Built-In Properties

The following properties are built-in and are always available on all MavSec projects:

SecureKeyProperty

The SecureKeyProperty is used to define a secure key which is used to encrypt or decrypt data. SPV properties are then created to ensure that the key is not leaked. The key can be a simple register, or a more complex memory structure (such as a ROM or RAM block). The security engineer defines the key to be secure, and the hardware engineer provides the location of that key and the paths to the bus.

Arguments

  • key_loc (AnyRtlPath): The hardware location of the key.

  • key_size (int | None): The size of the key in bits

  • public_bus (AnyRtlPath): The public bus to which the key is connected.

SecureKeyIntegrityProperty

The SecureKeyIntegrityProperty is used to define a secure key which is used to encrypt or decrypt data, but should not be able to be modified. SPV properties are then created to ensure that the key is not modified or leaked. The key can be a simple register, or a more complex memory structure (such as a ROM or RAM block). The security engineer defines the key to be secure, and the hardware engineer provides the location of that key and the paths to the bus.

Arguments

  • key_loc (AnyRtlPath): The hardware location of the key.

  • key_size (int | None): The size of the key in bits

  • public_bus (AnyRtlPath): The public bus to which the key is connected.

SecureKeyGenProperty

The SecureKeyGenProperty is used to define a point in the design where keys are generated. These keys can be symmetric or asymmetric, and can be used to encrypt or decrypt data. When asymmetric keys are used, the public key is checked for integrity and the private key is checked for integrity and leak free. The security engineer defines the key to be secure and the type of key, and the hardware engineer provides the location of that key and the paths to the bus.

Arguments

  • public_key_loc (AnyRtlPath): The hardware location of the public key.

  • private_key_loc (AnyRtlPath): The hardware location of the private key.

  • public_bus (AnyRtlPath): The public bus to which the key is connected.

SecureExternalMemoryProperty

The SecureExternalMemoryProperty is used to define a secure external memory which is used to store data. It ensures that the data stored in the memory is secured (not-plaintext) before being written to the memory. The security engineer defines the memory interface, write access bus, and encryption algorithm. The hardware engineer provides the paths to the interface, bus, and encryption output.

Arguments

  • memory_loc (AnyRtlPath): The hardware location of the memory.

  • public_bus_input (AnyRtlPath): The public bus to which the memory is connected.

  • secure_output (AnyRtlPath | None): The place in hardware where the output is ensured to be secure.

SecureInternalStorageProperty

The SecureInternalStorageProperty is used to define a secure internal memory which is used to store data. This is an area which plaintext may be stored, but access to the memory is restricted. The security engineer defines the memory which needs to be secured, and what conditions it needs to be secured under. The hardware engineer provides the paths to the memory and the hardware signals associated with the conditions.

Arguments

  • storage_loc (AnyRtlPath): The hardware location of the storage.

  • public_bus (AnyRtlPath): The public bus to which the storage is connected.