The reviewed record of science sign in
Pith

arxiv: 2401.17819 · v2 · pith:BP6XOUIG · submitted 2024-01-31 · cs.CR · cs.AR

QTFlow: Quantitative Timing-Sensitive Information Flow for Security-Aware Hardware Design on RTL

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:BP6XOUIGrecord.jsonopen to challenge →

classification cs.CR cs.AR
keywords informationdesignanalysisflowqtflowsecurityareachannels
0
0 comments X
read the original abstract

In contemporary Electronic Design Automation (EDA) tools, security often takes a backseat to the primary goals of power, performance, and area optimization. Commonly, the security analysis is conducted by hand, leading to vulnerabilities in the design remaining unnoticed. Security-aware EDA tools assist the designer in the identification and removal of security threats while keeping performance and area in mind. Cutting-edge methods employ information flow analysis to identify inadvertent information leaks in design structures. Current information leakage detection methods use quantitative information flow analysis to quantify the leaks. However, handling sequential circuits poses challenges for state-of-the-art techniques due to their time-agnostic nature, overlooking timing channels, and introducing false positives. To address this, we introduce QTFlow, a timing-sensitive framework for quantifying hardware information leakages during the design phase. Illustrating its effectiveness on open-source benchmarks, QTFlow autonomously identifies timing channels and diminishes all false positives arising from time-agnostic analysis when contrasted with current state-of-the-art techniques.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.