| At present,hardware design is widely used in various fields and the hardware security problem is more and more serious due to the increasing design integration and scale.Therefore,the research and detection of hardware security vulnerabilities have attracted more and more attention from professionals and become an important research direction in hardware-related fields.Based on the above background,information security related issues in hardware security vulnerabilities are analyzed and studied based on information flow tracking technology in this article,and a method of detecting and tracing hardware security vulnerabilities is studied.The main contents are as follows:(1)Hardware security vulnerabilities are detected based on the information flow modelAiming at common hardware security vulnerabilities of information leakage and destruction,Information flow tracking technology as a detection method is used in this article,and netlist is used to realize the automatic generation of the information flow tracking logic of the hardware design.And combining the information flow tracking logic with different precisions not only ensures the accuracy of the detection,but also speeds up the progress of the detection.Finally,the feasibility of the method is proved through experiments.(2)A method of detecting and locating security vulnerabilities based on propagation path is studiedThe idea of forward verification from suspicious output is used in the method.First,the traditional information flow detection method is used to initially locate the suspicious output terminal.At the same time,in order to locate the propagation path of the vulnerability,a method of segmenting and verifying the circuit with the trigger as the key point is studied.In this method,not only the modules passed by the vulnerability propagation process can be identified,but the segmented verification method improves the verification efficiency compared with the detection method that regards the circuit as a whole.Finally,experiments show that this method can accurately locate the propagation path of the vulnerability in a short time.(3)A reverse derivation method of vulnerability trigger conditions is studiedIn order to further understand the problems of hardware design and make improvements,a method to obtain the trigger conditions of security vulnerabilities is studied in this article.A model that reversely derives the trigger logic is designed based on the idea of backtracking.The starting point and the end point of the derivation are defined,and the verification strategy of related nodes is studied.This method avoids the problem of data explosion to some extent by taking advantage of the characteristics of vulnerability trigger conditions.Finally,experiments show that the method can obtain the vulnerability trigger conditions triggered by logic.In addition,this method can also identify permanently activated hardware security vulnerabilities. |
PDF Full Text Request