Contents
Introduction 1 1 Verication Overview 3 1.1 Verication Techniques . . . 4 1.1.1 Direct Testing . . . 4 1.1.2 Formal Verication . . . 5 1.1.3 Constrained-Random Testing . . . 5 1.2 Verication Approaches . . . 6 1.3 Verication Languages . . . 81.4 Universal Verication Methodology (UVM) . . . 9
1.4.1 Components and data . . . 10
1.4.2 Object Factory . . . 10
1.4.3 Conguration database . . . 11
2 IEEE 802.1AE MAC Security Standard 12 2.1 IEEE 802.1AE MAC Security Standard . . . 12
2.1.1 The Cipher Suite . . . 13
2.1.2 MAC Security Protocol . . . 13
2.2 Advanced Encryption Standard . . . 16
2.2.1 Mathematical Preliminaries . . . 18
2.2.2 AES encryption algorithm . . . 22
2.2.3 Key Expansion . . . 28
2.3 Galois/Counter Mode of operation . . . 32
2.4 Overview of MACsec-compliant IP . . . 36
2.4.1 Interface Signals . . . 38
CONTENTS
3 AES-GCM-128 Software Implementation 47
3.1 gcm_dpi.sv . . . 48 3.2 gcm_dpi.cpp . . . 49 3.3 gcm class . . . 52 3.3.1 set_key () . . . 52 3.3.2 packet_init () . . . 53 3.3.3 add_auth () . . . 53 3.3.4 auth_nalize () . . . 53 3.3.5 encrypt () . . . 54 3.3.6 decrypt () . . . 54 3.3.7 get_tag () . . . 54 3.3.8 auth_ver () . . . 55 3.4 aes class . . . 55 3.5 gfvec class . . . 56 3.5.1 operator+() . . . 57 3.5.2 operator*() . . . 57 3.5.3 rightshift() . . . 58 3.5.4 add() . . . 58
4 UVM environment implementation for the MACsec IP 59 4.1 UVM testbench general overview . . . 59
4.1.1 Phases . . . 60 4.1.2 Messages . . . 61 4.1.3 Functional Coverage . . . 61 4.2 MACsec Test-plan . . . 63 4.2.1 Features testing . . . 63 4.2.2 Error injection . . . 67 4.3 Top_TB_MACsec . . . 69 4.4 Test_library_MACsec . . . 69 4.5 Environment_MACsec . . . 70 4.6 Scoreboard_MACsec . . . 71 4.7 Agent_MACsec . . . 74 4.8 Driver_MACsec . . . 74 4.8.1 Driver_MACsec_TX . . . 74 ii
CONTENTS 4.8.2 Driver_MACsec_RX . . . 77 4.9 Monitor_MACsec . . . 77 4.9.1 Coverage . . . 78 4.9.2 Monitor_input_MACsec_TX . . . 79 4.9.3 Monitor_output_MACsec_TX . . . 80 4.9.4 Monitor_input_MACsec_RX . . . 81 4.9.5 Monitor_output_MACsec_RX . . . 81 4.10 Sequencer_MACsec . . . 81 4.11 Sequence_library_MACsec . . . 82 4.11.1 Sequence_library_MACsec_TX . . . 82 4.11.2 Sequence_library_MACsec_RX . . . 84 4.12 Transaction_MACsec . . . 85 4.12.1 Transaction_MACsec_TX . . . 86 4.12.2 Transaction_MACsec_RX . . . 86 4.13 Interface_MACsec . . . 87 5 Test results 88 5.1 TX Module test results . . . 88
5.1.1 Back-to-back tests . . . 89
5.1.2 Interleaved frames . . . 89
5.1.3 Ethernet speed or Security service manipulation . . . . 90
5.2 RX Module test results . . . 91
5.2.1 MACsec frame handling . . . 92
5.3 Coverage . . . 93
5.4 Performance . . . 94
5.5 Tips to design team . . . 95
6 Conclusions 97