VAST: Validation of VP-based Heterogeneous Systems against Availability Security Properties using Static Information Flow Tracking

Ece Demirhan Coskun1, Muhammad Hassan1, Mehran Goli2, Rolf Drechsler2
1Cyber-Physical Systems, DFKI GmbH, 2Institute of Computer Science, University of Bremen


Ubiquitousness of modern feature-rich heterogeneous systems has significantly increased their security requirements. One weak point of entry might spread catastrophically over large areas, blocking the accessibility of different Intellectual Properties (IPs), and thereby disabling the system's functionality. Hence, it becomes vital to consider the trust and security implications during the design phase of these heterogeneous systems and identify possible security breaches due to the system design itself. Recently, various security validation methods have been successfully employed very early in the design phase at the system level using Virtual Prototypes (VPs). These methods have facilitated the investigation of digital systems with a focus on data leakage and untrusted access. However, modern systems are heterogeneous with heavy reliance on sensor inputs. Hence, similar security validation methods should also be considered from the analog/mixed-signal (AMS) perspective using SystemC AMS, to ensure availability security properties.

In this paper, we propose VAST, a novel validation tool for VP-based heterogeneous systems against availability security properties. VAST employs static Information Flow Tracking (IFT) at the system-level to ensure the availability, i.e. timely accessibility, of IPs. In this regard, VAST analyzes analog-to-digital, digital-to-analog, as well as digital-to-digital behaviors of the underlying heterogeneous system. We demonstrate the applicability and scalability of the proposed tool on two real-world VPs with different sizes of complexity, a car anti-trap window system, and a thermal house system.