“The security of our digital infrastructure depends not just on the software we write, but on the hardware foundation it runs upon. In an era of complex supply chains and sophisticated adversaries, we must secure silicon from the ground up.”
My research focuses on hardware security and microelectronics trust, with particular emphasis on protecting commercial-off-the-shelf (COTS) processors from malicious threats. I develop novel approaches using side-channel analysis, electromagnetic monitoring, and secure coding techniques to detect hardware Trojans and protect sensitive data on untrusted silicon. My work spans from theoretical foundations to practical implementations, aiming to create robust security solutions for embedded systems and critical infrastructure. Below are my current research projects. If you’re interested in collaboration or have questions, feel free to contact me!
Detecting hardware Trojans in real-time without golden references
Commercial processors in critical systems face threats from supply-chain attacks and hardware Trojans. Traditional detection methods require pristine “golden” reference chips that are often unavailable. I develop contactless electromagnetic (EM) side-channel monitoring techniques that can fingerprint legitimate control-flow behavior and detect malicious activity in real-time.
My approach uses spectral analysis combined with watermarking techniques to precisely locate attacked code blocks in multi-core COTS processors. This method provides runtime assurance without requiring invasive modifications or golden references, making it practical for deployment in real-world systems.
Key innovations: Non-invasive EM monitoring, real-time Trojan detection, watermark-based localization
Keeping sensitive data encoded during execution on untrusted silicon
Modern processors leak sensitive information through side-channels and hardware Trojans. I design software frameworks that employ Residue Number Coding to keep sensitive data encoded throughout the entire execution pipeline, ensuring that raw secrets never appear in the microarchitecture.
The HOACS (Homomorphic Obfuscation Assisted Concealing of Secrets) system demonstrates how to protect against both hardware Trojans and side-channel attacks with minimal performance overhead. This approach is particularly suitable for embedded COTS processors where security cannot be compromised.
Key innovations: Residue number system encoding, minimal overhead protection, COTS processor compatibility
Detecting sequential hardware Trojans through finite state machine analysis
Sequential hardware Trojans that activate after specific trigger sequences pose unique detection challenges. I develop novel approaches that analyze finite state machines through integrated power and EM side-channel data to detect these sophisticated threats.
This verification approach enables detection of complex Trojans in COTS processors without requiring proprietary design information, making it practical for security evaluation of commercial hardware in critical applications.
Key innovations: FSM-based analysis, integrated power/EM monitoring, sequential Trojan detection
Making hardware security education engaging and accessible
Building the next generation of hardware security experts requires innovative educational approaches. Through NSF-funded research, I develop hardware-based games that teach fundamental computer hardware concepts using Verilog, FPGAs, and ESP32 development boards.
This gamified framework makes complex topics like side-channel analysis, hardware Trojans, and secure design accessible to high school students and early undergraduates. Students learn by doing, building real circuits and observing security vulnerabilities firsthand.
Summer camp evaluations show significant improvements in systems thinking and retention rates, demonstrating the effectiveness of hands-on, game-based learning for technical subjects.