CODAx

Simple and Fully Automated Static Linting Solution for SoC Security Verification

About CODAx

Caspia’s security-aware static linting solution, CODAx, analyzes IP/SoC designs to detect bad coding styles against security vulnerabilities. It can automatically identify 120+ insecure RTL coding features and provide suggested corrections to make the design free from potential confidentiality, integrity, and availability issues. CODAx is frequently updated with new security rules, and these are derived from vulnerability databases such as CWE, CVE, and Trust-Hub. By providing numerous automatic checks at the early design stage, CODAx helps to significantly reduce the overall costs for security verification.

Fast security verification at RTL with easy-to-use interface

Applicable to ASIC/FPGA IPs, legacy IPs, and complex SoC designs

Assist in meeting security standards (ISO/SAE 21434, 27001, and more)

Security Bug Detection with Security Rule Check

CODAx utilizes numerous security directives as high-level guidelines for RTL design practices, preventing critical vulnerabilities in SoCs. These directives are refined into specific security rules, the violation of which CODAx detects in the code. Addressing these violations early in the design phase is crucial for mitigating potential security weaknesses. By adhering to these rules, CODAx helps designers proactively identify and mitigate security concerns, significantly reducing the risk of vulnerabilities in the final design, leading to a safer end product.

Features

Datapath Analysis

CODAx rigorously examines the design code to detect security vulnerabilities in the datapath, the core component responsible for data transfer and processing. It identifies risks such as improper data handling, unwanted data corruption, and potential breaches that could compromise system confidentiality, integrity, or availability. This ensures robust protection against unauthorized access and security flaws.

Control Path Analysis

CODAx will analyze control paths in the designs, particularly within Finite State Machines (FSMs). It identifies potential security vulnerabilities from attack vectors such as fault injection and DoS attacks, ensuring the FSMs operate securely. Additionally, CODAx detects unauthorized or unintended modifications to control signals, safeguarding the integrity and reliability of hardware systems.

Root-cause Analysis

CODAx employs meticulous root-cause analysis to pinpoint the origins of security violations in RTL designs, highlighting the specific RTL code involved. This precise identification allows designers to focus on problematic areas, addressing both the symptoms and underlying factors of security weaknesses. This enables RTL designers to focus on problematic areas, enhancing the security of those components.

Report Generation

CODAx generates detailed reports that outline detected security vulnerabilities within the designs. Each report includes descriptions of security-critical bugs and their potential impacts, enabling designers to make informed decisions on necessary revisions. Presented in an easy-to-understand manner for non-security experts, these reports enhance both the security of RTL designs and designers’ understanding of security principles in hardware design.

Suggested Fixes

CODAx not only detects security issues in RTL designs but also provides comprehensive guidance for fixing them. It offers detailed guidelines and tailored fixes for each identified bug within the datapath or control-flow, equipping designers with actionable insights for prompt and efficient resolution of vulnerabilities.

Licensing

CODAx is available for licensing, providing a seamless integration into your RTL design workflow. We offer tailored evaluations to demonstrate the tool’s capabilities and ensure it meets your security needs. Contact us to set up an assessment and explore how CODAx can enhance the security of your hardware designs.

Tool Assistance

Caspia Technologies enhances your experience with comprehensive training and support for all of our EDA solutions. 

Together, we can solve your security challenges.