# The Role of Formal Verification in Security Assurance

Dan Benua July 2022





- Exhaustive formal verification can eliminate unspecified behaviors that hackers could exploit.
- Formal is exceptional at finding corner case behaviors, even when exhaustive proofs of correctness are not possible at system-level scale.
- Jasper's specialized apps can be applied to specific known security vulnerabilities and provide results with greater efficiency or completeness compared to alternative methodologies







cādence

#### State Space View of Security

Potential States and State Sequences



#### State Space View of Security





















- State Machine Deadlock
- Buffer Overflow
- Incorrect Register Access
- Unexpected X-propagation
- Bus Protocol Violation
- Improper ECO Implementation

- State Machine Deadlock
- Buffer Overflow
- Incorrect Register Access
- Unexpected X-propagation
- Bus Protocol Violation
- Improper ECO Implementation

• Denial of Service

- State Machine Deadlock
- Buffer Overflow
- Incorrect Register Access
- Unexpected X-propagation
- Bus Protocol Violation
- Improper ECO Implementation

- Denial of Service
- Data Corruption, Unexpected Control Flow

- State Machine Deadlock
- Buffer Overflow
- Incorrect Register Access
- Unexpected X-propagation
- Bus Protocol Violation
- Improper ECO Implementation

- Denial of Service
- Data Corruption, Unexpected Control Flow

cādence

• Secure Data Leakage or Corruption

- State Machine Deadlock
- Buffer Overflow
- Incorrect Register Access
- Unexpected X-propagation
- Bus Protocol Violation
- Improper ECO Implementation

- Denial of Service
- Data Corruption, Unexpected Control Flow
- Secure Data Leakage or Corruption
- Data Corruption, Unexpected Control Flow

cādence

- State Machine Deadlock
- Buffer Overflow
- Incorrect Register Access
- Unexpected X-propagation
- Bus Protocol Violation
- Improper ECO Implementation

- Denial of Service
- Data Corruption, Unexpected Control Flow
- Secure Data Leakage or Corruption
- Data Corruption, Unexpected Control Flow

cādence

Data Corruption

- State Machine Deadlock
- Buffer Overflow
- Incorrect Register Access
- Unexpected X-propagation
- Bus Protocol Violation
- Improper ECO Implementation

- Denial of Service
- Data Corruption, Unexpected Control Flow
- Secure Data Leakage or Corruption
- Data Corruption, Unexpected Control Flow

cādence

- Data Corruption
- Vulnerability Insertion

# **Jasper: Formal Verification Platform**

#### Solve specific verification problems with targeted Jasper Apps

#### <u>File Edit View Tools Window H</u>elp ~ DESIGN **Formal Property** SuperLint (AFL) **Design Coverage Sequential Equivalence Verification App Verification App Checking App** App □ AHB WRITE at port 0 HADDRO HBURSTO HREADYin0 CSR UNR HSELO HTRANSO Control/Status X-Propagation Connectivity Coverage HWRITED HWDATA Verification App **Register Verif. App** Verification App Unreachability App E Address to addr bridge from port 0 Behavior 🗉 Data to data bridge from Data from data bridge being misc control data. **Functional Safety Security Path** Low Power **Verification App** Verification App Verification App

#### Highly interactive **formal debug** transforms to fit the App



cādence

#### Broad formal engine and infrastructure

Assertion Based Verification IPs for AMBA and other common protocols

**Programmable Interface via TCL** 

**ProofGrid™ Manager assigns best engine for task** 

PROP

 $\bigcirc$ 

**Clock Domain** 

**Crossing App** 

# CWE Mapping to Formal Apps

| CWE  | Description                                                                     | Formal App  |
|------|---------------------------------------------------------------------------------|-------------|
| 1245 | Improper Finite State Machines (FSMs) in Hardware Logic                         | Superlint   |
| 1247 | Missing or Improperly Implemented Protection Against Voltage and Clock Glitches | CDC         |
| 1271 | Uninitialized Value on Reset for Registers Holding Security Settings            | XProp       |
| 1263 | Improper Physical Access Control                                                | SPV         |
| 1282 | Assumed-Immutable Data is Stored in Writable Memory                             | SPV         |
| 1258 | Exposure of Sensitive System Information Due to Uncleared Debug Information     | SPV         |
| 1330 | Remanent Data Readable after Memory Erase                                       | SPV         |
| 1231 | Improper Implementation of Lock Protection Registers                            | CSR         |
| 1234 | Hardware Internal or Debug Modes Allow Override of Locks                        | CSR         |
| 1283 | Mutable attestation or measurement reporting data                               | CSR         |
| 1242 | Inclusion of undocumented features                                              | CSR         |
| 1234 | Failure to Disable Reserved Bits                                                | CSR         |
| 1258 | Exposure of Sensitive System Information Due to Uncleared Debug Information     | FPV and SPV |
| 1262 | Improper Access Control for Register Interface                                  | FPV         |
| 1261 | Improper Handling of Single Even Upsets                                         | FSV         |

# Why Formal?

- Exhaustive (in some cases!)
- Exposes Specification Gaps and Ambiguities
- Natural Emphasis on Negative Testing (Counter-Examples)
- Tight Integration of Functional and Security Verification
- Ability to model taint propagation

### Why Formal?

- Exhaustive (in some cases!)
- Exposes Specification Gaps and Ambiguities
- Natural Emphasis on Negative Testing (Counter-Examples)
- Tight Integration of Functional and Security Verification
- Ability to model taint propagation

But What About Capacity?



#### Cadence Security Verification Solution and Partners



#### cādence°

#### Conclusions

- Formal is a key component of hardware security verification
- Security verifications start with basic functional verification and focusses on negative testing.
- Formal must be integrated with other components of the security verification environment.
- If formal is used early in design bring-up it can set the stage for later focused vulnerability analysis.

# cadence

© 2022 Cadence Design Systems, Inc. All rights reserved worldwide. Cadence, the Cadence logo, and the other Cadence marks found at <a href="https://www.cadence.com/go/trademarks">https://www.cadence.com/go/trademarks</a> are trademarks or registered trademarks of Cadence Design Systems, Inc. Accellera and SystemC are trademarks of Accellera Systems Initiative Inc. All Arm products are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All MIPI specifications are registered trademarks or trademarks or service marks owned by MIPI Alliance. All PCI-SIG specifications are registered trademarks or trademarks are the property of their respective owners.