Security Verification

Checking hardware security mechanisms on an SoC

The issue of hardware security is becoming a major concern for many IC development projects. For a large number of applications, an attack on the operation of a device by a malicious party is both easier to accomplish than may be thought, and can result in catastrophic business implications.

Leveraging the OneSpin 360 LaunchPad technology, Tortuga Logic has delivered a powerful security verification mechanism. It combines the exhaustive nature of a formal engine with the considerable domain expertize of the Tortuga team to produce a world-class solution to hardware security verification.

Prospect by Tortuga Logic

Prospect is a hardware security testing tool that can test for several different security properties, such as isolation, non-interference, and the presence of timing/digital side channels. Prospect can be used to test that both confidentiality and integrity are being enforced on any given part of your hardware design.

Confidentiality – The secrecy of a cryptographic key is often the crux of the security scheme. Ensuring that this key is kept confidential from less trusted parts of the chip is an important area of concern. Rather than speculate about where the secret key can travel in a design, our tool can prove it can never flow to any part of your system that is designated as “untrusted”. This means that, regardless of what software is running on the system, the key is provably safe from being leaked.

Integrity – For many applications, computers are responsible for the operation of both critical and non-critical components. For instance, in new automotive vehicles, the same system may be responsible for the operation of the brake system as well as the satellite radio. We, of course, never want you to stall the braking system because you wanted to change the radio station. Our tool can test for different properties such as non-interference to prove that one part of the system will never have an effect on another part, whether it’s through explicit changes in values or differences in response time.

Many system designers attempt to enforce these properties at higher levels of abstraction, through secure software design or support from the operating system. These techniques fail to detect hardware specific vulnerabilities. Prospect enforces those properties at the lowest level of abstraction: the underlying hardware. This provably ensures that attempts to exploit these vulnerabilities are fully mitigated, at any layer of the hardware/software stack.

Prospect is available both through OneSpin and directly from Tortuga Logic.