Tortuga Logic's technology has broad applicability over all stages of the hardware design lifecycle, and has been used to solve a myriad of different silicon security issues:
1) Proper disablement of Boundary Scan Chain (JTAG)
JTAG ports are often used to perform Boundary Scan Chain testing. These ports need to be verified as leak-free when they are disabled.
2) Static System-on-Chip interconnect access control verification (configured at design, can be exploited without physical access)
Every System-On-Chip that contains different privilege levels needs to be configured with strict rules about how each core can interact with the other cores in the design. Many industry-grade interconnects allow a specification of the interconnect access control policy, but verification of the generated access control policy still needs to be performed.
3) Dynamic System-on-Chip interconnect access control verification (configured by software during boot, can be exploited without physical access)
If the same access control policies are configured during boot, this can lead to unintended access control behavior without security verification of the boot process.
4) Red/Black separation (key and plaintext management)
Systems often require careful segregation of signals that are encrypted (red) from those that are transmitted in plaintext (black). This type of analysis is possible with Tortuga Logic technology.
5) Complete isolation between high-assurance and low-assurance regions of the silicon design.
Safety-critical systems often require complete isolation between two different portions of a silicon design. Even the most carefully designed system can cause undesirable information flow between these two portions of the design without proper security verification.
6) During system boot, ensure access to critical registers is properly implemented (e.g. improper access could be remotely exploited from software)
Critical assets stored in registers need to be both protected from being overwritten (integrity) as well as being protected against undesired leaks (confidentiality).
The technology is not limited to these use cases, and can detect any silicon security vulnerability that can be specified with the Sentinel security property language.
To learn more, download our whitepaper here.