September 10–11, 2021 Virtual Event
DO YOU FEEL ADVENTUROUS?
congratulations to our winners
should you have any questions, feel free to contact us!
AUGUST 11–13, 2021 Virtual Event
Are you feel like Adventures?
WHAT IS HACK@SEC?
HACK@SEC is a hardware security challenge contest, co-located with the USENIX Security Symposium, for finding and exploiting security-critical vulnerabilities in hardware and firmware. In this competition, participants compete to identify the security vulnerabilities, implement the related exploits, propose mitigation techniques or patches, and report them. The participants are encouraged to use any tools and techniques with a focus on theory, tooling, and automation.
HACK@SEC is part of HACK@EVENT which has been successfully running since 2018 with several hundred contestants from academia and industry.
WHAT HAPPENS IN
PHASE I and II?
In phase I (optional), participating teams will be provided with a “buggy” SoC, including a diverse set of bugs akin to real-world Common Vulnerabilities and Exposures. The participants are expected to identify and exploit as many security vulnerabilities as possible. The detailed specification, the expected security properties, and the threat model will be also provided. To minimize the barrier of entry for teams, the participants are free to use any tools and techniques needed.
In phase II, the teams will be provided an SoC including a new set of bugs. The teams will compete in a live capture-the-flag competition. They will need to apply their techniques and developed tools to detect and exploit as many vulnerabilities in a limited time-frame.
Bugs and exploits submitted will be evaluated live and winners will be announced in USENIX Security Symposium.
WHO CAN PARTICIPATE?
Each team must meet all of the below eligibility requirements:
- A team member can be a student or a working professional.
- A team can consist of up to 4 members excluding the adviser.
- A team member cannot be associated with multiple teams.
- Due to conflict of interest, individuals associated with Texas A&M University and TU Darmstadt are not allowed to participate.
- A team can include members with different affiliations.
There are two team categories: teams composed of only students, and teams composed of one or more industry-affiliated members. Both categories will solve the same problem, but they will be evaluated against teams of the same category.
No entry fee is required to participate in the competition.
The organizers reserve the right to disqualify entries at their discretion.