High-Level Synthesis (HLS) has transformed the development of complex Hardware IPs (HWIP) by offering abstraction and configurability through languages like SystemC/C++, particularly for Field Programmable Gate Array (FPGA) accelerators in high-performance and cloud computing contexts. These IPs can be synthesized for different FPGA boards in cloud, offering compact area requirements and enhanced flexibility. HLS enables designs to execute directly on ARM processors within modern FPGAs without the need for Register Transfer Level (RTL) synthesis, thereby conserving FPGA resources. While HLS offers flexibility and efficiency, it also introduces potential vulnerabilities such as the presence of hidden circuitry, including the possibility of hosting hardware trojans within designs. In cloud environments, these vulnerabilities pose significant security concerns such as leakage of sensitive data, IP functionality disruption and hardware damage, necessitating the development of robust testing frameworks. This research presents an advanced testing approach for HLS-developed cloud IPs, specifically targeting hidden malicious functionalities that may exist in rare conditions within the design. The proposed method leverages selective instrumentation, combining greybox fuzzing and concolic execution techniques to enhance test generation capabilities. Evaluation conducted on various HLS benchmarks, possessing characteristics of FPGA-based cloud IPs with embedded cloud related threats, demonstrates the effectiveness of our framework in detecting trojans and rare scenarios, showcasing improvements in coverage, time efficiency, memory usage, and testing costs compared to existing methods.

翻译：高层次综合（HLS）通过提供基于SystemC/C++等语言的抽象与可配置性，彻底改变了复杂硬件IP（HWIP）的开发流程，尤其适用于高性能计算和云计算场景中的现场可编程门阵列（FPGA）加速器。这些IP可在云环境中针对不同FPGA板卡进行综合，具有面积紧凑和灵活性高的特点。HLS使得设计能够直接在现代FPGA内的ARM处理器上执行，无需进行寄存器传输级（RTL）综合，从而节省了FPGA资源。尽管HLS带来了灵活性与高效性，但也引入了潜在的安全漏洞，例如隐藏电路的存在，包括在设计内部植入硬件木马的可能性。在云环境中，这些漏洞可能导致严重的安全问题，如敏感数据泄露、IP功能中断及硬件损坏，因此亟需建立鲁棒的测试框架。本研究提出了一种针对HLS开发的云IP的先进测试方法，专门针对设计中可能存在于罕见条件下的隐藏恶意功能。所提出的方法利用选择性插桩技术，结合灰盒模糊测试与具体符号执行技术，以增强测试生成能力。在多种具有嵌入式云相关威胁的FPGA云IP特征的HLS基准测试上进行的评估表明，我们的框架在检测木马和罕见场景方面具有显著效果，相较于现有方法，在覆盖率、时间效率、内存占用和测试成本等方面均展现出优越性。