A Framework for Detecting Software-induced Data Leakages in General Purpose Processors (Hardware Security)

The integrity and security of the hardware were taken for granted for quite some time. In the last years, more and more security problems in commercial hardware were made public, such as Meltdown and Spectre in certain processors. Nowadays a lot of research focuses on the topic of Hardware Security. Securing hardware and removing vulnerability issues before they are manufactured. A modern approach to achieving this is static analyses of the hardware architecture to assure certain security features.

In this work, we would like to address the development and evaluation of tools to elaborate the timing behavior of processor designs. The properties Confidentiality, Integrity (, Availability) and Authenticity (CI[A]A) need to be protected. And in this work, we focus on vulnerabilities to the confidentiality in hardware systems and how they can be exploited using software. We will develop tools that can detect the vulnerabilities in software descriptions.

We are looking to guarantee the four security features (CIAA) mentioned above for a processor design. Some example tasks are as follows:

• Researching state-of-the-art approaches
• Developing software tools to generate abstract models of the processor
• Researching vulnerabilities of processor architectures
• Developing schemes to elaborate the processor of those vulnerabilities
• Developing a software tool to identify vulnerabilities in software for insecure hardware