News
LSF Course RegistrationWritten on 17.11.24 by Jan Reineke This is a gentle reminder that you need to register for the course in the LSF by November 22 (3 weeks after the distribution of topics). Also, if you intend to drop the course, please let us know as soon as possible as there are students on the waiting list. |
Distribution of Topics and Date for Seminar SessionsWritten on 01.11.24 by Jan Reineke Dear all, We have now distributed the seminar topics based on your preferences. You can find your assigned paper in the materials section. We will add the corresponding advisor for each paper next week. You need to register for the course in the LSF by November 22! The seminar sessions in… Read more Dear all, We have now distributed the seminar topics based on your preferences. You can find your assigned paper in the materials section. We will add the corresponding advisor for each paper next week. You need to register for the course in the LSF by November 22! The seminar sessions in January and February will be held on Thursdays. Best regards, Jan Reineke |
Submit your topic preferencesWritten on 28.10.24 by Jan Reineke This is a reminder to submit your topic and date preferences by tomorrow. You will find the corresponding links in the "Seminar organization" document in the materials section. |
Hardware Security: Testing and Verification
Description
Spectre, Meltdown, and other microarchitectural attacks have been in the limelight in recent years. These attacks exploit subtle timing and behavioral differences of processors that are caused by microarchitectural optimizations such as caches and speculative execution to gain access to secret information.
The vulnerabilities exploited by microarchitectural attacks are not captured by today's hardware-software contracts, i.e. instruction-set architectures (ISAs). Traditionally, ISAs only capture the "functional" behavior of a system and thus have a blind spot when it comes to side channels. Recently, there has been a push to augment conventional ISAs with a formal specification of information leakage, resulting in more general hardware-software contracts. Such contracts enable writing secure code, e.g. implementing cryptographic algorithms, in a rigorous manner.
In this course we will study recent advances to prove the security of hardware designs or find vulnerabilities in them. We will focus on two main techniques: formal verification to and fuzzing.
Each participant will give a presentation of an assigned paper, followed by a group discussion. All students are expected to read each paper carefully and to actively participate in the discussions. Each student will write a summary of the paper they have presented, including a general overview of the topic and reflecting the group discussion.
This is a combined proseminar and seminar with a total of 12 seats.
Requirements
Basic knowledge of computer architecture (e.g. due to System Architecture) is required.
Knowledge of security and formal methods is a plus, but not required.
Format
- Each student is assigned one of the three groups of papers:
- each student is designated as the presenter of one of the papers from his/her group (the presentation should be about 25 minutes long)
- each student needs to read all papers from his/her group and submit a one-page summary + 3 questions about each paper (excluding the paper he/she is presenting)
- The presenter of paper needs to deliver a talk draft to his/her advisor at least 24 days (hard deadline) prior to his/her scheduled talk. In the week before the talk, the presenter should also deliver a practice talk to his/her advisor.
- Summaries+questions have to be delivered 24 hours prior to the respective session.
- For the seminar students (and thus not the proseminar students), a seminar report (should summarize the paper and discuss it in the context of the other work studied in the seminar) is required in addition, to be delivered at the end of the term, 24.3.2025).
Grading Scheme
| Seminar | Proseminar | ||||
| Presentation | Rough presentation draft | 35% | 7% | 50% | 10% |
| Full set of slides | 7% | 10% | |||
| Actual presentation of paper | 21% | 30% | |||
| Summaries of other papers + questions | 20% | 30% | |||
| Participation during sessions | 15% | 20% | |||
| Seminar Report (Seminar students only) | 30% | ||||
Calendar
Four sessions of 2h30 each are planned:
- 1st session: Thursday, 16.01.2025, 16:00-18:30 (tentative)
- 2nd session: Thursday, 23.01.2025, 16:00-18:30 (tentative)
- 3rd session: Thursday, 30.01.2025, 16:00-18:30 (tentative)
- 4th session: Thursday, 06.02.2025, 16:00-18:30 (tentative)
- Seminar report delivery (only for Seminar students): 24.03.2025