Researchers suggest an approach that “guides designers towards maximizing the benefits of adding “patchability” to various IPs in the system, given a target resource overhead.”
New research paper from Duke University, University of Calgary, NYU & Intel.
Abstract:
“To satisfy various design requirements and application needs, designers integrate multiple Intellectual Property blocks (IPs) to produce a system-on-chip (SoC). For improved survivability, designers should be able to patch the SoC to mitigate potential security issues arising from hardware IPs; for increased flexibility, we propose adding programmable hardware-based support for monitoring and bug mitigation. However, it is a challenge to decide how much additional cost a designer should expend up front to deal with unknown, future issues. We propose an approach that guides designers towards maximizing the benefits of adding “patchability” to various IPs in the system, given a target resource overhead. We frame the design problem as an integer quadratic program and show that our approach achieves superior patchability compared to the naïve and baseline approaches for a given cost limit. Experimental results show that, when we set a cost limit of 2% FPGA ALM usage, our solution can generate a viable patching infrastructure with six patching blocks offering patches for seven different services in our case study.”
Find the technical paper here.
W. -K. Liu, B. Tan, J. M. Fung, R. Karri and K. Chakrabarty, “Hardware-Supported Patching of Security Bugs in Hardware IP Blocks,” in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, doi: 10.1109/TCAD.2022.3168513.
Find more security related technical papers here.
Leave a Reply