Hardware-Supported Patching of Security Bugs in Hardware IP Blocks

Wei Kai Liu, Benjamin Tan, Jason M. Fung, Ramesh Karri, Krishnendu Chakrabarty

Research output: Contribution to journalArticlepeer-review

Abstract

To satisfy various design requirements and application needs, designers integrate multiple intellectual property blocks (IPs) to produce a system on chip (SoC). For improved survivability, designers should be able to patch the SoC to mitigate potential security issues arising from hardware IPs; for increased flexibility, we propose adding programmable hardware-based support for monitoring and bug mitigation. However, it is a challenge to decide how much additional cost a designer should expend up front to deal with unknown, future issues. We propose an approach that guides designers toward maximizing the benefits of adding 'patchability' to various IPs in the system, given a target resource overhead. We frame the design problem as an integer quadratic program and show that our approach achieves superior patchability compared to the naïve and baseline approaches for a given cost limit. Experimental results show that when we set a cost limit of 2% field-programmable gate array adaptive logic module usage, our solution can generate a viable patching infrastructure with six patching blocks offering patches for seven different services in our case study.

Original languageEnglish (US)
Pages (from-to)54-67
Number of pages14
JournalIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Volume42
Issue number1
DOIs
StatePublished - Jan 1 2023

Keywords

  • Hardware security
  • patching
  • system on chip (SoC)

ASJC Scopus subject areas

  • Software
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Hardware-Supported Patching of Security Bugs in Hardware IP Blocks'. Together they form a unique fingerprint.

Cite this