Benchmarking of SoC-Level Hardware Vulnerabilities: A Complete Walkthrough

Due to the increasing complexity of modern system-on-chips (SoCs) and the diversity of the attack surface, popular SoC verification approaches used in industry and academia for detecting security-critical vulnerabilities confront several challenges. Although novel SoC security verification techniques are being proposed to overcome these challenges, qualitative and quantitative critical comparisons among them are becoming increasingly difficult due to the lack of suitable, well-validated SoC-level hardware vulnerability benchmarks that can be used to evaluate the efficacy of these security verification techniques/tools on a level playing field. In this paper, we offer a comprehensive database of SoC vulnerabilities, with a particular emphasis on emerging hardware threats that may be exploited from the software layer by attackers to violate the security requirements of the system. In this regard, 32 register transfer level (RTL) hardware vulnerability benchmarks based on three distinct RISC-V-based ISA implementations have been established and made open-source to stimulate standardized research efforts in the community. In addition, we provide a comprehensive taxonomy of the benchmarks, complete with security implications and classifications. We also offer a discussion on exploitation strategies that attackers may employ, a set of security properties associated with each vulnerability in order to detect them formally, and the difficulties encountered by typical security verification methods when attempting to detect them.