HACKER SUMMER CAMP 2024 GUIDES — Part Three: Design Automation Conference 2024
Welcome to the DCG 201 Guides for Hacker Summer Camp 2024! This is part of a series where we are going to cover all the various hacker conventions and shenanigans both In-Person & Digital! This year in 2024 we have completely lost our minds and thus we will have a total of 18 guides spanning 3 months of Hacker Insanity!
As more blog posts are uploaded, you will be able to jump through the guide via these links:
HACKER SUMMER CAMP 2024 — Part One: Surviving Las Vegas & Virtually Anywhere 2024
HACKER SUMMER CAMP 2024 — Part Two: Capture The Flags & Hackathons
HACKER SUMMER CAMP 2024 — Part Three: Design Automation Conference #61
HACKER SUMMER CAMP 2024 — Part Four: ToorCamp 2024
HACKER SUMMER CAMP 2024 — Part Five: LeHack 20th
HACKER SUMMER CAMP 2024 — Part Six: HOPE XV
HACKER SUMMER CAMP 2024 — Part Seven: SummerCon 2024
HACKER SUMMER CAMP 2024 — Part Eight: DOUBLEDOWN24 by RingZer0
HACKER SUMMER CAMP 2024 — Part Nine: TRICON & REcon 2024
HACKER SUMMER CAMP 2024 — Part Ten: The Diana Initiative 2024
HACKER SUMMER CAMP 2024 — Part Eleven: Wikimania Katowice
HACKER SUMMER CAMP 2024 — Part Twelve: SquadCon 2024
HACKER SUMMER CAMP 2024 — Part Thirteen: BSides Las Vegas 2024
HACKER SUMMER CAMP 2024 — Part Fourteen: Black Hat USA 2024
HACKER SUMMER CAMP 2024 — Part Fifteen: DEFCON 32
HACKER SUMMER CAMP 2024 — Part Sixteen: USENIX Security Trifecta 2024
HACKER SUMMER CAMP 2024 — Part Seventeen: HackCon 2024
HACKER SUMMER CAMP 2024 — Part Eighteen: SIGS, EVENTS & PARTIES
61st Design Automation Conference
Date & Time: Sunday, June 23th — Thursday, June 27th
Location: Moscone West Center (Moscone West, San Francisco, CA 94103)
Website: https://www.dac.com/
Tickets: https://www.compusystems.com/servlet/sar?evt_uid=171
Virtual Platform(s): TBD
Schedule: https://61dac.conference-program.com/
Android & iOS App: https://m.core-apps.com/dl/61dac
Live Streams:
TBD
YouTube Archive: https://www.youtube.com/@dactv7352
Virtual Chat: N/A
Affordability: Extremely flexible pricing from Exhibit passes starting at $75 to $140 to the full convention at $1,099 to $1,299. See Registration section for more details.
Code Of Conduct: TBD
DAC is recognized as the global event for chips to systems. DAC offers outstanding training, education, exhibits and superb networking opportunities for designers, researchers, tool developers and vendors. The conference is sponsored by the Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers (IEEE) and is supported by ACM’s Special Interest Group on Design Automation (SIGDA) and IEEE’s Council on Electronic Design Automation (CEDA).
Members are from a diverse worldwide community of more than 1,000 organizations that attend each year, represented by system designers and architects, logic and circuit designers, validation engineers, CAD managers, senior managers and executives, and researchers and academicians from leading universities.
Over five days, DAC provides over 300 technical presentations and sessions that are selected by a committee of electronic design and university research experts offering information on recent developments and trends, management practices and new products, methodologies, and technologies in the electronics industry.
A highlight of DAC is its exhibition and suite area with approximately 200 of the leading and emerging companies in:
- Artificial Intelligence/ Machine Learning (AI/ ML)
- Automotive
- Design Services
- Design on Cloud
- Electronic Design Automation (EDA)
- Embedded Systems and Software (ESS)
- Intellectual Property (IP)
- Security/Privacy
The conference is sponsored by the Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers (IEEE), and is supported by ACM’s Special Interest Group on Design Automation (SIGDA) and IEEE’s Council on Electronic Design Automation (CEDA).
We start this huge undertaking with a convention that we missed out on including last year. The 61st Design Automation Conference or DAC is a gathering of some of the best hardware manufacturers and engineers from circuits to network systems.
If you know anything about the technological Hierarchy Of Control, the end all to be all is hardware as every system has to build itself on top of it which is why companies often waste millions and/or billions of dollars to get even a percent of 1% of hardware so they have total device control. And as we have seen with things like the nVidia hack years ago, once you hack and exploit hardware, it’s game over for everything else with the only solution is a complete chip refresh.
Here is a video more on that subject:
If you are super into circuity or into circuit bending vacuum cleaners into mini-botnets, this convention is for you!
REGISTRATION
TIMELINE
PRICING (IN USD)
ACCESS TIERS
ABOUT I LOVE DAC
Your I LOVE DAC pass gives you access to top sessions as well as everything included in DAC’s two floors of exhibit halls.
- Hear from thought leaders and industry legends with access to Keynote Sessions on the third floor as well as SKYTalks, TechTalks and Panels in the DAC Pavilion.
- Browse and network with industry exhibitors and sponsors from today’s leading and emerging companies in Artificial Intelligence/ Machine Learning (AI/ ML), Autonomous Systems, Design Services, Design on Cloud, Electronic Design Automation (EDA), Embedded Systems and Software, Intellectual Property (IP) and Security/Privacy.
VISA INFORMATION
If you require a Visa Letter in order to travel to DAC, you can request an invitation letter while completing the registration form. After registering, you will be provided a downloadable Visa Letter to submit as part of the visa approval process. Please email dac@csreg.zohodesk.com with any questions or concerns related to the visa application process, or to request a Visa Letter ahead of registration opening.
DAC CANCELLATION POLICY
Cancellation by Participant — DAC will provide a full refund of registration fees, less an administrative processing fee of $50, for any cancellations received in writing on or before June 2, 2024. Cancellations should be directed to dac@csreg.zohodesk.com. Telephone cancellations are NOT accepted for refunds. Participant must obtain confirmation of receipt of email from DAC on or or before the cancellation deadline. All refunds will be processed within 10 days of date cancellation received to the original form of payment. After June 2, 2024, there will be no refunds for registrations cancelled whatsoever. Substitutions can be made, without a fee, by contacting the registration team at dac@csreg.zohodesk.com. Hotel reservations must be cancelled separately and directly with the hotel.
Traveling to DAC
Conference attendees from outside the United States are urged to begin their visa application early. The waiting time can be long and varies from country to country. U.S. Visas website for the most accurate information. If you require an invitation letter, please contact info@dac.com to receive an invitation letter to support your visa application.
Electronic System for Travel Authorization (ESTA) | ESTA is now MANDATORY for Visa Waiver Program (VWP) travelers who are nationals of the Czech Republic, Estonia, Hungary, Latvia, Lithuania, Malta, the Republic of Korea, and the Slovak Republic. Effective January 12, 2009, all VWP travelers are required to obtain an authorization via ESTA before traveling to the United States. Learn more about ESTA on the DHS Customs and Border Protection (CBP) website.
PHYSICAL LOCATION RECON
EXHIBITION MAPS
DAC DIRECTORY MAP: LEVEL 1
DAC DIRECTORY MAP: LEVEL 2
DAC DIRECTORY MAP: LEVEL 3
STAY CONNECTED
Enjoy complimentary WiFi at DAC!
Wifi Network: DAC2024
Wifi Password: 61DAC2024
UH, I ACCIDENTALLY TOUCHED THE TIP OF THE SOLDERING IRON
Moscone West First Aid Office is located on the 1st Floor near the Howard Street entrance (behind registration). Phone: 415.974.4159 REPORT ALL MEDICAL EMERGENCIES IMMEDIATELY To report a medical emergency, call 511 on a white House Phone, or on a call phone dial 415.974.4021.
HOTELS TO CRASH
The Barnes Tapestry Hilton:
225 Powell Street
San Francisco, CA 94102–2205
415.397.7700
Abri:
127 Ellis Street
San Francisco, CA 94102
415.392.8800
Zelos:
12 Fourth Street
San Francisco, CA 94103
415.348.1111
SF Marriott Union Square:
480 Sutter St.
San Francisco, CA 94108
415.398.8900
- San Francisco Marriott Union Square for $255 USD per night
- Guests who book within the block will not be charged a Destination Fee. Please ignore the Destination Fee in the reservation link.
Beacon Grand:
450 Powell Street
San Francisco, CA 94102
844.223.3713
Type in Group Code: 0619DACC
- $249 USD per night
- Guests who book within the block will not be charged a Destination Fee. Please ignore the Destination Fee in the reservation link.
NETWORKING OPPORTUNITIES
Sunday, June 23
Welcome Reception
6:00 pm — 7:00 pm | Level 3 Lobby
Monday, June 24
Women in Tech Reception
6:00 pm — 7:00 pm | Level 2 Lobby
Engineering Track Poster Session
5:00 pm — 6:00 pm | Level 2 Exhibit Hall
Networking Reception
7:00 pm — 8:00 pm | Level 3 Lobby
Tuesday, June 25
Engineering Track Poster Session
5:00 pm — 6:00 pm | Level 2 Exhibit Hall
Networking Reception & Work-In-Progress Posters
6:00 pm — 7:00 pm | Level 2 Lobby
Wednesday, June 26
Networking Reception & Work-in-Progress/Late
Breaking Results Poster Session
6:00 pm — 7:00 pm | Level 2 Lobby
ADDITIONAL MEETINGS
HACK at DAC
Sunday, June 23 & Monday, June 24
8:00 am — 6:00 pm
Level 2 Lobby
Young Fellows Kick-Off and
All-Day Activities
Sunday, June 23
9:00 am — 6:00 pm
Room 3018
DAC Early Career Workshop
Sunday, June 23
9:00 am — 5:00 pm
Room 3016
Needham Presentation
Sunday, June 23
5:00 pm — 6:00 pm
Room 3002
TODAES Editorial Board Meeting
Monday, June 24
10:00 am — 1:00 pm
Room 3000
ACM SIGDA Annual Volunteer &
Sponsored Conference Meeting
Monday, June 24
2:00 pm — 6:00 pm
Room 3000
IEEE CEDA Distinguished
Lecture Luncheon
Tuesday, June 25
12:00 pm — 1:30 pm
Room 3018
HACK at DAC Awards
Tuesday, June 25
3:30 pm — 5:00 pm
Room 3000
Birds of a Feather
Tuesday, June 25
6:30 pm — 9:30 pm
Room 3001
Young Fellows Posters
Tuesday, June 25
7:00 pm — 9:00 pm
Level 2 Lobby
PhD Forum & University Demo
Tuesday, June 25
7:00 pm — 9:00 pm
Level 2 Lobby
System Design Contest Awards
Wednesday, June 26
3:30 pm — 5:00 pm
Room 3000
Young Fellows Closing Ceremony
Thursday, June 27
3:30 pm — 5:30 pm
Room 3018
Student Activities at DAC
DAC is recognized as the global event for chips to systems. DAC focuses on the latest methodologies and technology advancements in electronic design. The 61st DAC will continue to provide several opportunities for students and early career professionals to make the connections they need to jumpstart their career in electronic design and automation.
Ph.D Forum at DAC
The Ph.D. Forum at the DAC is a poster session hosted by ACM SIGDA and IEEE CEDA for Ph.D. students to present and discuss their dissertation research with people in the EDA community. It has become one of the premier forums for Ph.D. students in design automation to get feedback on their research and for industry to see academic work in progress: hundreds of people attended the last forums. Participation in the forum is competitive with acceptance rate of around 30%. Limited funds will be available for travel assistance, based on financial needs. The forum is open to all members of the design automation community and is free-of-charge. It is co-located with DAC to attract the large DAC audience, but DAC registration is not required in order to attend this event.
University Demonstration at DAC
SIGDA University Demonstration (UD, previously University Booth) is a great opportunity for university researchers to showcase their results and to interact with participants at the Design Automation Conference (DAC). Presenters and attendees at DAC are especially encouraged to participate, but participation is open to all members of the university community. The demonstrations include new EDA tools, EDA tool applications, design projects, and instructional materials.
DAC Young Fellows Program
Attention all students! Are you ready to take your future career to the next level? Then don’t miss the exciting opportunity to attend the 61st Design Automation Conference in historic San Francisco as a DAC Young Fellow.
As a DAC Young Fellow, you’ll have the chance to learn from experts in the industry, network with like-minded individuals, and participate in hands-on labs, career coaching, summer school, and fun contests. Plus, we’ll cover your conference registration fee and offer grants of up to $1200 to help with travel expenses. The Design Automation Conference funds the program with support from Cadence Design Systems, Synopsys, and Siemens EDA.
P.O. Pistilli Undergraduate Scholarship
The P.O. Pistilli Scholarship is funded by the Design Automation Conference and it is directed by the Association for Computing Machinery (ACM) Special Interest Group on Design Automation (SIGDA).
Scholarships of $4000 per year, renewable for up to 5 years, are awarded annually to 2–7 high school seniors from the above-mentioned under-represented groups who have a 3.00 GPA or better (on a 4.00 scale), have demonstrated high achievement in math and science courses, have expressed a strong desire to pursue careers in electrical engineering, computer engineering, or computer science, and who have demonstrated substantial financial need.
CONTESTS AT DAC
What is HACK@DAC?
HACK@DAC is a hardware security challenge contest, co-located with the Design and Automation Conference (DAC), for finding and exploiting security-critical vulnerabilities in hardware and firmware. In this competition, participants compete to identify the security vulnerabilities, implement the related exploits, propose mitigation techniques or patches, and report them. The participants are encouraged to use any tools and techniques with a focus on theory, tooling, and automation.
The contest mimics real-world scenarios where security engineers have to find vulnerabilities in the given design. The vulnerabilities are diverse and range from data corruption to leaking sensitive information leading to compromise of the entire computing platform. The open-source SoC riddled with security vulnerabilities has been co-developed by Intel, the Technical University of Darmstadt, and Texas A&M University. HACK@DAC has been successfully running since 2018 with several hundred contestants from academia and industry.
The winners of the competition will be honored in person at the DAC award ceremony June 23–27, 2024 at Moscone West Center, San Francisco, Calif.
Why HACK@DAC?
The growing number of hardware design and implementation vulnerabilities has led to a new attack paradigm that casts a long shadow on decades of research on system security. It disrupts the traditional threat models that focus mainly on software-only vulnerabilities and often assume that the underlying hardware is behaving correctly and is trustworthy.
System-on-Chip (SoC) designers use a mix of third-party and in-house intellectual property (IP)cores. Any security-critical vulnerability in these IPs can undermine the trustworthiness of the whole SoC.
Attacks may cause a system failure or deadlock, remotely access sensitive information, or even gain privileged access to the system, bypassing the in-place security mechanisms.
Who Can Participate?
Participating teams can be from industry, academia, or a combination. They will receive an altered OpenTitan SoC design with planted security vulnerabilities. They must identify these vulnerabilities, assess their impact, provide exploits, and propose mitigation.
The teams can use any tool or technique and should provide a detailed report on their findings. The submitted bug reports will be evaluated based on a scoring system that considers the number and severity of security vulnerabilities, their exploitation, and the used security assurance automation methods and tools.
The competition unfolds in two phases, and we will handle the final phase during DAC 2024.
Participating teams can be from industry, academia, or a combination. They will receive an SoC design with planted security vulnerabilities. They must identify these vulnerabilities, assess their impact, provide exploits, and propose mitigation. The teams can use any tool or technique and should provide a detailed report on their findings. Only the selected teams from the first phase can participate in the final phase during DAC 2024.
System Design Contest
The DAC System Design Contest focuses on object detection and classification on an embedded GPU or FPGA system. Contestants will receive a training dataset provided by Baidu, and a hidden dataset will be used to evaluate the performance of the designs in terms of accuracy and speed. Contestants will compete to create the best performing design on a Nvidia Jetson Nano GPU or Xilinx Kria KV260 FPGA board. Grand cash awards will be given to the top three teams. The award ceremony will be held at the 2024 IEEE/ACM Design Automation Conference.
DCG 201 TALK HIGHLIGHTS FOR DESIGN AUTOMATION CONFERENCE #61 (PST)
This is the section where we have comb through the entire list of talks on both days and list our highlights for the talks that stand out to us. Note that this does not invalidate any talks we didn’t list, in fact, we highly recommend you take a look at the full convention schedule beforehand and make up your own talk highlight lists. These are just the talks that for us had something stand out, either by being informative, unique or bizarre. (Sometimes, all three!)
Monday, June 24
Building AI with RISC-V
JIM KELLER
CEO, TENSTORRENT
Monday, June 24 | 8:45 am — 9:45 am
How Tenstorrent built our first two generations of AI products. We’ll tell you what went well, what went wrong and
what we’re doing next.
Jim Keller is CEO of Tenstorrent and a veteran hardware engineer. Prior to joining Tenstorrent, he served two years as Senior
Vice President of Intel’s Silicon Engineering Group. He has held roles as Tesla’s Vice President of Autopilot and Low Voltage Hardware,
Corporate Vice President and Chief Cores Architect at AMD, and Vice President of Engineering and Chief Architect at P.A. Semi, which was
acquired by Apple Inc. Jim has led multiple successful silicon designs over the decades, from the DEC Alpha processors, to AMD K7/K8/
K12, HyperTransport and the AMD Zen family, the Apple A4/A5 processors, and Tesla’s self-driving car chip.
Secure Collaboration Across Enterprises on the Cloud
Exhibitor Forum
Monday, June 2410:30am — 11:00am PDT
Exhibitor Forum, Level 1 Exhibit Hall
Modern SoCs require the integration of IP and tools from multiple vendors. Chip designers often must work with their IP vendors, tool vendors, and design service providers. This collaboration often requires enterprises to onboard third parties into their network to jointly work on a solution, requiring security exceptions. By leveraging the cloud as a secure independent collaboration platform, customers no longer need to make compromises with security to onboard third parties. The Microsoft Azure Modeling and Simulation Workbench makes it easy for customers to bring up a secure design environment and invite third parties to collaborate while keeping them isolated to the workbench.
Gdsfactory: An Open Source Platform for End-to-End Chip Design, Verification and Validation
Tutorial
Monday, June 2410:30am — 12:00pm PDT
3003, 3rd Floor
For efficient design, verification and validation of integrated circuits and components it is important to have an easy to customize and extend workflow. Python has become the standard programming language for machine learning, scientific computing and engineering.
Gdsfactory is a python library to build chips (Photonics, Analog, Quantum, MEMs, …) that provides you a common syntax for design (KLayout, Ansys, tidy3d, MEEP, MPB, DEVSIM, SAX, …), verification (Klayout DRC, LVS, netlist extraction, connectivity checks, fabrication models) and validation (JAX neural network model extraction, pandas, SQL database).
In this tutorial we will cover the gdsfactory design automation tool. Gdsfactory provides you an end to end workflow that combines layout, verification and validation using an extensible, open source, python driven flow for turning your chip designs into validated products.
https://gdsfactory.github.io/gdsfactory-photonics-training/notebooks/10_layout_full.html
How to Write RISC-V PSS Models to Enable Generating Verification Scenarios for RISC-V Platforms
Tutorial
Monday, June 241:30pm — 5:00pm PDT
3001, 3rd Floor
RISC-V is an industry wide ISA (Instruction Set Architecture) standard used for developing embedded processors that target Semiconductor products of any type. PSS (Portable Stimulus) is an Accellera standard verification language used by EDA companies to develop tools, that given a PSS Model, generates coverage driven scenarios to enable meeting verification goals with less effort, taking advantage of portability, abstraction, and automation capabilities enabled by the language. In this tutorial we teach how to code PSS Models needed for the verification of any RISC-V platform (e.g. RISC-V embedded core platform, RISC-V multi-core coherent platform, RISC-V SOC (System on Chip) with external interfaces, etc.).
Synopsys as a RISC-V developer is providing reference methodologies for the verification and debugging of RISC-V system designs are available now, along with Synopsys EDA flows, emulation and virtual prototyping solutions, and methodologies to further support RISC-V SoC verification. Collaborative efforts include RISC-V verification methodology cookbook for Bluespec cores, “Understanding UVM Coverage for RISC-V Processor Designs” white paper, RISC-V and processor verification using ImperasDV verification solutions, and the industry-leading Synopsys VCS® simulation and Verdi® debug tools for improved efficiency (see news release).
As PSS usage grows together with the incoming requests to better enable PSS for RISC-V platforms, we endeavor to expand on a methodology cookbook with the addition of PSS. In this tutorial we enable the RISC-V PSS eco community with some fresh ideas on how to use PSS to get started. We introduce the PSS modeling patterns below that can be used to get started and hopefully provide an appetite to use and create more.
For each modeling pattern, we give a name and a short explanation of what the pattern consists of:
(1) Basic: PSS modeling techniques that can be used to generate basic RISC-V assembly code sequences. (2) Integration: PSS modeling techniques that can be used to generate RISC-V assembly code that interacts with generated traffic scenario’s consisting of embedded C and SV testbench generate code.(3) Nested loops and routines: PSS modeling techniques that can be used to generate legal assembly code with nested loops and nested routine calls.(4) Memory sharing: PSS modeling techniques that can be used to generate blocks of assembly code that share memory, with exclusive and non-exclusive access. (5) Runtime parameterization: PSS modeling techniques that can be used to generate parameterized assembly code run on a post-silicon, where a host device can change parameters on-the-fly.(6) Validating the scenario: PSS modeling techniques to create a reference model in PSS that can be used as an executable specification to debug and validate PSS generated scenarios.
The expectation is that this 3-hour tutorial will provide any RISC-V platform developer with a good enough tool kit to be able to perform all verification requirements needed for a RISC-V platform.
Post-Quantum Cryptography: Implementation Attacks and Countermeasures
Tutorial
Monday, June 241:30pm — 5:00pm PDT
3004, 3rd Floor
Post-Quantum Cryptography (PQC) encompasses cryptographic algorithms, typically public-key algorithms, designed to be secure against quantum and classical computers. Motivated by the threat posed by quantum computing to the security of most public-key algorithms currently in use, the National Institute of Standards and Technologies (NIST) started in December 2016 the PQC Standardization Process, a public competition for selection of public-key cryptosystems designed to resist attacks by a quantum computer. After three rounds of competition, in July 2022, NIST announced the first four proposals to be standardized, which include one key-establishment mechanism (i.e., CRYSTALS-Kyber) and three digital signatures (i.e., CRYSTALS-Dilithium, Falcon and SPHINCS+). CRYSTALS-Kyber and CRYSTALS-Dilithium are the primary algorithms recommended for most use cases, while Falcon and SPHINCS+ are proposed for use cases that require small signatures and non-lattice-based signatures, respectively. Shortly after NIST’s announcement, in September 2022, the National Security Agency (NSA) published the Commercial National Security Algorithm Suite (CNSA) 2.0 advisory on protection of National Security Systems (NSS), which includes the approved PQC algorithms and the transition timeline. In August 2023, NIST requested public comments on the drafts of the standards derived from CRYSTALS-Kyber, CRYSTALS-Dilithium, and SPHINCS+.
This tutorial aims to introduce the audience to the implementation attacks published in the literature against the primary PQC algorithms to be standardized by the National Institute of Standards and Technologies (NIST) and approved by the National Security Agency (NSA) for national security systems (i.e., Kyber and Dilithium) as well as countermeasures against these implementation attacks. Other PQC standardization efforts will be mentioned. The goal is to prepare the hardware security community with the information required to do research in this field, play an active role in the remaining steps of the standardization process, and support secure deployment of PQC.
Nanyang Technological University
Cooley’s DAC Troublemaker Panel
DAC Pavilion Panel
Monday, June 243:00pm — 3:45pm PDT
DAC Pavilion, Level 2 Exhibit Hall
Come watch the EDA troublemakers answer the edgy, user-submitted questions about this year’s most controversial issues! It’s an old-style open Q&A from the days before corporate marketing took over every aspect of EDA company images.
Hardware Security at RTL — an AI/ML-based Approach
Exhibitor Forum
Monday, June 244:15pm — 4:45pm PDT
Exhibitor Forum, Level 1 Exhibit Hall
DescriptionMicroelectronics are essential to critical infrastructure, yet they are increasingly at risk from cyber attacks and malicious hardware modifications. The current state of security analysis primarily addresses known threats, leaving undiscovered vulnerabilities largely concealed on the dark side of the attack surface.
We will introduce a patented Register Transfer Level (RTL) analysis technique that offers both qualitative and quantitative insights into semiconductor designs. This advanced methodology identifies and quantifies potential vulnerabilities that are susceptible to attack vectors that target functional behavior, operational reliability, and data integrity.
This predictive approach facilitates the cyber hardening of designs and helps achieve convergence on device-level security coverage. Furthermore, our experimental results show that the framework can be used to detect in-field attack. We utilize machine learning to adaptively recognize threats, and can demonstrate on-chip integration of next-generation protection into the semiconductor design lifecycle.
This session will detail our innovative approach, emphasize the importance of proactive security measures in the design phase of microelectronics development, and how this platform can reveal, surveil, quarantine, and remediate sophisticated cyber threats to improve the cyber resilience of critical electronic systems.
Tuesday, June 25
Systems Foundry — A Journey from ‘System on a Chip’ to
‘System of Chips’
8:45 am — 9:45 am
DR GARY PATTON
CORPORATE VICE PRESIDENT AND GENERAL MANAGER OF THE DESIGN ENABLEMENT GROUP
IN TECHNOLOGY DEVELOPMENT, INTEL CORPORATION
In this keynote, Dr. Gary Patton will introduce the fundamental concepts driving the vision of a ‘Systems Foundry’, including a standards-
based approach to assemble heterogenous dies. Dr. Patton will also cover the factors driving the inevitable need for disaggregation; factors
like reticle limit, thermal constraints, cost, yield, etc., among others that are especially exacerbated in the need to satisfy the demands of
HPC designs in the AI era. In addition, Dr. Patton will go over the transformative journey at Intel over the last 4–5 years that has helped orient the execution towards enabling the vision of a Systems Foundry. A journey that encompasses delivering to a full breadth of EDA offerings
and development of advanced packaging capabilities, to name a few. The work is not done, however; the EDA & IP ecosystem has a vital
role to play in this vision — to enable a seamless 3DIC design platform for advanced packaging implementation & modeling, AI-driven 3D
exploration and System-Technology Co-Optimization while tackling challenges in the multi-physics domain. Intel has several collaborative
projects with EDA to address these challenges, and Dr. Patton will end with a call to action to the ecosystem partners on continued
partnership to realize this vision
Dr. Gary L. Patton is corporate vice president and general manager of the Design Enablement group in Technology Development
at Intel Corporation. Design Enablement is charged with delivering the Process Design Kits (PDKs), Test-Chips, Design-Technology
Co-Optimization (DTCO), and Foundational IP (FIP) & Embedded Memory Solutions to maximize technology value and meet customer
needs and schedules. Prior to joining Intel, Dr. Patton served as is the Chief Technology Officer and Senior Vice President of Worldwide
Research and Development and Design Enablement at GlobalFoundries where he was responsible for the semiconductor technology R&D
roadmap, operations, and execution. Prior to that, Dr. Patton was vice president of IBM’s Semiconductor Research and Development
Center — a position that he held for eight years where he was responsible for IBM’s semiconductor R&D, design enablement, and
technology development alliances. Dr. Patton is a well-recognized industry leader in semiconductor technology R&D with over 30 years
of semiconductor experience. He is a Fellow of the IEEE and recipient of the 2017 IEEE Frederik Philips Award for industry influence and
leadership in the development of leading-edge microelectronics technology and collaborative research. In 2016, Dr. Patton was inducted
into the VLSI Research Hall of Fame for his contributions to the advancement of the semiconductor industry over several decades.
Dr. Patton received his bachelor’s degree in electrical engineering from UCLA and his master’s and Ph.D. degrees in electrical engineering
from Stanford University.
Quantum Computing: Accomplishments, Bottlenecks, and Timelines
10:30am — 12:00pm PDT
3014, 3rd Floor
Quantum computers are a reality! In the recent years, the technology received a huge momentum fueled by numerous players (including established companies, an impressive number of start-ups, and plenty of research initiatives) who are working on the realization of corresponding machines, design flows, and applications. At the same time, however, there are still several questions: End-users and domain experts wonder for what applications quantum computing will be interesting (and when)? Designers and tool developers wonder what (physical) challenges and bottlenecks have to be addressed. And physicists wonder how they can address all these expectations while, at the same time, they are still trying to get decoherence times and errors under control.
Hence, it is time for a discussion about where we are with quantum computing? To this end, this panel brings renowned panelists from industry and academia together to discuss the current status and future promise of this technology, from different perspectives. More precisely, we are going to cover:
* How should we assess the recent accomplishments in the different technologies (superconducting, ion-traps, neutral atoms, etc.)? Which technology is most promising? Are those just another step in a still long series of further steps needed or do they constitute the eventual breakthrough?
* What bottlenecks still have to be overcome: Can we re-use the established design flow for classical circuits and systems for quantum computing? How much quantum physics expertise is needed to work in that field? Do we have metrics/benchmarks that can guide us through the corresponding developments?
* What are the practically relevant ecosystems? Will quantum computing replace conventional systems in entire fields or “only” extend the conventional computational capacities? Will there be “stand-alone” quantum computing applications or only quantum-classical co-design solutions?
* What are the timelines towards practically relevant quantum computing ecosystems.
In addition, the panelists will also be available to address dedicated questions from the design automation community. This and more will be covered in the panel.
Advanced Verification 2010, 2nd Floor
Design
Engineering Tracks
Front-End Design
Advance Verification
2010, 2nd Floor
Design
Engineering Tracks
Front-End Design
Session Chair
Join us to learn about new strategies in the catch-up game verification engineers play daily with the increasing design complexity and tighter schedules. In this session, presenters will share their wisdom across HLS, FuSa and hardware/software verification.
Use UVM for AMS DFT through IEEE 1687 Procedural Description Language
Presenters
1:30pm — 1:45pm PDT
Shift Left with Improved Power-Awareness in RTL Stage Design for Early Design Verification
Presenters
1:45pm — 2:00pm PDT
Presenters
2:00pm — 2:15pm PDT
A Distributed Co-Simulation Environment and its Application in HW-FW Verification
Presenters
2:30pm — 2:45pm
Who watches the watchman? FuSa Verification of DCLS configuration through Formal and Static checks
Presenters
2:45pm — 3:00pm
Systematic Flow on AC Scan Timing/ATPG Constraint Generation
Presenters
Asleep at the Wheel? In-Cabin Monitoring for Automotive Safety
1:30pm — 3:00pm PDT
3014, 3rd Floor
According to data provided by the World Health Organization, it is a grim reality that more than 1.3 million people lose their lives annually due to the tragic outcomes of
road traffic accidents, further exacerbating the situation with a staggering 20 to 50 million individuals being left with non-fatal injuries. These disheartening statistics serve as a stark reminder of the urgent need for improved safety measures in the automotive industry.
Historically driven by the pursuit of creating vehicles that captivate and exhilarate consumers, the automotive sector has increasingly shifted its focus toward fostering a robust safety culture. This transformation has only sometimes been an organic process, as governments worldwide have often found themselves leading the charge in pushing for more excellent vehicular safety through stringent regulations. These regulatory frameworks, which initially took root in Europe and China, have now been rapidly disseminated globally. Consequently, automakers have found themselves compelled to make safety an integral and non-negotiable facet of their automotive solutions.
The impending European Safety Regulations, set to become a standard in the industry, have been significantly motivated by the rapid evolution of automotive technology and an unwavering commitment to ensuring the safety of both drivers and passengers. A pivotal component of this technological revolution in the automotive realm is interior sensing. It plays a critical role in monitoring drivers for distractions and fatigue, as well as tracking the movements of vehicle occupants.
This distinguished panel of experts brings together some of the foremost sensor and System-on-chip (SoC) suppliers and in-cabin monitoring specialists who are pivotal in driving the burgeoning interior sensing market. Their collective aim is to deliberate onvarious topics, ranging from emerging technology trends to innovative packaging options, seamless connectivity, and integration points for Advanced Driver Assistance Systems (ADAS), including the transformative Driver and occupant Monitoring System technology.
Recognizing that human drivers are inherently prone to errors, safety technology providers adopt a holistic systems approach to assist, enhance, and even assume control of the driving task when necessary. In-cabin monitoring emerges as a crucial element within this overarching strategy. Overcoming challenges related to cost, packaging constraints, and system complexity, hardware and application vendors continually push the boundaries of innovation, seeking novel ways to optimize their designs to support efficient and cost-effective in-cabin monitoring solutions.
The panel discussion, featuring prominent figures from industry and University leaders such as Seeing Machines, Qualcomm, Texas Instruments, Ambarella, OmniVision, and TU Braunschweig, will delve deep into the dynamic Sensor and SoC market for in-cabin monitoring.
They will explore critical issues, including how in-cabin
monitoring technology underpins the global safety agenda, the preferences of suppliers regarding packaging locations, the pros and cons of variousintegration approaches, and the implications for Original Equipment Manufacturers (OEMs) who must ensure that safety and convenience remain paramount in their offerings. There are a variety of differing opinions, and it is these differing opinions that will be brought forth in this panel.
The panel is aimed at students, researchers, and practitioners. Students will understand the state of the art and the challenges. Researchers will be able to examine open industrial problems which are still open, and industry practitioners will be able to understand the available solutions and the industry trends.
The panel aims to engage in a comprehensive discussion surrounding critical questions, including but not limited to:
— How can we best support a low-cost and low-power consumption market?
— Which aspect or component of Sensor and SoC design should we prioritize for future advancements?
— What are the foremost challenges associated with Artificial Intelligence (AI) in designing sensors and SoCs?
— Where should we channel our Research and Development (R&D) efforts?
— Which packaging configurations are poised to dominate the automotive market?
— How vital is cybersecurity in this context?
— What obstacles do we face in implementing AI techniques for in-cabin monitoring?
— How are these cutting-edge designs rigorously tested to ensure their efficacy and safety?
NSPG: Natural language Processing-based Security Property Generator for Hardware Security Assurance
2:00pm — 2:15pm PDT
3008, 3rd Floor
The efficiency of validating complex System-on-Chips (SoCs) is contingent on the quality of the security properties provided. Generating security properties with traditional approaches often requires expert intervention and is limited to a few IPs, thereby resulting in a time-consuming and non-robust process.
To address this issue, we, for the first time, propose a novel and automated Natural Language Processing (NLP)-based Security Property Generator (NSPG). Specifically, our approach utilizes hardware documentation in order to propose the first hardware security-specific language model, HS-BERT, for extracting security properties dedicated to hardware design.
It is capable of phasing a significant amount of hardware specification, and the generated security properties can be easily converted into hardware assertions, thereby reducing the manual effort required for hardware verification.
NSPG is trained using sentences from several SoC documentation and achieves up to 88% accuracy for property classification, outperforming ChatGPT.
When assessed on five untrained OpenTitan hardware IP documents, NSPG aided in identifying eight security vulnerabilities in the buggy OpenTitan SoC presented in Hack@DAC 2022.
The University of Texas at Dallas
The University of Texas at Dallas
The University of Texas at Dallas
Technology Innovation Institute
Technology Innovation Institute
The University of Texas at Dallas
The University of Texas at Dallas
Uncovering Software-Based Power Side-Channel Attacks on Apple M1/M2 Systems
1:30pm — 1:45pm PDT
3012, 3rd Floor
Traditionally, power side-channel analysis requires physical access to the target device, as well as specialized devices to measure the power consumption with enough precision.
Recently research has shown that on x86 platforms, on-chip power meter capabilities exposed to a software interface might be used for power side-channel attacks without physical access. In this paper, we show that such software-based power side-channel attack is also applicable on Apple silicon (e.g., M1/M2 platforms), exploiting the System Management Controller (SMC) and its power-related keys, which provides access to the on-chip power meters through a software interface to user space software.
We observed data-dependent power consumption reporting from such SMC keys and analyzed the correlations between the power consumption and the processed data. Our work also demonstrated how an unprivileged user mode application successfully recovers bytes from an AES encryption key from a cryptographic service supported by a kernel mode driver in MacOS.
We have also studied the feasibility of performing frequency throttling side-channel attack on Apple silicon. Furthermore, we discuss the impact of software-based power side-channels in the industry, possible countermeasures, and the overall implications of software interfaces for modern on-chip power management systems.
Evaluating the Security of Logic Locking on Deep Neural Networks
2:00pm — 2:15pm PDT
3012, 3rd Floor
Deep neural networks are susceptible to model piracy and adversarial attacks when malicious end-users have full access to the model parameters. Recently, a logic locking scheme called HPNN has been proposed. HPNN utilizes hardware root-of-trust to prevent end-users from accessing the model parameters. This paper investigates whether logic locking is secure on deep neural networks. Specifically, it presents a systematic I/O attack that combines algebraic and learning-based approaches. This attack incrementally extracts key values from the network to minimize sample complexity. Besides, it employs a rigorous procedure to ensure the correctness of the extracted key values. Our experiments demonstrate the accuracy and efficiency of this attack on large networks with complex architectures. Consequently, we conclude that HPNN-style logic locking and its variants we can foresee are insecure on deep neural networks.
Plug Your Volt: Protecting Intel Processors against Dynamic Voltage Frequency Scaling based Fault Attacks
2:15pm — 2:30pm PDT
3012, 3rd Floor
This work proposes a new countermeasure principle to defend against Dynamic Voltage Frequency Scaling (DVFS) based fault attacks on modern Intel systems. First, we establish that the fundamental cause of DVFS fault attacks is the ability to independently control the frequency and voltage of a processor. Using this observation, we construct a partition of frequency-voltage tuples into unsafe-safe states based on whether a tuple causes timing violations according to switching circuit theoretic principles. Our countermeasure completely prevents DVFS faults on three Intel generation CPUs: Sky Lake, Kaby Lake R, and Comet Lake. Further, it can also be deployed both as microcode or as model-specific registers at the hardware level, unlike previous countermeasures. Finally, we evaluate a minuscule overhead 0.28% of our countermeasure on SPEC2017.
Indian Institute of Technology, Kharagpur
Indian Institute of Technology, Kharagpur
Indian Institute of Technology, Kharagpur
Indian Institute of Technology, Kharagpur
CDS: An Anti-Aging Calibratable Digital Sensor for Detecting Multiple Types of Fault Injection Attacks
2:30pm — 2:45pm PDT
3012, 3rd Floor
DescriptionIn this paper, we present CDS, a delay chain based digital sensor that exploits timing variations of both detector and protected object for detecting multiple types of fault injection attacks. To demonstrate its capability, we use CDS to protect the hardware accelerator of PRESENT cryptographic algorithm against multiple glitching attacks. Simulation results show that (1) CDS can detect 100% of voltage and temperature coordinated glitching attacks with 4.1% early warning; (2) CDS can detect 100% of laser glitching attacks with 9.1% early warning; (3) CDS maintains outstanding aging resistance with only 1.1% false alarm rate after 7 years of use.
Authors
Beyond Conventional Defenses: Proactive and Adversarial-Resilient Hardware Malware Detection using Deep Reinforcement Learning
Tuesday, June 25 2:45pm — 3:00pm PDT
DescriptionThis research investigates the vulnerability of ML-enabled Hardware Malware Detection(HMD) methods to adversarial attacks. We introduce proactive and robust adversarial learning and defense based on Deep Reinforcement Learning(DRL). First, highly effective adversarial attacks are employed to circumvent detection mechanisms. Subsequently, an efficient DRL technique based on Advantage Actor-Critic(A2C) is presented to predict adversarial attack patterns in real-time. Next, ML models are fortified through adversarial training to enhance their defense capabilities against both malware and adversarial attacks. To achieve greater efficiency, a constraint controller using Upper Confidence Bounds(UCB) algorithm is proposed that dynamically assigns defense responsibilities to specialized RL agents.
California State University, Long Beach
University of California, Davis
California State University, Long Beach
Wednesday, June 26
AI and the Intelligent Edge
Wednesday, June 269:00am — 9:45am PDT
Artificial intelligence is changing the world around us, but most of the focus has been on large models running on immense compute servers. There is a critical need for AI in edge applications to decrease latency and power consumption. Fulfilling this need requires new approaches to meet the constraints of future industrial, automotive, and consumer platforms at the intelligent edge.
Edge Intelligence & GenAI: Exploring Challenges and Ethics
Wednesday, June 2610:30am — 12:00pm PDT
The convergence of the Internet of Things (IoT), Heterogeneous Computing Architectures, Artificial Intelligence (AI), Machine Learning (ML), and Generative AI (GenAI) is ushering in a new era of computation and analysis. Our panelists will explore a deeper understanding of the intricate interplay between Edge Intelligence and GenAI, with a focus on the technical hurdles and ethical considerations.
By processing data closer to its source, edge computing can harness the power of AI-ML in real-time. This paradigm shift is redefining the capabilities of IoT and computational architectures. Join us as we explore the practical challenges involved in integrating GenAI into edge computing such as limited computational resources, latency reduction, and the development of lightweight AI models.
Edge computing, fortified by GenAI, is changing the game in critical sectors like healthcare, manufacturing, automotive, smart cities, and semiconductor design and manufacturing. Real-time data processing is enhancing decision-making, improving efficiency, and even saving lives. Through case studies and examples, we’ll discuss how engineers and researchers are at the forefront of developing solutions that drive these innovations.
While the technical aspects are fascinating, with great power comes great responsibility. The ubiquity of edge computing and GenAI raises crucial ethical questions. How can we ensure data privacy and security at the edge? What safeguards can be put in place to mitigate bias in AI algorithms? Who is accountable when autonomous systems make critical decisions?
Our panel comprises seasoned experts who have grappled with these questions in academic research, policy making, product and infrastructure design and deployment as well as investing and mentoring. We invite you to be a part of the conversation that is shaping the future of technology.
Moderator
Presenters
University of Illinois at Urbana-Champaign
CHIPS Alliance / Linux Foundation
Trapped by Your WORDs: (Ab)using Processor Exception for Generic Binary Instrumentation on Bare-metal Embedded Devices
Wednesday, June 2610:30am — 10:45am PDT
Analyzing the security of closed-source drivers and libraries in embedded systems holds significant importance, given their fundamental role in the supply chain. Unlike x86, embedded platforms lack comprehensive binary manipulating tools, making it difficult for researchers and developers to effectively detect and patch security issues in such closed-source components. Existing works either depend on full-fledged operating system features or suffer from tedious corner cases, restricting their application to bare-metal firmware prevalent in embedded environments.
In this paper, we present PIFER (Practical Instrumenting Framework for Embedded fiRmware) that enables general and fine-grained static binary instrumentation for embedded bare-metal firmware. By abusing the built-in hardware exception-handling mechanism of the embedded processors, PIFER can perform instrumentation on arbitrary target addresses. Additionally, We propose an instruction translation-based scheme to guarantee the correct execution of the original firmware after patching. We evaluate PIFER against real-world, complex firmware, including Zephyr RTOS, CoreMark benchmark, and a close-sourced commercial product. The results indicate that PIFER correctly instrumented 98.9\% of the instructions. Further, a comprehensive performance evaluation was conducted, demonstrating the practicality and efficiency of our work.
Si Backside Side-Channel Leakage and Simulation of Cryptographic IC Chips
Wednesday, June 2611:06am — 11:24am PDT
Flip chip mounting has been widely used in recent years. Flip chip mounting has advantages such as shorter signal wires, smaller footprint, and multiple chip(lets).
However, flip chip packaging makes Si substrate as an attack surface, and then Si substrate voltage becomes one of the side-channel information.
Therefore, we develop analysis flow of Si substrate voltage using Chip Power Model (CPM). CPM is made of power library of standard cells, logic transition of digital circuit, design data. In order to analyze an accurate Si substrate voltage, design data information that is required to create CPM includes Si substrate configuration, thickness, resistance, capacitance.CPM is created for each dataset with changing input vectors for side-channel leakage evaluation.
We confirm that side-channel attack is successful using waveforms from CPM.
Furthermore, we find the possibility of localized and chip thickness dependent noise propagation by analyzing of waveforms from CPM. As for locality, we also confirmed that the matching between measurement and simulation.
Effectively Sanitizing Embedded Operating Systems
Wednesday, June 2611:30am — 11:45am PDT
Embedded operating systems, considering their widespread use in security-critical applications, are not effectively tested with sanitizers to effectively root out bugs. Sanitizers provide a means to detect bugs that are not visible directly through exceptional or erroneous behaviors, thus uncovering more potent bugs during testing.
In this paper, we propose EmbSan, an embedded systems sanitizer for a diverse range of embedded operating system firmware through the use of dynamic instrumentation of sanitizer facilities and de-coupled on-host runtime libraries. This allows us to perform sanitation for multiple embedded OSs during fuzzing, such as many Embedded Linux-based firmware, various FreeRTOS firmware, and detect actual bugs within them. We evaluated EmbSan’s effectiveness on firmware images based on Embedded Linux, FreeRTOS, LiteOS, and VxWorks. Our results show that EmbSan can detect the same criteria of actual bugs found in the Embedded Linux kernel as reference implementations of KASAN, and exhibits a slowdown of 2.2× to 3.2× and 5.2× to 5.7× for KASAN and KCSAN, respectively, which is on par with established kernel sanitizers. EmbSan and embedded OS fuzzers also found a total of 41 new bugs in Embedded Linux, FreeRTOS, LiteOS and VxWorks.
Authors
Laser Shield: a Physical Defense with Polarizer against Laser Attack
Wednesday, June 2611:45am — 12:00pm PDT
Autonomous driving systems (ADS) are boosted with deep neural networks (DNN) to perceive environments, while their security is doubted by DNN’s vulnerability to adversarial attacks. Among them, a diversity of laser attacks emerges to be a new threat due to its minimal requirements and high attack success rate in the physical world. Nevertheless, current defense methods exhibit either low defense success rate or high computation cost against laser attacks. To fill this gap, we propose Laser Shield which leverages a polarizer along with a min-energy rotation mechanism to eliminate adversarial lasers from ADS scenes. We also provide a physical world dataset, LAPA, to evaluate its performance. Through exhaustive experiments with three baselines, four metrics, and three settings, Laser Shield is proved to exhibit the SOTA performance.
Authors
Beijing University of Posts and Telecommunications
Nanyang Technological University
Conjuring: Leaking Control Flow via Speculative Fetch Attacks*
Wednesday, June 261:30pm — 1:45pm PDT
In this work, we propose a new attack called Conjuring that exploits one of the main features of CPUs’ front-end: speculative fetch of instructions. We show that the Pattern History Table (PHT) in modern CPUs are a great channel to learn and leak the control-flow of victim applications. Unlike prior work, Conjuring does not require to prime the PHT or interfere with the victim execution enabling a realistic and unprivileged attacker to leak control flow information. By improving the branch predictors, our attack becomes even more serious and practical. We demonstrate the feasibility of our attack on different existing Intel, AMD, and Apple CPUs.
National University of Singapore
National University of Singapore
ThermalScope: A Practical Interrupt Side Channel Attack Based on Thermal Event Interrupts
Wednesday, June 262:00pm — 2:15pm PDT
While interrupts play a critical role in modern OSes, they have been exploited as a wide range of side channel attacks to break system confidentiality, such as keystroke interrupts, graphic interrupts and network interrupts. In this paper, we propose ThermalScope, a new side channel that exploits thermal event interrupts, which is adaptable for both native and browser scenarios and incorporates two heat amplifying techniques. The exploited thermal event interrupts are activated only when the CPU package temperature reaches a fixed threshold that is determined by manufacturers. Our key observation is that workloads running on CPUs inevitably generates their distinct heat, which can be correlated with the thermal event interrupts. To demonstrate the viability of ThermalScope, we conduct a comprehensive evaluation on multiple Ubuntu OSes with different Intel-based CPUs. First, we show that the activation of thermal event interrupts correlates with the level of CPU temperature. We then apply ThermalScope to mount different side channel attacks, i.e., building covert channels with a transmission rate of 0.1 b/s, fingerprinting DNN model architectures with an accuracy of over 90% and breaking KASLR within 8.2 hours.
Authors
University of Western Australia
Institute of Information Engineering, Chinese Academy of Sciences
Levioso: Efficient Compiler-Informed Secure Speculation
Wednesday, June 262:45pm — 3:00pm PDT
Spectre-type attacks have demonstrated a major class of vulnerabilities
arising from speculative execution of instructions, the main performance enabler of modern CPUs. These attacks speculatively leak secrets that have been either speculatively loaded (seen in sandboxed programs) or non-speculatively loaded (seen in constant-time programs). Various hardware-only defenses have been proposed to mitigate both speculative and non-speculative secrets via all potential transmission channels. However, these solution rely on limited knowledge of the hardware about the program to conservatively restrict the execution of all instructions that can potentially leak information.
In this work, we discuss that not all instructions depend on older unresolved branches and they can safely execute without leaking speculative information.
We present Levioso, a novel hardware/software co-design, that provides comprehensive secure speculation guarantees while reducing performance overhead compared to the existing methodologies. Levioso informs the hardware about true branch dependencies in order to apply restrictions only when necessary. Our evaluations demonstrate that Levioso is able to significantly reduce the performance overhead compared to two state-of-the-art defenses from 51% and 43% to just 23%.
National University of Singapore
University of California, San Diego
National University of Singapore
National University of Singapore
With great power comes great responsibility — A guide to customizing your processor with verification in mind
Wednesday, June 263:30pm — 4:00pm PDT
Customization is now the way forward for increasing performance in electronic systems. By customizing the processor to the actual workload, you can gain massive improvements for power, performance, and area. Using the right tools, customization can be approached using a fast and easy iterative approach enabling rapid architecture exploration and automated RTL and SDK generation. But how can you keep control of the customizations made during the design process, and how can you ensure the design is easily verified once you have achieved the performance you need? The answer is in bounded customization. By adding custom instructions within set bounds, you can achieve a good balance of freedom and control. Because you will not need to re-verify the entire core, the verification process will be smooth. With bounded customization, there is no risk of dead silicon because the custom instructions cannot break the baseline core. By working with tools able to generate the customized RTL and SDK as well as a verification environment aiding the verification of the custom instructions, you gain the power to customize and the confidence to claim responsibility for the end result.
GATE-SiP: Enabling Authenticated Encryption Testing in Systems-in-Package
Wednesday, June 263:45pm — 4:00pm PDT
A heterogeneous integrated system in package (SIP) system integrates chiplets outsourced from different vendors into the same substrate for better performance. However, during post-integration testing, the sensitive testing data designated for a specific chiplet can be blocked, tampered or sniffed by other malicious chiplets. This paper proposes GATE-SiP which is an authenticated partial encryption protocol to enable secure testing. Within GATE-SiP, the sensitive testing pattern will only be sent to the authenticated chiplet. In addition, partial encryption of the sensitive data prevents data sniff threats without causing significant penalties on timing overhead. Extensive simulation results show the GATE-SiP protocol only brings 6.74% and 14.31% on area and timing overhead, respectively.
Alchemist: A Unified Accelerator Architecture for Cross-Scheme Fully Homomorphic Encryption
Wednesday, June 264:15pm — 4:30pm PDT
The use of cross-scheme fully homomorphic encryption (FHE) in privacy-preserving applications challenges hardware accelerator design. Existing accelerator architectures fail to efficiently handle hybrid FHE schemes due to the mismatch between computational demands and hardware resources. We propose a novel architecture using a hardware-friendly, versatile low-level operator, i.e., Meta-OP. Our slot-based data management efficiently handles memory access patterns of the meta-op for diverse operations. Alchemist accelerates both arithmetic and logic FHE with high hardware utilization rates. Compared to existing ASIC accelerators, Alchemist outperforms with a 29.4× performance per area improvement for arithmetic FHE and a 7.0× overall speedup for logic FHE.
Authors
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Information Engineering, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
Institute of Computing Technology, Chinese Academy of Sciences
DNN-Defender: A Victim-Focused In-DRAM Defense Mechanism for Taming Adversarial Weight Attack on DNNs
Wednesday, June 264:30pm — 4:45pm PDT
With deep learning deployed in many security-sensitive areas, machine learning security is becoming progressively important. Recent studies demonstrate attackers can exploit system-level techniques exploiting the RowHammer vulnerability of DRAM to deterministically and precisely flip bits in Deep Neural Networks (DNN) model weights to affect inference accuracy. The existing defense mechanisms are software-based, such as weight reconstruction requiring expensive training overhead or performance degradation. On the other hand, generic hardware-based victim-/aggressor-focused mechanisms impose expensive hardware overheads and preserve the spatial connection between victim and aggressor rows. In this paper, we present the first DRAM-based victim-focused defense mechanism tailored for quantized DNNs, named DNN-Defender that leverages the potential of in-DRAM swapping to withstand the targeted bit-flip attacks with a priority protection mechanism. Our results indicate that DNN-Defender can deliver a high level of protection downgrading the performance of targeted RowHammer attacks to a random attack level. In addition, the proposed defense has no accuracy drop on CIFAR-10 and ImageNet datasets without requiring any software training or incurring hardware overhead.
New Jersey Institute of Technology
State University of New York, Binghamton
New Jersey Institute of Technology
EOS: An Energy-Oriented Attack Framework for Spiking Neural Networks
Wednesday, June 265:00pm — 5:15pm PDT
Spiking neural networks (SNNs) are emerging as energy-efficient alternatives to conventional artificial neural networks (ANNs). Their event-driven information processing significantly reduces computational demands while maintaining competitive performance.
However, as SNNs are increasingly deployed in edge devices, various security concerns have emerged. While significant research efforts have been dedicated to addressing the security vulnerabilities stemming from malicious input, often referred to as adversarial examples, the security of SNN parameters remains relatively unexplored.
This work introduces a novel attack methodology for SNNs known as Energy-Oriented SNN attack (EOS). EOS is designed to increase the energy consumption of SNNs through the malicious manipulation of binary bits within their memory systems (i.e., DRAM), where neuronal information is stored.
The key insight of EOS lies in the observation that energy consumption in SNN implementations is intricately linked to spiking activity.
The bit-flip operation, the well-known Row Hammer technique, is employed in EOS. It achieves this by identifying the most robust neurons in the SNN based on the spiking activity, particularly those related to the firing threshold, which is stored as binary bits in memory. EOS employs a combination of spiking activity analysis and a progressive search strategy to pinpoint the target neurons for bit-flip attacks. The primary objective is to incrementally increase the energy consumption of the SNN while ensuring that accuracy remains intact.
With the implementation of EOS, successful attacks on SNNs can lead to an average of $43\%$ energy increase with no drop in accuracy.
University of Shanghai for Science and Technology
A High-Throughput Private Inference Engine Based on 3D Stacked Memory
Wednesday, June 265:00pm — 5:15pm PDT
Fully Homomorphic Encryption (FHE) enables unlimited computation depth, allowing for privacy-enhanced neural network inference tasks directly on the ciphertext. However, existing FHE architectures suffer from the memory access bottleneck due to the significant data consumption. This work proposes a High-throughput FHE engine for private inference (PI) based on 3D stacked memory (H3). H3 adopts software-hardware co-design that dynamically adjusts the polynomial decomposition during the PI process to minimize the computation and storage overhead at a fine granularity. With 3D hybrid bonding, H3 integrates a logic die with a multi-layer embedded DRAM, routing data efficiently to the processing unit array through an efficient broadcast mechanism. H3 consumes 192mm$²$ of the area when implemented using a 28nm logic process. H3 achieves a throughput of 1.36 million LeNet-5 or 920 ResNet-20 PI per minute, surpassing existing 7nm accelerators by 52%. This demonstrates that 3D memory is a promising technology to promote the performance of FHE.
THURSDAY
Enabling the Era of Immersive Computing
Thursday, June 279:00am — 9:45am PDT
Immersive computing (including virtual, augmented, mixed, and extended reality, metaverse, digital twins, and spatial computing) has the potential to transform most industries and human activities to create a better world for all. Delivering on this potential, however, requires bridging an orders of magnitude gap between the power, performance, and quality-of-experience attributes of current and desirable immersive systems. With a number of conflicting requirements — 100s of milliwatts of power, milliseconds of latency, unbounded compute to realize realistic sensory experiences — no silver bullet is available. Further, the true goodness metric of such systems must measure the subjective human experience within the immersive application. This talk calls for an integrative research agenda that drives codesigned end-to-end systems from hardware to system software stacks to foundation models spanning the end-user device/edge/cloud, with metrics that reflect the immersive human experience, in the context of real immersive applications. I will discuss work pursuing such an approach as part of the IMMERSE Center for Immersive Computing which brings together immersive technologies, applications, and human experience, and in the ILLIXR project based on an open-source end-to-end system to democratize immersive systems research.
University of Illinois at Urbana-Champaign
Lost and Found in Speculation: Hybrid Speculative Vulnerability Detection
Thursday, June 2710:48am — 11:06am PDT
Microarchitectural attacks represent a challenging and persistent threat to modern processors, exploiting inherent design vulnerabilities in processors to leak sensitive information or compromise systems. Of particular concern is the susceptibility of Speculative Execution, a fundamental part of performance enhancement, to such attacks.
We introduce Specure, a novel pre-silicon verification method composing hardware fuzzing with Information Flow Tracking (IFT) to address speculative execution leakages. Integrating IFT enables two significant and non-trivial enhancements over the existing fuzzing approaches: i) automatic detection of microarchitectural information leakages vulnerabilities without golden model and ii) a novel Leakage Path coverage metric for efficient vulnerability detection. Specure identifies previously overlooked speculative execution vulnerabilities on the RISC-V Boom processor and explores the vulnerability search space 6.45× faster than existing fuzzing techniques. Moreover, Specure detected known vulnerabilities 20× faster.
Technische Universität Darmstadt
Technische Universität Darmstadt
Technische Universität Darmstadt
Technische Universität Darmstadt
DL2Fence: Integrating Deep Learning and Frame Fusion for Enhanced Detection and Localization of Refined Denial-of-Service in Large-Scale NoCs
Thursday, June 2711:06am — 11:24am PDT
This study introduces a refined Flooding Injection Rate-adjustable Denial-of-Service (DoS) model for Network-on-Chips (NoCs) and more importantly presents DL2Fence, a novel framework utilizing Deep Learning (DL) and Frame Fusion (2F) for DoS detection and localization. Two Convolutional Neural Networks models for classification and segmentation were developed to detect and localize DoS respectively. It achieves detection and localization accuracies of 95.8% and 91.7%, and precision rates of 98.5% and 99.3% in a 16x16 NoC. The framework’s hardware overhead notably decreases by 76.3% when scaling from 8x8 to 16x16, and it requires 42.4% less hardware compared to state-of-the-arts. This advancement demonstrates DL2Fence’s effectiveness in balancing outstanding detection performance in large-scale NoCs with extremely low hardware overhead.
MERSIT: A Hardware-Efficient 8-bit Data Format with Enhanced Post-Training Quantization DNN Accuracy
Thursday, June 2711:00am — 11:15am PDT
Post-training quantization (PTQ) models utilizing conventional 8-bit Integer or floating-point formats still exhibit significant accuracy drops in modern deep neural networks (DNNs), rendering them unreliable. This paper presents MERSIT, a novel 8-bit PTQ data format designed for various DNNs. While leveraging the dynamic configuration of exponent and fraction bits derived from Posit data format, MERSIT demonstrates enhanced hardware efficiency through the proposed merged decoding scheme. Our evaluation indicates that MERSIT yields more reliable 8-bit PTQ models, exhibiting superior accuracy across various DNNs compared to conventional floating-point formats.
Authors
CONTINUE TO: HACKER SUMMER CAMP 2024 — Part Four: ToorCamp 2024