Project 2: (DUE February 23)
In this project you have to extend project 1 to propagate security labels
in a circuit.
In the last project you found whether a path existed between secured data
port and output. However, even if your answer was "yes", the
path may be a false path. This is because project 1 only found out if a
topological path exists between 2 port numbers, not that all the side inputs
along the path can be simultaneously set to values that can propagate an
event from the input port to the output port. As a result, the data value
may or may not propagate through many of the paths that existed. In this
project we will use input data values to propagate secure labels to
output.
In this project, you are asked to do the following:
- Read in the circuit and build the data structure for the circuit (done for you already from project 1)
- Assign secure labels to all data ports in the circuit. We will use two secure labels, Low and High.
(You have to assign Low labels to all the data ports except for one data port which is assign a
High label )
- Read in a provided vector set (you need to do this)
- Perform simulation to propagate the secure label in circuit and print
the primary output data and labels in a file.(You need to do this)
Inputs :
The program has two input files. The first is the .lev file of circuit which loads the circuit in a data structure.
The second file is a .vec file which has vectors that are applied to input of circuit.
In the *.vec file, the first line indicates the number of primary inputs.
Then the vectors are listed, followed by a final 'END'.
Your program will then simulate the circuit using the provided vectors.
The output data along with labels are printed.
Idea:
Every data port in the circuit is assigned a label. So now, every net in
the circuit will carry a security label along with data. We will assign Low
label to all the ports except for one port which will be assigned a High
label.
Label Propagation Principle:
A High label will be propagated from input to output of a gate only if a change in the logic value
for the High label input can propagate to the output data value of the gate.
For example, in an AND-gate, if input data pin is labeled High,
we check if flipping the logic value on this input can flip the output of the AND gate.
If the answer is yes, then the High label pin will propagate to the output of the AND gate.
And the output label is assigned High. Similarly, with OR gate High label on a data pin
will propagate to its output if flipping the logical value on this input can
alter the output of the OR gate.
The output format of C17 is given with this Project description.
'L' in the output file denotes Low label and 'H' denotes High label.
Below is the pseudo code for label propagation:
If all inputs of a gate have same label
label[output] = label[input]
else: // inputs have different labels
if we have controlling value at input nets, then
if label on these nets are different, then
label[output]= Low // since changing High at controlling input will not change the output. We have to change all the controlling pins to change the output
elseif all labels of controlling input nets are same, then
label[output] = label[controlling input net]
else if all are non controlling values, then
label[output] = High // since at least one input label is 'High' and we know that if we change non-controlling value then output will change.
Like project 1, your program should ask the user for a port which is labeled
High. If user enters 4 as high secured port then
the circuit port 4 is assigned label High and rest all the ports are assigned label Low. Then based on
the vectors the program propagates this secure data label to output.
Additional Background:
In this project we are doing Information Flow Tracking on hardware level.
This is termed as 'Gate level information flow tracking' (GLIFT) [1].
GLIFT assigns a label to each bit of data in the hardware design.
This labeling helps in understanding data propagation through design. Recent papers have used GLIFT to
verify security properties [2]. More information on this can be found in attached research paper.
-
[1] Tiwari, Mohit, et al. "Complete information flow tracking from the
gates up." ACM Sigplan Notices. Vol. 44. No. 3. ACM, 2009.
-
[2] Hu, Wei, et al. "Detecting hardware trojans with gate-level
information-flow tracking." Computer 49.8 (2016): 44-52.
Sample files: (note, for both c17 an c432, the sensitive input port is assumed to be at input #4 for the following *.out files)
Grading: Grading of this exercise will be based on the following:
- Correctness: 80%
- Program Legibility: 10%
- Execution Speed: 10%
- If your program does not compile (i.e., has syntax errors) - the grade
will be 0.
- If your program runs but the outputs are incorrect for more than 80%
of the cases, the maximum grade is 50 out of 100.
- Please email your program to mhsiao at vt dot edu on/before the
day it is due. For each day delayed, 10% is deducted from this project grade.
To measure how much time your program takes, add "time" before your command
at the unix/linux prompt to capture user and system time. For example, for
my_prog, type "time my_prog ckt" and the time taken to run
my_prog will be reported at the end of the execution.
You are encouraged to discuss among yourselves for this exercise. However,
everyone must write his/her own program. You are allowed to exchange
ideas, algorithms, etc., but NO PROGRAM SEGMENTS, PROCEDURES, FUNCTIONS,
MAY BE EXCHANGED.