As hardware systems grow in complexity, security can no longer rely on assumptions or isolated checks.
Today’s semiconductor chips run cloud infrastructure, automotive controllers, industrial robots, and edge AI processors, so effectively the entire technology market. Engineers must now ensure that silicon itself defends against attacks, protects embedded secrets, and complies with increasingly stringent global security standards, such as ISO/SAE 21434 and the EU Cyber Resilience Act. Regulators, partners, customers, hyperscalers, and end-product developers now expect proof that security was built in during the architecture phase. Every transistor now carries a burden of trust that extends throughout the entire development process. This requires a systematic approach to security throughout the pre-silicon development cycle, using verification to uncover weaknesses and evaluate effectiveness.
Security coverage provides a structured, measurable method for evaluating functionality and protections, identifying vulnerabilities, and verifying processes. This enables engineering teams to assess how thoroughly security controls are exercised and to detect potential gaps throughout the design lifecycle. The real challenge is knowing with confidence that defined assets, constraints, and protection boundaries are correctly enforced and remain effective.
Hardware security comes down to two core pillars. Functional security verification confirms correctness, and security protection verification establishes robustness.
The functional security verification pillar ensures that security functionality behaves correctly under defined operating conditions and expected use cases. It uses known methods such as simulation, assertions, and formal analysis.
For example, functional security verification may confirm that a cryptographic block retrieves a key only when authorized and within defined timing constraints, and restricted resources remain inaccessible to unauthorized agents. Functional verification is well-defined and bounded. Because it operates within known interfaces and specified behaviors, it provides confidence that security functionality performs as intended, but it does not assess how those protections hold up under unintended data flows. This pillar confirms that the logic works correctly.
The security protection verification pillar assesses how protections hold up under operational conditions by evaluating whether they remain effective when the system behaves unexpectedly. Protection evaluations can determine whether protections can be bypassed, weakened, or invalidated through unintended interactions. Especially when under attack. Engineers need to determine whether sensitive data can reach interfaces that were never intended to be exposed.
For example, consider a cryptographic key stored in a secure register with a defined protection boundary. Security protection verification evaluates whether that key can propagate beyond this boundary under any condition, including reset sequences, debug access, test features, or subsystem interactions. If analysis shows the key can appear on an internal bus or be accessed through an unintended path, the protection has failed, and the resulting vulnerability must be addressed.
Security protection verification is inherently broader in scope and less constrained. It must account for combinations of states, data flows, and integration effects that extend beyond what is explicitly defined in the specification. Coverage reflects how thoroughly potential data flows and interactions have been analyzed. This involves examining whether sensitive assets remain contained within defined boundaries across all explored scenarios.
Fig. 1: Two aspects of verifying hardware security features. Source: Arteris, Inc.
Together, these two approaches help engineers determine not just whether security logic works, but whether protections are effective and free of exploitable weaknesses. It requires system-level analysis to account for the complexity introduced by interactions across IP blocks, subsystems, and integration logic. This analysis validates discrete behaviors and, in protection verification, explores the space of possible interactions, including those not captured by directed tests.
Security coverage connects these views by providing a way to measure the effectiveness of security controls across the design. Rather than relying solely on pass/fail outcomes, it evaluates the extent to which security-relevant behavior has been explored.
A design that passes all functional checks may still contain vulnerabilities if unintended data paths or interactions exist. Conversely, identifying potential gaps without confirming functional correctness leaves uncertainty about whether protections operate reliably. An important step in this process is defining what must be protected and how that protection is expected to behave. Verification then measures whether these constraints hold under both expected and unexpected conditions.
By combining results across both pillars, security coverage provides insight into:
This transforms security verification into a measurable process where gaps can be identified and addressed.
Addressing these gaps requires iterative refinement. Additional tests improve functional coverage, while expanded analysis explores protection-related interactions. Evaluating the full range of possible data flows exposes subtle exposure paths, including unintended connectivity and leakage paths.
Fig. 2: Security verification in hardware security. Source: Arteris, Inc.
As hardware systems grow in complexity, security can no longer rely on assumptions or isolated checks. It must be evaluated as part of the design using systematic analysis of functionality, protections, and data flows across the system. By incorporating security coverage into verification, engineers gain clear, measurable insight into how well protections hold up under real conditions. This enables teams to identify weaknesses early, address gaps before tapeout, and build confidence in the security of the final silicon.
Cycuity, recently acquired by Arteris, is becoming increasingly integrated into the data movement fabric of modern SoCs. At the center of this approach is the Radix platform, the solution from Arteris, for hardware security verification and coverage analysis. Radix enables engineers to systematically analyze security functionality, identify unintended data flows, and measure the effectiveness of protections. When combined with Arteris network-on-chip interconnect technology, which manages and secures data movement across the design, this integration enables security to be evaluated as a system-level property. The result is a measurable, pre-silicon understanding of whether protections are effective.
To learn more about semiconductor cybersecurity solutions from Arteris, visit arteris.com/cybersecurity.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Leave a Reply