Colloquium: Flavien Solt | UCSB Computer Science

Flavien Solt.

January 27, 2025

Colloquium: Wednesday, Feb. 3, 3:30 pm, HFH 1132

Title: Software-inspired techniques for Hardware Security

Abstract: We have entered an era where new hardware flourishes at an unprecedented pace and with unseen diversity. We are also living in an era where security and safety are paramount, and where the potential impact of a single bug can be catastrophic. Hence, we urgently need foundations to detect as many hardware bugs as possible before their deployment. Hardware validation is universally recognized as complex, expensive, and tedious. Despite genuine best efforts, the last decade has shown that the industry is incapable of producing non-trivial bug-free hardware. What will then happen with the rise of open-source hardware? Without effective and easy-to-adopt solutions for validation, it is hard to believe that the open-source hardware community will be able to produce safe and secure hardware, despite its best intentions.

Interestingly, the exact same situation occurred in the software world some decades ago. Software was plagued with myriads of bugs and security issues, after which the software community developed a formidable set of tools and methodologies to detect bugs and security issues. Could we adapt some of these tools and methodologies to hardware?

To answer this question, we first built the RemembERR database based on thousands of errata. We deduced two promising techniques for hardware security: dynamic information flow tracking and fuzzing. We introduced CellIFT, a hardware dynamic information flow tracking mechanism that scales to the extent of complex CPUs and SoCs. Based on CellIFT, we introduced μCFI, a generic IFT-based policy capable of finding new CPU bugs and microarchitectural timing channels. Besides IFT, we showed with Cascade that a black-box CPU fuzzer can find dozens of new bugs and outperform other fuzzers’ coverage. We finally demonstrated MiRTL, a new class of hardware attacks that relies on EDA software bugs, and proposed TransFuzz, a fuzzer that produces complex hardware descriptions to find such bugs in popular open-source EDA software. All these contributions demonstrate that when properly adapted, software security techniques can provide effective and easy-to-adopt solutions that will empower safer and more secure hardware.

Bio: Flavien is a postdoc in the EECS department at UC Berkeley with Prof. Christopher Fletcher. Before, he was a PhD student in the Department of Information Technology and Electrical Engineering at ETH Zurich with Prof. Kaveh Razavi. His PhD dissertation was recognized with the ETH medal. His research focuses on digital hardware security, resulting in impactful publications in leading security and computer architecture venues, including USENIX Security, S&P, MICRO, ISCA, and CCS.