Studentische Arbeiten und Werkstudententätigkeiten

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

Detection methods have come a long way, but still cannot archieve good performance in realistic scenarios.

During this thesis, you will implement and improve an existing hardware trojan detection method.

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a High-Level Programming language such as python, because machine learning and reverse engineering tools build on this
• Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for understanding the trojan samples
• Basic knowledge in design/architecture of hardware design to understand  trojan location and insertion.

Artificial Intelligence (AI) experience growing popularity in edge devices. The increasing usage of AI on edge devices enlarges the relevance of security of the Intellectual Property (IP) stored within the algorithm. As an attacker can gain physical access to the device, hardware attacks such as Side-Channel Analysis (SCA) must be considered [1]. SCA uses physical quantities like the power consumption to extract valuable information about the AI algorithm.

A common technique to counter SCA is masking [2], which introduces random numbers to make intermediate results and the power consumption independent of secret values.

In this work an existing FPGA implementation of a neural network accelerator should be extended to execute different types of neural networks.

Start: Anytime

References

[1] Lejla Batina, Shivam Bhasin, Dirmanto Jap, and Stjepan Picek. 2019. CSI NN: reverse engineering of neural network architectures through electromagnetic side channel. In Proceedings of the 28th USENIX Conference on Security Symposium (SEC'19). USENIX Association, USA, 515–532.

[2] Athanasiou, Konstantinos & Wahl, Thomas & Ding, A. & Fei, Yunsi. (2022). Masking Feedforward Neural Networks Against Power Analysis Attacks. Proceedings on Privacy Enhancing Technologies. 2022. 501-521. 10.2478/popets-2022-0025.

• VHDL
• Python

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a python to use our existing framework
• Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
• Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

In order to develop methods for hardware trojan detection, specimens of hardware trojans are needed. Unfortunately, the variety of specimen currently available is very low.

During this thesis, you will implement a hardware trojan for a FPGA or ASIC circuit.

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a High-Level Programming language such as python for designing an interface
• Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the trojan
• Basic knowledge in design/architecture of cryptographic algorithms / CPUs to know where a trojan might be injected

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

Detection methods have come a long way, but still cannot archieve good performance in realistic scenarios.

During this thesis, you will implement and improve an existing hardware trojan detection method.

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a High-Level Programming language such as python, because machine learning and reverse engineering tools build on this
• Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for understanding the trojan samples
• Basic knowledge in design/architecture of hardware design to understand  trojan location and insertion.

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

In the near future, lattice-based cryptography will replace RSA and ECC as standard for public key cryptography. This puts the implementation security of lattice-based cryptography into the spotlight, in particular the number theoretic transform. Its internal structure makes it a target for power/electromagnetic side channel attacks. During this thesis, you will conduct a practical side channel analysis of the number theoretic transform in our laboratory and evaluate different countermeasures like masking and shuffling.

* Experience with embedded programming: C or Rust
* Experience with Python
* Experience with Linux
* Motivation to learn about implementation security and side channel attacks

As the ongoing development of quantum computers poses a significant threat to classic assymetric cryptography, new approaches for assymetric encryption and signatures need to be developed. These post-quantum secure cryptography can be grouped into different subsets, among them schemes based on lattices, error-correcting codes, isogenies or multivariate equations.

The NIST (National Institute of Standards and Technology) chose 3 lattice-based Post-Quantum secure algorithms for standardization in July 2022.

The goals of this work is to implement one these algorithms on a State-of-the-Art RISC-V platform and evaluate its potential for hardware acceleration as well as its side-channel resilience.

References:

NIST Round 3 Report

• Very good programming skills in C and RISC-V assembly
• Experience in hardware design with VHDL or SystemVerilog

Memory safety bugs, e.g., buffer-overflows or use-after-free, remain in the top ranks of security
vulnerabilities. New hardware extensions such as the ARM Memory Tagging Extension help as
mitigation, but are not yet available for all architectures. In this work, you will analyze and com-
pare different methods for hardware-based memory safety approaches and will identify their
advantages/disadvantages. You will then implement support for memory safety for RISC-V in
the gem5 simulator. The work done is part of the Chip Design Center Bayern Innovative that
helps build an independent Chip Design infrastructure in Bavaria.In this project the Fraun-
hofer AISEC helps to develop secure RISC-V systems and encourages publication of the final
results.

The following list of prerequisites is not complete, but shall give you an idea what is expected.

• Knowledge in C/C++ to use and adapt the instrumentation and simulation framework
• Basic knowledge of computer architectures
• Basic knowledge in a scripting language, e.g. Python

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a python to use our existing framework
• Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
• Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

Classic asymmetric cryptography is based on mathematical problems like discrete logarithm or integer factorization. With large-scale quantum computers, these problems can be solved in very short time, which causes a serious threat to cryptographic systems.

Post-Quantum Cryptography (PQC) describes cryptographic approaches that are secure even in the presence of such quantum computers. To evaluate the security and efficiency of such systems, NIST started a competition that aims to define a new standard [1].

Depending on the scope of this work, the goal is to implement HW accelerators for commonly used operations in PQC, integrate them into a RISC-V environment and evaluate their impact on performance for PQC.

[1] https://csrc.nist.gov/projects/post-quantum-cryptography

Ideally, you should have knowledge of the following:

• A hardware description language like VHDL/Verilog/SystemVerilog
• Experience running simulations using ModelSim
• Basic C programming skills

Neural Networks are inevitable in everyday life. Speech and face recognition as well as driverless cars are just some examples where Artificial Neural Networks (ANN) are used. Training a deep ANN is very time-consuming and computational expensive. Thus, the intellectual property stored in an ANN is an asset worth to protect. Additionally, implementations on edge devices need to be power-efficient whilst maintaining a high throughput. [1] or [2] are examples for frameworks aiming to fulfill these requirements.

A side-channel attack can be used to extract the network parameters such as the number or type of layers, as well as weights and bias values. In [3, 4] side-channel attacks on different implementations of ANNs are performed. 

In this work, a side-channel attack on autogenerated implementations of different ANNs should be performed. This includes a detailed analysis of the side-channel properties of the different implementations.

 Start of Thesis: Anytime

References:

[1] M. Blott, T. B. Preußer, N. J. Fraser, G. Gambardella, K. O’brien, Y. Umuroglu, M. Leeser, and K. Vissers, “Finn-r: An end-to-end deep-learning framework for fast exploration of quantized neural networks,” ACM Transactions on Reconfigurable Technology and Systems (TRETS), vol. 11, no. 3, pp. 1–23, 2018.
[2] Y. Umuroglu and M. Jahre, “Streamlined deployment for quantized neural networks,” arXiv preprint arXiv:1709.04060, 2017.
[3] L. Batina, S. Bhasin, D. Jap, and S. Picek, “{CSI}{NN}: Reverse engineering of neural network architectures through electromagnetic side channel,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), pp. 515–532, 2019.
[4] A. Dubey, R. Cammarota, and A. Aysu, “Bomanet: Boolean masking of an entire neural network," arXiv preprint arXiv:2006.09532, 2020.

• VHDL/Verilog Knowledge
• Sichere Implementierung Kryptographischer Verfahren (SIKA)
• Python Skills

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

In order to develop methods for hardware trojan detection, specimens of hardware trojans are needed. Unfortunately, the variety of specimen currently available is very low.

During this thesis, you will implement a hardware trojan for a FPGA or ASIC circuit.

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a High-Level Programming language such as python for designing an interface
• Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the trojan
• Basic knowledge in design/architecture of cryptographic algorithms / CPUs to know where a trojan might be injected

Each integrated ciruict is subject to process variations. PUFs can derive secret keys from this fingerprint-like feature of a device. To ensure stable cryptographic keys error correction is needed.

If this might be interesting for you, feel free to contact me. With this position, I am not targeting a specific topic, but it is rather a nice opportunity work on any kind of error correction topic for PUFs. Depending on your kind of thesis/internship, your background and knowledge, and most importantly your interests, we can try to find a suitable topic together.

Helpful previous knowledge:

• Error correcting Codes
• PUFs

Helpful Tools (you will not need all of them at once most likely)

• Python
• Matlab
• Verilog (for FPGA)
• Reading Papers
• C (e.g for Microcontroller)

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Each integrated ciruict is subject to process variations. PUFs can derive secret keys from this fingerprint-like feature of a device. To ensure stable cryptographic keys error correction is needed.

If this might be interesting for you, feel free to contact me. With this position, I am not targeting a specific topic, but it is rather a nice opportunity work on any kind of error correction topic for PUFs. Depending on your kind of thesis/internship, your background and knowledge, and most importantly your interests, we can try to find a suitable topic together.

Helpful previous knowledge:

• Error correcting Codes
• PUFs

Helpful Tools (you will not need all of them at once most likely)

• Python
• Matlab
• Verilog (for FPGA)
• Reading Papers
• C (e.g for Microcontroller)

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

Detection methods have come a long way, but still cannot archieve good performance in realistic scenarios.

During this thesis, you will implement and improve an existing hardware trojan detection method.

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a High-Level Programming language such as python, because machine learning and reverse engineering tools build on this
• Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for understanding the trojan samples
• Basic knowledge in design/architecture of hardware design to understand  trojan location and insertion.

Artificial Intelligence (AI) experience growing popularity in edge devices. The increasing usage of AI on edge devices enlarges the relevance of security of the Intellectual Property (IP) stored within the algorithm. As an attacker can gain physical access to the device, hardware attacks such as Side-Channel Analysis (SCA) must be considered [1]. SCA uses physical quantities like the power consumption to extract valuable information about the AI algorithm.

A common technique to counter SCA is masking [2], which introduces random numbers to make intermediate results and the power consumption independent of secret values.

In this work an existing FPGA implementation of a neural network accelerator should be extended to execute different types of neural networks.

Start: Anytime

References

[1] Lejla Batina, Shivam Bhasin, Dirmanto Jap, and Stjepan Picek. 2019. CSI NN: reverse engineering of neural network architectures through electromagnetic side channel. In Proceedings of the 28th USENIX Conference on Security Symposium (SEC'19). USENIX Association, USA, 515–532.

[2] Athanasiou, Konstantinos & Wahl, Thomas & Ding, A. & Fei, Yunsi. (2022). Masking Feedforward Neural Networks Against Power Analysis Attacks. Proceedings on Privacy Enhancing Technologies. 2022. 501-521. 10.2478/popets-2022-0025.

• VHDL
• Python

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

In the near future, lattice-based cryptography will replace RSA and ECC as standard for public key cryptography. This puts the implementation security of lattice-based cryptography into the spotlight, in particular the number theoretic transform. Its internal structure makes it a target for power/electromagnetic side channel attacks. During this thesis, you will conduct a practical side channel analysis of the number theoretic transform in our laboratory and evaluate different countermeasures like masking and shuffling.

* Experience with embedded programming: C or Rust
* Experience with Python
* Experience with Linux
* Motivation to learn about implementation security and side channel attacks

As the ongoing development of quantum computers poses a significant threat to classic assymetric cryptography, new approaches for assymetric encryption and signatures need to be developed. These post-quantum secure cryptography can be grouped into different subsets, among them schemes based on lattices, error-correcting codes, isogenies or multivariate equations.

The NIST (National Institute of Standards and Technology) chose 3 lattice-based Post-Quantum secure algorithms for standardization in July 2022.

The goals of this work is to implement one these algorithms on a State-of-the-Art RISC-V platform and evaluate its potential for hardware acceleration as well as its side-channel resilience.

References:

NIST Round 3 Report

• Very good programming skills in C and RISC-V assembly
• Experience in hardware design with VHDL or SystemVerilog

Memory safety bugs, e.g., buffer-overflows or use-after-free, remain in the top ranks of security
vulnerabilities. New hardware extensions such as the ARM Memory Tagging Extension help as
mitigation, but are not yet available for all architectures. In this work, you will analyze and com-
pare different methods for hardware-based memory safety approaches and will identify their
advantages/disadvantages. You will then implement support for memory safety for RISC-V in
the gem5 simulator. The work done is part of the Chip Design Center Bayern Innovative that
helps build an independent Chip Design infrastructure in Bavaria.In this project the Fraun-
hofer AISEC helps to develop secure RISC-V systems and encourages publication of the final
results.

The following list of prerequisites is not complete, but shall give you an idea what is expected.

• Knowledge in C/C++ to use and adapt the instrumentation and simulation framework
• Basic knowledge of computer architectures
• Basic knowledge in a scripting language, e.g. Python

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a python to use our existing framework
• Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
• Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

Most customers put trust in their hardware vendors and the corresponding supply chain. No matter how well secured these customers’ own infrastructures are, this trust has the potential to devolve the weaknesses of their vendors (and even the vendors’ vendors etc.) into the customers’ own environment, constituting a blind spot in their overall security architecture.
Proposals to address this multi-dimensional problem on the one hand include organizational measures as, for example, establishing Cyber Supply Chain Risk Management (C-SCRM) or demanding third-party certifications, which confirm conformance with standards such as the ISA/IEC 62443 series. On the other hand, technology-based approaches as, for example, physical unclonable functions or IDevID certificates can also help to decrease the amount of trust which has to be put into the hardware supply chain.

Topic
The overall goal of this guided research is to compile a comprehensive overview of the hardware supply chain security landscape including challenges and potential solutions/countermeasures. The focus should lie on but not solely be limited to industrial automation and control systems (IACS).
The first part is to investigate both real-world incidents and academic approaches exploiting the hardware supply chain. Based on this preliminary research and reasoning, a holistic paradigm of trust relationships and corresponding problems in the hardware supply chain has to be derived and consolidated.
In the second part, suitable countermeasures have to be investigated and mapped to this paradigm. These countermeasures should in turn be categorized based on their maturity (ready-to-use, academic PoC, proposal etc.).

• Self-initiative and the ability to work in a self-directed way
• Knowledge in the field of IT/IACS security
• First experiences with hardware security would be ideal

Please attach a current grade sheet and a short CV to your application.

Classic asymmetric cryptography is based on mathematical problems like discrete logarithm or integer factorization. With large-scale quantum computers, these problems can be solved in very short time, which causes a serious threat to cryptographic systems.

Post-Quantum Cryptography (PQC) describes cryptographic approaches that are secure even in the presence of such quantum computers. To evaluate the security and efficiency of such systems, NIST started a competition that aims to define a new standard [1].

Depending on the scope of this work, the goal is to implement HW accelerators for commonly used operations in PQC, integrate them into a RISC-V environment and evaluate their impact on performance for PQC.

[1] https://csrc.nist.gov/projects/post-quantum-cryptography

Ideally, you should have knowledge of the following:

• A hardware description language like VHDL/Verilog/SystemVerilog
• Experience running simulations using ModelSim
• Basic C programming skills

Neural Networks are inevitable in everyday life. Speech and face recognition as well as driverless cars are just some examples where Artificial Neural Networks (ANN) are used. Training a deep ANN is very time-consuming and computational expensive. Thus, the intellectual property stored in an ANN is an asset worth to protect. Additionally, implementations on edge devices need to be power-efficient whilst maintaining a high throughput. [1] or [2] are examples for frameworks aiming to fulfill these requirements.

A side-channel attack can be used to extract the network parameters such as the number or type of layers, as well as weights and bias values. In [3, 4] side-channel attacks on different implementations of ANNs are performed. 

In this work, a side-channel attack on autogenerated implementations of different ANNs should be performed. This includes a detailed analysis of the side-channel properties of the different implementations.

 Start of Thesis: Anytime

References:

[1] M. Blott, T. B. Preußer, N. J. Fraser, G. Gambardella, K. O’brien, Y. Umuroglu, M. Leeser, and K. Vissers, “Finn-r: An end-to-end deep-learning framework for fast exploration of quantized neural networks,” ACM Transactions on Reconfigurable Technology and Systems (TRETS), vol. 11, no. 3, pp. 1–23, 2018.
[2] Y. Umuroglu and M. Jahre, “Streamlined deployment for quantized neural networks,” arXiv preprint arXiv:1709.04060, 2017.
[3] L. Batina, S. Bhasin, D. Jap, and S. Picek, “{CSI}{NN}: Reverse engineering of neural network architectures through electromagnetic side channel,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), pp. 515–532, 2019.
[4] A. Dubey, R. Cammarota, and A. Aysu, “Bomanet: Boolean masking of an entire neural network," arXiv preprint arXiv:2006.09532, 2020.

• VHDL/Verilog Knowledge
• Sichere Implementierung Kryptographischer Verfahren (SIKA)
• Python Skills

In a world of multinational production chains, hardware trojans inserted by untrusted third parties are an emerging threat for the security of integrated circuits.

In order to develop methods for hardware trojan detection, specimens of hardware trojans are needed. Unfortunately, the variety of specimen currently available is very low.

During this thesis, you will implement a hardware trojan for a FPGA or ASIC circuit.

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a High-Level Programming language such as python for designing an interface
• Basic to intermediate knowledge of a hardware description language such as vhdl or verilog for designing the trojan
• Basic knowledge in design/architecture of cryptographic algorithms / CPUs to know where a trojan might be injected

Each integrated ciruict is subject to process variations. PUFs can derive secret keys from this fingerprint-like feature of a device. To ensure stable cryptographic keys error correction is needed.

If this might be interesting for you, feel free to contact me. With this position, I am not targeting a specific topic, but it is rather a nice opportunity work on any kind of error correction topic for PUFs. Depending on your kind of thesis/internship, your background and knowledge, and most importantly your interests, we can try to find a suitable topic together.

Helpful previous knowledge:

• Error correcting Codes
• PUFs

Helpful Tools (you will not need all of them at once most likely)

• Python
• Matlab
• Verilog (for FPGA)
• Reading Papers
• C (e.g for Microcontroller)

Seitenkanalmessungen können von Umwelteinflüssen erheblich beeinflusst werden. Um einen Zusammenhang zwischen potentiell fehlerhaften Messungen und der Temperatur des Messplatzes herstellen zu können, soll eine dauerhafte Temperaturübewachung des Labors etabliert werden, die Werte in regelmäßigen Abständen protokolliert und sowohl eine visuelle als automatisierbare Auswertung der Daten über beliebige Zeiträume bietet.

• Grundkenntnisse der Webentwicklung (z.B.: PHP, RubyOnRails, Javascript)
• Grundkenntnisse Datenbanken (z.B.: PostgreSQL)
• Grundkenntnisse Programmierung auf Linux
• Grundkenntnisse Hardwareentwicklung

The course “Advanced Cryptographic Implementation” teaches advanced techniques for implementing state-of-the-art cryptographic algorithms on embedded systems, including advanced countermeasures to secure cryptographic implementations against side-channel and fault attacks.

As part of the course, students undertake a practical, hands-on project that involves implementing and optimizing cryptographic algorithms on a RISC-V based microcontroller using C and assembly code.

As a tutor you will provide technical support to students during the summer semester in form of (virtual) meetings and/or remote supervision (e.g., chat or mail).

Timeline and working hours:

From 15.04.2023 until 31.07.2023 with a total of 84 hours. Flexible working hours and flexible working period are possible.

·       Basic knowledge of cryptography

·       Hands-on experience with C/ASM programming and microcontrollers

·       Self-motivated and independent working style

·       Previous knowledge of RISC-V and attendance to the course are desirable, but not required

At Fraunhofer AISEC, we research and develop software for embedded systems. This usually involves
usage of CI Pipelines to run unit and integration tests. However, for some functionalities, e.g. SoC specific security functions, there has not been any suitable automated test setup so far.
The goal of this student job is to extend existing CI functionality with a mechanism to integrate several physical devices. Currently, our setup for testing these devices requires manually setting hardware jumpers, and flashing the board over a USB connection. This process, i.e. setting jumpers, resetting and flashing boards, should be automated and made accessible over the network.

Area of Work
You will get in touch with:
• ARM Toolchain / Yocto
• NXP Universal Updater (UUU)
• Hardware Boards/ Raspberry Pi / PI KVM
• potentially Jenkins for CI/CD integration

• Scripting Languages (e.g. Python)
• Previous experience in Embedded Development (e.g. with Cortex-A, Cortex-M . . . ) and its interfaces (USB, UART, GPIO) is advantageous

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

The most of contemporary video recording and streaming software do not provide strong security guarantees, in terms of confidentiality, provable authenticity of the video data, as well as enforced access policies. To demonstrate possible solutions to those shortcomings, Fraunhofer AISEC develops software for secure and trusted video applications, e.g., security cameras.
This software is written in C/C++ for Linux-based systems and applies security mechanisms and policies on video data. For the current implementation state we are seeking support for various extensions and improvements. The position provides an opportunity to work on a project bringing cutting edge security into the video-based applications. The candidates are expected to be able to find her way through technical documentations, understand third-party libraries and tools, and of course have fun trying out new approaches.

• High motivation and independent work style
• Ability to grasp new technlogies and concepts quickly
• Good knowledge and experience in C/C++ programming
• Knowledge in the field of video processing and codecs is advantageous

Fraunhofer AISEC and TU Munich are collaborating in designing security chip prototypes for various research projects. You have the opportunity to work with a team of researchers on realizing innovative security solutions on hardware circuits. During your work, you will both learn valuable skills related to the different stages of chip design and have the opportunity to contribute to cutting edge research, e.g. Physical Unclonable Functions, Post Quantum Cryptography, Hardening of cryptographic algorithms, … . This job is an ideal starting point for a future career in chip design and information security.

* One of the following and the motivation to learn the other:
      Experience with at least one hardware description language, e.g. (System) Verilog or VHDL
      Experience with embedded software development, e.g. C, Assembly (ARM/RISC-V), Rust
* Experience with Python
* Experience with Linux
* Motivation for learning more about chip design
* Motivation for contributing to research in hardware security

Die Fraunhofer-Gesellschaft (www.fraunhofer.de) betreibt in Deutschland derzeit 76 Institute und Forschungseinrichtungen und ist die weltweit führende Organisation für anwendungsorientierte Forschung. Rund 30 000 Mitarbeitende erarbeiten das jährliche Forschungsvolumen von 2,9 Milliarden Euro.  

Das Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC (http://www.aisec.fraunhofer.de/) mit Hauptsitz in Garching bei München und Standorten in Berlin und Weiden gestaltet mit international anerkannter Spitzenforschung im Bereich Cybersicherheit die digitalen Transformationsprozesse in Schlüsselbranchen wie der Automobilindustrie, dem Maschinenbau, der Luftfahrt und der Gesundheitswirtschaft mit.

Was Sie bei uns tun

Als Unterstützung für unser PR- und Marketing-Team erwartet Sie ein vielseitiges und interessantes Aufgabenspektrum. Dazu zählt die aktive Mitarbeit sowohl an der Kommunikation des Fraunhofer AISEC mit seinen wichtigsten internen und externen Stakeholdern, als auch am Marketing seines Know-hows und seiner Technologien gegenüber Kund*innen und potentiellen Bewerber*innen.

Was Sie mitbringen

• Sie studieren Kommunikations-, Medien- oder Geisteswissenschaften bzw. interessieren sich für einen Einstieg ins Berufsfeld „PR & Marketing“ und bringen erste Kenntnisse in digitaler Kommunikation mit.
• Als Digital Native haben Sie keine Scheu vor digitalen Tools, verstehen es Social-Media-Kanäle geschickt zu nutzen und haben ein Händchen für digitale Foto-, Video- oder Audio-Inhalte.
• Es macht Ihnen Spaß, Veranstaltungen und Messen – sowohl Präsenz- als auch Online-Formate – zu organisieren.
• Sicheres Auftreten, Teamarbeit und soziale Kompetenz sind für unser Team ebenso wichtig wie Flexibilität und selbstständiges, genaues Arbeiten.
• Gute MS Office-Kenntnisse und einen sicheren Umgang mit dem Internet setzen wir voraus. Erste Erfahrungen mit Tools zur Grafikerstellung bzw. zur Bearbeitung von Foto-, Video- und Audio-Dateien sind hilfreich.
• Außerdem sollten Sie ein Grundverständnis von Cybersicherheit und eine Vorstellung von ihrer Relevanz bzw. ihren Funktions- und Wirkungsweisen haben.

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

• Sufficient knowledge in a python to use our existing framework
• Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
• Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

Testen der Werkstattausstattung, um Lücken oder Ineffizienzen zu identifizieren

•     Seiton & Seiketsu: Erstellen von Ordnungsstrukturen in den Laboren
•     Design, Einrichten und Optimieren von Arbeitsplätzen
•     Aufbau von Versuchsträgern
•     Dokumentation

    
    
Die folgende Auflistung der Voraussetzungen ist weder vollständig noch verbindlich, soll Ihnen aber einen Eindruck vermitteln worauf es bei der Arbeit ankommt:

•     Praktische Erfahrung mit elektronischen / mechanischen Aufbauten
•     Maker-Spirit, Kreativität und Lösungsdenken
•     Optimalerweise Berufserfahrung, Ausbildung oder Erfahrung mit praktischer Arbeit in Laboren
•     Fertigkeit zum selbstständigen und systematischen Arbeiten

Bitte beachte, dass durch die Art der Arbeit i.d.R. Anwesenheit am Institut in Garching nötig ist.
Bitte legen Sie bei Bewerbungen immer einen aktuellen Notenauszug sowie einen kurzen Lebenslauf bei, damit wir Ihre Eignung für das Thema einschätzen können.

Begleitend zur Bachelorvorlesung Messsysteme und Sensortechnik, findet ein Laborversuch statt. Bei diesem müssen die Studierenden den geheimen Schlüssel eines RSA Signaturalgorithmus herausfinden, der auf einem Microcontroller ausgeführt wird. Hierzu wird der Stromverbrauch des Microcontrollers gemessen und anhand des gemessenen Stromverbrauchs kann der Schlüssel abgeleitet werden.

Die Tutorenstelle umfasst das Betreuen der Studierenden während der Versuchsdurchführung, in einem zeitlichen Rahmen von 3 Stunden pro Woche (oder mehr). Arbeitsbeginn ist zum 15. April oder später möglich.

• Python Grundkenntnisse

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Physical Unclonable Functions (PUFs) exploit manufacturing process variations to generate unique signatures. PUF and error-correcting codes can be joined together to reliably generate cryptographically strong keys. However, the implementation of error-correcting codes is prone to physical attacks like side-channel attacks. Side-channel attacks exploit the information leaked during the computation of secret intermediate states to recover the secret key. Therefore, the implementation of error-correcting codes must also involve the implementation of proper countermeasures against side-channel attacks.

The goal of this thesis is to evaluate the side-channel resistance of a secure implementation of error-correcting codes for PUFs on FPGA. The thesis consists of the following steps:

• Get familiar with currently available implementations of error-correcting codes for PUFs
• Adapt and improve current implementations (VHDL)
• Develop a measurement setup for side-channel analysis (Matlab/Python)
• Perform side-channel analysis using the state-of-the-art EMF measurement equipment in our lab (Oscilloscope knowledge + Matlab/Python required)

 The ideal candidate should have:

• Previous experience in field of digital design (VHDL/Vivado/Xilinx FPGA)
• Basic knowledge on using lab equipment (e.g Oscilloscope,...)
• Basic knowledge in statistics
• Good programming skills in Matlab/Python
• Attendance at the lecture “Secure Implementation of Cryptographic Algorithms” is advantageous