Alma is an execution-aware tool for formal verification of masked implementations. In principle, Alma can verify any data-independent masked computation that can be implemented as a Verilog hardware circuit, with properly labeled secret shares and masks. However, as of now, the focus of Alma is to verify software executions on a hardware level. This is also the focus of the related paper COCO.
- Create a new virtual environment
python3 -m venv develop
- Activate the virtual environment
source develop/bin/activate
- Install the required python packages
pip3 install -r requirements.txt
- Install Yosys >= 0.9 and Verilator >= 4.028:
- Easy: install it using your favourite package manager
apt install yosys verilator
After following these steps, the only additional thing you need is the hardware circuit you want to verify in Verilog or System Verilog. For System Verilog support, either try recompilation into vanilla Verilog with sv2v or get a commercial license for Symbiotic EDA.
Alma provides several Python programs that represent different stages of the verification flow. In the following, we briefly show how each of them is used and what its purpose is.
python3 parse.py --source VERILOG_FILES --top-module TOP_MODULE [optional arguments]
The arguments for the standard mode of operation are:
--source
: file path(s) to the source file(s)--top-module
: the top module name
Special arguments include:
--synthesis-file
:parse.py
will automatically generate a Yosys synthesis script. In case one does not want to use this script, this option can be used to specify a custom Yosys synthesis script. Then, the--source
option must not be used because the script already includes the paths of the sources.--label
: Custom output file path of label file. Default:alma/tmp/labels.txt
--json
: Custom output file path of JSON file. Default:alma/tmp/circuit.json
--netlist
: Custom output file path of netlist file. Default:alma/tmp/circuit.v
--yosys
:parse.py
will search for the Yosys binary usingwhich yosys
. In case one wants to use a specific Yosys version, the path can be specified with this option.--log-yosys
: Yosys synthesis output is required and will be written toalma/tmp/yosys_synth_log.txt
The outputs of this step are a label file, the circuit in JSON format and the netlist file.
labels.txt
lists all registers and memory locations, which can be labeled as share
, mask
or unimportant
.
For example, a valid labeling can look like this:
my_super_cpu.r1:0:17840: unimportant
my_super_cpu.r1:1:17840: unimportant
my_super_cpu.r2:0:17841: share 1
my_super_cpu.r3:0:17563: mask
my_super_cpu.r4:0:17420: share 1
The register name follows the format: display_name:bit:index
, where display_name
is a mangled
name from the original design, bit
indicates a specific bit in a register, and index
is the
global index of the given bit and not relevant for users.
You need to label registers and ports that are parts of a secret with share X
where X is
the index of the given secret. Random bits are labeled with mask
, whereas other public values
such as control signals and the like are labeled with unimportant
.
python3 trace.py --testbench TB_FILE_PATH --netlist NETLIST_FILE_PATH [optional arguments]
The arguments for the standard mode of operation are:
--testbench
: Path to the Verilator testbench.--netlist
: Path of Verilog netlist generated by Yosys in the parsing step.
Special arguments include:
--skip-compile-netlist
: Use cached object files from a previous verilator run.--c-compiler
: Compiler used by Verilator (either clang or gcc), the default and recommended option is clang.--output-bin
: Path to verilated binary. Default:alma/tmp/<netlist_name>
python3 verify.py --json JSON_FILE_PATH --label LABEL_PATH --vcd TRACE_PATH [optional arguments]
The arguments for the standard mode of operation are:
--json
: File path of JSON file--label
: File path of label file--vcd
: File path of VCD file
Special arguments include:
--cycles
: The verification process will run until the end of the VCD trace per default (-1). In case it should abort earlier, this option can be used.--order
: Verification order, i.e., the number of probes. Default: 1--mode
: Verification can be done for the stable or transient case. Default: stable--rst-name
: Verification will start after the circuit reset is over. This is the name of the reset signal. Default:rst_i
--rst-cycles
: Duration of the system reset in cycles. Default: 2--rst-phase
: Value of the reset signal which triggers the reset. Default: 1--num-leaks
: Number of leakage locations to be reported if the circuit is insecure. Default: 1--dbg-output-dir
: Directory in which debug traces (dbg-label-trace-?.txt, dbg-circuit-?.dot) are written. Default:alma/tmp/
The examples
directory contains instructions on how to perform software masking verification
on an improved version of the IBEX RISC-V core presented in the paper.