Opening Remarks: HOST General and Program Chairs

KEYNOTE I 

Speaker: Greg Akers, Consultative Technology Executive, Greg Akers Consulting 

Title: Hardware Anchored Trust in a Software Defined World

Abstract: We will explore the composition of hardware derived trust, privacy and security in a world of untrusted software defined components. Looking at historical precedence and the likely future. We will explore the needs in a world of Quantum Computing, pervasive AI, and entirely a cloud world. As the world evolves to Not, in most aspects of our lives, we compose increasingly complex and intertwined systems that have limited verifiably robust security and trust. We will explore how critically position hardware roots of trust may improve these systems posture.

VISIONARY TALK I

Speaker: Ingrid Verbauwhede, Professor, KU Leuven - COSIC

Title: The Need for Hardware Roots of Trust

Abstract: Software security and cryptographic security protocols rely on hardware roots of trust. Software designers assume that cryptographic keys, random initial values, nonces, freshness, hardware isolation, or secure storage is simply available to them. At the same time, electronics shrink: sensor nodes, IOT devics, smart devices are becoming more and more available. Adding security and cryptography to these often very resource constraint devices is a challenge. This presentation will focus design methods for hardware roots of trustor and more specifically on Physically Unclonable Functions (PUFs) and True Random Number Generators (TRNG), two essential roots of trust.

Abstract: The majority of hardware security research has been focused on critical digital circuits. This represents a portion of the actual system that is being developed for an application. This panel will discuss the other spaces such as analog, RF, package, and board. The goal is to identify some new areas of research that can help with protection of the overall hardware systems.

Panelists

• Vipul Patel, AFRL
• Adam Sherer, Cadence
• Yiorgos Makris, UTDallas
• Thomas Collins, BAE

Moderator: Saverio Fazzari (Booz Allen Hamilton)

KEYNOTE II

Speaker: Ruby Lee, Forrest G. Hamrick Professor in Engineering, Princeton University

Title: Security Design Principles to Thwart Speculative Attacks

Abstract: Performance optimization features in processors can lead to serious security breaches, as exemplified by the recent Spectre, Meltdown and Foreshadow speculative attacks. These transient execution attacks show the vulnerability of processor features to timing attacks, even though they have been correctly designed and verified by existing architecture definitions.  In this talk, we suggest that new security design rules need to be added to catch such vulnerabilities at design time or to detect vulnerabilities in existing machines.  What are the root causes of speculative attacks and timing attacks?  Can we define a small set of security design rules to prevent information leaks and other security breaches due to hardware features?  Can we improve performance without degrading security?  Can we design hardware architecture that improves security and performance at the same time?  What new design strategies and hardware structures can lead to better security? Can we create a tool-chain that can check for potential vulnerabilities at all levels of hardware design?  We are entering a new era of security in computer design, with many challenges -- and exciting research opportunities.

KEYNOTE III

Speaker: Serge Leef, Program Manager, DARPA

Title: Automatic Implementation of Secure Silicon

Abstract: Throughout the past decade, cybersecurity threats have evolved from attacks focused high in the software stack to progressively lower levels of computational hierarchy.  With the explosion of popularity and growing deployment of internet connected devices, economic attackers and nation-states alike are shifting their attention to Application Specific Integrated Circuits (ASICs) that enable complex capabilities across commercial and military application domains.  Despite growing recognition of the problem and a substantial body of research across multiple chip security areas, no common tools, methods or solutions are in wide use today.  Modern synchronous digital ASICs are already very complex and expensive to design and incorporation of security is viewed as a burden with unclear economic benefits.  The result is that the majority of today’s ASICs are largely unprotected.  Absence of automation makes incorporation of security a laborious, manual task that generally requires very specific design expertise not generally possessed by semiconductor companies.  These dynamics can be altered with a novel chip design flow that aims to protect advanced ASICs from known attack strategies by streamlining inclusion of scalable defense mechanisms into an automated process that maximizes architectural exploration of security vs. economics trade-offs while improving design productivity.  The effort and cost to incorporate a level of hardware security aligned with application requirements and economics will be significantly reduced so that incorporation of security at all levels of hardware design is feasible and affordable.

Abstract:  In the recent years there has been a dramatic push in the use of machine learning to solve, optimize, improve or estimate various computational problems. Wide spread adoption of the Machine Learning application and apprehension of their unmatched modeling abilities, have motivated many researchers to use these powerful models for both attack and defense against system and hardware. The challenge question for this special panel is: what aspect of machine learning can impact the hardware's security? This panel will discuss various security and safety challenges in this space, and debate relevant future research opportunities.

Panelists:

• Sohrab Aftabjahani, Intel
• Paul Franzon, NCSU
• Ro Cammarota, Intel AI
• Sandip Kundu, NSF

Moderator: Farinaz Koushanfar

VISIONARY TALK II

Speaker: Dr. Matthew Areno, Principal Engineer, Intel

Title: Challenges with System-level Security Assessment in Modern Computing Environments

Abstract: Computing systems today include more firmware on more devices than ever before. Although firmware used to be located primarily in CPU flash and executed only by the corresponding CPU, today nearly every component or device has its own firmware executed by its own processor or microcontroller. Securing all firmware data in the three key stages (at rest/in use/in transit) is typically not mandated by any specific standard and has thus created a significant challenge in attempting to assess a system’s security state. This presentation will cover current attempts by industry to address this issue, as well as discuss potential collaborations between government, industry, and academia to support this work.

VISIONARY TALK III

Speaker: Dr. Matthew Casto, Program Manager, Microelectronics, Office of the Secretary of Defense for Research and Engineering (OSD R&E)

Title: Security and Trust: Are they "Analog"ous?

Abstract: Over the last decade, a large amount of research has focused on security and trust in hardware. Security primitives and techniques have been developed to protect hardware from threats, secure the IC supply chain, and expose and address vulnerabilities. A vast majority of the research has primarily focused on digital ICs and functional verification, where analog and mixed signal (AMS) devices, systems, and analysis, which hold the highest share of risk in the market, have been neglected. The solutions developed in digital domain do not extend well to AMS systems, continuing to leave a major portion of the electronic systems market insecure and untrustworthy.  This talk will focus on challenges, opportunities, and early research results in AMS ICs with a discussion on the taxonomy and applications of analog security and trust.