Tutorials

Modern integrated circuits are increasingly complex and often originate from opaque global supply chains, making independent verification of hardware behavior more important than ever. Reverse engineering has therefore become a critical skill—for example, when assessing trustworthiness, detecting malicious modifications, or understanding real-world implementations of cryptographic algorithms.

In this tutorial, we take our first steps in reverse engineering using the open-source HAL framework to analyze gate-level netlists. Together, we explore how to identify functional modules such as registers in order to analyze the hardware implementation of a modern block cipher. To this end, we will identify a malicious sub-circuit leaking the secret key of the cipher using both static and dynamic reverse engineering techniques.

To verify the findings we will run a full simulation using the Verilator to generate a cycle-accurate behavioral model. This also demonstrates the ability of HAL to integrate other reversing tools seamlessly.

Requirements
Some basic understanding of (symmetric) cryptography is helpful, but not strictly required.

The tutorial requires Ubuntu 24.04 (native or as VM) with at least 16 GB of RAM and 40 GB of free disk space. HAL installation instructions will be sent out before the tutorial. A VM will be provided for those not willing to install HAL themselves.

Discuss common approaches to de-processing an IC from decapsulation to ready-for-imaging and spend some time hands-on removing layers on real samples using simple polishing techniques.

Requirements
General knowledge of integrated circuits is required. The hands-on training will concentrate on simple finger polishing of an IC with abrasive slurries. Samples and equipment will be provided.

In this tutorial, the attendees will be given the chance to learn how to find memories on Integrated-Circuit substrate layer pictures, reverse-engineer standard-cells and elaborate a strategy to dump NVM memories such as Flash using fully invasive techniques including micro-probing.

Syllabus:

• Structure of an Integrated Circuit
• Find the memories using substrate layer pictures
• Netlist extraction demo using ChipJuice
• Reverse-Engineer standard cells
• Strategize a fully invasive memory dump

Requirements
Attendees are expected to have basic knowledge of :

• the basic structure of an IC
• microcontrollers architecture basics

Bring your paper and pen to take note and solve the assignments. A computer with Photoshop might be useful but is not fully required. Slides will be given to attendees for a better experience.