A Gate-Level Information Leakage Detection Framework of Sequential Circuit Using Z3

Abstract

Hardware intellectual property (IP) cores from untrusted vendors are widely used, raising security concerns for system designers. Although formal methods provide powerful solutions for detecting malicious behaviors in hardware, the participation of manual work prevents the methods from reaching practical applications. For example, Information Flow Tracking (IFT) represents a powerful approach to preventing leakage of sensitive information. However, existing IFT solutions either introduce hardware overheads or lack practical automatic working procedures, especially for hardware sequential logic. To alleviate these challenges, we propose a framework that fully automates information leakage detection at the gate level of hardware. This framework introduces Z3, an SMT solver, to automatically check the violation of confidentiality. On the other hand, an automatic tool is developed to remove the manual workload further. In this tool, the gate level hardware is converted to the formal model firstly, and the integrity of the model is assessed. Along with the model converting step, the property for leakage detection is generated as well. The proposed solution is tested on 25 gate-level netlist benchmarks, where sequential designs are included to validate the effectiveness. As a result, Trojans leaking information from circuit outputs can be automatically detected. The measured time consumption of the entire working procedure validates the efficiency of the proposed approach.