{"id":37109,"date":"2025-05-28T09:13:25","date_gmt":"2025-05-28T13:13:25","guid":{"rendered":"https:\/\/www.bu.edu\/hic\/?p=37109"},"modified":"2025-06-08T00:36:56","modified_gmt":"2025-06-08T04:36:56","slug":"bu-team-awarded-host-2025-hardware-hacking-competition-rajapaksha","status":"publish","type":"post","link":"https:\/\/www.bu.edu\/hic\/2025\/05\/28\/bu-team-awarded-host-2025-hardware-hacking-competition-rajapaksha\/","title":{"rendered":"BU-led Team Takes Second Place at IEEE HOST 2025 Hardware Hacking Competition"},"content":{"rendered":"<p><strong>Expose Critical Cloud Hardware Vulnerability in Widely Used Technique<\/strong><\/p>\n<p>By <a href=\"mailto:stanton@bu.edu\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Maureen L. Stanton<\/em><\/a><\/p>\n<p><span style=\"font-weight: 400;\">A team from Boston University, in collaboration with researchers at IBM and Red Hat, earned second place at the inaugural hardware hacking competition at the IEEE International Symposium on Hardware Oriented Security and Trust (HOST).<\/span> <span style=\"font-weight: 400;\">In their demonstration, they exposed a critical vulnerability in a common method used by cloud providers to share hardware resources across multiple users.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The demo was led by <a href=\"https:\/\/www.linkedin.com\/in\/chathurarajapaksha\/\" target=\"_blank\" rel=\"noopener noreferrer\">Chathura Rajapasha<\/a>, BU PhD candidate of Electrical and Computer Engineering (ECE) with BU ECE Professors \u00a0<a href=\"https:\/\/www.bu.edu\/hic\/profile\/manuel-egele\/\" target=\"_blank\" rel=\"noopener noreferrer\">Manuel Egele<\/a> and <a href=\"https:\/\/www.bu.edu\/hic\/profile\/ajay-joshi\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ajay Joshi<\/a>; IBM researchers <a href=\"https:\/\/research.ibm.com\/people\/sandhya-koteshwara\" target=\"_blank\" rel=\"noopener noreferrer\">Sandhya Koteshwara<\/a>,<a href=\"https:\/\/www.linkedin.com\/in\/apoorvemohan\" target=\"_blank\" rel=\"noopener noreferrer\"> Apoorve Mohan<\/a>, and <a href=\"https:\/\/www.linkedin.com\/in\/hubertus-franke\" target=\"_blank\" rel=\"noopener noreferrer\">Hubertus Franke<\/a>; and Ret Hat researcher <a href=\"https:\/\/research.redhat.com\/blog\/project_member\/bandan-das\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bandan Das<\/a>.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Their project, titled \u201cAttacking Cloud Systems using Passed-through PCIe Devices,\u201d focused on a key performance optimization known as PCI passthrough. This technique is widely used in cloud environments to give virtual machines (VMs) direct access to physical PCI Express (PCIe) devices like GPUs and NVMe drives. While PCI passthrough boosts performance, the team showed it can also introduce serious security risks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In a live demonstration, the team showed how a malicious VM could write to a specific, unassigned area of a PCIe device\u2019s configuration space, causing a severe error that either crashes the host or renders the device unusable. This attack effectively performs a denial-of-service (DoS)<\/span><b>, <\/b><span style=\"font-weight: 400;\">disrupting all other VMs on the same host until it is rebooted. Their presentation also explored factors that make this vulnerability possible, looking across different layers of the virtualization stack, including the hardware, system software, and hypervisor implementation.<\/span><\/p>\n<figure id=\"attachment37678\" aria-describedby=\"caption-attachment37678\" style=\"width: 217px\" class=\"wp-caption alignleft\"><img loading=\"lazy\" src=\"\/hic\/files\/2025\/05\/chathura.jpeg\" alt=\"\" width=\"207\" height=\"243\" class=\"wp-image-37678 size-full\" \/><figcaption id=\"caption-attachment37678\" class=\"wp-caption-text\">Chathura Rajapaksha, BU PhD candidate of Electrical and Computer Engineering (ECE), advised by ENG Professor Ajay Joshi<\/figcaption><\/figure>\n<p><span style=\"font-weight: 400;\">\u201cThis is the first work we\u2019re aware of that shows how writing to an unassigned area of a PCIe device\u2019s configuration space can trigger serious errors, including allowing a VM to take down the host system,\u201d says Chathura. \u201cOur work highlights the need to look beyond just the software stack when securing cloud environments. Staying ahead of emerging threats will require closer collaboration between system architects, virtualization stack developers, and hardware manufacturers.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The research team believes that this attack demonstration will shed light on an often-overlooked aspect of hardware security, highlighting vulnerabilities that deserve greater scrutiny. By showcasing this attack vector, they aim to encourage deeper research and discussion within the security community, ultimately driving innovation in defensive strategies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Held May 5\u20138, 2025, in San Jose, California, this event brought together hardware security enthusiasts, students, and professionals to showcase their skills in real-life hardware and embedded systems hacking. Learn more about the event<\/span> <a href=\"http:\/\/www.hostsymposium.org\/call-for-hw-hacking.php\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">here<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This work was funded through the <a href=\"https:\/\/www.bu.edu\/rhcollab\/2025\/02\/03\/2025-red-hat-collaboratory-research-incubation-award-recipients\/\" target=\"_blank\" rel=\"noopener noreferrer\">2025 Red Hat Collaboratory Research Incubation Award<\/a>.<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Expose Critical Cloud Hardware Vulnerability in Widely Used Technique By Maureen L. Stanton A team from Boston University, in collaboration with researchers at IBM and Red Hat, earned second place at the inaugural hardware hacking competition at the IEEE International Symposium on Hardware Oriented Security and Trust (HOST). In their demonstration, they exposed a critical [&hellip;]<\/p>\n","protected":false},"author":10316,"featured_media":37680,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[11716,1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/posts\/37109"}],"collection":[{"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/users\/10316"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/comments?post=37109"}],"version-history":[{"count":7,"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/posts\/37109\/revisions"}],"predecessor-version":[{"id":37742,"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/posts\/37109\/revisions\/37742"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/media\/37680"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/media?parent=37109"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/categories?post=37109"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bu.edu\/hic\/wp-json\/wp\/v2\/tags?post=37109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}