Papers
Topics
Authors
Recent
Search
2000 character limit reached

SecFSM: Secure Finite State Machines

Updated 3 July 2026
  • SecFSM is a suite of secure finite state machine paradigms combining encryption, fault tolerance, and code synthesis to safeguard digital systems.
  • Its implementations, such as HFSAC and SCFI, use randomized state transitions, knowledge graphs, and error-detection codes to thwart attacks while maintaining efficiency.
  • Empirical studies show that SecFSM approaches deliver high security metrics and effective resource trade-offs across multimedia encoding, Verilog synthesis, and secure communications.

SecFSM refers collectively to several distinct secure finite state machine paradigms and systems in the domains of data encryption, fault-tolerant hardware, and secure code generation for digital design. These approaches leverage finite state machines (FSMs) as central primitives, augmented with techniques from cryptography, formal verification, knowledge-assisted code synthesis, and information theory to achieve robustness against fault injection, side-channel attacks, or software vulnerabilities in hardware design flows. The SecFSM nomenclature thus spans at least three key subfields: joint compression–encryption via random FSM jumps (Ziyabar et al., 2012), knowledge-graph-guided secure FSM Verilog synthesis (Hu et al., 18 Aug 2025), and provably secure transmission over finite-state Markov wiretap channels (Dai et al., 2016). In the hardware security context, SCFI (State-machine Control-Flow Hardening against Fault Attacks) is also germane (Nasahl et al., 2022). Each variant operationalizes "security" at a different layer: cryptographic secrecy, structural and coding correctness in synthesis, channel secrecy capacity, or hardware fault tolerance.

1. FSM-Based Secure Arithmetic Coding and Encryption (SecFSM/HFSAC)

The "SecFSM" system in (Ziyabar et al., 2012)—also referred to as Huffman Finite State Arithmetic Coding (HFSAC)—augments classical finite-state arithmetic coding (FSAC) with multi-layered cryptographic mechanisms for real-time multimedia encryption and compression. The encoder employs a triple-key structure:

  • K1K_1 (jump indicator bits) and K2K_2 (random jump destination states) jointly orchestrate pseudo-random state "jumps" that disrupt predictable FSM traversal, thereby diffusing plaintext-symbol correlations.
  • K3K_3 governs state-dependent bit-level output alterations via randomized suffix reversal of per-state Huffman codewords.

Each state of the FSM is equipped with a specifically constructed Huffman code over the input symbol alphabet, ensuring prefix-freeness and the ability for decodable resynchronization even across random state-jumps. This multi-key design delivers both confusion and diffusion, with an astronomically large keyspace, and empirical output entropy (0.9936\approx 0.9936\,bits/bit) indistinguishable from random, passing all NIST-SP800-22 randomness tests.

Compression overhead compared to traditional arithmetic coding remains low: worst-case <10%<10\% per-symbol bitrate increase, e.g., from $19.4$ to 21.321.3\,bits/symbol on typical image workloads. The keyspace grows as 2n1Sn(avgmax)n2^{n-1} \cdot S^n \cdot (\text{avg}\,\ell_\text{max})^n for data length nn and FSM state count SS, precluding brute-force attacks. The design demonstrates resistance to chosen-plaintext, known-plaintext, and cipher-text only attacks due to the loss of systematic structure in the output and high diffusion from state and bitwise obfuscation.

Implementation cost is K2K_20 per symbol with modest memory for state transitions, Huffman tables, and key storage (Ziyabar et al., 2012).

2. Knowledge Graph-Guided Secure FSM Code Generation in SoC (SecFSM Framework)

SecFSM in the recent sense (Hu et al., 18 Aug 2025) targets SoC designers' need for automatically synthesized, security-verified FSM Verilog via LLMs. Base LLMs (e.g., DeepSeek-R1, GPT-4) generate correct syntax but overlook domain-specific vulnerabilities: dead states, missing default clauses, integer overflows (CWE-190), and unprotected transitions. The SecFSM framework addresses this failure mode by:

  • Constructing an FSM Security Knowledge Graph (FSKG), a property graph K2K_21 encoding vulnerabilities, state lifecycle stages, check patterns, code exemplars, and mitigation suggestions.
  • Analyzing user requirements by extracting the state-transition graph K2K_22, detecting structural (K2K_23) and functional (K2K_24) vulnerability patterns through formal detectors (K2K_25).
  • Using semantic embeddings and subgraph matching to retrieve actionable security knowledge (K2K_26 for code patches, K2K_27 for narrative suggestions) specific to flagged vulnerabilities.
  • Splicing these code-patches into structured template prompts provided to the LLM, ensuring that critical security fixes are enforced by construction (e.g., inserting default cases, saturation logic for arithmetic, or coverage of all reset paths).

Quantitative evaluation on a 25-case security benchmark (DeepSeek-R1 backend) shows SecFSM achieves K2K_28 passing secure synthesis, compared to K2K_29 for generic Retrieval-Augmented Generation (RAG) and K3K_30 for bare LLM instruction. Functionality is retained at K3K_31 pass rate, demonstrating the approach’s efficiency and effectiveness for secure FSM code generation (Hu et al., 18 Aug 2025).

3. FSMs in Information Theoretic Secrecy: Finite-State Markov Wiretap Channels

In secure communications, the finite state Markov wiretap channel (FSM-WC) with delayed feedback models wireless (e.g., fading) channels where both legitimate receiver and eavesdropper observe outputs governed by a state Markov chain (Dai et al., 2016). The secrecy capacity K3K_32 and capacity-equivocation regions are derived using auxiliary random variables and information measures under both state and output feedback:

  • Given state process K3K_33 evolving as K3K_34 and channel law K3K_35, the secrecy capacity in the degraded (eavesdropper output is a noisy function of legitimate output) case is

K3K_36

  • Delayed state/output feedback allow the encoder to adapt its coding, raising achievable secrecy rates. Channel memory (mixing speed), delay, and feedback modality control the gap between inner and outer bounds, with output feedback even supporting secret key generation at a rate K3K_37 (in the degraded case).
  • Explicit analytic capacities are given for Gaussian and fading channels, averaging over the FSM’s stationary and transition distributions.

This formalism underpins both practical cryptosystem design and theoretical bounds for communication secrecy in environments governed by FSMs (Dai et al., 2016).

4. FSM-Based Hardware Fault Tolerance: Control-Flow Hardening (SCFI)

SCFI (Nasahl et al., 2022) embodies a hardware-level FSM hardening mechanism against fault injection (FI) attacks. Unlike redundancy-based approaches (e.g., triple modular redundancy), which scale poorly against multi-fault attacks, SCFI employs a probabilistic, zero-latency detection approach:

  • All FSM state and control-signal registers are re-encoded using a Hamming distance-K3K_38 code; the hardened next-state function K3K_39 operates on these codes with a mix–diffuse–unmix structure.
  • The core diffusion layer uses an MDS matrix to maximize bitwise spread; any 0.9936\approx 0.9936\,0 faults in the diffusion stage propagate to 0.9936\approx 0.9936\,1 output bytes, of which a per-byte error bit is extracted.
  • Any deviation from valid state encodings (resulting from 0.9936\approx 0.9936\,2 simultaneous faults) is detected immediately, forcing the FSM into an ERROR state with zero latency.
  • SCFI is integrated as a Yosys synthesis pass and is formally verified via exhaustive gate-level injection using SYNFI, empirically achieving near-zero false negatives (only 0.9936\approx 0.9936\,3 theoretical “tail” observed).
  • Area overhead is 0.9936\approx 0.9936\,4 to 0.9936\approx 0.9936\,5 (for 0.9936\approx 0.9936\,6) compared to 0.9936\approx 0.9936\,7 for threefold redundancy in tested OpenTitan FSMs, with better area–time product scaling.

The construction exposes minimal residual attack surface (selectors must also be encoded), and the MDS block size can be tuned for further area optimization (Nasahl et al., 2022).

5. Design, Implementation, and Trade-offs

Parameter choices in SecFSM systems directly impact security, efficiency, and hardware overhead:

Parameter Impact on Security/Performance Notes
FSM state count 0.9936\approx 0.9936\,8 Larger 0.9936\approx 0.9936\,9 increases keyspace, complexity Higher memory for <10%<10\%0, more Huffman tables
Arithmetic precision <10%<10\%1 (HFSAC) Increases interval precision, potential compression Slightly increases computational cost
Jump frequency (<10%<10\%2) Higher rates increase diffusion Frequent jumps may degrade compression ratio
MDS code parameters (SCFI) Higher <10%<10\%3 increases fault tolerance Larger area and logic depth
Key size (<10%<10\%4, <10%<10\%5, <10%<10\%6) Larger <10%<10\%7 exponentially increases keyspace Security vs. practical key management

A plausible implication is that for both cryptographic and fault-detection FSMs, stringent security targets (large <10%<10\%8, large <10%<10\%9) drive up resource consumption, but gains in exploit resistance outweigh modest overheads in practical deployments.

6. Comparative Security Analysis

Each SecFSM approach achieves security guarantees specific to its threat model:

  • HFSAC/cryptographic coding: Resists brute-force and statistical attacks due to massive keyspace and output randomization. Empirical metrics (NPCR $19.4$0, UACI $19.4$1, entropy, NIST tests) confirm robustness (Ziyabar et al., 2012).
  • Knowledge-graph-guided synthesis: Moves vulnerability elimination into the code-generation stage, raising LLM-based RTL security pass rates from $19.4$2 (Base) to $19.4$3 (SecFSM), with negligible functional loss (Hu et al., 18 Aug 2025).
  • FSM-WC: Delivers quantifiable (and in some regimes, capacity-achieving) secrecy capacity for channels with state memory and feedback, with explicit construction for degraded Gaussian models (Dai et al., 2016).
  • SCFI: Empirically and formally demonstrates multi-fault resilience, with detection after as few as a single-bit flip in any registered state, input, or core logic (Nasahl et al., 2022).

7. Extensions, Limitations, and Future Directions

Some limitations are noted:

  • Extremely large FSMs and key sizes may challenge hardware resources or key distribution mechanisms (for both cryptographic and hardening schemes).
  • SCFI presently assumes perfect control-signal encoding; future work could encode all selector and ancillary circuitry (Nasahl et al., 2022).
  • Knowledge-graph-based synthesis depends on the coverage and granularity of FSKG; applicability to other RTL domains is plausible but not yet demonstrated (Hu et al., 18 Aug 2025).
  • Real-time cryptographic compression (HFSAC) is best-suited for structured data and multimedia; plaintext structure may enable side-information attacks if parameterized poorly.

Anticipated directions include tighter integration of formal security proofs, adaptive configuration (auto-tuning of coding/hardening parameters), and the generalization of knowledge-graph-driven synthesis to non-FSM circuit idioms.


References:

Topic to Video (Beta)

No one has generated a video about this topic yet.

Whiteboard

No one has generated a whiteboard explanation for this topic yet.

Follow Topic

Get notified by email when new papers are published related to SecFSM.