Senior Design Team sdmay22-41 • RISC-V SoC Hardware Vulnerability Detection Toolset

Executive Summary

Systems on Chip’s (SoC’s) are largely increasing in popularity as pervasive technology. As the popularity increases, so does the complexity, size, and scales. With larger designs comes the challenge of testing and verification to ensure there are no system critical bugs that can lead to security vulnerabilities. The goal of our project is to develop a suite of tools to aid a developer in the detection and exploitation of bugs in Register Transfer Level (RTL) designs.

Similar to software Capture the Flag (CTF) competitions to find vulnerabilities in software systems, hardware CTF events also exist. One of these competitions is the HACK@DAC competition. The primary objective of these CTF events is to encourage the creation of automated tools that can detect and exploit security vulnerabilities. These competitions ideally promote SoC designs to become more robust as these competitions lead to the development of tools--often open-sourced--that can help cybersecurity and RTL designers test their designs. This early testing and detection is important in the hardware industry as it could save billions of dollars system critical bugs are found before the design is fabricated as an Application Specific Integrated Circuit (ASIC).

Due to the scale and complexity of finding all bugs in all hardware SoC designs, we decided to limit our scope. For our design, we are specifically focusing on aiding participants of the HACK@DAC hardware CTF competitions. In doing so we opted to follow all the rules set forth by the competition. We have chosen to base our project on this competition since it provides a testing environment for our design. After the completion of previous competitions, detailed lists of any past bug found were released. These lists give a strong foundation for testing our tools to verify their effectiveness.