About the Course

This course will discuss the intersection of security and hardware. This is an extremely broad topic, and we'll focus on a specific set of six sub-topics in detail during the class. The course will spend 3 classes (4-6 papers) on each topic:

Class will be in-person, and since is mostly discussion it will be critical to attend. We will adapt as needed, but class is not planned to be hybrid at this time.

There are four parts to the course: reading papers (~3 / week), generating questions based on these papers, presenting and guiding discussion of papers, and a major project.

During the course you will be required to lead/co-lead several paper discussions. This will entail synthesizing discussion topics from both the paper itself, and from questions and point supplied by your classmates.

Finally, there is a quarter-long project you'll propose and complete during the course. This project will need to have a security impact, with a hardware aspect being a critical component. This is super broad, and there is more detail below.


The course will assume a familiarity with security concepts such as threat models, software-based exploitation, and defensive programming. It will also assume a basic understanding of computer architecture, such as caching, multi-core systems, and memory systems. A strong grounding in at-least one of these two sub-areas is strongly recommended.

Class materials

There is no textbook for the course. All course discussions will be based on readings of academic papers, community writings, etc. There will be supplimental readings supplied for most topics as well, these are optional.

Slides (at least from lecture days) will be posted to here.

Discussion Board

There will be an ed discussion board available for questions that come up during readings.

Summary and Discussion Questions

For each class, you will need to write up some thoughts and questions on the assigned papers. The goal is twofold: to make sure you have time to digest the papers before class, and to 'crowd-source' some interesting questions for class.
These questions are due at 8am PT the day of class. This is so your classmates can sort through them prior to class.
Submission will be via hotcrp

In-class Discussion Leadings

You will be required to lead several paper discussions throughout the course. Leading discussion has two parts:

Grading and Evaluation

Date Topic Readings Assignments
Week 1
03/28/2022 Course overview, whirlwind tour of hardware security.
03/30/2022 Caches - Day 1
Week 2
04/04/2022 Caches - Day 2 Questions due 8am
04/06/2022 Caches - Day 3 Questions due 8am
Week 3
04/11/2022 Speculation - Day 1
04/13/2022 Speculation - Day 2 Questions due 8am
Week 4
04/18/2022 Speculation - Day 3 (On Zoom) Questions due 8am
04/20/2022 Rowhammer - Day 1 (On Zoom) Project proposal due FRIDAY at 11:59pm PT
Week 5
04/25/2022 Rowhammer - Day 2 Questions due 8am
04/27/2022 Rowhammer - Day 3 Questions due 8am
Week 6
05/02/2022 Trusted Execution - Day 1
05/04/2022 Trusted Execution - Day 2 Questions due 8am
Week 7
05/09/2022 Trusted Execution - Day 3 Questions due 8am
05/11/2022 Fault Attacks and Embedded Systems - Day 1
Week 8
05/16/2022 Fault Attacks and Embedded Systems - Day 2 Questions due 8am
05/18/2022 Fault Attacks and Embedded Systems - Day 3 Questions due 8am
Week 9
05/23/2022 Cancelled!
05/25/2022 Online: Emerging Threats in Microarchitecture - Day 1
Week 10
05/30/2022 No Class: Holiday
06/01/2022 Online: Emerging Threats in Microarchitecture - Day 2 Questions due 8am
Week 11
06/10/2022 Finals Week end Final project due (11:59pm)

Project Details

Projects may take several different forms, but all are expected to be larger and ideally workshop-paper quality/quantity. I'll post some ideas to the class in the first week.

Broadly, some spaces you might consider are:

Project Proposal

You will need to write up a document detailing your project proposal and plans. This should be about 1 page with reasonable formatting (LaTeX, Word, google Docs, etc.) You should include: