Technology Announcements at GOMAC

We’re presenting three papers at GOMAC next week! It’s the most papers the company has ever had accepted to the conference in a single year—well done, team! In these papers, we are publicly announcing two new technologies for the first time and updating a third, presented by Dr. Edward Carlisle IV and Dr. Ali Asgar Sohanghpurwala. Be sure to check them out! They are:
1. "DELV: Datasheet/English to Logic Verification" (Session 3, Tuesday March 30)
2. "IP Integrity Flow: Ensuring IP Integrity in FPGA Synthesis" (Session 27, Thursday April 1)
3. "GameRunner: Automating Analysis and Optimization of Microelectronics Trust with Game Theory" (Session 38, Thursday April 1)

To learn more about them, take a look at the abstracts below!

-----

GameRunner: Automating Analysis and Optimization of Microelectronics Trust with Game Theory

Edward Carlisle IV, Jonathan Graf, Whitney Batchelor, Scott Harper

Abstract: This work presents GameRunner, a software tool to automate the process of recommending and applying an optimal hardware trojan horse detection strategy using our game theoretic analysis framework, OpTrust. GameRunner takes as inputs economic incentives and empirically derived test data and outputs optimal strategies for applying trojan detection methods. These strategies, or prescriptions, can be applied to a Jenkins workflow to automate the process of applying an optimal trojan detection method during a microelectronics design process. GameRunner also provides visualizations to aid in the analysis of the impact of input variables on game results. The architecture of the software tool is discussed along with examples of the novel analysis techniques and insights it enables.

-----

IP Integrity Flow: Ensuring IP Integrity in FPGA Synthesis

Ali Asgar Sohanghpurwala, Carlton Fraley, Scott Harper, Jonathan Graf, Alan Cook, Tim Dunham

Abstract: This work introduces the IP Integrity Flow (IIF), a solution that integrates with existing commercial EDA flows to provide a mechanism for auditing and verifying the integrity of IP that is included in an FPGA design throughout the synthesis flow and into deployment. The IIF approach was broken into three development objectives. The first objective was to define an IP isolation flow based on existing vendor tool functionality. The second objective was to develop a signature and authentication process where design artifacts are cryptographically signed at all stages of the implementation flow in a manner that enables both IP verification, tamper-resistant record keeping, and audit functionality based on cryptographically secure signatures. The third objective was to develop verification mechanisms that can determine whether specific isolated and authenticated IP is present in the final configuration bitstream. The approach described below accomplishes these objectives in a way that permits use of the signed artifacts throughout the entire synthesis flow – from HDL to bitstream, as well as into design deployment. A set of software tools was developed to augment the Xilinx implementation flow with secure signature, authentication, IP validation, and auditing capabilities. The objectives and architecture of the software are discussed here along with the secure, auditable workflows enabled by the IIF.

-----

DELV: Datasheet/English to Logic Verification

Edward Carlisle IV, James Koiner, Steven Frederiksen, Jonathan Graf, Scott Harper, John Aromando, Michael Hsiao

Abstract: This work presents the Datasheet/English to Logic Verification (DELV) tool, software that automates the process of generating verifiable statements from a design specification and performing logic verification. Our prototype extracts the contents of a PDF datasheet and formats them for consumption by our custom natural language engine. The DELV language engine then produces an intermediate representation for properties and actions defined in the datasheet. These properties are converted to SystemVerilog Assertions and evaluated against the design implementation. Our approach applies novel forms of normalization and leverages an extensible commonsense knowledge base of semantic mappings to support the wide range of complex natural language commonly found in datasheets.

Our First Patent!

Our First Patent!

We have received a patent on PV-Bit, our unique method of assessing the trustworthiness of FPGA bitstream contents, ensuring they are free from hardware Trojans or unwanted modifications.

Originally, we published a description of this method at GOMAC back in 2017. Since then, we realized we could take the verification method we presented there and patent it. Jonathan Graf, Scott Harper, and Ali Asgar Sohanghpurwala all contributed to the writing of the patent. Great work to all our people who put in the knowledge, effort, and time that made this patent possible!

 ——-

Private Verification for FPGA Bitstreams

US Patent No US 10,902,132 B2

Jonathan Graf, Ali Asgar Sohanghpurwala, Scott Harper

Abstract: An apparatus, method and system are disclosed which may be used for assessing the trustworthiness of a particular proprietary microelectronics device design representation in a manner that will maintain its confidentiality and, among other things, thwart attempts at unauthorized access, misappropriation and reverse engineering of the confidential proprietary aspects contained in the design representation and/or its bit stream design implementation format. The disclosed method includes performing a process for assessing/verifying a particular microelectronics device design representation and then providing some indication of the trustworthiness of that representation. An example utility/tool which implements the disclosed method is described that is particularly useful for trust assessment and verification of FPGA designs. The described utility/tool may be instantiated on a semiconductor device or implemented as a software utility executable on a mobile computing device or other information processing system, apparatus or network.

 ——-

You can take a look at our patent at this link.

 

A diagram from our PV-Bit patent.

 

HaSS: “A practical application of game theory to optimize selection of hardware Trojan detection strategies”

HaSS: “A practical application of game theory to optimize selection of hardware Trojan detection strategies”

This Christmas, Graf Research Corporation celebrates the gift of having a new paper published in the Journal of Hardware and Systems Security! The paper is entitled “A practical application of game theory to optimize selection of hardware Trojan detection strategies.” Paper contributors included Jonathan Graf, Whitney Batchelor, Scott Harper, Ryan Marlow, Ed Carlisle, and Peter Athanas. The paper will appear in the journal next week, so be on the lookout for it!

And of course, Happy Holidays and Happy New Year to all!

-----

A practical application of game theory to optimize selection of hardware Trojan detection strategies

Jonathan Graf, Whitney Batchelor, Scott Harper, Ryan Marlow, Edward Carlisle IV, and Peter Athanas

Abstract: A wide variety of Hardware Trojan countermeasures have been developed, but less work has been done to determine which are optimal for any given design. To address this, we consider not only metrics related to the performance of the countermeasure, but also the likely action of an adversary given their goals. Trojans are inserted by an adversary to accomplish an end, so these goals must be considered and quantified in order to predict these actions. The model presented here builds upon a security economic approach that models the adversary and defender motives and goals in the context of empirically derived countermeasure efficacy metrics. The approach supports formation of a two-player strategic game to determine optimal strategy selection for both adversary and defender. A game may be played in a variety of contexts, including consideration of the entire design lifecycle or only a step in product development. As a demonstration of the practicality of this approach, we present an experiment that derives efficacy metrics from a set of countermeasures (defender strategies) when tested against a taxonomy of Trojans (adversary strategies). We further present a software framework, GameRunner, that automates not only the solution to the game but also mathematical and graphical exploration of “what if” scenarios in the context of the game. GameRunner can also issue “prescriptions,” a set of commands that allows the defender to automate the application of the optimal defender strategy to their circuit of concern. Finally, we include a discussion of ongoing work to include additional software tools, a more advanced experimental framework, and the application of irrationality models to account for players who make subrational decisions.

Atlanta Office Moves to New Building

Centennial Tower, seen right behind the SkyView Atlanta Ferris wheel!

We’ve moved our new Atlanta office to the beautiful 101 Marietta St building!  We’re very excited to have a facility in one of downtown Atlanta’s famous landmarks.  We’ve got a great view of the Ferris wheel, Centennial Park, and the Georgia Tech campus, and we’re happy about having more space at the office.

View from the parking garage at night.

Graf Research Corporation Hosts Its Second All-Company Event

Graf Research Corporation Hosts Its Second All-Company Event

In keeping with tradition, we’ve hosted our second annual all-company event, this time at Mountain Lake Resort in Pembroke, Virginia. Too bad it was so foggy when we got there! But no worries—as before, everyone gave presentations covering the company’s current research and potential new directions, and we heard a lot of ideas for services and products the company could offer its customers. Great job, team! In the evening, we had a chance to converse more casually at Harvest Porch and had fun chatting and playing games.

We consider our all-company events to be vital to the company’s success. They generate new ideas, give the team a chance to get to know each other, and get everyone excited for the company’s future. We look forward to following up all these great ideas in the coming weeks to start work towards transforming them into a reality.

GOMAC 2019: “Introducing a Trust Metric Foundation and Deriving Trust-for-Buck”

GOMAC 2019: “Introducing a Trust Metric Foundation and Deriving Trust-for-Buck”

Graf Research Corporation will be returning to GOMAC, this time in Albuquerque, New Mexico. In addition to marveling at the ridges of the Sandia mountains and the wine-colored sunsets of New Mexico, we’ll be presenting our paper, “Introducing a Trust Metric Foundation and Deriving Trust-for-Buck.” Paper contributors include Scott Harper, Jonathan Graf, Whitney Batchelor, Tim Dunham, and Peter Athanas. If you’re going to GOMAC, come out and say hello to us!

-----

Hardware Trojan Detection using Xilinx Vivado

Scott Harper, Jonathan Graf, Whitney Batchelor, Tim Dunham, Peter Athanas

Abstract: This study defines a flexible quantitative metric for measuring trust-related aspects across a broad range of domains and a means of using that foundation to derive domain-specific measurements. A Trust Basis Metric is described here along with examples that build on its foundation to measure assurances and identify cost-effective trust-enhancing investments. Our primary motivation in performing this study was to quantitatively determine the best increase in trust per dollar (Trust-for-Buck) when investing in current device manufacture and distribution flows for microelectronic components.

 
 

First All-Company Event

First All-Company Event

Graf Research Corporation has hosted its first annual all-company event. What a blast! As part of the event, everyone in the company got together to present ideas on leadership, company culture, business growth, research and development, and much more—they did a great job, too! After the presentations, the company hosted a tailgate for the team and their families that included cornhole, foosball, and shuffleboard, with catering from Due South BBQ. Later in the evening, we attended the Georgia Tech vs. Virginia Tech football game (at VT fans, we won’t discuss the outcome…).

Collaboration has always been of paramount importance at Graf Research, and we hope that this event continues to foster camaraderie among the company’s team members. A lot of great ideas are churning, and we’re excited for the new directions the company is headed in.

Graf Research Senior Engineer Earns PhD

Warm congratulations to our very own Ali Asgar Sohanghpurwala, who has completed his PhD in Computer Engineering at Virginia Tech! His thesis was on “Exploits in Concurrency for Boolean Satisfiability” and presents an incredible new approach to parallel SAT solving. He has now transitioned out of his part-time role to become a full-time Senior Research Engineer with Graf Research at our new Atlanta, Georgia office!

100% of Graf Research engineers either hold or are in the process of completing advanced engineering degrees. Ali sets a good example to those in-process that finishing while working is possible!

Graf Research Corporation to present at NAECON

Graf Research Corporation will head to the IEEE National Aerospace and Electronics Conference in Fairborn, OH, to present our paper “Hardware Trojan Detection using Xilinx Vivado.” Paper contributors include Ryan Marlow, Scott Harper, Whitney Batchelor, and Jon Graf. Ryan Marlow will be the presenter.

-----

Hardware Trojan Detection using Xilinx Vivado

Ryan Marlow, Scott Harper, Whitney Batchelor, Jonathan Graf

Abstract: Modern commercial EDA tools provide end users with a framework for application specific customizations through a general-purpose programming language interface to an underlying circuit object model. Xilinx Vivado exposes that information through Tcl. This work demonstrates an implementation of a static hardware detection algorithm utilizing this interface of Vivado.

 
 

Graf Research Presents "Measuring Trust" at MAPLD 2018

For a second consecutive year, Graf Research has been invited to the Military and Aerospace Programmable Logic Devices (MAPLD) Workshop in La Jolla, California, this time to present a keynote lecture.  Jonathan Graf will present a topic entitled "Measuring Trust" on May 24.  Be sure to stop in and see our keynote!

——-

Measuring Trust

By Jonathan Graf

MAPLD 2018

In space and defense microelectronics research, we often define trust in a domain-specific manner: we trust our microelectronic devices when they are genuine devices that do what they are supposed to do and nothing else.   Measuring whether a microelectronic device is trusted requires blending disparate contributors.  In practice, however, many tend to focus on one contributor to the exclusion of others.  We often look exclusively at trust assessment methods (tools, best practices, techniques) that measure attributes of systems or devices, conflating a measurement of method efficacy with a measure of trust.  How to transition from metrics that measure the efficacy of a method to metrics that measure all components that contribute to trust is an ongoing topic of research, both at Graf Research and elsewhere.  These trust metrics systems blend measurements of methods with the concept of an adversary.  The adversary has their own methods and uses them to interact with a defender in an engagement.  Modeling this engagement correctly requires knowledge not only of the strategies available to each party but also their resources, capabilities, and goals.  A useful model that considers all these elements can quantitatively inform those who wish to measure whether their devices meet the above trust definition.

In this invited talk, we will construct a system of trust metrics that considers all requisite elements.  It uses a quantified, cost-indexed risk function as a trust metric to describe the payoff to a defender for selecting certain sets of methods as a detection strategy.  It similarly models the adversary and their payoff for selecting an exploitation strategy.  The goal of each party is to maximize their payoff.  We demonstrate how these two payoff metrics may be combined using game theory to select the optimal strategies for both the adversary and defender to achieve their highest payoff when considering the likely actions of the other party.  This example system focuses on hardware Trojan detection.  It tells the defender the optimal method of how to find Trojans. Incidentally, it also tells the adversary the optimal methods of how to exploit the system.  We conclude the talk by comparing this metric to other emerging trust metrics.

Graf Research at IEEE HOST (and TAME and WISE)

Graf Research will be at the IEEE International Symposium on Hardware Oriented Security and Trust (HOST) as well as the co-located workshops the Trusted and Assured MicroElectronics Forum (TAME) and Women in Hardware and Systems Security (WISE).   Please say hello to Jonathan Graf, who will be a poster session chair and judge at HOST and a panelist in the TAME forum, and Whitney Batchelor, who will be a poster judge at WISE.  See you there!

 

Graf Research Becomes Xilinx Alliance Program Member

After two years as a Xilinx Alliance Program Associate, Graf Research has upgraded our status in the Xilinx Alliance Program to the "Member" level!  Xilinx examined our quality, business, and technical practices through a self-audit we submitted in order to meet the corporate requirements for membership.  Xilinx further trained our staff to be certified as proficient and knowledgeable in the latest Xilinx technologies.  

As we continue to collaborate with Xilinx and make use of their technologies, we are pleased to take this step in our relationship.

Graf Research at GOMAC 2018

Scott Harper from Graf Research will be attending GOMAC 2018 in Miami from March 12-15.  Our very own Scott Harper and Tim Dunham are co-authors on "Malicious Trigger Discovery in FPGA Firmware."  Make sure to say hello to Scott!