Testpoints
Stage | Name | Tests | Description |
---|---|---|---|
V1 | wake_up | aes_wake_up | Basic hello world, encrypt a plain text read it back - decrypt and compare to input. |
V1 | smoke | aes_smoke | Encrypt a plain text read it back - decrypt and compare to input but use reference model to compare after both encryption and decryption. |
V1 | csr_hw_reset | aes_csr_hw_reset | Verify the reset values as indicated in the RAL specification.
|
V1 | csr_rw | aes_csr_rw | Verify accessibility of CSRs as indicated in the RAL specification.
|
V1 | csr_bit_bash | aes_csr_bit_bash | Verify no aliasing within individual bits of a CSR.
|
V1 | csr_aliasing | aes_csr_aliasing | Verify no aliasing within the CSR address space.
|
V1 | csr_mem_rw_with_rand_reset | aes_csr_mem_rw_with_rand_reset | Verify random reset during CSR/memory access.
|
V1 | regwen_csr_and_corresponding_lockable_csr | aes_csr_rw aes_csr_aliasing | Verify regwen CSR and its corresponding lockable CSRs.
Note:
This is only applicable if the block contains regwen and locakable CSRs. |
V2 | algorithm | aes_smoke aes_stress aes_config_error | Compare cypher text from DUT with the output of a C model using same key and data. |
V2 | key_length | aes_stress aes_smoke aes_config_error | Randomly select key length to verify all supported key lengths are working. |
V2 | back2back | aes_b2b aes_stress | Back to back Messages are not possible as the DUT need to be idle before writing a new configuration. But Back2back verifies that DUT can handle back to back data blocks and other spacings. |
V2 | backpressure | aes_stress | Try to write data to registers without offloading the DUT output to verify Stall functionality. |
V2 | multi_message | aes_stress aes_smoke aes_config_error aes_alert_reset | Run multiple messages in a random mix of encryption / decryption. Each message should select its mode randomly. |
V2 | failure_test | aes_config_error aes_alert_reset aes_man_cfg_err |
|
V2 | trigger_clear_test | aes_clear | Exercise trigger and clear registers at random times to make sure we handle the different cornercases correctly. Example of a cornercases clearing data input or data output before the data is consumed or the DUT finishes an operation. |
V2 | nist_test_vectors | aes_nist_vectors | Verify that the DUT handles the NIST test vectors correctly. |
V2 | reset_recovery | aes_alert_reset | Pull reset at random times, make sure DUT recover/resets correctly and there is no residual data left in the registers. |
V2 | stress | aes_stress | This will combine the other individual testpoints to ensure we stress test everything across the board. |
V2 | sideload | aes_stress aes_sideload | Verify that DUT uses sideload correctly when sideload is enabled. and that it ignores any valid on the bus when disabled. |
V2 | deinitialization | aes_deinit | Make sure that there is no residual data from latest operation. |
V2 | alert_test | aes_alert_test | Verify common
|
V2 | tl_d_oob_addr_access | aes_tl_errors | Access out of bounds address and verify correctness of response / behavior |
V2 | tl_d_illegal_access | aes_tl_errors | Drive unsupported requests via TL interface and verify correctness of response / behavior. Below error cases are tested bases on the TLUL spec
|
V2 | tl_d_outstanding_access | aes_csr_hw_reset aes_csr_rw aes_csr_aliasing aes_same_csr_outstanding | Drive back-to-back requests without waiting for response to ensure there is one transaction outstanding within the TL device. Also, verify one outstanding when back- to-back accesses are made to the same address. |
V2 | tl_d_partial_access | aes_csr_hw_reset aes_csr_rw aes_csr_aliasing aes_same_csr_outstanding | Access CSR with one or more bytes of data. For read, expect to return all word value of the CSR. For write, enabling bytes should cover all CSR valid fields. |
V2S | reseeding | aes_reseed | excercise the different PRNG reseeding configurations for reseeding every 8k blocks the DUT internal block counter will be manually changed to something close to 8k. to provoke the reseeding within reasonable simulation time |
V2S | fault_inject | aes_fi aes_control_fi aes_cipher_fi | Verify that injecting bit errors in one of the state machines or the round counter triggers an error |
V2S | shadow_reg_update_error | aes_shadow_reg_errors | Verify shadowed registers' update error.
|
V2S | shadow_reg_read_clear_staged_value | aes_shadow_reg_errors | Verify reading a shadowed register will clear its staged value.
|
V2S | shadow_reg_storage_error | aes_shadow_reg_errors | Verify shadowed registers' storage error.
|
V2S | shadowed_reset_glitch | aes_shadow_reg_errors | Verify toggle shadowed_rst_n pin can trigger storage error.
|
V2S | shadow_reg_update_error_with_csr_rw | aes_shadow_reg_errors_with_csr_rw | Run shadow_reg_update_error sequence in parallel with csr_rw sequence.
|
V2S | tl_intg_err | aes_tl_intg_err aes_sec_cm | Verify that the data integrity check violation generates an alert.
|
V2S | sec_cm_bus_integrity | aes_tl_intg_err | Verify the countermeasure(s) BUS.INTEGRITY. |
V2S | sec_cm_lc_escalate_en_intersig_mubi | aes_alert_reset | Verify the countermeasure(s) LC_ESCALATE_EN.INTERSIG.MUBI. Upon randomly switching the life cycle escalation input signal, it is ensured that the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_main_config_shadow | aes_shadow_reg_errors | Verify the countermeasure(s) MAIN.CONFIG.SHADOW. |
V2S | sec_cm_main_config_sparse | aes_stress aes_smoke aes_alert_reset aes_core_fi | Verify the countermeasure(s) MAIN.CONFIG.SPARSE. Illegally encoded values are written into the main control register via register interface and it is ensured that the values are resolved to the correct legal values. Internal wires carrying the corresponding signals are forced to invalid values and depending on the target wire it is ensured that the DUT stops processing data and signals an alert. |
V2S | sec_cm_aux_config_shadow | aes_shadow_reg_errors | Verify the countermeasure(s) AUX.CONFIG.SHADOW. |
V2S | sec_cm_aux_config_regwen | aes_stress aes_readability | Verify the countermeasure(s) AUX.CONFIG.REGWEN. It is ensured that once the REGWEN bit is set to 0, the content of the CTRL_AUX_SHADOWED register cannot be altered anymore until reset. |
V2S | sec_cm_key_sideload | aes_stress aes_sideload | Verify the countermeasure(s) KEY.SIDELOAD. |
V2S | sec_cm_key_sw_unreadable | aes_readability | Verify the countermeasure(s) KEY.SW_UNREADABLE. It is ensured that the initial key registers cannot be read via register interface. |
V2S | sec_cm_data_reg_sw_unreadable | aes_readability | Verify the countermeasure(s) DATA_REG.SW_UNREADABLE. It is ensured that the input data registers cannot be read via register interface. |
V2S | sec_cm_key_sec_wipe | aes_readability | Verify the countermeasure(s) KEY.SEC_WIPE. It is ensured that after triggering the clearing of the initial key registers with pseudo-random data, the content of these registers indeed changes to a different value. |
V2S | sec_cm_iv_config_sec_wipe | aes_readability | Verify the countermeasure(s) IV.CONFIG.SEC_WIPE. It is ensured that after triggering the clearing of the IV registers with pseudo-random data, the values read back from these registers via register interface indeed change. |
V2S | sec_cm_data_reg_sec_wipe | aes_readability | Verify the countermeasure(s) DATA_REG.SEC_WIPE. It is ensured that after triggering the clearing of the input and output data registers with pseudo-random data, the values read back from output data registers via register interface indeed change and that the content of the input data registers changes to a different value. |
V2S | sec_cm_data_reg_key_sca | aes_stress | Verify the countermeasure(s) DATA_REG.KEY.SCA. SVAs inside aes_cipher_core.sv check that the internal state register gets cleared with pseudo-random data at the end of the last round of every encryption. |
V2S | sec_cm_key_masking | aes_stress | Verify the countermeasure(s) KEY.MASKING. SVAs inside aes_cipher_core.sv are used to check some aspects of the masking countermeasure. However, the actual verification of the masking countermeasure cannot be done in DV though. FPGA measurements and formal masking verification tools are used for that purpose. |
V2S | sec_cm_main_fsm_sparse | aes_fi | Verify the countermeasure(s) MAIN.FSM.SPARSE. It is ensured that upon randomly forcing bits in the state register of the main FSM, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_main_fsm_redun | aes_fi aes_control_fi aes_cipher_fi aes_ctr_fi | Verify the countermeasure(s) MAIN.FSM.REDUN. It is ensured that upon randomly forcing the state, inputs or outputs of any of the independent, redundant logic rails of the main FSM to both valid and invalid encodings, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_cipher_fsm_sparse | aes_fi | Verify the countermeasure(s) CIPHER.FSM.SPARSE. It is ensured that upon randomly forcing bits in the state register of the cipher core FSM, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_cipher_fsm_redun | aes_fi aes_control_fi aes_cipher_fi | Verify the countermeasure(s) CIPHER.FSM.REDUN. It is ensured that upon randomly forcing the state, inputs or outputs of any of the independent, redundant logic rails of the cipher core FSM to both valid and invalid encodings, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_cipher_ctr_redun | aes_cipher_fi | Verify the countermeasure(s) CIPHER.CTR.REDUN. It is ensured that upon randomly forcing the value of any of the independent, redundant logic rails of round counter inside the cipher core FSM, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_ctr_fsm_sparse | aes_fi | Verify the countermeasure(s) CTR.FSM.SPARSE. It is ensured that upon randomly forcing bits in the state register of the CTR mode FSM, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_ctr_fsm_redun | aes_fi aes_control_fi aes_ctr_fi | Verify the countermeasure(s) CTR.FSM.REDUN. It is ensured that upon randomly forcing the state, inputs or outputs of any of the independent, redundant logic rails of the CTR mode FSM to both valid and invalid encodings, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_ctrl_sparse | aes_fi aes_control_fi aes_cipher_fi aes_ctr_fi | Verify the countermeasure(s) CTRL.SPARSE. It is ensured that upon randomly forcing the value of any of these critical control signals to an invalid encoding, the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_main_fsm_global_esc | aes_alert_reset | Verify the countermeasure(s) MAIN.FSM.GLOBAL_ESC. Upon randomly switching the life cycle escalation input signal, it is ensured that the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_main_fsm_local_esc | aes_fi aes_control_fi aes_cipher_fi aes_ctr_fi | Verify the countermeasure(s) MAIN.FSM.LOCAL_ESC. Upon detecting a local alert condition it is ensured that the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_cipher_fsm_local_esc | aes_fi aes_control_fi aes_cipher_fi aes_ctr_fi | Verify the countermeasure(s) CIPHER.FSM.LOCAL_ESC. Upon detecting a local alert condition it is ensured that the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_ctr_fsm_local_esc | aes_fi aes_control_fi aes_ctr_fi | Verify the countermeasure(s) CTR.FSM.LOCAL_ESC. Upon detecting a local alert condition it is ensured that the DUT stops processing data, locks up and triggers a fatal alert. |
V2S | sec_cm_data_reg_local_esc | aes_fi aes_control_fi aes_cipher_fi | Verify the countermeasure(s) DATA_REG.LOCAL_ESC. SVAs inside aes_core.sv are used to ensure that upon local escalation triggered through FI the cipher core doesn't release intermediate state into the readable output data or IV registers. |
Covergroups
Name | Description |
---|---|
ctrl_aux_cg | Covers when enabled a complete write forces a reseed. this is done by checking the DUT goes out of idle state after a full key has been provided. also covers that this is not the case then key_touch_forces_reseed = 0. |
ctrl_reg_cg | Covers that all valid settings have been tested. Further more it covers that also illegal values have been tested. Individual control settings that are covered includes:
All valid combinations of these will be crossed. |
dut_busy_cg | Cover that a busy DUT cannot be manipulated. This includes:
|
fault_inject_cg | Cover that a recoverable error has been seen:
|
key_iv_data_cg | Covers that these registers have been written in random order and interleaved and that it has triggered an operation.
|
regwen_val_when_new_value_written_cg | Cover each lockable reg field with these 2 cases:
This is only applicable if the block contains regwen and locakable CSRs. |
reseed_cg | Cover that the different reseed configurations has been used.
|
self_clearing_cg | Cover that the DUT self clearing is working correctly. An attack could be made by triggering an operation after a reset without configuring the DUT. The self clearing mechanism should prevent the DUT from starting. This mechanism should also clear any data in the output register with random data After a reset is pulled two things will be covered
|
shadow_field_errs_cg | Cover all shadow register errors for each register field. For all register fields within the shadowed register, this coverpoint covers the following errors:
|
sideload_cg | Cover sideload functionality This includes:
|
status_cg | Covers the different status bits was seen |
tl_errors_cg | Cover the following error cases on TL-UL bus:
|
tl_intg_err_cg | Cover all kinds of integrity errors (command, data or both) and cover number of error bits on each integrity check. Cover the kinds of integrity errors with byte enabled write on memory if applicable: Some memories store the integrity values. When there is a subword write, design re-calculate the integrity with full word data and update integrity in the memory. This coverage ensures that memory byte write has been issued and the related design logic has been verfied. |
trigger_cg | This covergroup has two very different cover points.
|