Fuzzing for Automated SoC Security Verification: Challenges and Solution

System-on-Chip (SoC) designs today contain numerous highly sensitive assets due to their diversified critical applications and heterogeneity of intellectual property (IP). A breach of such assets could lead to identity theft of Original Equipment Manufacturers and end-users. Contrary to rapid advancements in SoC functional testing, security verification has lagged. A considerable gap exists between modern SoC architectures and security verification methods. Considering the lack of automated security verification in current practices, we provide a fundamental overview of SoC security verification requirements, policy definition, and verification challenges. Evaluating the challenges and resolution possibilities, we propose cost-function assisted fuzzing as a self-refinement technique for SoC security verification in both simulation and Field Programmable Gate Array (FPGA) emulation platforms to provide scalability and high efficiency in detecting vulnerabilities.