lack of studies on the automatic definition for security assertions. To fill in this gap, we propose an automatic security assertion extraction (ASAX) tool. ASAX labels the candidate signals and infers the proposed register transfer level (RTL) invariants from simulation traces. Next, the security assertions are mined from the inferred RTL invariants. By adopting a two-step invariants inferring technique, ASAX can extract high-coverage assertions with a low runtime. We validate the effectiveness and efficiency of ASAX through experiments on the benchmarks from Trust-hub, DeTrust and OpenCores. The results show that the HT can be 100% detected by model checking with the extracted security assertions.

Jitendra Bhandari,Rajat Sadhukhan,Prashanth Krishnamurthy,Farshad Khorrami,Ramesh Karri

2024-07-17

Abstract:A globally distributed IC supply chain brings risks due to untrusted third parties. The risks span inadvertent use of hardware Trojan (HT), inserted Intellectual Property (3P-IP) or Electronic Design Automation (EDA) flows. HT can introduce stealthy HT behavior, prevent an IC work as intended, or leak sensitive data via side channels. To counter HTs, rapidly examining HT scenarios is a key requirement. While Trust-Hub benchmarks are a good starting point to assess defenses, they encompass a small subset of manually created HTs within the expanse of HT designs. Further, the HTs may disappear during synthesis. We propose a large language model (LLM) framework SENTAUR to generate a suite of legitimate HTs for a Register Transfer Level (RTL) design by learning its specifications, descriptions, and natural language descriptions of HT effects. Existing tools and benchmarks are limited; they need a learning period to construct an ML model to mimic the threat model and are difficult to reproduce. SENTAUR can swiftly produce HT instances by leveraging LLMs without any learning period and sanitizing the HTs facilitating their rapid assessment. Evaluation of SENTAUR involved generating effective, synthesizable, and practical HTs from TrustHub and elsewhere, investigating impacts of payloads/triggers at the RTL. While our evaluation focused on HT insertion, SENTAUR can generalize to automatically transform an RTL code to have defined functional modifications.

Cryptography and Security,Artificial Intelligence,Hardware Architecture

LI PENGYI,JING SUN,Pengyi Li,Jing Sun,Hai Wang

2017-01-01

Abstract:With the growing in size and complexity of modern computer systems, the need for improving the quality at all stages of software development has become a critical issue. The current software production has been largely dependent on manual code development. Despite the slow development process, the errors introduced by the programmers contribute to a substantial portion of defects in the final software product. This paper investigates the synergy of generating code and assertion constraints from formal design models and use them to verify the implementation. We translate Z formal models into their OCL counter-parts and Java assertions. With the help of existing tools, we demonstrate various checking at different levels to enhance correctness.

Karthik Maddala,Bhabesh Mali,Chandan Karfa

2024-08-13

Abstract:Writing SystemVerilog Assertions (SVA) is an important but complex step in verifying Register Transfer Level (RTL) designs. Conventionally, experts need to understand the design specifications and write the SVA assertions, which is time-consuming and error-prone. However, with the recent advancement of transformer models, the Large Language Models (LLMs) assisted assertion generation for design verification is gaining interest in recent times. Motivated by this, we proposed a novel LLM-based framework, LAAG-RV, to generate SVA from the natural language specifications of the design. Our framework provides a one-time Verilog loop for signal synchronization in the generated SVA to improve the generated assertion quality. For our experiments, we created a custom LLM based on OpenAI GPT-4. Furthermore, we developed test cases to validate the LLM-generated assertions. Initial observations show that some generated assertions contain issues and did not pass all the test cases. However, by iteratively prompting the LLMs using carefully crafted manual prompts derived from test case failures in a simulator, the framework can generate correct SVAs. Our results on OpenTitan designs demonstrate that LLMs significantly simplify the process of generating assertions, making it efficient and less error-prone.

Hardware Architecture,Emerging Technologies

Valentin Radu,Diana Dranga,Catalin Dumitrescu,Alina Iuliana Tabirca,Maria Cristina Stefan

DOI: https://doi.org/10.3390/systems12100390

2024-09-25

Systems

Abstract:This paper investigates the potential of leveraging artificial intelligence to automate and optimize the verification process, particularly in generating System Verilog assertions for an Advance Peripheral Bus verification environment using Universal Verification Methodology. Generative artificial intelligence, such as ChatGPT, demonstrated its ability to produce accurate and valuable assertions by employing text-based prompts and image-fed inputs, significantly reducing the required manual effort. This research presents a way of generating System Verilog assertions using the ChatGPT prompt, presenting an image to the Large Language Models, and requesting the assertions needed for the respective protocol. This approach shows the potential for artificial intelligence to revolutionize functional verification by automating complex tasks, ultimately ensuring faster and more reliable System-on-Chip development. The assertions generated by the Large Language Models are integrated into an existing Advance Peripheral Bus verification environment. This process involves running the assertions on a free EDA Playground platform with all three simulators (Cadence Incisive, Mentor Questa, and Synopsys Verilog Compiler Simulator). The main conclusions are that using ChatGPT-4.0 for generating System Verilog assertions significantly reduces the time and effort required for functional verification, demonstrating its potential to enhance efficiency and accuracy in verifying complex System-on-Chip designs.

Ting Chen,Xiao-Song Zhang,Shi-Ze Guo,Hong-Yuan Li,Yue Wu

DOI: https://doi.org/10.1016/j.future.2012.02.006

IF: 7.307

2013-01-01

Future Generation Computer Systems

Abstract:Dynamic symbolic execution for automated test generation consists of instrumenting and running a program while collecting path constraint on inputs from predicates encountered in branch instructions, and of deriving new inputs from a previous path constraint by an SMT (Satisfiability Modulo Theories) solver in order to steer next executions toward new program paths. It has been introduced into several applications, such as automated test generation, automated filter generation and malware analysis mainly for its two intrinsic properties: low false positives and high code-coverage. In this paper, we focus on the topics that are closely related to automated test generation. Our contributions are five-fold. First, we summarize the theoretical foundation of dynamic symbolic execution. Second, we highlight the challenges when turning ideas into reality. Besides, we describe the state-of-the-art solutions including advantages and disadvantages for those challenges. In addition, twelve typical tools are analyzed and many properties of those tools are censused. Finally, we outline the prospects of this research field in detail.

Kangfeng Ye,Roberto Metere,Poonam Yadav

2024-10-01

Abstract:Current formal verification of security protocols relies on specialized researchers and complex tools, inaccessible to protocol designers who informally evaluate their work with emulators. This paper addresses this gap by embedding symbolic analysis into the design process. Our approach implements the Dolev-Yao attack model using a variant of CSP based on Interaction Trees (ITrees) to compile protocols into animators -- executable programs that designers can use for debugging and inspection. To guarantee the soundness of our compilation, we mechanised our approach in the theorem prover Isabelle/HOL. As traditionally done with symbolic tools, we refer to the Diffie-Hellman key exchange and the Needham-Schroeder public-key protocol (and Lowe's patched variant). We demonstrate how our animator can easily reveal the mechanics of attacks and verify corrections. This work facilitates security integration at the design level and supports further security property analysis and software-engineered integrations.

Cryptography and Security,Logic in Computer Science

Zhihao Xu,Shikai Guo,Guilin Zhao,Peiyu Zou,Xiaochen Li,He Jiang

2024-07-01

Abstract:Field Programmable Gate Array (FPGA) logic synthesis compilers (e.g., Vivado, Iverilog, Yosys, and Quartus) are widely applied in Electronic Design Automation (EDA), such as the development of FPGA programs.However, defects (i.e., incorrect synthesis) in logic synthesis compilers may lead to unexpected behaviors in target applications, posing security risks. Therefore, it is crucial to thoroughly test logic synthesis compilers to eliminate such defects.Despite several Hardware Design Language (HDL) code generators (e.g., Verismith) have been proposed to find defects in logic synthesis compilers, the effectiveness of these generators is still limited by the simple code generation strategy and the monogeneity of the generated HDL code.This paper proposes LegoHDL, a novel method to generate syntax valid HDL code for comprehensively testing FPGA logic synthesis compilers.LegoHDL can generate more complex and diverse defect-trigger HDL code (e.g., Verilog, VHDL, and SystemVerilog) by leveraging the guidance of abstract syntax tree and the extensive function block libraries of cyber-physical systems. Extensive experiments show that the diversity and defect-trigger capability of HDL code generated by LegoHDL are significantly better than the state-of-the-art method (i.e., Verismith).In three months, LegoHDL has reported 20 new defects--many of which are deep and important; 16 of them have been confirmed.

Hardware Architecture,Software Engineering

Bhabesh Mali,Karthik Maddala,Vatsal Gupta,Sweeya Reddy,Chandan Karfa,Ramesh Karri

2024-06-29

Abstract:System Verilog Assertion (SVA) formulation -- a critical yet complex task is a prerequisite in the Assertion Based Verification (ABV) process. Traditionally, SVA formulation involves expert-driven interpretation of specifications, which is time-consuming and prone to human error. Recently, LLM-informed automatic assertion generation is gaining interest. We designed a novel framework called ChIRAAG, based on OpenAI GPT4, to generate SVA from natural language specifications of a design. ChIRAAG constitutes the systematic breakdown of design specifications into a standardized format, further generating assertions from formatted specifications using LLM. Furthermore, we used few test cases to validate the LLM-generated assertions. Automatic feedback of log messages from the simulation tool to the LLM ensures that the framework can generate correct SVAs. In our experiments, only 27% of LLM-generated raw assertions had errors, which was rectified in few iterations based on the simulation log. Our results on OpenTitan designs show that LLMs can streamline and assist engineers in the assertion generation process, reshaping verification workflows.

Software Engineering,Machine Learning

Sudipta Paria,Aritra Dasgupta,Swarup Bhunia

DOI: https://doi.org/10.48550/arXiv.2308.06932

2023-08-14

Cryptography and Security

Abstract:Securing critical assets in a bus-based System-On-Chip (SoC) is imperative to mitigate potential vulnerabilities and prevent unauthorized access, ensuring the integrity, availability, and confidentiality of the system. Ensuring security throughout the SoC design process is a formidable task owing to the inherent intricacies in SoC designs and the dispersion of assets across diverse IPs. Large Language Models (LLMs), exemplified by ChatGPT (OpenAI) and BARD (Google), have showcased remarkable proficiency across various domains, including security vulnerability detection and prevention in SoC designs. In this work, we propose DIVAS, a novel framework that leverages the knowledge base of LLMs to identify security vulnerabilities from user-defined SoC specifications, map them to the relevant Common Weakness Enumerations (CWEs), followed by the generation of equivalent assertions, and employ security measures through enforcement of security policies. The proposed framework is implemented using multiple ChatGPT and BARD models, and their performance was analyzed while generating relevant CWEs from the SoC specifications provided. The experimental results obtained from open-source SoC benchmarks demonstrate the efficacy of our proposed framework.