The paper proposes a taxonomy of 20 hardware-level governance mechanisms for AI compute, finding that the most critical mechanisms needed for international treaty verification are currently the least…

This paper surveys the use of hardware emulation for security verification in System-on-Chip (SoC) design, positioning emulation as a critical, high-fidelity pre-silicon assurance technology.

This survey reviews the integration of AI and LLMs into hardware security verification, demonstrating its potential to automate complex stages while stressing the necessity of grounding AI outputs in…

The paper proposes HammerWatch, a novel remote attestation protocol that enables external verifiers to detect hardware-induced disturbances, specifically Rowhammer-like attacks, by analyzing memory-le…

This paper demonstrates a novel GPU-side privilege escalation attack, showing that Rowhammer can be used to target and tamper with page tables to gain unauthorized access to co-tenant memory and ultim…

BlindMarket is a zero-trust framework that enables the verifiable, confidential, and traceable distribution of hardware IP cores between vendors and users.

This study demonstrates that the publicly distributed firmware of ASIC cryptocurrency miners constitutes a primary and sufficient attack surface, allowing attackers to reconstruct internal architectur…

The paper proposes Rowhammer Vulnerability Counter (RVC), a novel framework that improves RowHammer mitigation by tracking a row's actual vulnerability to bit flips rather than relying on simple activ…

Hawkeye is a system that allows perfect, precision-preserving reproduction of GPU-level matrix multiplication operations on a CPU, enabling efficient and trustworthy third-party auditing of machine le…

CIPHR introduces a novel, fine-grain hardware redaction methodology inspired by cryptographic indistinguishability to protect intellectual property against structural attacks that exploit existing art…

The paper proposes a method for bit-exact verification of AI inference outputs without sacrificing performance, demonstrating that deterministic, precise re-computation is possible even across differe…

LIPPEN introduces a novel hardware-software co-design that provides strong, zero-overhead pointer encryption for enhanced memory safety, achieving comprehensive pointer integrity and confidentiality.

The paper proposes a decentralized, witnessing-zone architecture that enhances Proof-of-Location (PoL) to provide robust, auditable evidence of physical events, thereby improving sensor data trustwort…

This paper systematizes two decades of hardware reverse engineering research by analyzing 187 publications, identifying key technical methods and recommending improvements for reproducibility, standar…

HammerSim is a new gem5-based framework that provides full-system visibility to model the RowHammer vulnerability, allowing researchers to study complex OS effects and hardware/software mitigations.

HammerSim is a novel gem5-based framework that provides full-system visibility to model the RowHammer vulnerability, allowing researchers to evaluate complex hardware and software mitigations.

TeeDAO introduces a novel three-layer framework that autonomously organizes and manages multiple heterogeneous Trusted Execution Environments (TEEs) to provide robust, distributed-trust systems with h…

The paper proves that platform-deterministic inference is a necessary and sufficient condition for trustworthy AI, establishing that AI trust fundamentally relies on consistent arithmetic.

The paper introduces PVAC, a novel victim-based row counting mechanism that accurately tracks RowHammer attacks by incrementing counters on the victim row, thereby improving hammering tolerance and pe…

This survey reviews hardware-rooted trust mechanisms, such as PUFs and TPMs, demonstrating that hardware-based solutions are superior to software-only methods for ensuring secure authentication and AI…