Simultaneous information flow security and circuit redundancy in Boolean gates

Authors:
Wei Hu;Jason Oberg;Dejun Mu;Ryan Kastner
Affiliations:
Northwestern Polytechnical University, Xi'an, China and University of California, San Diego;University of California, San Diego;Northwestern Polytechnical University, Xi'an, China;University of California, San Diego
Venue:
Proceedings of the International Conference on Computer-Aided Design
Year:
2012

Citing 13
Cited 0

A sound type system for secure flow analysis

Journal of Computer Security
A Practical Guide to Security Engineering and Information Assurance

A Practical Guide to Security Engineering and Information Assurance
Information flow inference for ML

ACM Transactions on Programming Languages and Systems (TOPLAS)
State Assignment Techniques in Multiple-Valued Logic

ISMVL '99 Proceedings of the Twenty Ninth IEEE International Symposium on Multiple-Valued Logic
Secure program execution via dynamic information flow tracking

ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Raksha: a flexible information flow architecture for software security

Proceedings of the 34th annual international symposium on Computer architecture
Information flow control for standard OS abstractions

Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Complete information flow tracking from the gates up

Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Execution leases: a hardware-supported mechanism for enforcing strong non-interference

Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security

Proceedings of the 38th annual international symposium on Computer architecture
Information flow isolation in I2C and USB

Proceedings of the 48th Design Automation Conference
Predicting secret keys via branch prediction

CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Theoretical Fundamentals of Gate Level Information Flow Tracking

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

High assurance systems require strict guarantees on information flow security and fault tolerance or else face catastrophic consequences. Recently, Gate Level Information Flow Tracking (GLIFT) has been proposed to monitor information flows at the level of Boolean logic. At this level, all flows are explicit which makes it possible to detect security violations, even those that occur due to difficult to detect timing channels. In this paper, we show that the encoding technique used in previous GLIFT generation methods includes redundant encoding states, which leads to large overheads in area, delay and verification time. We present a new encoding technique with fewer encoding states by leveraging an inherent property of GLIFT. By denoting don't-care input conditions to logic synthesis tools, smaller GLIFT logic for dynamic information flow tracking is obtained and shorter simulation time for static information flow security verification is achieved. Experimental results using the IWLS benchmarks show average reductions of 39.8%, 31.1% and 57.5% in area, delay and simulation time respectively. Furthermore, the new encoding technique enables the GLIFT tracking logic to function both as information flow tracking and redundant logic. As a result, information flow security and fault tolerance can be simultaneously enforced with the same logic.