The workshop takes place on Thursday September 22, in the morning. All times in the schedule are CEST times. The final versions of the papers can be accessed by clicking on the title in the program or via the proceedings in the HAL open archive.

Thursday September 22, 2022
9:00 – 9:15 Registration
9:15 – 9:20 Opening remarks
9:20 – 10:20 Keynote (chair: Ulrich Kühne)
10:20 – 10:45 Paper session (chair: Ulrich Kühne)
10:45 – 11:10 Break
11:10 – 12:10 Keynote (chair: Maria Mushtaq)
12:10 – 13:00 Paper session (chair: Jean-Luc Danger)
13:00 – 13:05 Closing remarks

First Keynote

Frank Piessens

Provable Security Against Transient Execution Attacks Through Hardware/Software Co-design

Abstract: Transient execution attacks are a threat to many important computation platforms, such as, for instance, cloud platforms or browsers. A key challenge in mitigating these attacks is achieving strong security guarantees without giving up on the performance benefits that speculation and out-of-order execution offer. One promising approach to achieve good performance/security trade-offs is to co-design hardware and software countermeasures in a systematic way. This talk will discuss how the combination of specific software and hardware countermeasures can provide both provable and efficient end-to-end security guarantees against Spectre attacks.

Frank Piessens is a full professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium. His research field is software and systems security. He has worked both on attack techniques, as well as on defenses. On the defense side, he has contributed to verification techniques for C-like languages, the enforcement of information flow security, countermeasures for memory safety related vulnerabilities, and the design and implementation of embedded security architectures. On the attack side, he has contributed to the discovery of several transient execution attacks, and to the development of exploitation techniques for memory safety vulnerabilities. Frank has served on the program committee of numerous security and software conferences including ACM CCS, Usenix Security, IEEE Security & Privacy, and ACM POPL. He acted as program chair for the International Conference on Principles of Security and Trust (POST 2016), for the IEEE European Symposium on Security & Privacy (Euro S&P 2018 & 2019), and for the IEEE Secure Development Conference (SecDev 2021 & 2022).

Second Keynote

Russel Tessier

Security Challenges and Solutions for Multi-Tenant FPGAs

Abstract: The increased use of FPGAs in cloud and embedded computing environments has led to a number of potential security risks. The sizable amount of logic resources in these devices makes them amenable to sharing across multiple untrusted tenants. However, the co-location of multiple independent circuits presents the possibility of side-channel and fault injection attacks. In this talk, a series of multi-tenant FPGA attacks involving on-chip voltage manipulation will be described and analyzed. These attacks have been performed on multiple families of Intel FPGAs, including Stratix 10 devices and Xilinx UltraScale+ devices. A sensor-based remediation approach that can prevent a voltage attack within 20 microseconds in a Stratix 10 device will also be presented.

Russell Tessier is a Professor of Electrical and Computer Engineering at the University of Massachusetts Amherst. He has performed research in FPGAs and reconfigurable computing for over 30 years. He was a founder of Virtual Machine Works, an FPGA-based logic emulation company that is now owned by Siemens. Among other service roles, he has served on the Program Committee of the ACM/SIGDA International Symposium on FPGAs since 2000. His recent research interests include FPGA security and cloud FPGA computing.