This course will discuss the intersection of security and hardware. This is an extremely broad topic, and we'll focus on a specific set of six sub-topics in detail during the class. The course will spend 3 classes (4-6 papers) on each topic:
Class will be in-person, and since is mostly discussion it will be critical to attend. We will adapt as needed, but class is not planned to be hybrid at this time.
There are four parts to the course: reading papers (~3 / week), generating questions based on these papers, presenting and guiding discussion of papers, and a major project.
During the course you will be required to lead/co-lead several paper discussions. This will entail synthesizing discussion topics from both the paper itself, and from questions and point supplied by your classmates.
Finally, there is a quarter-long project you'll propose and complete during the course. This project will need to have a security impact, with a hardware aspect being a critical component. This is super broad, and there is more detail below.
The course will assume a familiarity with security concepts such as threat models, software-based exploitation, and defensive programming. It will also assume a basic understanding of computer architecture, such as caching, multi-core systems, and memory systems. A strong grounding in at-least one of these two sub-areas is strongly recommended.
There is no textbook for the course. All course discussions will be based on readings of academic papers, community writings, etc. There will be supplimental readings supplied for most topics as well, these are optional.
Slides (at least from lecture days) will be posted to here.
There will be an ed discussion board available for questions that come up during readings.
For each class, you will need to write up some thoughts and
questions on the assigned papers. The goal is twofold: to make
sure you have time to digest the papers before class, and to
'crowd-source' some interesting questions for class.
These questions are due at 8am PT the day of class. This is so your classmates can sort through them prior to class.
Submission will be via hotcrp
You will be required to lead several paper discussions throughout the course. Leading discussion has two parts:
|03/28/2022||Course overview, whirlwind tour of hardware security.|
|03/30/2022||Caches - Day 1|
|04/04/2022||Caches - Day 2||Questions due 8am|
|04/06/2022||Caches - Day 3||Questions due 8am|
|04/11/2022||Speculation - Day 1|
|04/13/2022||Speculation - Day 2||Questions due 8am|
|04/18/2022||Speculation - Day 3 (On Zoom)||Questions due 8am|
|04/20/2022||Rowhammer - Day 1 (On Zoom)||Project proposal due FRIDAY at 11:59pm PT|
|04/25/2022||Rowhammer - Day 2||Questions due 8am|
|04/27/2022||Rowhammer - Day 3||Questions due 8am|
|05/02/2022||Trusted Execution - Day 1|
|05/04/2022||Trusted Execution - Day 2||Questions due 8am|
|05/09/2022||Trusted Execution - Day 3||Questions due 8am|
|05/11/2022||Fault Attacks and Embedded Systems - Day 1|
|05/16/2022||Fault Attacks and Embedded Systems - Day 2||Questions due 8am|
|05/18/2022||Fault Attacks and Embedded Systems - Day 3||Questions due 8am|
|05/25/2022||Online: Emerging Threats in Microarchitecture - Day 1|
|05/30/2022||No Class: Holiday|
|06/01/2022||Online: Emerging Threats in Microarchitecture - Day 2||Questions due 8am|
|06/10/2022||Finals Week end||Final project due (11:59pm)|
Projects may take several different forms, but all are expected to be larger and ideally workshop-paper quality/quantity. I'll post some ideas to the class in the first week.
Broadly, some spaces you might consider are:
You will need to write up a document detailing your project proposal and plans. This should be about 1 page with reasonable formatting (LaTeX, Word, google Docs, etc.) You should include: