Research Projects

AI/LLM in System-on-Chip Security (Ongoing)

As modern System-on-Chip (SoC) designs grow in scale and heterogeneity, ensuring security across the design and verification lifecycle has become increasingly complex. Manual security analysis struggles to keep pace with the growing RTL codebases, diverse threat models, and evolving attack surfaces. This project explores how AI and Large Language Models (LLMs) can systematically augment SoC security workflows by acting as intelligent reasoning and automation engines. Specifically, the research focuses on: (1) AI-assisted asset identification and threat modeling, (2) automated vulnerability detection and classification across RTL designs, (3) security property synthesis for formal verification, and (4) LLM-driven testbench and validation plan generation. To enable these capabilities, we leverage advanced prompting strategies, Retrieval-Augmented Generation (RAG), fine-tuning of open-source LLMs, and multi-agent architectures, where specialized AI agents collaboratively reason about complex hardware security tasks. The project also addresses key scalability challenges by partitioning large RTL designs into semantically coherent modules, enabling efficient analysis of industrial-scale SoCs. Collectively, this work establishes a new paradigm for AI-integrated, high-fidelity SoC security verification, bridging the gap between emerging LLM capabilities and trusted hardware design.

System-on-Chip Security verification (Ongoing)

Modern System-on-Chip (SoC) platforms face growing security risks from vulnerabilities introduced during design and implementation, making pre-silicon security verification essential for preventing downstream attacks. This project advances systematic SoC security verification methodologies for early vulnerability detection, including hardware fuzzing and penetration testing, fault injection–based assessment, security property–driven verification, and emulation-assisted validation. To support realistic evaluation, we develop SoC-scale vulnerable benchmarks that capture complex, real-world security flaws. To overcome the scalability limits of simulation-based techniques, the project leverages hardware emulation to enable near real-time security verification with deep system-level visibility, bridging the gap between academic security analysis and industrial SoC validation workflows.

Publications: [ IEEE D&T 2025 | ASP-DAC 2026 | VLSI-SOC 2025 | PAINE 2024 ]

Root-of-Trust Subsystem based access control in SoC (Past Project)

Trusted System-on-Chip (SoC) operation requires hardware-enforced access control anchored in a robust root-of-trust (RoT) subsystem. This project investigates the design of SoC-level access control architectures that elevate traditional software-based Mandatory Access Control (MAC) policies into hardware, enabling fine-grained, tamper-resistant enforcement across heterogeneous IP blocks. The research introduces distributed hardware firewalls and a centralized security policy engine, forming the basis of a scalable RoT subsystem that enforces system-wide security guarantees. Building on this foundation, the project develops an open-source security engine integrating a RISC-V security co-processor, cryptographic accelerators, and lifecycle management primitives to support secure boot, isolation, and controlled resource access. To ensure rigorous validation and practical relevance, the work also advances system-level security evaluation methodologies, including CVSS-inspired risk assessment and quantitative leakage detection metrics for hardware IPs. Collectively, this project bridges hardware security architecture, enforcement, and evaluation, delivering deployable root-of-trust solutions for modern SoC platforms.

Publications: [ FTR-SE | ICCD 2024 | FPT 2023 | HOST 2022 | AsianHOST 2020 ]

Multi-tenant Cloud FPGA Security (Past Project)

The adoption of multi-tenant cloud FPGAs introduces new security challenges as mutually untrusted users share reconfigurable hardware resources in data center environments. This project investigates security architectures for cloud FPGA virtualization, focusing on strong isolation, controlled resource sharing, and policy-driven enforcement across tenants. The research introduces a mesh-style FPGA virtualization framework, inspired by network-on-chip principles, that enables scalable partitioning and secure communication among tenant regions. Building on this architecture, the project develops hardware-enforced isolation mechanisms with dynamic security policies, preventing cross-tenant interference and information leakage while preserving performance and flexibility. Together, this work advances the foundations of secure, multi-tenant reconfigurable computing, supporting trustworthy deployment of FPGAs in cloud and data center infrastructures.

Publications: [ TRETS 2025 | WF-IoT 2022 | ISVLSI 2021 | GLSVLSI 2021 | IPDPSW 2021 ]

Spatio-temporal GPU Management in Real-time Systems (Past Project)

Graphics Processing Units (GPUs) are increasingly integrated into embedded platforms to meet the computational demands of real-time, data-intensive applications, yet existing GPU management approaches either underutilize available resources or introduce non-deterministic delays due to uncontrolled concurrency. This project addresses these challenges through a spatio-temporal GPU management framework that enables predictable and efficient GPU sharing in real-time systems. The framework controls the allocation of internal GPU execution resources, such as streaming multiprocessors, providing analytical timing bounds for concurrent task execution. By combining spatial partitioning with temporal scheduling, the approach allows multiple GPU-accelerated tasks to execute simultaneously while preserving worst-case response time guarantees and strengthening temporal isolation through exclusive resource allocation. Collectively, this work advances deterministic GPU management for real-time embedded systems, bridging high-performance acceleration with timing predictability.

Publications: [ RTCSA 2019 ]

Sujan Saha