Shulou(Shulou.com)05/31 Report--

Editor to share with you what kind of tool HAL is, I believe most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

HAL is a complete reverse engineering analysis suite and operational framework for gateway-level network equipment lists, which focuses on improving the efficiency, scalability and portability of network security personnel. HAL comes with a mature plug-in system that allows security researchers to introduce arbitrary functionality into the kernel.

In addition to many other research projects, HAL is also used in university security courses: introduction to hardware reverse Engineering.

Function introduction

1. Natural directed graph representation of network equipment list and its links

2. Support custom gateway library

3. Optimize the high performance brought by C++ core

4. Modularization: you can write your own C++ plug-in for effective Netlist analysis and operation.

5. Provide a feature-rich user interface to support visual detection and interactive analysis.

6. Python Shell is integrated, which can be used to interact with Netlist elements and access GUI interface.

7. The tool (v1.1.0) currently adds support for Xilinx Unisim, Xilinx Simprim, Synopsys 90nm, GSCLIB 3.0 and UMC 0.18 μ m libraries.

Tool installation Ubuntu

The release version of HAL is released through ppa.

MacOS

Use the following command and install HAL through homebrew:

Brew tap emsec/halbrew install hal build instruction

Run the following command to download and install HAL:

Construction of git clone https://github.com/emsec/hal.git & & cd hal./install_dependencies.shmkdir build & & cd buildcmakemakemake installmacOS

You need to use a compiler that supports OpenMP, and we can install it with the following command:

Brew install llvm

Then run the following command to have cmake use our custom compiler:

Cmake.. -DCMAKE_C_COMPILER=/usr/local/opt/llvm/bin/clang-DCMAKE_CXX_COMPILER=/usr/local/opt/llvm/bin/clang++ Quick start

Most researchers can install or build HAL and launch the GUI interface by using the command "hal-g". Use the command "hal [--help |-h]" to view all the options available to the tool. We provide a sample nettable in the examples directory, as well as a sample library for analysis, located in the path plugins/example_gate_library.

Load a code base from the examples directory and turn on the graphical analysis function. Use an integrated Python Shell or Python script window to interact with the target.

We can enumerate all the lookup tables and output the relevant information:

From hal_plugins import libquine_mccluskeyqm_plugin = libquine_mccluskey.quine_mccluskey () for gate in netlist.get_gates (): if "LUT" in gate.type: print (gate.name + "(id" + str (gate.id) + " Type "+ gate.type +") print ("+ str (len (gate.input_pin_types)) +"-to- "+ str (len (gate.output_pin_types)) +" LUT ") boolean_functions = qm_plugin.get_boolean_function_str (gate, False) for pin in boolean_functions: print (" + pin + ":" + boolean_ functionsPin] print ("")

For example, for the fsm.vhd sample, the output is as follows:

FSM_sequential_STATE_REG_1_i_2_inst (id 5, type LUT6) 6-to-1 LUT O: (I0i1 ~ i2i3i4 ~ i5) + (I0 ~ i2i3i4i5) FSM_sequential_STATE_REG_0_i_2_inst (id 3, type LUT6) 6-to-1 LUT O: (i2i3i4 ~ i5) + (I1i2) + (I0I1) + (I1 ~ i3) + (I1 ~ i4) + (I1 ~ i5) FSM_sequential_STATE_REG_0_i_3_inst (id 4) Type LUT6) 6-to-1 LUT O: (~ I1 ~ I2i3 ~ I4i5) + (I0I5) + (I0I4) + (I0I3) + (I0I1) + (I0 ~ I2) OUTPUT_BUF_0_inst_i_1_inst (id 18, type LUT1) 1-to-1 LUT O: (~ I0) OUTPUT_BUF_1_inst_i_1_inst (id 20) Type LUT2) 2-to-1 LUT O: (~ I0 I1) + (I0 ~ I1) FSM_sequential_STATE_REG_1_i_3_inst (id 6) Type LUT6) 6-to-1 LUT O: (I0I2I4) + (I1i2i4) + (I0-I3i4) + (I0I4-I3i4) + (I0I4-I5) + (I2I5) + (I2I3) + (I1I5) + (I1I3) + (I0I1) + (I0I5) + (I0-I1) + (I1-I2) + (I0-I2) + (I2-I3) + (I4-I5) + (I3-I4) + (I1-I4) reference

If you need to use HAL in school or under academic research conditions, use the following citations to mark and use the framework:

@ misc {hal, author = {{EmSec Chair for Embedded Security}}, publisher = {{Ruhr University Bochum}}, title = {{HAL-The Hardware Analyzer}}, year = {2019}, howpublished = {\ url {https://github.com/emsec/hal}},}

You can also quote the original paper directly:

@ article {2018:Fyrbiak:HAL, author = {Marc Fyrbiak and Sebastian Wallat and Pawel Swierczynski and Max Hoffmann and Sebastian Hoppach and Matthias Wilhelm and Tobias Weidlich and Russell Tessier and Christof Paar} Title = {{HAL-} The Missing Piece of the Puzzle for Hardware Reverse Engineering, Trojan Detection and Insertion}, journal = {IEEE Transactions on Dependable and Secure Computing}, year = {2018}, publisher = {IEEE}, howpublished = {\ url {https://github.com/emsec/hal}}} license Agreement

The development and release of HAL follows the MIT open source license agreement.

The above is all the content of this article "what is HAL?" Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.