The open nature of RISC-V and the associated community and eco-system have arguably led to a "golden era" of research and innovation within the field of computer architecture. This, in turn, has positively impacted the associated area of hardware security, where significant existing challenges remain and new challenges continue to emerge. RISC-V offers opportunities for academic and industrial research and development that stem from the ISA's extensible, configurable nature and the transparency afforded by access to high-quality HDL implementations. Established in 2021 as a CHES forum, TASER aims to 1) establish and solidify RISC-V as a topic of interest for CHES, and 2) act as an interface between the RISC-V and CHES communities.
Due to organizational constraints this year TASER will be merged with ORSHsec.
| 9:00 | Welcome | |
| 9:00 - 9:20 | An OpenTitan Update: Mission Accomplished (?) Speaker: Dom Rizzo (zeroRISC) Abstract: A brief presentation on the state of the OpenTitan project. Now that OpenTitan’s “Earl Grey” design has had its first successful commercial tapeout, it is an opportune time to review how we got there and what to expect from the future of open-source silicon implementations. Long-term viability for healthy open-source development has always been tied to commercial interests. Balancing that with security, transparency and the broader researcher and developer community is a challenge every open-source project has to tackle as it finds traction. This talk will cover how our approach to balancing those interests in the silicon domain and how the project is evolving for the long term. |
|
| 9:20 - 9:45 | A Strategy for Verified Value Chains Speaker: Sylvain GUILLEY (Secure-IC S.A.S.) Abstract: The presentation will address how vulnerabilities and Trojans can be mitigated, up to the level of semiconductor production. The presentation will analyze the roles of openness, formal verification, liability legislation, and international coordination. The authors propose to enable companies to innovate at low cost and produce relatively secure output by using open tools and components, publicly scrutinized, partially formally proven, usable for isolating proprietary components in containers. |
|
| 9:45 - 10:10 | Hardware trojan detection based on microarchitectural signals analysis Speaker: Lucas Georget (EDF R&D / LAAS-CNRS) Abstract: Certification companies rigorously inspect industrial electronic devices for safety and security reasons. In particular, detecting hardware trojans is a relevant challenge as they could be really stealthy. For that purpose, runtime monitoring is a relevant line of defense. Detection modules can be designed, based on behavorial models or attack signatures, in order to detect hardware Trojans that could be maliciously integrated into hardware components. The detection strategy consists, at the micro-architectural level, to select and analyze relevant signals whose values may betray the presence of the Trojans. This presentation describes some current research works aiming at implementing such a detection strategy on industrial FPGAs. |
|
| 10:10 - 10:35 | Improving System-On-Chips HW/SW co-simulation with open-source tools Speaker: Aurélien Hernandez (EURECOM) Abstract: The extensive entanglement between the hardware components and the processor firmware from nowadays System on Chips inevitably implies security stakes regarding both security and device integrity. Past research and reports showed examples of vulnerability emanating from the interaction of those two domains. Hence, hardware and software co-design of both hardware and software is considered a critical task in modern SoC design and manufacturing. The present talk will depict the landscape of co-simulation techniques in use for fail-proof SoC designs, with particular emphasis on HW / SW interactions. There will further be presented ongoing research on improving co-simulation in the context of complete open-source computing platform designs, which are becoming more and more prevalent with the rising interest around the RISC-V ISA. |
|
| 10:35 - 11:00 | Coffee break | |
| 11:00 - 11:10 | A brief overview of the ORSHIN research project Speaker: Benedikt Gierlichs (KU Leuven) Abstract: We will briefly outline objectives, technical work packages and achievements. Slides: ORSHIN_intro_ORSHsec_2024.pdf |
|
| 11:10 - 11:35 | The Trusted Life Cycle for Secure Open Source Hardware Speaker: Maria Chiara Molteni (Security Pattern) Abstract: We present a methodology to develop secure and privacy-preserving (I)IoT devices taking advantage of open-source hardware (and software). We call our methodology the trusted lifecycle. Our lifecycle consists of seven phases, which form a chain of trust. One original and practical aspect of the lifecycle is that it enables to set security and privacy guarantees that are context-dependent, not only for the developed device (e.g. device uses strong encryption), but also for the lifecycle (e.g., lifecycle protected against supply chain attacks). Another novel bit is that our lifecycle is the first addressing open-source hardware development. Moreover, we provide a precise definition of open-source hardware that captures the different aspects and constraints of open-source hardware development. |
|
| 11:35 - 12:00 | Noise Secure Channel in Open Hardware Case Study Speaker: Stanislav Jerabek (Tropic Square) Abstract: Open Hardware brings new opportunities as well as challenges regarding security. We present our implementation of Noise_KK1_25519_AESGCM_SHA256 Secure Channel inside the TROPIC01 Open Hardware Secure Element. We describe the architecture of the protocol, its HW/SW distribution, workflow, and justification of the design choices. This work is co-funded by the European Union as a part of the ORSHIN Project. |
|
| 12:00 - 12:25 | PARADISE: Mitigating Power Attacks through Fine-Grained Instruction Reordering on Out-of-Order RISC-V Cores Speaker: Shivam Bhasin (NTU Singapore) Abstract: Power side-channel attacks (SCA) exploit the dependency of power consumption with the instructions and data being processed to extract secrets from a device (e.g., cryptography keys). Majority of the works in the literature investigate protection on small embedded microcontrollers and in-order processors rather than high-performance, out-of-order cores. In this task, we present PARADISE, a general-purpose out-of-order processor with always-on protection, that implements a novel dynamic instruction scheduler to provide obfuscated execution and mitigate power analysis attacks. We exploit the time between operand availability of critical instructions (\textit{slack}) to create high-performance random schedules. PARADISE is built on top of SonicBoom, a RISC-V out-of-order core with a 7-stage pipeline. The resulting overhead in performance, power and area of PARADISE is 3.3%, 1.2% and 0.8% respectively. Further, we highlight the dangers of using incorrect adversarial assumptions, which can often lead to a false sense of security. |
|
| 12:25 | Farewell |
The TASER 2024 workshop is affiliated with CHES 2024: please register with the conference to attend the workshop.