Secure Embedded Systems Research

Our group works on design and implementation aspects of security in embedded systems design. We work on secure protocols and cryptography implemented in embedded hardware and software. We develop appropriate countermeasures against implementation attacks. Our team's expertise covers multiple abstraction levels, including circuits, hardware micro-architecture, firmware, and platform-specific software. We are also working on methodologies, with a focus on the trade-off between system performance, system cost, and system security.


National Science Foundation Semiconductor Research Corporation Cisco Systems, Inc National Institute for Standards and Technology Intel Corporation Altera


Virginia Commonwealth University (INL)
Towards a Safe and Secure-by-design Version of the SymPLE Architecture
Carl Elks, Patrick Schaumont
2019 - 2020
National Science Foundation Award 2028190
RAPID: Collaborative: A privacy-preserving contact tracing system for COVID-19 containment and mitigation
Yaling Yang, Patrick Schaumont
2020 - 2021
National Science Foundation Award 1931639
SaTC: CORE: Small: Finding and Mitigating Side-channel Leakage in Embedded Architectures
Patrick Schaumont, William Diehl
2019 - 2022
National Institute of Standards and Technology Award 70NANB17H280
Efficiency of Logic Minimization Algorithms for Cryptographic Hardware Implementation
Patrick Schaumont, Leyla Nazhandali
2017 - 2019
National Science Foundation Award 1704176
SaTC: CORE: Medium: Collaborative: Energy-Harvested Security for the Internet of Things
Patrick Schaumont, Dong Ha, Chao Wang (USC)
2017 - 2021
Semiconductor Research Corporation
Pre-computed Security Protocols for Energy Harvested IoT
Patrick Schaumont
2017 - 2019
National Science Foundation Award 1617203
TWC: Small: Secure by Construction: An Automated Approach to Comprehensive Side Channel Resistance
Chao Wang, Patrick Schaumont
2016 - 2019
Cisco CSR Grant
Remote Device Integrity by Physical Proofs
Patrick Schaumont
2015 - 2016
National Science Foundation Award 1441710
SaTC: STARSS: FAME: Fault-attack Awareness using Microprocessor Enhancements
Patrick Schaumont, Leyla Nazhandali
2014 - 2017
ICTAS at Virginia Tech
Synthesis of Software Countermeasures to Defend against Side-channel Attacks
Chao Wang, Patrick Schaumont
2014 - 2015
National Science Foundation Award 1314598
TWC SBE: Medium: Collaborative: Dollars for Hertz: Making Trustworthy Spectrum Sharing Technically and Economically Viable
Jung-Min Park, Patrick Schaumont
2013 - 2017
Intel Corporation Grant
Embedded Systems Curriculum
Patrick Schaumont
2013 - 2014
National Science Foundation Award 1115839
TC: Small: New Directions in Side Channel Attacks and Countermeasures
Inyoung Kim, Patrick Schaumont
2011 - 2014
National Science Foundation Award 0964680
TC: Medium: From Statistics to Circuits: Foundations for Future On-chip Fingerprints
Patrick Schaumont, Leyla Nazhandali, Inyoung Kim
2010 - 2013
National Science Foundation Award 0916763
NetSE: Cross-domain Design Tools for Sensor Network and Architecture
Yaling Yang, Patrick Schaumont
2009 - 2012
National Science Foundation Award 0855095
II-NEW: Infrastructure to Collect and Analyze Circuit Variability in FPGAs
Patrick Schaumont
2009 - 2012
National Institute for Standards and Technology Grant 60NANB10D004
Environment for Fair and Comprehensive Performance Evaluation of Cryptographic Hardware and Software
Kris Gaj (GMU), Jens-Peter Kaps (GMU), Patrick Schaumont, Leyla Nazhandali, Daniel Bernstein (UIC)
2010 - 2012
National Science Foundation Award 0644070
CAREER: Hardware/Software Codesign for Secure Embedded Systems: Methods and Education
Patrick Schaumont
2007 - 2011
ICTAS at Virginia Tech
Unique and Unclonable On-chip Identifiers
Patrick Schaumont, Leyla Nazhandali, Inyoung Kim
2009 - 2010
McQ Inc
Authentication for DSP-based Sensor Nodes
Patrick Schaumont
2008 - 2009
McQ Inc
Security Measures Applicable to DSP Architectures
Patrick Schaumont
2007 - 2008
ST MicroElectornics
Electronic System Level Design
Patrick Schaumont
2006 - 2007



PhD Alumni

  • Bilgiday Yuce (PhD 2017)
    • Current Position: Embedded Security Engineering at Google, CA.
    • Dissertation: "Fault Attacks on Embedded Software: New Directions in Modeling, Design, and Mitigation"
  • Nahid Farhady Ghalaty (PhD 2016)
    • Current Position: Manager at Capital One, VA. Adjunct Faculty at GMU, VA.
    • Dissertation: "Fault Attacks on Cryptosystems: Novel Threat Models, Countermeasures and Evaluation Techniques" pdf
  • Aydin Aysu (PhD 2016).
    • Current Position: Assistant Professor, North Carolina State University, NC (Fall 2018).
    • Dissertation: "Resource-constrained and Resource-efficient Modern Cryptosystem Design" pdf
  • Mostafa Mohamed Ibrahim Taha (PhD 2014).
    • Current Position: Assistant Professor, Carleton University (Canada).
    • Dissertation: "Advances in the Side-Channel Analysis of Symmetric Cryptography" pdf
  • Abhranil Maiti (PhD 2012).
    • Current Position: Security Architect at Intel, OR
    • Dissertation: "A Systematic Approach to Design an Efficient Physical Unclonable Function" pdf
  • Xu Eric Guo (PhD 2012).
    • Current Position: Senior Staff Security Engineer at Qualcomm, CA.
    • Dissertation: "Secure and Efficient Implementations of Cryptographic Primitives" pdf
  • Zhimin Chen (PhD 2011).
    • Current Position: Security Architecture Manager at Apple, CA
    • Dissertation: "SCA-Resistant and High-Performance Embedded Cryptography using Instruction-Set Extensions and Multicore Processors". pdf

MS Alumni

  • Tarun Kathuria (MS 2019).
    • Thesis: "Gate-level Leakage Assessment and Mitigation"
  • Charles Suslowicz (MS 2018).
    • Thesis: "Secure Intermittent Computing: Precomputation and Implementation" pdf
  • Conor Patrick (MS 2017).
    • Thesis: "Software Protection against Fault and Side Channel Attacks"
  • Harsha Mandadi (MS 2017).
    • Thesis: "Remote Integrity Checking using Multiple PUF based Component Identifiers"
  • Hemendra Rawat (MS 2016).
    • Thesis: "Vector Instruction Set Extensions for Efficient and Reliable Computation of Keccak"
  • Carol Pinto (MS 2016).
    • Thesis: "Optimization of Physical Unclonable Function Protocols for Lightweight Processing" pdf
  • Shravya Gaddam (MS 2016).
    • Thesis: "Design and Implementation of PUF Based Protocols for Remote Integrity Verification" pdf
  • Ege Gulcan (MS 2015).
    • Thesis: "Flexible and Lightweight Cryptographic Engines for Constrained Systems" pdf
  • Moein Pahlavan Yali (MS 2014).
    • Thesis: "An Insightful Model for FGPA-based Hardware Acceleration in Modern Embedded Systems" pdf
  • Deepak Hanamant Mane (MS 2014).
    • Thesis: "Energy-harvested Lightweight Cryptosystems" pdf
  • Krishna Chaitanya Pabbuleti (MS 2014).
    • Thesis: "Performance Optimization of Public Key Cryptography on Embedded Platforms" pdf
  • Lyndon Judge (MS 2012).
    • Thesis: "Design Methods for Cryptanalysis" pdf
  • Suvarna Mane (MS 2012).
    • Thesis: "Implementation of SCA-Resistant CPU and an ECDLP Engine on FPGA Platform" pdf
  • Ambuj Sinha (MS 2011).
    • Thesis: "Design Techniques for Side-channel Resistant Software" pdf
  • Srikrishna Iyer (MS 2011).
    • Thesis: "A Unifying Interface Abstraction for Accelerated Computing in Sensor Nodes" pdf
  • Sergey Morozov (MS 2010).
    • Thesis: "Elliptic Curve Cryptography on Heterogeneous Multicore Platform" pdf
  • Michael Gora (MS 2010).
    • Thesis: "Securing Software Intellectual Property on Commodity and Legacy Embedded Systems" pdf
  • Christian Tergino (MS 2009).
    • Thesis: "Efficient Binary Field Multiplication on a VLIW DSP" pdf
  • Pengyuan Yu (MS 2007).
    • Thesis: "Implementation of a DPA-Resistant Circuit for FPGA" pdf
  • Eric Simpson (MS 2007).
    • Thesis: "Runtime Intellectual Property Protection on Programmable Platforms" pdf

MEng Alumni

BS Alumni

  • Sam Cowley (BS 2019).
  • Riley Cooper (BS 2017).
  • Luke Wegryn (BS 2015).
  • Bishwamoy Sinha Roy (BS 2014).
  • Cameron Spiller (BS 2014).
  • Stephen Sul (BS 2014).
  • Shaishav Parekh (BS 2012).
  • Michael Cantrell (BS 2012).
  • Micah Boswell (BS 2012).
  • Billy Gomez (BS 2012).
  • Matthew Via (BS 2012).
  • Vikash Gunreddy (BS 2012).
  • Viktor Murillo (BS 2011).
  • Luke McHale (BS 2011).
  • Logan McDougall (BS 2011).
  • Jeff Casarona (BS 2010).

Software and Artifacts

SKIVA: Custom Instruction Support for Modular Defense against Side-channel and Fault Attacks.

We propose a customized processor called SKIVA that supports experiments with the design of countermeasures against a broad range of implementation attacks. Based on bitslice programming and recent advances in the literature, SKIVA offers a flexible and modular combination of countermeasures against power-based and timing-based side-channel leakage and fault injection. Multiple configurations of side-channel protection and fault protection enable the programmer to select the desired number of shares and the desired redundancy level for each slice. Recurring and security-sensitive operations are supported in hardware through custom instruction-set extensions. The new instructions support bitslicing, secret-share generation, redundant logic computation, and fault detection.

Related Publication: P. Kiaei, D. Mercadier, P. E. Dagand, K. Heydemann, P. Schaumont, "Custom Instruction Support for Modular Defense against Side-channel and Fault Attacks," 11th International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE 2020), Lugano, Switzerland, April 2020.
FAME: Fault-attack Awareness using Microprocessor Enhancements.

This website collects the key findings of the FAME project. We designed and demonstrated two chips, FAME v1 and FAME v2, which implement a microprocessor with fault-attack detection and fault-attack response capabities.
Masked implementations of the Advanced Encryption Standard.

This github repository contains source code for masked implementations of AES, including (a) Byte-level masked AES, (b) bitsliced AES and (c) bitsliced masked AES. We release this source code under a GPL license.

Related Publication: Y. Yao, M. Yang, B. Yuce, C. Patrick, P. Schaumont, "Fault-Assisted Side-Channel Analysis of Masked Implementations," IEEE HOST Symposium 2018, May 2018, Washington, DC.
Fault-resistant implementation of the Advanced Encryption Standard.

This github repository contains source code for a bit-sliced implementation of AES, capable of handling fault detection in software. The bitsliced implementation provides intra-instruction redundancy, and is capable of handling fault attacks with high fault injection precision.

Related Publication: C. Patrick, B. Yuce, N. Farhady Ghalaty, P. Schaumont, "Lightweight Fault Attack Resistance in Software Using Intra-Instruction Redundancy," Selected Areas in Cryptography (SAC 2016), St. John's, Canada, August 2016.
Bitserial design of the SIMON Block Cipher.

A compact, FPGA-oriented Verilog implementation of the SIMON Block Cipher.

Related Publication: A. Aysu, E. Gulcan, P. Schaumont, "SIMON Says, Break Area Records of Block Ciphers on FPGAs," IEEE Embedded Systems Letters, 6(2):37-40, April 2014.
A test chip for the NIST competition of the SHA-3 standard.

We designed a chip with five finalist candidates for the SHA-3 competition organized by NIST. The webpage provides Verilog source code, scripts, and publications related to the chip design and the associated SHA-3 hardware benchmarking work. Unfortunately we are no longer handing out free test samples. All gone, sorry!

Related Publication: M. Srivastav, X. Guo, S. Huang, D. Ganta, M. B. Henry, L. Nazhandali, and P. Schaumont, "Design and Benchmarking of an ASIC with Five SHA-3 Finalist Candidates," Elsevier Microprocessors and Microsystems - Embedded Hardware Design (Special Issue on "Digital System Security and Safety"), 2012.
Physical Unclonable Function Measurement Database.

We have collected on-chip variability data of nearly 200 Spartan 3E FPGAs (90nm), designed functional prototypes of PUFs, analyzed aging effects, and created improved entropy extraction methods. The measurement data is available in a Github repository: ropuf_host2010.

Related Publication: A. Maiti, J. Casarona, L. McHale, P. Schaumont "A Large Scale Characterization of RO-PUF," IEEE International Symposium on Hardware-Oriented Security and Trust (HOST 2010), Anaheim, June 2010.
GEZEL Language, Cosimulation Environment, and Code Generator.

GEZEL is a cycle-based hardware description language based on the Finite-State-Machine + Datapath (FSMD) model. The GEZEL tools offer stand-alone simulation, cosimulation, and code-generation into synthesizable (VHDL) code. Through user-defined library-block extensions in C++, new cosimulation interfaces can be added. GEZEL is open-source, largely in C++. Prepackaged binaries can be installed on Ubuntu systems.

Related Publication: P. Schaumont, I. Verbauwhede, "Interactive cosimulation with partial evaluation," 2004 Design Automation and Test in Europe (DATE 2004), February 2004.


Cisco Systems, Inc CISCO and University Business Magazine, "Securing Electronic Devices by Creating Digital Fingerprints," 6/2/2016.

Intel Corporation Intel Software Academic Program, " Securing a Collaboration Between IntelĀ® and the Bradley Department of Electrical and Computer Engineering at Virginia Tech," 2014.


Presentation by Nahid Farhady Ghalaty, Chinmay Despande, Conor Patrick, Bilgiday Yuce, on the FAME Project sponsored through NSF and SRC (spring 2016).

Presentation by Aydin Aysu, Shravya Gaddam, Carol Pinto, Harsha Mandadi on the Remote PCB Integrity Checking project sponsosored through CISCO Inc and NSF (spring 2016).

CESCA Seminar by Patrick Schaumont (spring 2011).