HASP

We present SEIF, an exploratory methodology for information flow verification based on symbolic execution. SEIF begins with a statically built overapproximation of the information flow through a design and uses guided symbolic execution to provide a ...

For years, attackers have compromised systems by developing exploits that rely on known locations of kernel code and data segments. KASLR (Kernel Address Space Layout Randomization) is a key mitigation in modern operating systems which hampers these ...

Secure machine-learning inference is essential with the advent of multi-tenancy in machine learning-as-a-service (MLaaS) accelerators. Model owners demand the confidentiality of both model weights and architecture, while end users want to protect their ...

Automatic security protocol analysis is a fruitful research topic that demonstrates the application of formal methods to security analysis. Several endeavors in the last decades successfully verified security properties of large-scale network protocols ...

Machine learning (ML) has seen a major rise in popularity on edge devices in recent years, ranging from IoT devices to self-driving cars. Security in a critical consideration on these platforms. State-of-the-art security-centric ML algorithms (e.g., ...

The global semiconductor supply chain involves design and fabrication at various locations, which leads to multiple security vulnerabilities, e.g., Hardware Trojan (HT) insertion. Although most HTs target digital circuits, HTs can be inserted in analog ...

One of the biggest transformations in the datacenter in the past decade has been the rapid growth of heterogenous computing involving HW accelerators to allow application specific offloads for power and performance efficiencies. There is a major shift ...

Fault injection attacks are a powerful technique that intentionally induces faults during cryptographic computations to leak secret information. This paper provides a survey of fault attack techniques on different cryptosystems. The fault attack ...

Confidential computing is a key technology for isolating high-assurance applications from the large amounts of untrusted code typical in modern systems. Existing confidential computing systems cannot be certified for use in critical applications, like ...

Quantum computing, with its transformative computational potential, is gaining prominence in the technological landscape. As a new and exotic technology, quantum computers involve innumerable Intellectual Property (IP) in the form of fabrication recipe, ...

In this article we present a simulation platform based on gem5 for security analysis. On top of gem5’s architectural exploration and performance estimation capability, our platform permits attacks on ARM Trustzone, security evaluation of cypto libraries,...