W12: IEEE Solid State Circuits Society Don Pederson Award, Women In Circuits Workshop on Hardware Security
14:00 - 17:30
room 7+8
chairs
abstract
Nele Mentens (KU Leuven, BE)
Ingrid Verbauwhede (KU Leuven, BE)
Hardware security is the root of trust in many security applications. Yet, designing for hardware security is extra challenging. Indeed, it adds an extra design dimension on top of optimizing for area, throughput, power or energy. Hardware designs also have to resist many types of attacks, including side-channel, fault, micro-architectural and more. In this workshop, different aspects of hardware security will be addressed from the viewpoint of both academia and industry.
program
14:00 - 14:30
Introduction to Hardware Security
Ingrid Verbauwhede (KU Leuven, BE)
The IEEE SSCS Don Pederson award workshop focuses on the importance of hardware security as the root of trust in all modern ICT systems! Hardware security is very broad. It includes not only efficient, secure implementations of cryptography, going from light-weight crypto for IOT and embedded devices, to novel post-quantum secure computing on encrypted data (COED) acceleration units. Implementations also have to resist a wide variety of side-channel, fault and micro-architectural attacks. It relies on analog and digital circuit techniques to design quality true random number generators, physically unclonable functions and many more.
In this presentation, we demonstrate how our progress addresses most of the recommendations on “semiconductors and system security” from [1].
[1] Report to the President: “Revitalizing the U.S. Semiconductor Ecosystem,” Executive Office of the President, President’s Council of Advisors on Science and Technology, September 2022.
14:30 - 15:00
Boolean Analysis for Security Assessment of Physically Unclonable Functions
Fatemeh Ganji (Worcester Polytechnic Institute, US)
A physically unclonable function (PUF) can be thought of as either a device fingerprint for secure authentication or a source of entropy in secure key generation scenarios. After decades of research and development, growth in demand for secure PUFs has not lost momentum. This growth is promoted through efforts to compromise the security of PUFs by launching non-invasive, cost-effectiveness attacks, e.g., machine learning (ML) attacks. Boolean analysis has been demonstrated to provide a firm basis for the robustness assessment of PUFs against ML attacks. This talk gives an overview of the recent development in Boolean analysis applied to presumably secure PUFs to show their vulnerability.
15:00 - 15:30
Navigating Hardware Security Challenges in Reconfigurable Cloud Computing
Mirjana Stojilovic (EPFL, CH)
Field-programmable gate arrays (FPGAs) are revolutionizing sectors like AI, networking, and big data analytics.
Their adoption by cloud providers such as AWS, Azure, and Alibaba Cloud underscores their growing role in modern computing. However, the very flexibility that makes FPGAs attractive introduces profound security challenges. Research reveals that cloud-based FPGAs present novel attack surfaces, enabling remotely executed electrical-level attacks via shared power-delivery networks (PDNs). These threats include denial-of-service (DoS), fault injection, and power side-channel
attacks, compromising system availability, integrity, and confidentiality. Traditionally, physical attacks on FPGAs required local access. Now, such attacks can be remotely executed from within the FPGA, exploiting its programmable nature and shared PDNs. This shift, combined with multi-tenancy complexities, dramatically increases the potential for security breaches, posing risks to sensitive designs deployed in cloud environments. This talk will delve into the intricacies of these emerging security
threats, illustrating how the physical properties of FPGAs can be exploited to undermine secure FPGA virtualization. It will also
discuss the ongoing research efforts to fortify FPGA-accelerated cloud computing against these evolving threats.
15:30 - 16:00
Coffee break
16:00 - 16:30
Hardware Security Solutions and Cross-Disciplinary Innovations
Pasqualina Fragneto (STMicroelectronics, IT)
STMicroelectronics is a major player in the semiconductor sector, providing essential components for electronic devices across various applications. It offers a wide array of secure products and solutions, enhancing security for sectors such as IoT, industrial operations, and the automotive industry, meeting stringent security demands set by governments and regulatory bodies.
The introductory part of the presentation will overview ST's offerings in security, focusing specifically on hardware security. The subsequent section will explore cross-disciplinary approach leading to a personal experience in adapting techniques from various domains, like computer vision or machine learning, to overcome obstacles within the realm of security. This strategy includes tackling the difficulties that arise when methodologies are applied to a new area of practice, offering the possibility for innovations and significant advancements in the field.
16:30 - 17:00
Domain Expansion and Challenges (AES case study)
Begül Bilgin (Rambus Cryptography Research, NL)
HW security is becoming increasingly important. On the one hand, attackers are becoming more capable; and on the other hand, the domains that require HW security is expanding. This talk will focus on automotive as one such domain together with its security and safety requirements. It'll be followed by a discussion on LMDPL and how it can be used to tackle multiple such requirements.
17:00 - 17:30
Security Challenges and Opportunities in Emerging Device Technologies
Nele Mentens (KU Leuven, BE - Leiden University, NL)
While traditional chips in bulk silicon technology are widely used for reliable and highly efficient systems, there are applications that call for devices in other technologies. On the one hand, novel device technologies need to be re-evaluated with respect to potential threats and attacks, and how these can be faced with existing and novel security solutions and methods. On the other hand, emerging device technologies bring opportunities for building the secure systems of the future. This talk gives an overview of advancements in security research on emerging device technologies.
biosketches
Nele Mentens
Nele Mentens is a professor at Leiden University in the Netherlands and at KU Leuven in Belgium. Her research interests are in the field of hardware security, embedded security and configurable computing. She is (co-)author in over 150 publications in international journals, conferences and books. She received best paper awards and nominations at DATE'16, AsianHOST'17 and CHES'19. She was program chair of FPL'20, CARDIS'20, RAW'21, VLSID'22, FPL'23, DDECS'23 and ASAP'23. She gave keynote talks at CryptoIC'20, NorCAS'21, CARDIS'21, ICT.Open'22, FPL'22, SPACE'22, SAMOS'23 and ARC'24. She is an associate editor for ACM Transactions on Reconfigurable Technology and Systems and for ACM Transactions on Design Automation of Electronic Systems. She is an associate editor-in-chief for IEEE Security & Privacy Magazine.
Ingrid Verbauwhede
Dr. Ir. Ingrid Verbauwhede is a Professor in the research group COSIC at KU Leuven. She is a fellow of IEEE and IACR. She is a member of the Royal Academy of Belgium since 2011. She received two ERC Advanced Grants: one in 2016 and a second one in 2021. She received the IEEE 2017 Computer Society Technical Achievement Award. She delivered the 2022 IACR distinguished lecture. She received the 2023 IEEE Don Pederson award from the IEEE SSCS Society and the 2024 EDAA Achievement Award.
She is a pioneer in the field of efficient and secure implementations of cryptographic algorithms on many different platforms: ASIC, FPGA, embedded, and cloud. With her research, she bridges the gaps between electronics, the mathematics of cryptography, and the security of trusted computing. Her group owns and operates an advanced electronic security evaluation lab at the KU Leuven. Her list of publications is available from https://www.esat.kuleuven.be/cosic/people/ingrid-verbauwhede/ or https://scholar.google.com/citations?user=ZyG1ZGgAAAAJ&hl=en&oi=ao
Fatemeh Ganji
Fatemeh Ganji is an assistant professor at the ECE and Cybersecurity departments of Worcester Polytechnic Institute (WPI). For her dissertation, “On the Learnability of Physically Unclonable Functions,” she was awarded the BIMoS Ph.D. Award 2018 and nominated by the Technical University of Berlin for ACM Dissertation Award. Fatemeh’s research focuses on interdisciplinary approaches covering two main angles of hardware security, namely machine learning and cryptography.
Mirjana Stojilovic
Mirjana Stojilović is a researcher and lecturer at the School of Computer and Communication Sciences at EPFL. Her work primarily focuses on reconfigurable systems, including developing new device architectures and advanced EDA algorithms and investigating hardware security vulnerabilities.
She received the Young Scientist Award at ICLP'16, the Best Paper Award at EMC Europe 2016, and nominations for Best Paper Awards at FPT'19 and DDECS'23. She has led various research initiatives, notably as the Principal Investigator on the Swiss National Foundation (SNF)
funded project "Secure FPGAs in the Cloud."
She serves on the program committees of major conferences such as FPGA, FCCM, FPL, and DATE. Additionally, she is an Associate Editor for the ACM Transactions on Reconfigurable Technology and Systems (TRETS) and the IEEE Embedded Systems Letters (ESL).
She also co-organizes the annual Workshop on Security for Custom Computing Machines, contributing to the ongoing discourse on reconfigurable hardware security.
Pasqualina Fragneto
Pasqualina Fragneto obtained her M.S. degree in Mathematics from the Università degli Studi di Napoli, Italy, in 1998 and has been working at STMicroelectronics, Agrate Brianza, since then. Throughout her career, she has been dedicated to innovative and advanced applied mathematics in the tech industry. She has over 10 years of research experience focused on cryptography, designing cryptographic primitives for data security and privacy in embedded devices, as well as on distributed ledger technologies for IoT and cryptographic attacks. Additionally, she possesses 8 years of research experience in optimization techniques and projective geometry, developing techniques for rigid-motion synchronization, with applications in Structure-from-Motion, registration of multiple 3D point sets, and localization techniques in wireless sensor networks. Finally, she has more than 10 years of experience in machine learning, focusing on developing advanced learning methods tailored for data from IoT devices and industrial applications. Her work has had a significant impact on integrating machine learning into real-world scenarios. She is author of more than 50 peer reviewed publications and 25 patents. She has been involved in numerous activities of science and technology divulgation and won 10 prizes for her research activities.
Begul Bilgin
Begul Bilgin has been working on HW Security at Rambus since 2017. She received her MSc. degree in Cryptography from METU and PhD degree in Engineering Science from UTwente and KU Leuven. Before moving to industry, she served as a post-doctoral researcher and FWO fellow in the research group COSIC in KU Leuven.