Meeting Register Page

Trust but Verify: Hardware Assurance in a Globalized Supply Chain through Reverse Engineering | Domenic Forte | webinar 2021
The economics of the modern semiconductor industry has created an atmosphere that is more conducive to malicious supply chain activities. In the past, original component/equipment manufacturers were in complete control of fabrication, packaging, testing, and distribution of their electronics. Today, however, the prohibitive costs associated with owning and operating fabrication facilities (or "fabs") has made this infeasible for all but a few companies. As a result, the model now followed is "fabless" where many of the aforementioned steps are outsourced to facilities in a handful of countries. With lesser oversight over supply chains, state level attackers and other hackers can surreptitiously modify integrated circuits (ICs) and printed circuit boards (PCBs) with hardware Trojans, killswitches, and backdoors. In parallel, the shorter product lifecycles and increasing amounts of e-waste are incentivizing and facilitating counterfeit electronics.

In this talk, we shall debunk common myths and present the recent advances in IC/PCB reverse engineering steps: delayering, imaging, automated image analysis, and automated annotation. Further, we will delineate the scenarios where reverse engineering can support hardware security and assurance. Finally, we will describe the gaps that need to be filled before realizing the ideal hardware assurance flows.

Speaker Bio:
Domenic Forte is an Associate Professor and the Steven A. Yatauro Faculty Fellow with the Electrical and Computer Engineering Department at University of Florida, where he also serves at the Director of the FICS Research SeCurity and AssuraNce (SCAN) lab. His research covers the domain of hardware security from nano devices to printed circuit boards (PCBs) where he has nearly 200 publications. Dr. Forte is a senior member of the IEEE, a member of the ACM, and serves on the organizing committees of top conferences in hardware security such as HOST and AsianHOST.
* Required information