top of page

AI Hardware Attack Challenge

451709_Black background logo for artific
It’s time to think a little differently about the capabilities of generative AI.

Using generative AI (e.g. ChatGPT, Bard, or similar) you will work to insert a hardware vulnerability, such as a trojan or backdoor, into an open-source digital design of your choice (e.g. OpenTitan, Ariane, a design from OpenCores, etc.). The result must be simulatable and synthesizable, and you will need to be able to demonstrate the effects of the added security vulnerability (e.g HW-CWE). An additional award track will be for designs which are compatible with the Efabless ChipIgnite platform (for instance, a crypto accelerator with an inserted back-door). A successful submission will need to include all the prompts and responses from the language model, a document describing both the method used for inserting the vulnerability and the method of exploiting it, and makefiles for simulating and synthesizing the design. You may instruct the AI to directly edit files or perform the edits as the AI describes. You may need to perform ‘prompt injection’. Points will be awarded for subtle yet powerful exploits, e.g. those that allow system compromise from userspace, those that leak encryption keys, etc. 

competition timeline

15 September 2023
15 October 2023
20 October 2023
5 November 2023
9-11 November 2023
Competition Launches
Round 1 Submission deadline
Finalist Notification
Round 2 code and document submission deadline
Contestant Final Presentations and Award Ceremony
Timeline

Judging criteria

Judging Criteria

- Usefulness of the open-source design - more popular / more broadly applicable designs are worth more

- Method for adding the vulnerability - all prompts and logs must be kept and provided, and the more that the LLM did the better, including changing of scripts and testbenches outside the hardware design itself.

- The severity of the vulnerability - e.g. theoretical CVSS score.

- The stealth of the vulnerability - how well does it hide in the overall design? Extra points for showing that it can hide from existing security scanners / functional tests / test benches.

- The vulnerability demonstration - it must be possible to observe the claimed impact of your vulnerability (e.g. via simulation).

- All entries must be completely open-source (using Apache license or compatible) but need not fully rely on open-source platforms (e.g. you can use ModelSim, Vitis, Synopsys etc.)

2021 Winners
Organizers

2023 competition organizers

Email the Leads

Challenge Writers
Warm up

Awards

​Best hardware-based vulnerabilities:

First place $1000
Second place $750
Third place $500

Best hardware-vulnerability demonstration suitable for the Efabless ChipIgnite
Award: Free placement on Efabless ChipIgnite tapeout shuttle

Competition award sponsored by efabless

2021 Finalists

Thank you 

logo_500px.png
bottom of page