Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a groundbreaking security research presentation that introduces MIRTL, a novel confused deputy attack targeting Electronic Design Automation (EDA) software including simulators and synthesizers. Learn how researchers from ETH Zurich developed this attack method that exploits vulnerabilities in EDA software's translation of Register Transfer Level (RTL) code to lower-level representations, creating gadgets that remain invisible to traditional white-box testing and verification methods. Discover how MIRTL gadgets can harden conventional hardware trojans, enabling unprecedented stealth in malicious attacks on hardware systems. Understand the innovative fuzzing tool TransFuzz, designed specifically to uncover translation bugs by generating randomized RTL designs with complex operator interconnections that trigger vulnerabilities in EDA tools. Examine the technical challenges of creating golden RTL models for detecting translation deviations and how the researchers addressed this by comparing signal outputs across multiple RTL simulators. Review the significant findings including 20 translation vulnerabilities among 31 newly discovered bugs (resulting in 25 CVEs) across four popular open-source EDA applications. See practical demonstrations of how MIRTL gadgets can strengthen traditional backdoors against white-box countermeasures, including a real-world implementation of a MIRTL-hardened backdoor in the CVA6 RISC-V processor core, highlighting critical security implications for hardware design and verification processes.
