Class dates: 2026T1, Tuesdays

Convenor: Dr. Hammond Pearce

Introduction

The functionality and capability of computer systems are defined by their real-world hardware. Likewise, the cyber security of computer systems depends upon the security of their underlying hardware. This course is designed to explore both hardware security and trust in hardware, providing a comprehensive understanding of the underpinning principles and practices which apply to both the security and trust of computer systems, from printed circuit boards to individual integrated circuits. Students will explore theoretical aspects of what makes hardware secure, performing threat modelling and understanding the state of the art in hardware security, as well as get hands-on experience with practical attacks and defences for both virtual and real-world hardware. The course will equip students with the skills necessary to analyse, design, and implement hardware security measures.

Aims

The primary goal of this course is to familiarize students with the concepts core to the domain of hardware security, ranging from fundamental principles to state-of-the-art research in the area. Students will be encouraged to learn the how the implementations of popular systems and algorithms introduce consequences to the overall design. The emphasis is for students to be able to understand the domain well enough that they can consider both practical and critical considerations of unfamiliar systems to identify weaknesses and propose countermeasures. Upon completing the course, students will have a comprehensive understanding of the history of hardware security, the current techniques used, and the future challenges that must be addressed in this field.

Grading

• 20% - Reports:

  • Students will individually write a series of short reports on topics drawn from the lecture materials. Each report will be approximately 2-3 pages with references.
    • 2026T1 - Three reports due throughout the term.
    • (5%) Report 1: Analysis of a real-world hardware security incident.
    • (8%) Report 2: Analysis of a cryptographic algorithm implementation in hardware.
    • (7%) Report 3: Research proposal on a hardware security topic.

• 50% - Labs:

  • During labs held approximately weekly students will individually complete hardware security exercises. These will cover topics such as side channel analysis and attacks, attacks on cryptographic algorithms, machine-in-the-middle attacks, hardware trojan attacks and others. Tasks may use real-world or virtual (emulated) hardware.
    • 2026T1 - Five labs during the term and one unassessed “Prep lab”.
    • (10%) Lab 1: Scan-chain Side Channel Attack
    • (10%) Lab 2: Power Analysis Attack
    • (10%) Lab 3: Fault Injection Attack
    • (10%) Lab 4: Reverse Engineering and Logic Locking
    • (10%) Lab 5: Physical Unclonable Functions (PUFs)

• 30% - Hardware CTF:

  • This project-based assessment will evaluate each student’s mastery of concepts in the hardware security course. The exercise will consist of a practical “Hardware Capture-the-Flag” where students will complete a security-relevant hardware challenge (e.g. extract a secret, change a value). Students will have multiple opportunities to complete this challenge and will also submit a reflective report which will be graded in combination with their performance in the practical challenge.
    • 2026T1 - One Hardware CTF during the term.
    • Note: There is a hurdle requirement to pass the Hardware CTF to pass the course overall.
    • (30%) Hardware CTF: Practical Challenge and Reflective Report

There is an attendance requirement for this course. You must attend >=50% of lectures to pass the course overall.

Draft schedule:

Week 1:

• Lecture Topics:
  • Introduction
  • Motivation for Security in Hardware
  • CIA Triad in Hardware
  • Real-world Hardware Security Incidents
• Assignment Releases:
  • Report 1: Real-world Hardware Security Incident Analysis
  • Prep lab: Introduction to the Hackster and HW Cryptography

Week 2:

• Report 1 Due
• Lecture Topics:
  • Cryptographic Algorithms - Symmetric and Asymmetric, DES, AES
  • Cryptography in Hardware - Implementations and Challenges
• Assignment Releases:
  • Report 2: Cryptographic Algorithm Implementation Analysis

Week 3:

• Report 2 Due
• Lecture Topics:
  • Side-Channel Attacks - Concepts
  • Scan-chain Side Channel Attack
• Assignment Releases:
  • Lab 1: Scan-chain Attack

Week 4:

• Lab 1 Due
• Lecture Topics:
  • Side-Channel Attacks Continued
  • Power Analysis Attacks - SPA, DPA, CPA
• Assignment Releases:
  • Lab 2: Power Analysis Attack

Week 5:

• Lab 2 Due
• Lecture Topics:
  • Fault Injection Attacks - Concepts and Techniques
  • SoC security and Trust - risk of third party IPs, hardware vulnerabilities and hardware Trojans
• Assignment Releases:
  • Lab 3: Fault Injection Attack

Week 6:

• Flex Week - No Classes

Week 7:

• Lab 3 Due
• Lecture Topics:
  • PCB Security Introduction - Threats and Vulnerabilities
  • Machine-in-the-Middle Attacks on PCBs
• Assignment Releases:
  • Hardware CTF

Week 8:

• Lecture Topics:
  • Hardware Piracy - Risks of Reverse Engineering, Overbuilding & Counterfeit Components
  • Hardware Piracy Defenses: Logic Locking
• Assignment Releases:
  • Lab 4: Reverse Engineering and Logic Locking

Week 9:

• Lab 4 Due
• Lecture Topics:
  • Hardware Piracy Defenses: IC Layout camouflaging
  • Hardware Piracy Defenses: Physical Unclonable Functions (PUFs)
• Assignment Releases:
  • Lab 5: Physical Unclonable Functions (PUFs)

Week 10:

• Lab 5 Due
• CTF Due
• Lecture Topics:
  • Emerging Hardware Security Threats - AI/ML in Hardware Security
  • Special Topics in Hardware Security (if time permits) - E.g. 3D printer security, Rowhammer
  • Future Directions in Hardware Security
• Assignment Releases:
  • Report 3: Hardware Security Research Proposal

Week 11:

• Report 3 Due