[AES/pre_sca/pre_syn] Integrate netlist generation and prolead evaluation to Bazel #29008
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
siemen11
force-pushed
the
prolead_integration
branch
from
d33574b to
1bf7ab4
Compare
Prolead is a tool to verify whether RTL is secure against side-channel analysis by evaluating it (probabilistically) in the probing model. We already used this tool to evaluate the AES design. In order to have clean dependencies we add it to MODULE.bazel. Signed-off-by: Siemen Dhooghe <sdhooghe@google.com>
In order to work with prolead and synthesize with yosys, we use sv2v to transform the systemverilog source to verilog Signed-off-by: Siemen Dhooghe <sdhooghe@google.com>
In order to have an open source manner of generating netlists, we add yosys to the dependencies. Signed-off-by: Siemen Dhooghe <sdhooghe@google.com>
siemen11
force-pushed
the
prolead_integration
branch
from
1bf7ab4 to
bde3fa4
Compare
siemen11
changed the title
siemen11
force-pushed
the
prolead_integration
branch
3 times, most recently
from
1e01557 to
10c150b
Compare
In the pre_syn folder from the AES there are bash scripts to generate area and timing reports together with a netlist for the AES core using OpenSTA and Yosys with the nangate45 library. We integrate these scripts using a Bazel target such that the reports can be generated using dependencies all within Bazel. This default Bazel target does not yet pull in OpenSTA, hence timing results are not yet present but it generates the area reports and the netlist. Note that we add the nangate45 lib file in the AES repo. Signed-off-by: Siemen Dhooghe <sdhooghe@google.com>
Make the full_evaluate_aes_cipher_core Bazel target to synthesize the aes_cipher_core netlist and to evaluate it using PROLEAD. Signed-off-by: Siemen Dhooghe <sdhooghe@google.com>
Add a target to evaluate the aes_cipher_core in prolead with a nightly CI target. The test costs 100s and is adapted to have an extremely low probability for a false positive. This way, the AES RTL is evaluated whether the masking is working as intended or whether a critical failure was introduced. Signed-off-by: Siemen Dhooghe <sdhooghe@google.com>
siemen11
force-pushed
the
prolead_integration
branch
from
10c150b to
9850b3e
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Prolead is a tool to verify whether RTL is secure against side-channel analysis by evaluating it (probabilistically) in the probing model. We already used this tool to evaluate the AES design.
Yosys is an open source synthesizer.
Integrate both these dependencies into Bazel.
Provide build targets for the AES netlist and area reports.
Provide build targets for PROLEAD analysis.
Finally, add a 100s nightly test to build the aes_cipher_core netlist and test it for 64k traces in prolead. We put a large p value threshold such that we do not get false positives.
This test should now guard against changes in the AES RTL that break the masking in an evident manner (meaning leakage in 64k traces without noise).