Metrics and Methodology for Hardware Security Constructs

Although hardware is commonly believed to be security-resilient, it is often susceptible to vulnerabilities that arise from design and implementation flaws. These flaws can jeopardize the hardware’s security, its operations, and critical user information. This investigation presents a comprehensive methodology for assessing threats related to different hardware weaknesses and the attacks that can exploit them. The methodology results in two key metrics: a threat metric that quantifies the number of hardware weaknesses that an attack can exploit and a sensitivity metric that measures the number of distinct attacks that can target a hardware system with a specific weakness. These metrics and the accompanying analysis aim to guide security efforts and optimize the trade-offs between hardware security and associated costs.