1. Introduction to the competition
HACK is a hardware security challenge that aims to find and exploit critical security flaws in hardware. In the HACK competition, participants will race to identify security flaws, exploit relevant flaws, propose mitigations or patches, and submit corresponding reports. Participants are encouraged to use any tools and techniques, with a focus on theory, tools, and automation.
HACK competitions simulate real-world application scenarios, where participants must discover vulnerabilities in a given hardware design. These vulnerabilities cover a wide range of directions in hardware design, from data corruption to information leakage, severely impacting the security of the system.
Second, the purpose of the competition
Since the birth of the processor, the mainstream design direction has focused on high performance and low power consumption, while the security of the hardware itself has been neglected. Recent research has exposed a variety of vulnerabilities in processors, posing a severe challenge to today's network information security. Especially in today's international context, processors and other core chips are related to national information security and the healthy development of the industry. This is both a challenge and an opportunity. It is helpful for China to face the new pattern of international competition in the field of high-end chips in the future, to accumulate strength, to practice internal skills, to do a good job in the new security features of domestic processors, and to build a solid national network security barrier.
Three, Evaluation Plan
Different vulnerabilities will correspond to different scores, and the judges will score the vulnerabilities based on a variety of factors, including the difficulty of discovering the vulnerability and the extent to which the vulnerability affects the system's security. The competition encourages participants to use or develop tools to detect vulnerabilities. These tools can be existing or developed within the team. The use of automated tools can also gain additional points.
IV. Organizing Units
5. Competition Arrangement
1. Registration Stage
From xxxxx month xxxxxxxxx to xxxxx month xxxxxxxxx at xxxxx o'clock;
2. Competition Stage
Contestants receive the contest manual and RTL file after xxxxx on xxxxx, and submit the vulnerability code before xxxxx on xxxxx.
3. Review Stage
The organizers will check the vulnerability codes submitted by the contestants from xxxxx on the xth to the xth of x month;
4. Publicity Stage
The list of winners will be announced on the official website in xxx month, xxxx year;
5. Awarding Stage
The awards are scheduled to be presented in xxx month of xxxx.
Six, Participants
Integrated circuit design, information security related majors (electronic, information, computer, automation, etc.) full-time junior college students, undergraduates, graduate students (master/doctor).
7. Competition Registration
This competition is conducted in the form of registration, and the registration requirements are as follows:
1. Students form their own teams (teams can be formed across schools), each team consists of 1-3 people;
2. Each student can only participate in one team.
8. Award settings
1. First prize: xxxxxx;
2. Second prize: xxxxxxx;
3. Third prize: xxxxxx;
Instructions: xxxxxxx.
9. Miscellaneous
1. After registration, please add the competition notification group in time to get the competition related information in time;
2. The competition results will be published online, and during the publicity period, if there are any objections to the results, they can be reviewed again by contacting the email address. If there are still objections, further contact with the competition organizer can be made.
10. Contact information
Official website: xxxxxx
Competition Notification Group: xxxxxxx
Contact email: xxxxxx