Project 2 Home Page

Project 2: (DUE February 23)

In this project you have to extend project 1 to propagate security labels in a circuit. In the last project you found whether a path existed between secured data port and output. However, even if your answer was "yes", the path may be a false path. This is because project 1 only found out if a topological path exists between 2 port numbers, not that all the side inputs along the path can be simultaneously set to values that can propagate an event from the input port to the output port. As a result, the data value may or may not propagate through many of the paths that existed. In this project we will use input data values to propagate secure labels to output.

In this project, you are asked to do the following:

Read in the circuit and build the data structure for the circuit (done for you already from project 1)
Assign secure labels to all data ports in the circuit. We will use two secure labels, Low and High. (You have to assign Low labels to all the data ports except for one data port which is assign a High label )
Read in a provided vector set (you need to do this)
Perform simulation to propagate the secure label in circuit and print the primary output data and labels in a file.(You need to do this)

Inputs : The program has two input files. The first is the .lev file of circuit which loads the circuit in a data structure. The second file is a .vec file which has vectors that are applied to input of circuit. In the *.vec file, the first line indicates the number of primary inputs. Then the vectors are listed, followed by a final 'END'. Your program will then simulate the circuit using the provided vectors. The output data along with labels are printed. Idea: Every data port in the circuit is assigned a label. So now, every net in the circuit will carry a security label along with data. We will assign Low label to all the ports except for one port which will be assigned a High label.

Label Propagation Principle: A High label will be propagated from input to output of a gate only if a change in the logic value for the High label input can propagate to the output data value of the gate.

For example, in an AND-gate, if input data pin is labeled High, we check if flipping the logic value on this input can flip the output of the AND gate. If the answer is yes, then the High label pin will propagate to the output of the AND gate. And the output label is assigned High. Similarly, with OR gate High label on a data pin will propagate to its output if flipping the logical value on this input can alter the output of the OR gate. The output format of C17 is given with this Project description. 'L' in the output file denotes Low label and 'H' denotes High label.

Below is the pseudo code for label propagation:

If all inputs of a gate have same label

label[output] = label[input]

else: // inputs have different labels
if we have controlling value at input nets, then
if label on these nets are different, then
label[output]= Low // since changing High at controlling input will not change the output. We have to change all the controlling pins to change the output
elseif all labels of controlling input nets are same, then
label[output] = label[controlling input net]

else if all are non controlling values, then
label[output] = High // since at least one input label is 'High' and we know that if we change non-controlling value then output will change.

Like project 1, your program should ask the user for a port which is labeled High. If user enters 4 as high secured port then the circuit port 4 is assigned label High and rest all the ports are assigned label Low. Then based on the vectors the program propagates this secure data label to output.

Additional Background: In this project we are doing Information Flow Tracking on hardware level. This is termed as 'Gate level information flow tracking' (GLIFT) [1]. GLIFT assigns a label to each bit of data in the hardware design. This labeling helps in understanding data propagation through design. Recent papers have used GLIFT to verify security properties [2]. More information on this can be found in attached research paper.

[1] Tiwari, Mohit, et al. "Complete information flow tracking from the gates up." ACM Sigplan Notices. Vol. 44. No. 3. ACM, 2009.
[2] Hu, Wei, et al. "Detecting hardware trojans with gate-level information-flow tracking." Computer 49.8 (2016): 44-52.

Sample files: (note, for both c17 an c432, the sensitive input port is assumed to be at input #4 for the following *.out files)

c17.lev c17.vec c17.out (treating input #4 as sensitive)
c432.lev c432.vec c432.out (treating input #4 as sensitive)

Grading: Grading of this exercise will be based on the following:

Correctness: 80%
Program Legibility: 10%
Execution Speed: 10%
If your program does not compile (i.e., has syntax errors) - the grade will be 0.
If your program runs but the outputs are incorrect for more than 80% of the cases, the maximum grade is 50 out of 100.
Please email your program to mhsiao at vt dot edu on/before the day it is due. For each day delayed, 10% is deducted from this project grade.

To measure how much time your program takes, add "time" before your command at the unix/linux prompt to capture user and system time. For example, for my_prog, type "time my_prog ckt" and the time taken to run my_prog will be reported at the end of the execution.

You are encouraged to discuss among yourselves for this exercise. However, everyone must write his/her own program. You are allowed to exchange ideas, algorithms, etc., but NO PROGRAM SEGMENTS, PROCEDURES, FUNCTIONS, MAY BE EXCHANGED.