Team Bitwise Bandits, comprised of students from the University of Florida (UF) and the Indian Institute of Technology, Kharagpur (IIT Kharagpur), has won 3rd Place in the 6th HACK@DAC Hardware Security Capture-the-Flag (CTF) Competition. The members of the team are: Sudipta Paria and Aritra Dasgupta (UF), and Rajat Sadhukhan and Arnab Bag (IIT Kharagpur). The team is advised by Dr. Swarup Bhunia, Professor at the University of Florida and Director of the Warren B. Nelms Institute for the Connected World.
HACK@DAC is a security competition focusing on System-on-Chip (SoC) Security, first launched at the Design Automation Conference in 2018. HACK@DAC 2023 consisted of two phases, a Qualifying Round and a Live Round. The Qualifying Round was open to all participants and ended in mid-May. Top teams from the Qualifying Round were invited to participate in the Live Competition on July 9-10, 2023 at the Design Automation Conference (DAC) in San Francisco, CA. At the Live Competition, teams had 48 hours to find and exploit as many security vulnerabilities as possible in the “buggy SoC” provided by the competition organizers. Points were awarded to teams that correctly identified security vulnerabilities in the design. Bonus points were earned when teams demonstrated clever use of automation in vulnerability detection and/or exploitation. Teams with the highest scores win.
About HACK@EVENT:
Hardware is at the heart of any computing platform. For decades the software was considered to be more error-prone and vulnerable to attacks than hardware. However, it is now known that hardware can be vulnerable to attacks as well. This imposes a number of challenges on hardware design, implementation and evaluation requiring novel technological and educational approaches. To face the current and future challenges in secure hardware it is vital to foster a security mindset, develop programs to educate the next generation of security engineers, and bring together excellent researchers to solve complex problems. HACK@EVENT Franchise is a premier hardware security contest, a venue for computer scientists and industry experts for discovering security-critical vulnerabilities and design flaws in SoC and the exploitation thereof. This mimics the real-life scenario where security engineers have to find vulnerabilities in the given design.