Modern information systems rely on a stack of layered technologies to make electronic design scalable and efficient. While this layering provides designers with powerful abstractions and enables efficient design processes, it also introduces challenges in transparency and security guarantees that must encompass the entire computation stack. Hardware security vulnerabilities illustrate the difficulties created by the horizontal layering of software and hardware. These vulnerabilities undermine the trust designers place in fundamental abstractions, such as instruction-set architectures, finite state machines, and even simple lookup tables.
In this talk, I will delve into this issue through two common attack vectors: hardware fault injection and power-based side-channel leakage. Hardware fault injection can alter the micro-architectural state of a processor, thereby modifying the semantics of software instructions or introducing unpredictable states into the hardware control flow. Similarly, side-channel leakage is a hardware-dependent phenomenon arising from subtle electrical interactions—such as glitches—that are often overlooked in design abstractions but still significantly impact side-channel security.
The central question I will address—but not fully resolve—in this talk is: How can we develop effective pre-silicon security verification techniques for secure System-on-Chips (SoCs) that are scalable, accurate (minimizing false positives), and complete (eliminating false negatives)? I will share some of our results to date and highlight several open problems that remain.
Speaker Bio
Patrick Schaumont is a Dean's Excellence Professor and Joseph Samuel Satin Distinguished Fellow in Electrical and Computer Engineering at Worcester Polytechnic Institute. His research focuses on secure, efficient, and real-time embedded computing systems. Schaumont has co-chaired leading conferences in cryptographic and secure engineering, including CHES, HOST, ASHES, and FDTC. He is a Fellow of the IEEE.
