hw/ip/otbn/data/otbn_sec_cm_testplan.hjson - 3p/lowrisc/opentitan - Git at Google

 // Copyright lowRISC contributors.
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0

 // Security countermeasures testplan extracted from the IP Hjson using reggen.
 //
 // This testplan is auto-generated only the first time it is created. This is
 // because this testplan needs to be hand-editable. It is possible that these
 // testpoints can go out of date if the spec is updated with new
 // countermeasures. When `reggen` is invoked when this testplan already exists,
 // It checks if the list of testpoints is up-to-date and enforces the user to
 // make further manual updates.
 //
 // These countermeasures and their descriptions can be found here:
 // .../otbn/data/otbn.hjson
 //
 // It is possible that the testing of some of these countermeasures may already
 // be covered as a testpoint in a different testplan. This duplication is ok -
 // the test would have likely already been developed. We simply map those tests
 // to the testpoints below using the `tests` key.
 //
 // Please ensure that this testplan is imported in:
 // .../otbn/data/otbn_testplan.hjson
 {
   testpoints: [
     {
       name: sec_cm_mem_scramble
       desc: "Verify the countermeasure(s) MEM.SCRAMBLE."
       stage: V2S
       tests: ["otbn_smoke"]
     }
     {
       name: sec_cm_data_mem_integrity
       desc: "Verify the countermeasure(s) DATA.MEM.INTEGRITY."
       stage: V2S
       tests: ["otbn_imem_err", "otbn_dmem_err"]
     }
     {
       name: sec_cm_instruction_mem_integrity
       desc: "Verify the countermeasure(s) INSTRUCTION.MEM.INTEGRITY."
       stage: V2S
       tests: ["otbn_imem_err", "otbn_dmem_err"]
     }
     {
       name: sec_cm_bus_integrity
       desc: "Verify the countermeasure(s) BUS.INTEGRITY."
       stage: V2S
       tests: ["otbn_tl_intg_err"]
     }
     {
       name: sec_cm_controller_fsm_global_esc
       desc: "Verify the countermeasure(s) CONTROLLER.FSM.GLOBAL_ESC."
       stage: V2S
       tests: ["otbn_escalate"]
     }
     {
       name: sec_cm_controller_fsm_local_esc
       desc: "Verify the countermeasure(s) CONTROLLER.FSM.LOCAL_ESC."
       stage: V2S
       tests: ["otbn_imem_err", "otbn_dmem_err", "otbn_zero_state_err_urnd", "otbn_illegal_mem_acc"]
     }
     {
       name: sec_cm_controller_fsm_sparse
       desc: "Verify the countermeasure(s) CONTROLLER.FSM.SPARSE."
       stage: V2S
       tests: ["otbn_sec_cm"]
     }
     {
       name: sec_cm_scramble_key_sideload
       desc: "Verify the countermeasure(s) SCRAMBLE.KEY.SIDELOAD."
       stage: V2S
       tests: ["otbn_single"]
     }
     {
       name: sec_cm_scramble_ctrl_fsm_local_esc
       desc: "Verify the countermeasure(s) SCRAMBLE_CTRL.FSM.LOCAL_ESC."
       stage: V2S
       tests: ["otbn_imem_err", "otbn_dmem_err", "otbn_zero_state_err_urnd", "otbn_illegal_mem_acc"]
     }
     {
       name: sec_cm_scramble_ctrl_fsm_sparse
       desc: "Verify the countermeasure(s) SCRAMBLE_CTRL.FSM.SPARSE."
       stage: V2S
       tests: ["otbn_sec_cm"]
     }
     {
       name: sec_cm_start_stop_ctrl_fsm_global_esc
       desc: "Verify the countermeasure(s) START_STOP_CTRL.FSM.GLOBAL_ESC."
       stage: V2S
       tests: ["otbn_escalate"]
     }
     {
       name: sec_cm_start_stop_ctrl_fsm_local_esc
       desc: "Verify the countermeasure(s) START_STOP_CTRL.FSM.LOCAL_ESC."
       stage: V2S
       tests: ["otbn_imem_err", "otbn_dmem_err", "otbn_zero_state_err_urnd", "otbn_illegal_mem_acc"]
     }
     {
       name: sec_cm_start_stop_ctrl_fsm_sparse
       desc: "Verify the countermeasure(s) START_STOP_CTRL.FSM.SPARSE."
       stage: V2S
       tests: ["otbn_sec_cm"]
     }
     {
       name: sec_cm_data_reg_sw_sca
       desc: "Verify the countermeasure(s) DATA_REG_SW.SCA."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_ctrl_redun
       desc: "Verify the countermeasure(s) CTRL.REDUN."
       stage: V2S
       tests: ["otbn_ctrl_redun"]
     }
     {
       name: sec_cm_pc_ctrl_flow_redun
       desc: ''' Verify the countermeasure(s) PC.CTRL_FLOW.REDUN.
                 Wait for a read request and istrn fetch request valid.
                 Corrupt the insn_prefetch_addr.
             '''
       stage: V2S
       tests: ["otbn_pc_ctrl_flow_redun"]
     }
     {
       name: sec_cm_rnd_bus_consistency
       desc: '''
       RND.BUS.CONSISTENCY:
       Expect to trigger RND_FIPS_CHK_FAIL recoverable error for FIPS bit being low in any word of the received RND data.
       '''
       stage: V2S
       tests: ["otbn_rnd_sec_cm"]
     }
     {
       name: sec_cm_rnd_rng_digest
       desc: '''
       RND.RNG.DIGEST:
       Randomly send the same EDN word for incoming RND data.
       Expect to trigger RND_REP_CHK_FAIL recoverable error for repeated EDN words.
       '''
       stage: V2S
       tests: ["otbn_rnd_sec_cm"]
     }
     {
       name: sec_cm_rf_base_data_reg_sw_integrity
       desc: "Verify the countermeasure(s) RF_BASE.DATA_REG_SW.INTEGRITY."
       stage: V2S
       tests: ["otbn_csr_rw"]
     }
     {
       name: sec_cm_rf_base_data_reg_sw_glitch_detect
       desc: "Verify the countermeasure(s) RF_BASE.DATA_REG_SW.GLITCH_DETECT."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_stack_wr_ptr_ctr_redun
       desc: "Verify the countermeasure(s) STACK_WR_PTR.CTR.REDUN."
       stage: V2S
       tests: ["otbn_sec_cm"]
     }
     {
       name: sec_cm_rf_bignum_data_reg_sw_integrity
       desc: "Verify the countermeasure(s) RF_BIGNUM.DATA_REG_SW.INTEGRITY."
       stage: V2S
       tests: ["otbn_csr_rw"]
     }
     {
       name: sec_cm_rf_bignum_data_reg_sw_glitch_detect
       desc: "Verify the countermeasure(s) RF_BIGNUM.DATA_REG_SW.GLITCH_DETECT."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_loop_stack_ctr_redun
       desc: "Verify the countermeasure(s) LOOP_STACK.CTR.REDUN."
       stage: V2S
       tests: ["otbn_sec_cm"]
     }
     {
       name: sec_cm_loop_stack_addr_integrity
       desc: "Verify the countermeasure(s) LOOP_STACK.ADDR.INTEGRITY."
       stage: V2S
       tests: ["otbn_stack_addr_integ_chk"]
     }
     {
       name: sec_cm_call_stack_addr_integrity
       desc: "Verify the countermeasure(s) CALL_STACK.ADDR.INTEGRITY."
       stage: V2S
       tests: ["otbn_stack_addr_integ_chk"]
     }
     {
       name: sec_cm_start_stop_ctrl_state_consistency
       desc: "Verify the countermeasure(s) START_STOP_CTRL.STATE.CONSISTENCY."
       stage: V2S
       tests: ["otbn_sec_wipe_err"]
     }
     {
       name: sec_cm_data_mem_sec_wipe
       desc: "Verify the countermeasure(s) DATA.MEM.SEC_WIPE."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_instruction_mem_sec_wipe
       desc: "Verify the countermeasure(s) INSTRUCTION.MEM.SEC_WIPE."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_data_reg_sw_sec_wipe
       desc: "Verify the countermeasure(s) DATA_REG_SW.SEC_WIPE."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_write_mem_integrity
       desc: "Verify the countermeasure(s) WRITE.MEM.INTEGRITY."
       stage: V2S
       tests: ["otbn_multi"]
     }
     {
       name: sec_cm_ctrl_flow_count
       desc: "Verify the countermeasure(s) CTRL_FLOW.COUNT."
       stage: V2S
       tests: ["otbn_single"]
     }
     {
       name: sec_cm_ctrl_flow_sca
       desc: "Verify the countermeasure(s) CTRL_FLOW.SCA."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_data_mem_sw_noaccess
       desc: "Verify the countermeasure(s) DATA.MEM.SW_NOACCESS."
       stage: V2S
       tests: ["otbn_sw_no_acc"]
     }
     {
       name: sec_cm_key_sideload
       desc: "Verify the countermeasure(s) KEY.SIDELOAD."
       stage: V2S
       tests: []
     }
     {
       name: sec_cm_tlul_fifo_ctr_redun
       desc: "Verify the countermeasure(s) TLUL_FIFO.CTR.REDUN."
       stage: V2S
       tests: []
     }
   ]
 }
	// Copyright lowRISC contributors.
	// Licensed under the Apache License, Version 2.0, see LICENSE for details.
	// SPDX-License-Identifier: Apache-2.0

	// Security countermeasures testplan extracted from the IP Hjson using reggen.
	//
	// This testplan is auto-generated only the first time it is created. This is
	// because this testplan needs to be hand-editable. It is possible that these
	// testpoints can go out of date if the spec is updated with new
	// countermeasures. When `reggen` is invoked when this testplan already exists,
	// It checks if the list of testpoints is up-to-date and enforces the user to
	// make further manual updates.
	//
	// These countermeasures and their descriptions can be found here:
	// .../otbn/data/otbn.hjson
	//
	// It is possible that the testing of some of these countermeasures may already
	// be covered as a testpoint in a different testplan. This duplication is ok -
	// the test would have likely already been developed. We simply map those tests
	// to the testpoints below using the `tests` key.
	//
	// Please ensure that this testplan is imported in:
	// .../otbn/data/otbn_testplan.hjson
	{
	testpoints: [
	{
	name: sec_cm_mem_scramble
	desc: "Verify the countermeasure(s) MEM.SCRAMBLE."
	stage: V2S
	tests: ["otbn_smoke"]
	}
	{
	name: sec_cm_data_mem_integrity
	desc: "Verify the countermeasure(s) DATA.MEM.INTEGRITY."
	stage: V2S
	tests: ["otbn_imem_err", "otbn_dmem_err"]
	}
	{
	name: sec_cm_instruction_mem_integrity
	desc: "Verify the countermeasure(s) INSTRUCTION.MEM.INTEGRITY."
	stage: V2S
	tests: ["otbn_imem_err", "otbn_dmem_err"]
	}
	{
	name: sec_cm_bus_integrity
	desc: "Verify the countermeasure(s) BUS.INTEGRITY."
	stage: V2S
	tests: ["otbn_tl_intg_err"]
	}
	{
	name: sec_cm_controller_fsm_global_esc
	desc: "Verify the countermeasure(s) CONTROLLER.FSM.GLOBAL_ESC."
	stage: V2S
	tests: ["otbn_escalate"]
	}
	{
	name: sec_cm_controller_fsm_local_esc
	desc: "Verify the countermeasure(s) CONTROLLER.FSM.LOCAL_ESC."
	stage: V2S
	tests: ["otbn_imem_err", "otbn_dmem_err", "otbn_zero_state_err_urnd", "otbn_illegal_mem_acc"]
	}
	{
	name: sec_cm_controller_fsm_sparse
	desc: "Verify the countermeasure(s) CONTROLLER.FSM.SPARSE."
	stage: V2S
	tests: ["otbn_sec_cm"]
	}
	{
	name: sec_cm_scramble_key_sideload
	desc: "Verify the countermeasure(s) SCRAMBLE.KEY.SIDELOAD."
	stage: V2S
	tests: ["otbn_single"]
	}
	{
	name: sec_cm_scramble_ctrl_fsm_local_esc
	desc: "Verify the countermeasure(s) SCRAMBLE_CTRL.FSM.LOCAL_ESC."
	stage: V2S
	tests: ["otbn_imem_err", "otbn_dmem_err", "otbn_zero_state_err_urnd", "otbn_illegal_mem_acc"]
	}
	{
	name: sec_cm_scramble_ctrl_fsm_sparse
	desc: "Verify the countermeasure(s) SCRAMBLE_CTRL.FSM.SPARSE."
	stage: V2S
	tests: ["otbn_sec_cm"]
	}
	{
	name: sec_cm_start_stop_ctrl_fsm_global_esc
	desc: "Verify the countermeasure(s) START_STOP_CTRL.FSM.GLOBAL_ESC."
	stage: V2S
	tests: ["otbn_escalate"]
	}
	{
	name: sec_cm_start_stop_ctrl_fsm_local_esc
	desc: "Verify the countermeasure(s) START_STOP_CTRL.FSM.LOCAL_ESC."
	stage: V2S
	tests: ["otbn_imem_err", "otbn_dmem_err", "otbn_zero_state_err_urnd", "otbn_illegal_mem_acc"]
	}
	{
	name: sec_cm_start_stop_ctrl_fsm_sparse
	desc: "Verify the countermeasure(s) START_STOP_CTRL.FSM.SPARSE."
	stage: V2S
	tests: ["otbn_sec_cm"]
	}
	{
	name: sec_cm_data_reg_sw_sca
	desc: "Verify the countermeasure(s) DATA_REG_SW.SCA."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_ctrl_redun
	desc: "Verify the countermeasure(s) CTRL.REDUN."
	stage: V2S
	tests: ["otbn_ctrl_redun"]
	}
	{
	name: sec_cm_pc_ctrl_flow_redun
	desc: ''' Verify the countermeasure(s) PC.CTRL_FLOW.REDUN.
	Wait for a read request and istrn fetch request valid.
	Corrupt the insn_prefetch_addr.
	'''
	stage: V2S
	tests: ["otbn_pc_ctrl_flow_redun"]
	}
	{
	name: sec_cm_rnd_bus_consistency
	desc: '''
	RND.BUS.CONSISTENCY:
	Expect to trigger RND_FIPS_CHK_FAIL recoverable error for FIPS bit being low in any word of the received RND data.
	'''
	stage: V2S
	tests: ["otbn_rnd_sec_cm"]
	}
	{
	name: sec_cm_rnd_rng_digest
	desc: '''
	RND.RNG.DIGEST:
	Randomly send the same EDN word for incoming RND data.
	Expect to trigger RND_REP_CHK_FAIL recoverable error for repeated EDN words.
	'''
	stage: V2S
	tests: ["otbn_rnd_sec_cm"]
	}
	{
	name: sec_cm_rf_base_data_reg_sw_integrity
	desc: "Verify the countermeasure(s) RF_BASE.DATA_REG_SW.INTEGRITY."
	stage: V2S
	tests: ["otbn_csr_rw"]
	}
	{
	name: sec_cm_rf_base_data_reg_sw_glitch_detect
	desc: "Verify the countermeasure(s) RF_BASE.DATA_REG_SW.GLITCH_DETECT."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_stack_wr_ptr_ctr_redun
	desc: "Verify the countermeasure(s) STACK_WR_PTR.CTR.REDUN."
	stage: V2S
	tests: ["otbn_sec_cm"]
	}
	{
	name: sec_cm_rf_bignum_data_reg_sw_integrity
	desc: "Verify the countermeasure(s) RF_BIGNUM.DATA_REG_SW.INTEGRITY."
	stage: V2S
	tests: ["otbn_csr_rw"]
	}
	{
	name: sec_cm_rf_bignum_data_reg_sw_glitch_detect
	desc: "Verify the countermeasure(s) RF_BIGNUM.DATA_REG_SW.GLITCH_DETECT."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_loop_stack_ctr_redun
	desc: "Verify the countermeasure(s) LOOP_STACK.CTR.REDUN."
	stage: V2S
	tests: ["otbn_sec_cm"]
	}
	{
	name: sec_cm_loop_stack_addr_integrity
	desc: "Verify the countermeasure(s) LOOP_STACK.ADDR.INTEGRITY."
	stage: V2S
	tests: ["otbn_stack_addr_integ_chk"]
	}
	{
	name: sec_cm_call_stack_addr_integrity
	desc: "Verify the countermeasure(s) CALL_STACK.ADDR.INTEGRITY."
	stage: V2S
	tests: ["otbn_stack_addr_integ_chk"]
	}
	{
	name: sec_cm_start_stop_ctrl_state_consistency
	desc: "Verify the countermeasure(s) START_STOP_CTRL.STATE.CONSISTENCY."
	stage: V2S
	tests: ["otbn_sec_wipe_err"]
	}
	{
	name: sec_cm_data_mem_sec_wipe
	desc: "Verify the countermeasure(s) DATA.MEM.SEC_WIPE."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_instruction_mem_sec_wipe
	desc: "Verify the countermeasure(s) INSTRUCTION.MEM.SEC_WIPE."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_data_reg_sw_sec_wipe
	desc: "Verify the countermeasure(s) DATA_REG_SW.SEC_WIPE."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_write_mem_integrity
	desc: "Verify the countermeasure(s) WRITE.MEM.INTEGRITY."
	stage: V2S
	tests: ["otbn_multi"]
	}
	{
	name: sec_cm_ctrl_flow_count
	desc: "Verify the countermeasure(s) CTRL_FLOW.COUNT."
	stage: V2S
	tests: ["otbn_single"]
	}
	{
	name: sec_cm_ctrl_flow_sca
	desc: "Verify the countermeasure(s) CTRL_FLOW.SCA."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_data_mem_sw_noaccess
	desc: "Verify the countermeasure(s) DATA.MEM.SW_NOACCESS."
	stage: V2S
	tests: ["otbn_sw_no_acc"]
	}
	{
	name: sec_cm_key_sideload
	desc: "Verify the countermeasure(s) KEY.SIDELOAD."
	stage: V2S
	tests: []
	}
	{
	name: sec_cm_tlul_fifo_ctr_redun
	desc: "Verify the countermeasure(s) TLUL_FIFO.CTR.REDUN."
	stage: V2S
	tests: []
	}
	]
	}