Special Issue on Firmware and Hardware-Assisted Security

Special Issue Overview:

The security of computation on phones, tablets, and other platforms depends critically on the underlying System-On-Chip (SoC) fulfilling its security objectives. A modern SoC consists of several intellectual property (IP) blocks, which interact with the firmware and software stacks to accomplish a particular operation. However, this might result in several security vulnerabilities resulting from the interaction between the firmware and the underlying hardware. For example, a fundamental SoC security objective is that, at any time, the device may only run authenticated firmware. Moreover, the interaction between the hardware and firmware may result in several security vulnerabilities. To this end, a security architect designing a system-level protocol needs to provide a description of the protocol that communicates to the designers of all the participating blocks, including the IPs and the firmware, a sufficient and unambiguous set of requirements. At the same time, the system security architect needs to make sure that the protocol itself does not have security defects. A clear understanding of SoC security, including hardware-assisted security mechanisms, firmware-hardware interaction, and firmware-configured security, is therefore a key component of designing a secure embedded platform. Such an understanding is vital for all who encounter security vulnerabilities during the research, design, development, and implementation of computing technologies. However, there is a lack of common understanding today of the key components of firmware-based security vulnerabilities as perceived and put into practice by SoC designers and researchers.

Firmware security is a very timely topic for both industry and academia and spans the entire silicon ecosystem from technology, foundry, design, EDA, test, verification, and debug, to in-field deployment, and integration into IoT, CPS, edge, and cloud solutions. This special issue is focused on answering one or more of the following questions:

1. What are the SoC security challenges associated with malicious firmware?

2. How can a malicious firmware designer subvert the application requirements of a CPS, IoT edge or cloud system?

3. What kind of approaches utilizing hardware as the root of trust are available to detect potential malicious firmware in an SoC?

4. How can one verify the hardware-firmware interactions in an SoC for security enhancement?

The goal of this special issue is to raise awareness of emerging firmware and hardware-assisted security issues with current and emerging computing technologies and their widespread use.

Topics of interest for this special issue include but are not limited to:

• Security Vulnerabilities due to hardware-firmware interaction.

• Security Vulnerabilities due to malicious firmware.

• Security Vulnerabilities due to insecure communication protocols.

• Cyber-Physical System security issues due to the firmware.

• Firmware-related tools, techniques, or mechanisms for improving the security of a system.

• Hardware tools, techniques, or mechanisms for improving the security of a system.

• Tools, techniques, or mechanisms for improving the security of firmware-hardware interactions.

Proposed Tentative Schedule

Open for submissions (anticipated): April 1, 2023

Closed for submission (anticipated): August 1, 2023

Results of first round reviews (anticipated): September 15, 2023

Results of revised manuscripts (anticipated): October 15, 2023

Results of second round of reviews (anticipated): November 15, 2023

Publication material due (anticipated): Spring 2024