Coverage Metrics for Security Property Verification: A Novel Approach

Inhalt:
Modern System-on-Chip (SoC) designs targeting security-critical applications, such as in the automotive and banking industries, process a lot of sensitive data. Intellectual Properties (IPs) such as security controllers and smart cards are embedded in SoC designs for secure execution and protection of the sensitive data against adversarial attack. Such blocks of IP often execute cryptography algorithms with certain measures to ensure the data integrity of the designs. Comprehensive verification of such critical IPs is vital to ensure their trustworthiness for security-critical applications. This paper presents a novel approach to attain different coverage metrics in the context of security property verification. The inclusion of these additional metrics serves to enhance the robustness of the testbench and facilitate comprehensive security verification. An abstract model of the functionality and security properties of a Security Controller block has been prepared using the Portable Test and Stimulus Standard (PSS). An abstract model specifies verification test intent of the design and facilitates to generate a set of concrete test cases in the targeted hardware verification language for various test case scenarios. In addition, a definition of stimuli coverage is also specified in a model to gain stimuli coverage metrics. The experimental evaluation shows that the generated tests were successfully executed in the verification environment (RTL simulation), thereby demonstrating their capability to verify the security properties of the design. Furthermore, we established coverage metrics that evaluate the extent to which security properties are implemented during verification.