News
Currently, no news are available
Secure Hardware: Testing and Verification
Description
Spectre, Meltdown, and other microarchitectural attacks have been in the limelight in recent years. These attacks exploit subtle timing and behavioral differences of processors that are caused by microarchitectural optimizations such as caches and speculative execution to gain access to secret information.
The vulnerabilities exploited by microarchitectural attacks are not captured by today's hardware-software contracts, i.e. instruction-set architectures (ISAs). Traditionally, ISAs only capture the "functional" behavior of a system and thus have a blind spot when it comes to side channels. Recently, there has been a push to augment conventional ISAs with a formal specification of information leakage, resulting in more general hardware-software contracts. Such contracts enable writing secure code, e.g. implementing cryptographic algorithms, in a rigorous manner.
In this course we will study recent advances to prove the security of hardware designs or find vulnerabilities in them. We will focus on two main techniques: formal verification to and fuzzing.
Each participant will give a presentation of an assigned paper, followed by a group discussion. All students are expected to read each paper carefully and to actively participate in the discussions. Each student will write a summary of the paper they have presented, including a general overview of the topic and reflecting the group discussion.
This is a combined proseminar and seminar with a total of 12 seats.
Requirements
Basic knowledge of computer architecture (e.g. due to System Architecture) is required.
Knowledge of security and formal methods is a plus, but not required.
Format
- Each student is assigned one of the three groups of papers:
- each student is designated as the presenter of one of the papers from his/her group (the presentation should be about 25 minutes long)
- each student needs to read all papers from his/her group and submit a one-page summary + 3 questions about each paper (excluding the paper he/she is presenting)
- The presenter of paper needs to deliver a talk draft to his/her advisor at least 24 days (hard deadline) prior to his/her scheduled talk. In the week before the talk, the presenter should also deliver a practice talk to his/her advisor.
- Summaries+questions have to be delivered 24 hours prior to the respective session.
- For the seminar students (and thus not the proseminar students), a seminar report (should summarize the paper and discuss it in the context of the other work studied in the seminar) is required in addition, to be delivered at the end of the term, 24.3.2025).
Grading Scheme
| Seminar | Proseminar | ||||
| Presentation | Rough presentation draft | 35% | 7% | 50% | 10% |
| Full set of slides | 7% | 10% | |||
| Actual presentation of paper | 21% | 30% | |||
| Summaries of other papers + questions | 20% | 30% | |||
| Participation during sessions | 15% | 20% | |||
| Seminar Report (Seminar students only) | 30% | ||||
Calendar
Four sessions of 2h30 each are planned:
- 1st session: Thursday, 16.01.2025, 16:00-18:30 (tentative)
- 2nd session: Thursday, 23.01.2025, 16:00-18:30 (tentative)
- 3rd session: Thursday, 30.01.2025, 16:00-18:30 (tentative)
- 4th session: Thursday, 06.02.2025, 16:00-18:30 (tentative)
- Seminar report delivery (only for Seminar students): 24.03.2025