UC San Diego

Computers are being placed in charge of the systems and devices we trust with our safety and security. These embedded systems control our automobiles, commercial airlines, medical devices, mobile phones, and many other aspects that we hope will behave in a secure and reliable manner. In addition, the hardware in these systems are becoming increasingly complex; making security testing and evaluation a very difficult problem. Unfortunately, we have already seen many attacks performed on many of these systems including automobiles and medical devices. Many of these issues could have been prevented had there been better methods for security assessment. Specifically, hardware and embedded system designers are lacking the tools and methods for testing various security properties of their designs. Recently, a method known as gate-level information flow tracking (GLIFT) was introduced to dynamically monitor information flows in hardware for security. This dissertaion shows that this same technique can be very effectively applied statically to hardware designs to systematically test various different hardware security properties (e.g. to ensure that secret encryption keys are not leaking). Even further, this thesis demonstrates that GLIFT can effectively capture timing- channels (where information leaks in the amount of time a computation takes). These timing channels have been exploited in many past works to extract secret keys from different stateful hardware resources such as caches and branch predictors. This thesis presents some very fundamental background of GLIFT, shows how it can be used statically using several application examples, and formalizes how it can be used to detect timing channels. These contributions ultimately provide a method to do hardware security testing and verification for our future computing systems