ACM Journal on Emerging Technologies in Computing Systems

Special issue on CAD for Security: Pre-silicon Security Sign-off Solutions Through Design Cycle

Guest Editors


Farimah Farahmandi, University of Florida, farimah@ece.ufl.edu
Ankur Sirvastava, University of Maryland, ankurs@umd.edu
Giorgio Di Natali, TIMA Laboratory, University of Grenoble, giorgio.di-natale@univ-grenoble-alpes.fr
Mark Tehranipoor, University of Florida, tehranipoor@ece.ufl.edu

Security vulnerabilities in hardware designs are of major concerns since it is almost impossible to patch them once
they are fabricated and deployed in the field. Recent studies have shown many vulnerabilities in SoC
implementations, including side-channel leakage, information leakage, access control violations, malicious change,
etc. These attacks can effectively bypass the security mechanisms built at the software level and put chips or
systems at major risk. Ensuring the security of modern SoC designs is challenging due to their complexity, aggressive
time-to-market demands, and the variety of attacks introduced against hardware designs. Given the wide usage of
SoCs in mission-critical applications, it is critical to ensure their security before deployment. However, most of the
existing solutions lack automation and rely on manual approaches and design reviews that are not efficient nor
scalable. The semiconductor industry and system integrators are looking for a set of metrics, reusable security
solutions, and automatic computer-aided design (CAD) tools to aid analysis, identifying, root-causing, and mitigating
SoC security problems.

Vulnerabilities in SoCs are due to design mistakes, lack of security understanding by designers, design
transformations, increased attack surfaces, and malicious intents. Further, exiting CAD tools are used in SoC design
flow can introduce additional vulnerabilities in the SoCs unintentionally. For example, some design
practices/choices may make the design vulnerable to timing and power side-channel leakage. Not only will these
vulnerabilities move from one level of abstraction to another, but unique vulnerabilities can also be introduced
during design transformations. For example, an RTL design with power side-channel issues can suffer from access
control issues when it is synthesized to gate-level, and design-for-debug infrastructure will be inserted. Therefore,
it is essential to have automatic CAD solutions to be able to analyze the security of SoCs in a comprehensive manner,
in all levels of abstractions, and against all existing threats (e.g., fault-injection, side-channel, and hardware Trojan
attacks). CAD tools should be able to access the security of the design in the pre-silicon stage and suggest possible
countermeasures while still it is possible to modify the design and address the potential vulnerabilities. Finally,
addressing a security vulnerability at the later stages of the design and fabrication process would cost 10X more
than the previous stage, hence it is of utmost importance to address the vulnerabilities at the higher levels of
abstractions to provide higher flexibility and lower the total cost of mitigation.

Considering the above challenges and potential solutions, the scope of this Special Issue of ACM JETC calls for
automatic CAD solutions for security sign-off in all levels of abstractions (i.e., C/C++, RTL, gate-level, and layout)
which include the following but not limited to:

• Power-side channel vulnerability assessment and countermeasures
• Timing-side channel vulnerability assessment and countermeasures
• Electromagnetic radiation vulnerability assessment and countermeasures
• Fault-injection vulnerability evaluation and countermeasures
• Automatic security property generation
• Security equivalence checking between different design abstractions
• Security equivalence checking between different SoCs
• Optical/microprobing/nanoprobing vulnerability assessment and countermeasures
• (Anti-)Reverse engineering and physical attacks
• FPGA Bitstream protection and vulnerabilities
• Trojans and backdoors: Detection and prevention
• Information leakage assessment and countermeasures
• Physical data extraction and countermeasures
• Finite statement machine hardening
• Automated physical assurance solutions

Submission Guidelines

All original manuscripts or revisions to the ACM JETC must be submitted online at
https://mc.manuscriptcentral.com/jetc. The author guidelines for ACM JETC can be found at
https://dl.acm.org/journal/jetc/author-guidelines . To make sure that your article will be considered for this
special issue, you need to select the submission type as “SI: CAD for Hardware Security”. Authors must also
mention the same in their submission cover letter.

Submitted articles must not have been previously published or currently submitted for publication elsewhere. For
previously published conference papers, it is required that submissions to the special issue have at least 30% new
content. Submissions that do not meet this requirement will be summarily rejected.

Important Dates

• Submissions deadline: November 1, 2021
• First-round review decisions: January 2022
• Deadline for revision submissions: February 2022
• Notification of final decisions: April 2022
• Tentative publication: 2022

For further information, please contact Farimah Farahmandi at farimah@ece.ufl.edu and Mark Tehranipoor at
tehranipoor@ece.ufl.edu.