The broader impact/commercial potential of this Small Business Innovation Research (SBIR) Phase I project is centered on transforming the way semiconductor companies are capable of approaching the issue of security - an aspect of their designs that has wide ranging impacts for our nation's commerce and infrastructure. The hardware security tool proposed in this project will enable a formal assessment of hardware system security by providing the ability to prove security properties on concrete hardware implementations. This work was motivated by interviews with over 100 prospective end users as part of the National Science Foundation Innovation Corps program, which determined that 1) current methods simply fail to address a broad scope of important vulnerabilities, and 2) there is significant demand for tools that enable engineers to discover and eliminate those vulnerabilities. With the continued growth of the cyber security ($77B) and mobile hardware security ($1B) markets, the proposed research has significant potential for sustained commercial impact.
This Small Business Innovation Research (SBIR) Phase I project will develop the first tool for secure hardware design. The senior personnel on this project have learned first-hand that such a tool is both in high demand from a variety of semiconductor companies and that there is nothing currently on the market to satisfy this demand. In order to develop the tool most critically needed by our potential customers, this development project will focus on three main objectives. First, it will integrate core technology developed previously by the company's senior personnel with formal solvers in order to enable the specification and verification of provable security properties. Second, it will develop a formal language allowing hardware developers to specify an important class of security assertions that fits cleanly into modern industry practices. Lastly, this development effort will extend current state-of-the-art technology to allow hardware designs to be tested in the presence of multi-level security policies beyond just the conventional "untrusted" and "trusted" paradigms. The outcome of this project will be a tool ready to be tested on industry grade hardware designs.
