Iterative Mitigation of Insecure Resource Sharing Produced by High-level Synthesis

High-level synthesis (HLS) has revolutionized hardware design by allowing engineers to code their designs in higher abstraction levels like C/C++. To generate register-transfer level (RTL) design, HLS optimizes hardware designs for improving overheads (e.g., area, power, throughput). However, the optimizations are not done with security in mind. Therefore, HLS can introduce new vulnerabilities (e.g., information leakage and access control violations) to the design through optimizing. One such security violation is vulnerable resource sharing where in attempting to minimize the area of the hardware design, HLS uses the same resources between assets without taking into account the secure and non-secure computing. The secure asset’s operations are then not done in a secure manner, allowing for the possibility of an attacker controlling such resources to gain valuable insight into the asset’s information. Mitigating such a vulnerability would require the integration of identification algorithms to separate the secure and non-secure operations. In this paper, we introduce a toolflow to mitigate vulnerable resource sharing by utilizing intermediate representations (IR) files to identify the shared resource(s) and conducting an intellectual property (IP) separation at the high-level language (HLL) to have a separate resource handling the security operations.