Foto von Alexander Hepp

Alexander Hepp

Technische Universität München

Dienstort

Lehrstuhl für Sicherheit in der Informationstechnik (Prof. Sigl)

Work:
Theresienstr. 90(0101)/1.ZG
80333 München

Forschungsgebiete

  • Hardware trojan design/identification
  • Netlist reverse engineering
  • Neuro engineering

Lehre

The course is not (anymore) in the list

Offene Arbeiten für Studenten

Bachelorarbeiten

Performant Trace Recording with Streaming Mode

Beschreibung

Oscilloscope Trace Recording requires quick data processing, low-level driver API handling, high level post-processing, all highly configurable for scientific applications. To increase performance on the oscilloscope side, it is important to use the streaming mode, that is near real-time recording from the scope. This creates tight constraints for data processing on the computer side, as Samples will arrive with 1.2 GBit/s

In this thesis, you will continue development of a skeleton application for this task, written in Rust

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a System-Level Programming language such as C/C++/Rust etc. as a baseline for programming abilities
  • Basic to intermediate knowledge of Rust, to be able to actually enhance the status quo in Rust. Learning on the job is possible, probably.
  • In the optimum case experience with (Side-Channel) Trace Measurement, to understand the environment of the program

 

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Needles in Haystacks

Beschreibung

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

Detection methods have come a long way, but still cannot archieve good performance in realistic scenarios.

During this thesis, you will implement and improve an existing hardware trojan detection method.

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python, because machine learning and reverse engineering tools build on this
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for understanding the trojan samples
  • Basic knowledge in design/architecture of hardware design to understand  trojan location and insertion.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Entwicklung von Werkzeugen für das Reverse Engineering

Beschreibung

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Implementation of Hardware Trojans

Beschreibung

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

In order to develop methods for hardware trojan detection, specimens of hardware trojans are needed. Unfortunately, the variety of specimen currently available is very low.

During this thesis, you will implement a hardware trojan for a FPGA or ASIC circuit.

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python for designing an interface
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the trojan
  • Basic knowledge in design/architecture of cryptographic algorithms / CPUs to know where a trojan might be injected

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Masterarbeiten

Hide and Seek

Beschreibung

Side-Channel based exfiltration of cryptographic secrets is an long-standing and ever occuring problem when implementing cryptographic algorithms under the assumption of real hardware.

Established formally-proved countermeasures against side channels do not provide definite protection. In the real world, a multitude of hardening measures are necessary to provide in depth-protection.

In this thesis, you will try and compare different methods of in-depth protection.

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python for measurement automisation etc.
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the hardening measures
  • In the optimum case experience with FPGAs to try the measures in the real world.
  • Knowledge in design/architecture of cryptographic algorithms to know when and how to do the hardening.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Needles in Haystacks

Beschreibung

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

Detection methods have come a long way, but still cannot archieve good performance in realistic scenarios.

During this thesis, you will implement and improve an existing hardware trojan detection method.

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python, because machine learning and reverse engineering tools build on this
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for understanding the trojan samples
  • Basic knowledge in design/architecture of hardware design to understand  trojan location and insertion.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Implementation of Hardware Trojans

Beschreibung

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

In order to develop methods for hardware trojan detection, specimens of hardware trojans are needed. Unfortunately, the variety of specimen currently available is very low.

During this thesis, you will implement a hardware trojan for a FPGA or ASIC circuit.

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python for designing an interface
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the trojan
  • Basic knowledge in design/architecture of cryptographic algorithms / CPUs to know where a trojan might be injected

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Interdisziplinäre Projekte

Performant Trace Recording with Streaming Mode

Beschreibung

Oscilloscope Trace Recording requires quick data processing, low-level driver API handling, high level post-processing, all highly configurable for scientific applications. To increase performance on the oscilloscope side, it is important to use the streaming mode, that is near real-time recording from the scope. This creates tight constraints for data processing on the computer side, as Samples will arrive with 1.2 GBit/s

In this thesis, you will continue development of a skeleton application for this task, written in Rust

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a System-Level Programming language such as C/C++/Rust etc. as a baseline for programming abilities
  • Basic to intermediate knowledge of Rust, to be able to actually enhance the status quo in Rust. Learning on the job is possible, probably.
  • In the optimum case experience with (Side-Channel) Trace Measurement, to understand the environment of the program

 

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Entwicklung von Werkzeugen für das Reverse Engineering

Beschreibung

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Forschungspraxis (Research Internships)

Performant Trace Recording with Streaming Mode

Beschreibung

Oscilloscope Trace Recording requires quick data processing, low-level driver API handling, high level post-processing, all highly configurable for scientific applications. To increase performance on the oscilloscope side, it is important to use the streaming mode, that is near real-time recording from the scope. This creates tight constraints for data processing on the computer side, as Samples will arrive with 1.2 GBit/s

In this thesis, you will continue development of a skeleton application for this task, written in Rust

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a System-Level Programming language such as C/C++/Rust etc. as a baseline for programming abilities
  • Basic to intermediate knowledge of Rust, to be able to actually enhance the status quo in Rust. Learning on the job is possible, probably.
  • In the optimum case experience with (Side-Channel) Trace Measurement, to understand the environment of the program

 

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Hide and Seek

Beschreibung

Side-Channel based exfiltration of cryptographic secrets is an long-standing and ever occuring problem when implementing cryptographic algorithms under the assumption of real hardware.

Established formally-proved countermeasures against side channels do not provide definite protection. In the real world, a multitude of hardening measures are necessary to provide in depth-protection.

In this thesis, you will try and compare different methods of in-depth protection.

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python for measurement automisation etc.
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the hardening measures
  • In the optimum case experience with FPGAs to try the measures in the real world.
  • Knowledge in design/architecture of cryptographic algorithms to know when and how to do the hardening.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Needles in Haystacks

Beschreibung

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

Detection methods have come a long way, but still cannot archieve good performance in realistic scenarios.

During this thesis, you will implement and improve an existing hardware trojan detection method.

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python, because machine learning and reverse engineering tools build on this
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for understanding the trojan samples
  • Basic knowledge in design/architecture of hardware design to understand  trojan location and insertion.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Implementation of Hardware Trojans

Beschreibung

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

In order to develop methods for hardware trojan detection, specimens of hardware trojans are needed. Unfortunately, the variety of specimen currently available is very low.

During this thesis, you will implement a hardware trojan for a FPGA or ASIC circuit.

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a High-Level Programming language such as python for designing an interface
  • Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the trojan
  • Basic knowledge in design/architecture of cryptographic algorithms / CPUs to know where a trojan might be injected

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Studentische Hilfskräfte

Performant Trace Recording with Streaming Mode

Beschreibung

Oscilloscope Trace Recording requires quick data processing, low-level driver API handling, high level post-processing, all highly configurable for scientific applications. To increase performance on the oscilloscope side, it is important to use the streaming mode, that is near real-time recording from the scope. This creates tight constraints for data processing on the computer side, as Samples will arrive with 1.2 GBit/s

In this thesis, you will continue development of a skeleton application for this task, written in Rust

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a System-Level Programming language such as C/C++/Rust etc. as a baseline for programming abilities
  • Basic to intermediate knowledge of Rust, to be able to actually enhance the status quo in Rust. Learning on the job is possible, probably.
  • In the optimum case experience with (Side-Channel) Trace Measurement, to understand the environment of the program

 

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Entwicklung von Werkzeugen für das Reverse Engineering

Beschreibung

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Aktuelle Veröffentlichungen

Suche
Kein Ergebnis

Hinweis: Die „Schnellsuche“ findet nur Text in den angezeigten Feldern; nicht in Abstracts oder Schlagwörtern. Der Suchbegriff muss mindestens 3 Buchstaben lang sein.

2022

  • Aksoy, Levent and Hepp, Alexander and Baehr, Johanna and Pagliarini, Samuel: Hardware Obfuscation of Digital FIR Filters. 25th International Symposium on Design and Diagnostics of Electronic Circuits and Systems, IEEE, 2022Prague, Czech Republic, 68-73 mehr… BibTeX Volltext ( DOI )
  • Baehr, Johanna and Hepp, Alexander and Brunner, Michaela and Malenko, Maja and Sigl, Georg: Open Source Hardware Design and Hardware Reverse Engineering: A Security Analysis. Euromicro Conference on Digital System Design DSD, 2022Maspalomas, Gran Canarias, Spain mehr… BibTeX
  • Brunner, Michaela and Hepp, Alexander and Baehr, Johanna and Sigl, Georg: Toward a Human-Readable State Machine Extraction. ACM Trans. Des. Autom. Electron. Syst. 27 (6), 2022 mehr… BibTeX Volltext ( DOI )
  • Hepp, Alexander and Baehr, Johanna and Sigl, Georg: Golden Model-Free Hardware Trojan Detection by Classification of Netlist Module Graphs. Design, Automation and Test in Europe Conference, IEEE, 2022Antwerp, Belgium, 1317-1322 mehr… BibTeX Volltext ( DOI )
  • Hepp, Alexander and Perez, Tiago and Pagliarini, Samuel and Sigl, Georg: A Pragmatic Methodology for Blind Hardware Trojan Insertion in Finalized Layouts. Proceedings of the 41st IEEE/ACM International Conference on Computer-Aided Design ICCAD (ICCAD '22), Association for Computing Machinery, 2022 mehr… BibTeX Volltext ( DOI )
  • Lippmann, Bernhard and Ludwig, Matthias and Mutter, Johannes and Bette, Ann-Christin and Hepp, Alexander and Baehr, Johanna and Rasche, Martin and Kellermann, Oliver and Gieser, Horst and Zweifel, Tobias and Kovac, Nicola: Physical and Functional Reverse Engineering Challenges for Advanced Semiconductor Solutions. 2022 Design, Automation & Test in Europe Conference & Exhibition DATE, IEEE, 2022Antwerp, Belgium mehr… BibTeX
  • Weber, Selina and Baehr, Johanna and Hepp, Alexander and Sigl, Georg: Analysis of Graph-based Partitioning Algorithms and Partitioning Metrics for Hardware Reverse Engineering. 11th International Workshop on Security Proofs for Embedded Systems (PROOFS), 2022Leuven, Belgium mehr… BibTeX

2021

  • Hepp, Alexander and Sigl, Georg: Tapeout of a RISC-V Crypto Chip with Hardware Trojans: A Case-Study on Trojan Design and Pre-Silicon Detectability. Proceedings of the 18th ACM International Conference on Computing Frontiers (CF '21), Association for Computing Machinery, 2021Virtual: Catania, Italy mehr… BibTeX Volltext ( DOI )
  • Ludwig, Matthias and Hepp, Alexander and Brunner, Michaela and Baehr, Johanna: CRESS: Framework for Vulnerability Assessment of Attack Scenarios in Hardware Reverse Engineering. 2021 IEEE Physical Assurance and Inspection of Electronics (PAINE), 2021Washington DC, US mehr… BibTeX Volltext ( DOI )

Kostenlose Volltexte für ausgewählte Veröffentlichungen

Sie können hier die Volltexte meiner Publikationen kostenlos herunterladen
10.1145/3457388.3458869 Tapeout of a RISC-V crypto chip with hardware trojans
10.1109/PAINE54418.2021.9707695 CRESS: Framework for Vulnerability Assessment of Attack Scenarios in Hardware Reverse Engineering
10.1145/3513086 Towards a Human-readable State Machine Extraction
DDECS 2022 (wird veröffentlicht) Hardware Obfuscation of Digital FIR Filters (Best Paper Award)