QTFlow: Quantitative Timing-Sensitive Information Flow for Security-Aware Hardware Design on RTL
Lennart M. Reimann, Anshul Prashar, Chiara Ghinami, Rebecca Pelke, Dominik Sisejkovic, Farhad Merchant, Rainer Leupers
TL;DR
This paper tackles the challenge of security analysis in hardware design by introducing QTFlow, a timing-sensitive quantitative information flow framework. By building on QFlow and incorporating sequential-state analysis, QTFlow can identify and quantify information leakage in sequential circuits and automatically detect timing channels, reducing false positives that plague time-agnostic methods. It leverages information-theoretic leakage metrics and sequential tainting (including a $g$-entropy metric and $Posterior Bayes Vulnerability$) to provide a principled, timing-aware assessment of leakage. Evaluated on open-source cryptographic benchmarks with Trojans, QTFlow demonstrates improved precision over prior work and offers practical benefits for security-aware RTL design, with potential gains when combined with formal verification in the future.
Abstract
In contemporary Electronic Design Automation (EDA) tools, security often takes a backseat to the primary goals of power, performance, and area optimization. Commonly, the security analysis is conducted by hand, leading to vulnerabilities in the design remaining unnoticed. Security-aware EDA tools assist the designer in the identification and removal of security threats while keeping performance and area in mind. Cutting-edge methods employ information flow analysis to identify inadvertent information leaks in design structures. Current information leakage detection methods use quantitative information flow analysis to quantify the leaks. However, handling sequential circuits poses challenges for state-of-the-art techniques due to their time-agnostic nature, overlooking timing channels, and introducing false positives. To address this, we introduce QTFlow, a timing-sensitive framework for quantifying hardware information leakages during the design phase. Illustrating its effectiveness on open-source benchmarks, QTFlow autonomously identifies timing channels and diminishes all false positives arising from time-agnostic analysis when contrasted with current state-of-the-art techniques.