Analyzing Security Vulnerabilities Induced by High-level Synthesis

Abstract

High-level synthesis (HLS) is essential to map the high-level language (HLL) description (e.g., in C/C++) of hardware design to the corresponding Register Transfer Level (RTL) to produce hardware-independent design specifications with reduced design complexity for ASICs and FPGAs. Adopting HLS is crucial for industrial and government applications to lower development costs, verification efforts, and time-to-market. Current research practices focus on optimizing HLS for performance, power, and area constraints. However, the literature does not include an analysis of the security implications carried through HLS-generated RTL translations (e.g., from an untimed high-level sequential specification to a fully scheduled implementation). This article demonstrates the evidence of security vulnerabilities that emerge during the HLS translation of a high-level description of system-on-chip (SoC) intellectual properties to their corresponding RTL. The evidence provided in this manuscript highlights the need for (a) guidelines for high-level programmers to prevent these security issues at the design time and (b) automated HLS verification solutions that cover security in their optimization flow.