Sandip Ray's research while affiliated with University of Florida and other places
What is this page?
This page lists the scientific contributions of an author, who either does not have a ResearchGate profile, or has not yet added these contributions to their profile.
It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.
If you're a ResearchGate member, you can follow this page to keep up with this author's work.
If you are this author, and you don't want us to display this page anymore, please let us know.
It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.
If you're a ResearchGate member, you can follow this page to keep up with this author's work.
If you are this author, and you don't want us to display this page anymore, please let us know.
Publications (136)
Cooperative Adaptive Cruise Control (CACC) is a fundamental connected vehicle application that extends Adaptive Cruise Control by exploiting vehicle-to-vehicle (V2V) communication. CACC is a crucial ingredient for numerous autonomous vehicle functionalities including platooning, distributed route management, etc. Unfortunately, malicious V2V commun...
We present CAD framework and EDA tool,
$\mathrm{S{\scriptstyle O}CC{\scriptstyle OM}}$
, for automated synthesis of optimized SoC architectures. We delineate a disciplined and streamlined methodology to enable automated IP integration and design optimization.
$\mathrm{S{\scriptstyle O}CC{\scriptstyle OM}}$
supports generation of a wide variety...
Modern System-on-Chip (SoC) designs include a variety of Network-on-Chip (NoC) fabrics to implement coordination and communication of integrated hardware intellectual Property (IP) blocks. An important class of security vulnerabilities involves a rogue hardware IP interfering with this communication to compromise the integrity of the system. Such i...
Multi-agent systems are becoming increasingly popular due to their successful implementation in several sectors. However, there are a variety of threats that might undermine the agent’s security and imperil system security. As a result, security concerns should be addressed during the design of multi-agent systems. This survey reviews different mod...
Information leakage via timing side-channel analysis can compromise embedded systems used in diverse applications that are otherwise secure. Most state-of-the-art timing side-channel detection techniques focus on analyzing the software code while paying little to no attention to the underlying hardware. This limits the ability of such techniques in...
Cooperative Adaptive Cruise Control (CACC) is a fundamental connected vehicle application that extends Adaptive Cruise Control by exploiting vehicle-to-vehicle (V2V) communication. CACC is a crucial ingredient for numerous autonomous vehicle functionalities including platooning, distributed route management, etc. Unfortunately, malicious V2V commun...
Reconstructing system-level behavior from silicon traces is a critical problem in post-silicon validation of System-on-Chip designs. Current industrial practice in this area is primarily manual, depending on collaborative insights of the architects, designers, and validators. This paper presents a trace analysis approach that exploits architectural...
Emergent vehicles will support a variety of connected applications, where a vehicle communicates with other vehicles or with the infrastructure to make a variety of decisions. Cooperative connected applications provide a critical foundational pillar for autonomous driving, and hold the promise of improving road safety, efficiency and environmental...
bold xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Modern and Emergent
automotive systems are highly complex, dominated by a large number of integrated electronics and software components. The electronic and software components include a diversity of device functionality, ranging across infotainment, dri...
Automotive systems are dominated by electronic and software components. A modern car includes hundreds of Electronic Control Units connected to a variety of diverse sensors and actuators, controlled by several hundred megabytes of software code and coordinated through several in-vehicle networks implementing disparate protocols. Given this complexi...
Reconstruction of how components communicate with each other during system execution is crucial for debugging system-on-chip designs. However, limited observability is the major obstacle to the efficient and accurate reconstruction in the post-silicon validation stage. This paper addresses that problem by proposing several communication event selec...
The advent of quantum computing threatens to break many classical cryptographic schemes, leading to innovations in public key cryptography that focus on post-quantum cryptography primitives and protocols resistant to quantum computing threats. Lattice-based cryptography is a promising post-quantum cryptography family, both in terms of foundational...
Systematic implementation of System-on-Chip (SoC) security policies typically involves smart wrappers extracting local security-critical events of interest from Intellectual Property (IP) blocks, together with a control engine that communicates with the wrappers to analyze the events for policy adherence. However, developing customized wrappers at...
Verification of security policies represents one of the most critical, complex, and expensive steps of modern SoC design validation. SoC security policies are typically implemented as part of functional design flow, with a diverse set of protection mechanisms sprinkled across various IP blocks. An obvious upshot is that their verification requires...
Effective post-silicon validation of modern SoC designs requires careful upfront planning. This activity, referred to as post-silicon readiness, is one of the most elaborate and time-consuming components of post-silicon validation. This chapter discusses various facets of readiness activities performed in current industrial practice. We delve speci...
With the increasing design and validation complexities of an SoC coupled with reduced time-to-market constraints, designers have typically integrated pre-qualified third-party Intellectual Property (IP) cores to achieve necessary design productivity. However, many of these IP blocks are designed at different parts of the world in relatively less tr...
System-on-Chip (SoC) security architectures targeted towards diverse applications including Internet of Things (IoT) and automotive systems enforce two critical design requirements: in-field configurability and low overhead. To simultaneously address these constraints, in this paper, we present a novel, flexible, and adaptable SoC security architec...
Modern-day System-on-Chip (SoC) security architectures designed for smart connected devices, such as Internet of Things (IoT) and automotive applications, are often confined by two crucial design aspects: in-field configuration and low overhead. Due to the restrictions posed by these design aspects, it is extremely difficult to develop a robust and...
This book offers readers comprehensive coverage of security policy specification using new policy languages, implementation of security policies in Systems-on-Chip (SoC) – current industrial practice, as well as emerging approaches to architecting SoC security policies and security policy verification. The authors focus on a promising security arch...
This chapter introduces a new security architecture, called E-IIPS, for enforcing SoC security policies. E-IIPS includes a centralized policy control engine (SPC) in which policies can be programmed, as well as smart “wrappers” on each IP to facilitate communication with SPC. We discuss the architecture in detail, demonstrate its application on imp...
Implementation and verification of security policies represent a critical, vexing, and time-consuming component of a modern System-on-Chip design. We have discussed one promising approach to doing so, but a lot remains to be done.
Security assurance is a highly complex and crucial component of modern System-on-Chip (SoC) designs. In particular, SoC designs include significant sensitive information that must be protected for unauthorized access. Security policies specify the protection requirements for each asset at different stages in system execution or system life cycle. T...
Abstract—Verification of security policies represents one of
the most critical, complex, and expensive steps of modern
SoC design validation. SoC security policies are typically
implemented as part of functional design flow, with a diverse
set of protection mechanisms sprinkled across various IP
blocks. An obvious upshot is that their verification req...
We present a method for selecting trace messages for post-silicon validation of Systems-on-a-Chips (SoCs) with diverse usage scenarios. We model specifications of interacting flows in typical applications. Our method optimizes trace buffer utilization and flow specification coverage. We present debugging and root cause analysis of subtle bugs in th...
Modern automotive systems and IoT devices are designed through a highly complex, globalized, and potentially untrustworthy supply chain. Each player in this supply chain may (1) introduce sensitive information and data (collectively termed "assets") that must be protected from other players in the supply chain, and (2) have controlled access to ass...
Recent years have seen rapid development and deployment of Internet-of-Things (IoT) applications in a diversity of application domains. This has resulted in creation of new applications (e.g., vehicle networking, smart grid, and wearables) as well as advancement, consolidation, and transformation of various traditional domains (e.g., medical and au...
Ensuring trustworthiness of modern computing systems is a critical and inherently complex problem. Trust assurance techniques today span the entire design life cycle, require highly diverse expertise and skill set for each technique, and are overall grossly inadequate. This chapter provides a glimpse of some of the trust assurance techniques used i...
![Fig. 2. A partition of Ziggurat [43].](profile/Hamid-Nejatollahi/publication/320963262/figure/fig1/AS:634348286013440@1528251825655/A-partition-of-Ziggurat-43_Q320.jpg)
Advances in computing steadily erode computer security at its foundation, and call for fundamental innovations to strengthen current
practices in computer security, specifically in applied cryptography, from theory to standardization to actual implementations. At
the same time, the emergence of new computing paradigms, such as cloud computing, soft...
ON 21 OCTOBER OF LAST YEAR, a variety of major websites—including those of Twitter, PayPal, Spotify, Netflix, The New York Times, and The Wall Street Journal—stopped working. The cause was a distributed denial-of-service attack, not on these websites themselves but on the provider they and many others used to support the Domain Name System, or DNS,...
In spite of decades of work, design verification remains a highly expensive and time-consuming component of electronic system development. With the advent of Systemon- Chip (SoC) architectures, verification has morphed into an activity that spans the entire life-cycle, making use of diverse platforms, tools, and technologies. This paper provides a...
Modern system-on-chip (SoC) designs include a wide variety of highly sensitive assets which must be protected from unauthorized access. A significant aspect of SoC design involves exploration, analysis, and evaluation of resiliency mechanisms against attacks to such assets. These attacks may arise from a number of sources, including malicious intel...
A modern automotive design contains over a hundred microprocessors, several cyber-physical modules, connectivity to a variety of networks, and several hundred megabytes of software. The future is anticipated to see an even sharper rise in complexity of this electronics, with the imminence of driverless vehicles, the potential of connected automobil...
Post-silicon validation is widely acknowledged as a major bottleneck in System-on-Chip (SoC) design methodology. Recent studies suggest that post-silicon validation consumes more than 50% of an SoCs overall design effort. Due to increasing SoC design complexity coupled with shrinking time-to-market constraints, it is not possible to detect all desi...
Modern System-on-Chip (SoC) designs involve integration of a large number of Intellectual Property (IP) blocks, many of which are acquired from untrusted third-party vendors. An IP containing a security vulnerability — whether inadvertent or malicious — may compromise the trustworthiness of the entire SoC. Existing functional validation approaches,...
It has been almost a decade since the number of smart, connected computing devices has exceeded the human population, ushering in the regime of the Internet of things [1]. Today, we live in an environment containing tens of billions of computing devices of diverse variety and form factors, performing a range of applications often including some of...
Modern SoC designs include a large number of sensitive data and collateral that must be protected against unauthorized or malicious access. Unauthorized access can happen in the design/integration supply chain as well as on-field through exploitation of system and platform errors, physical access, malicious software execution, etc. Validation entai...
In this chapter we provide a summary of coverage on SoC security issues and countermeasures presented in this book and describe important research needs of the future.
A key problem in postsilicon validation is to identify a small set of traceable signals that are effective for debug during silicon execution. Structural analysis used by traditional signal selection techniques leads to a poor restoration quality. In contrast, simulation-based selection techniques provide superior restorability but incur significan...
Systematic implementation of System-on-Chip (SoC) security policies typically involves smart wrappers extracting local security critical events of interest from Intellectual Property (IP) blocks, together with a control engine that communicates with the wrappers to analyze the events for policy adherence. However, developing customized wrappers at...
The proliferation of wearable and implantable computing devices in the recent years, and the emergence of the Internet of Things, have ushered in an era of computing characterized by an explosion in growth and diversification of computing platforms. Unfortunately, the traditional research silos in computing science and engineering appear inadequate...
This Tutorial paper is about the Internet of Things, its applications, challenges, and how it may change the way of computing. Besides a comprehensive introduction, it focuses on two major design constraints, namely, security and power management.
We consider the conflicts between requirements from security and post-silicon validation in SoC designs. Post-silicon validation requires hardware instrumentations to provide observability and controllability during on-field execution; this in turn makes the system prone to security vulnerabilities, resulting in potentially subtle security exploits...
The papers in this special section explore wearable computers, biomedical implants, and the Internet of things. Specifically, examines recent progress in this challenging research area. Note that the area is vast, touching almost every subject in computing and electrical engineering with a large variety of tools, techniques, and applications. Cover...
Although concolic testing is increasingly being explored as a viable software verification technique, its adoption in mainstream software development and testing in the industry is not yet extensive. In this paper, we discuss challenges to widespread adoption of concolic testing in an industrial setting and highlight further opportunities where con...
We describe our ongoing effort using theorem proving to certify loop pipelining, a critical and complex transformation employed by behavioral synthesis. Our approach is mechanized in the ACL2 theorem prover. We discuss some formalization and proof challenges and our early attempts at addressing them.
Behavioral synthesis involves compiling an Electronic System-Level (ESL)
design into its Register-Transfer Level (RTL) implementation. Loop pipelining
is one of the most critical and complex transformations employed in behavioral
synthesis. Certifying the loop pipelining algorithm is challenging because
there is a huge semantic gap between the inpu...
Behavioral synthesis entails application of a sequence of trans- formations to compile a high-level description of a hardware design (e.g., in C/C++/SystemC) into a register-transfer level (RTL) implementation. In this paper, we present a scalable equivalence checking framework to validate the correctness of compiler transformations employed by beh...
A key problem in post-silicon validation is to identify a small set of traceable signals that are effective for debug during silicon execution. Most signal selection techniques rely on a metric based on circuit structure. Simulation-based signal selection is promising but have major drawbacks in computation overhead and restoration quality. In this...
Function pipelining is a key transformation in behavioral synthesis. However, synthesizing the complex pipeline logic is an error-prone process. Sequential equivalence checking (SEC) support is highly desired to provide confidence in the correctness of synthesized pipelines. However, SEC for function pipelining is challenging due to the significant...
Eliminating the excessive test power for integrated circuits is a strict challenge within the nanometer era. This method combines test pattern generation with the scan chain disabling technique to achieve low capture power testing under the single stuck-at ...
We present a framework for the specification and verification of reactive concurrent programs using general-purpose mechanical theorem proving. We define specifications for concurrent programs by formalizing a notion of refinements analogous to stuttering trace containment. The formalization supports the definition of intuitive specifications of th...
Behavioral synthesis entails application of a sequence of transformations to compile a high-level description of a hardware design (e.g., in C/C++/SystemC) into a Register-Transfer Level (RTL) implementation. We present a scalable equivalence checking framework to validate the correctness of compiler transformations employed by behavioral synthesis...
A key problem in post-silicon validation is to identify a small set of traceable signals that are effective for debug during silicon execution. Structural analysis used by traditional signal selection techniques leads to poor restoration quality. In contrast, simulation-based selection techniques provide superior restorability but incur significant...
Behavioral synthesis involves generating hardware design via compilation of its Electronic System Level (ESL) description to an RTL implementation. Equivalence checking is critical to ensure that the synthesized RTL conforms to its ESL specification. Such equivalence checking must effectively handle design and implementation optimizations. We ident...
Loop pipelining is a critical transformation in behavioral synthesis. It is crucial to producing hardware designs with acceptable latency and throughput. However, it is a complex transformation involving aggressive scheduling strategies for high throughput and careful control generation to eliminate hazards. We present an equivalence checking appro...
Multicore Register Transfer Level (RTL) model simulations are indispensable in exposing subtle memory subsystem bugs. Validating memory consistency, coherency, and atomicity is a crucial design verification task. Random MultiProcessor (MP) test generators play critical roles in pre- and post-silicon validation. The Advanced Configuration and Power...
We develop a formal tool for speed-path analysis and debug. We encode speed-path requirements in a formal hardware description language providing the semantics of both the functional behavior and timing constraints, and the disciplined use of an SMT solver to analyze speed-path requirements. We are applying our framework for speed-path analysis of...
We present a case study illustrating how to exploit the expressive power of higher-order logic to complete a proof whose main
lemma is already proved in a first-order theorem prover. Our proof exploits a link between the HOL4 and ACL2 proof systems
to show correctness of a cone of influence reduction algorithm, implemented in ACL2, with respect to...
We present a method to abstract, formalize, and verify industrial flash memory implementations. Flash memories contain specialized transistors, e.g., floating gate and split gate devices, which preclude the use of traditional switch-level abstractions for their verification. We circumvent this problem through behavioral abstractions, which allow fo...
We present a predicate abstraction and discovery procedure for proving invariants of reactive systems using a combination
of theorem proving and model checking. Our method makes use of term rewriting on the definition of the target system to reduce
an invariant proof of the target system to reachability analysis on a finite predicate abstraction, w...
ACL2 is the name for (1)~a programming language based on a subset of Common Lisp, (2)~a logic, and (3)~a mechanical theorem
prover for the logic. ACL2 is an industrial-strength theorem prover that has been used successfully in a number of formal
verification projects both in the industry and academia. We present the logic of ACL2 and briefly touch...
In this chapter, we discuss models of sequential programs, formalize the statement of correctness that we want to prove, and
present the standard deductive approaches to derive such a correctness statement. We then discuss some deficiencies in the
standard approaches.
We present a framework for the specification and verification of reactive concurrent programs using general-purpose mechanical
theorem proving. We show how to use (fair) stuttering trace containment to verify diverse concurrent protocols. We present
a collection of proof rules that can be effectively orchestrated by a theorem prover to reason about...
We outline an approach to verify pipelined machines with stuttering trace containment. Pipelined machines are complicated
to reason about since they involve simultaneous overlapped execution of different instructions. Nevertheless, we show that
if the logic used is sufficiently expressive, then it is possible to relate the executions of the pipelin...
Theorem proving and decision procedures have orthogonal advantages in scaling up formal verification to solve complex verification
problems. In this chapter, we explore the general problem of using theorem proving with decision procedures in a sound and
efficient manner.
We present an interface connecting the ACL2 theorem prover with external deduction tools. The structuring mechanisms of ACL2
make the design of the interface challenging. We discuss some of the challenges and develop a precise specification of the
requirements on the external tools for a sound connection with ACL2.
We consider the problem of formalizing a compositional model checking procedure with the ACL2 theorem prover. The algorithm
uses conjunctive and cone of influence reductions to reduce a large model checking problem into a collection of smaller problems,
and we prove the soundness of the composition of these reductions. The algorithm checks properti...