Forum Numerica - Alessandro Palumbo: Hardware Trojans & Microarchitectural Side-Channel Attacks: Detection and Mitigation Via Hardware-Based Methodologies

Hardware Trojans can be inserted into microprocessors, allowing attackers to run unauthorized code or escalate privileges. Additionally, it has been demonstrated that attackers could observe certain microprocessor features (seemingly unrelated to the program's execution) to exfiltrate secrets or private data. So, even devices produced in secure foundries could be vulnerable to such attacks. A promising defense strategy involves implementing Hardware Security Modules that monitor the runtime behavior of microprocessors to detect ongoing attacks. But why do we need Hardware Security Modules? Are software-based solutions not sufficient? Hardware Security Modules are essential because if attackers manage to execute malicious code, they could bypass or disable software defenses, leading to privilege escalation and other serious consequences. In contrast, hardware-based countermeasures raise the bar significantly, as modifying fabricated chips is far more difficult than compromising software, making Hardware Security Module implementations a more robust and resilient defense mechanism

Alessandro Palumbo is an Associate Professor at CentraleSupelec and an Associate Researcher at IRISA Lab, Inria, SUSHI Team. His research focus is Hardware Security. In particular, his interests include hardware acceleration of networking functions and CPU microarchitectures, with particular emphasis on Machine Learning techniques and Probabilistic Data Structures to guarantee security and reliability in microprocessor-based systems in both FPGA and In-Memory Computing scenarios.
From April 2024 to July 2024, he was a Visiting Researcher at the International Computer Science Institute (ICSI), University of California, Berkeley (research work funded by NGI Enrichers).
In 2022/2023 A.Y., he was an Assistant Researcher and a Contract Professor at the Politecnico di Milano. There, his research activity was titled “Design of Integrated Circuits for High-Security Primitive of In-Memory Computing.”
In 2021/2022 A.Y., he was a Contract Professor at the University of Milan “Bicocca”.
In 2021/2022 and 2020/2021 A.Ys., he was a Teaching Assistant at the University of Rome “Tor Vergata”. There, he received a Ph.D. in Electronics Engineering in 2022. In 2019, he took a master’s degree in Electronics Engineering for Telecommunications and Multimedia at the same university, where he also received his bachelor’s degree in Electronics Engineering in 2016. From April 2018 to October 2019, he was a Researcher at CNIT.