In recent years, the security properties of the hardware underlying our computing systems has been under increased scrutiny, as researchers and practitioners have begun to discover and exploit security flaws that originate in the hardware, unlike typical software security flaws.
In our research group, we leverage our inter-disciplinary experience in hardware design and systems security to investigate multiple facets of hardware security. Our three primary research tracks focus on:
1. How we can analyze the security of unique hardware characteristics to develop security protocols for computing devices,
2. How can we design security-aware processors and security architectures while keeping performance, functionality and usability at their best, and
3. How can we guarantee that such hardware designs and their implementations are indeed secure?
One technique to uniquely identify hardware is by using Physically Unclonable Functions (PUFs). These are cost-effective security primitives that work by extracting unique identifiers from physical characteristics of integrated circuits. Since their introduction two decades ago, PUFs have been heavily under scrutiny for their security properties. They have been shown vulnerable to various attacks ranging from physical attacks to remote software attacks. Within our group, we investigate the security of novel PUF constructions against sophisticated software-based modeling attacks that aim at breaking the PUF by leveraging state-of-the-art machine learning algorithms.
On a higher level of abstraction, recent attacks have shown how modern processor optimizations, such as caches and speculative execution, that were designed to boost performance, have been shown vulnerable to critical security exploits. In our research group, we research how to design and develop more secure, yet high-performance microarchitectural units. We also investigate how to incorporate these in trusted execution environments while providing end-users with the flexibility to choose the desired level of desired security and resulting performance.
Whether these hardware designs are indeed implemented securely and free of security-relevant implementation bugs remains another concern in hardware security. Through our seminal work with Hack@DAC for three years in a row, we have been investigating the efficacy and efficiency of state-of-the-art hardware security verification and testing techniques in detecting hardware implementation flaws in open-source complex processor designs. Our investigations have uncovered that existing techniques remain fundamentally limited in multiple ways. In our research group, we work on tackling these challenges and researching and developing new improved techniques.