Practical Security Validation

Attackers are increasingly making use of unintended hardware or firmware behavior to build exploits. To minimize the likelihood of these attacks and to meet their security objectives, hardware products are adopting secure development processes, including performing security validation of components critical to enforcing these objectives. Despite the increasing visibility of hardware security issues, in some cases lack of expertise can create challenges. When that is true, validation might need to be performed by people without deep security expertise. In those cases, validators should focus on tests and methodologies that do not require substantial training to deploy in order to provide a basic level of security coverage. Many issues in access control and cryptographic logic can be caught by targeting a small number of common mistakes. Testing of non-standard configurations stresses assumptions made by critical protocols and components. And commonly used methods like constrained random testing can be adapted to mimic techniques used by attackers to find exploitable vulnerabilities. When combined these strategies can reduce the need for explicit, testable security requirements and enable nearly all validators to uncover a wide range of potential vulnerabilities.