Special Session on Security Verification

Simultaneous Information Flow Security and Circuit Redundancy in Boolean Gates
Prof. Ryan Kastner, University of California, San Diego

High assurance systems require strict guarantees on information ﬂow security and fault tolerance or else face catastrophic consequences. Recently, Gate Level Information Flow Tracking (GLIFT) has been proposed to monitor information ﬂows at the level of Boolean logic. At this level, all ﬂows are explicit which makes it possible to detect security violations, even those that occur due to difﬁcult to detect timing channels. We show that the encoding technique used in previous GLIFT generation methods includes redundant encoding states, which leads to large overheads in area, delay and veriﬁcation time.

We present a new encoding technique with fewer encoding states by leveraging an inherent property of GLIFT. By denoting don't-care input conditions to logic synthesis tools, smaller GLIFT logic for dynamic information ﬂow tracking is obtained and shorter simulation time for static information ﬂow security veriﬁcation is achieved. Experimental results using the IWLS benchmarks show average reductions of 39.8%, 31.1% and 57.5% in area, delay and simulation time respectively.

Furthermore, the new encoding technique enables the GLIFT tracking logic to function both as information ﬂow tracking and redundant logic. As a result, information ﬂow security and fault tolerance can be simultaneously enforced with the same logic.

Speaker Bio
Ryan Kastner is a professor in the Department of Computer Science and Engineering at the University of California, San Diego. He received a PhD in Computer Science (2002) at UCLA, a masters degree in engineering (2000) and bachelor degrees (BS) in both Electrical Engineering and Computer Engineering (1999), all from Northwestern University. He spent the first five years after his PhD as a professor in the Department of Electrical and Computer Engineering at the University of California, Santa Barbara.

Professor Kastner's current research interests reside in the realm of embedded system design, in particular, the use of reconfigurable computing devices for digital signal processing as well as hardware security. He has published over 100 technical articles, and has authored three books, "Synthesis Techniques and Optimizations for Reconfigurable Systems", "Arithmetic Optimizations for Polynomial Expressions and Linear Systems" and "Handbook on FPGA Design Security". He has served as member of numerous conference technical committees spanning topics like reconfigurable computing (ISFPGA, FPL, FPT), electronic design automation (DAC, ICCAD, DATE), wireless communication (GLOBECOM), hardware security (HOST) and underwater networking (WUWNet). He serves on the editorial board for the IEEE Embedded Systems Letters.