HS3 2025: 1st Workshop on Hardware-Supported Software Security

---

Co-located with ESORICS 2025, 25th of September 2025 in Toulouse, FR.

Underside of a CPU with contacts (Land Grid Array) and some components visible. Photo by Ryan on Unsplash.

Abstract

The HS3 workshop seeks to share experience, tools and methodology on hardware-assisted software security. We are looking forward to submissions that propose new architectures offering better resilience against software attacks. These architectures should rely on hardware-based security mechanisms to protect the software stack. One of the challenges is to formally specify and verify the security guarantees offered by such architectures and to better assess the security guarantees provided by existing hardware architectures against software attacks, especially attacks against micro-architecture. This can be achieved by identifying new vulnerabilities using reverse engineering, fuzzing or other attack approaches. The goal of the HS3 workshop is to provide a forum for researchers and practitioners from academia, industry and government that work on hardware-assisted software security. HS3 2025 has a special theme on “Secure Monitoring, Intrusion Detection, and Incident Response” and we are specifically looking forward to submissions that present hardware-assisted approaches in this domain.

Aim and Scope

Combining software and hardware aspects to consider new software attacks is becoming increasingly important. For example, hardware vulnerabilities such as Spectre or Meltdown can be exploited purely by software attacks. Such attacks can be executed remotely and do not require physical access to the targeted hardware platform. On the other hand, hardware features can be used to better detect and respond to traditional software attacks, such as memory corruption. Therefore, it is necessary to study the security of software/hardware interfaces in terms of attacks and defences.

The purpose of the HS3 workshop is to share experience, tools and methodology on hardware-assisted software security. On one hand, we need to propose new architectures offering better resilience against software attacks. These architectures should rely on hardware-based security mechanisms to protect the software stack. One of the challenges is to formally specify and verify the security guarantees offered by such architectures. On the other hand, we also need to assess better the security guarantees provided by existing hardware architectures against software attacks, especially attacks against micro-architecture. This can be achieved by identifying new vulnerabilities using reverse engineering, fuzzing or other attack approaches. The goal of the HS3 workshop is to provide a forum for researchers and practitioners from academia, industry and government that work on hardware-assisted software security.

Special Theme: Secure Monitoring, Intrusion Detection, and Incident Response

Intrusion Detection System have become ubiquitous cybersecurity tools that monitor network traffic or other system activity to then identify anomalous behaviour or policy violations. Upon detection, these systems may alert security teams or central security systems, reporting potential threats, or even trigger automated responses. For this year’s edition of the HS3 workshop, we especially encourage submissions that investigate questions regarding the hardware-supported design of such systems. We are specifically interested in submissions in the area of secure monitoring, intrusion detection, and incident response, and we seek to develop a special track, potentially with invited talks or panel discussions, on this domain.

Topics of Interest

Topics of interest include, but are not limited, to the following

• Hardware-based security mechanisms
• Hardware-assisted and secure system monitoring
• Hardware-assisted intrusion detection and reaction
• Hardware-assisted privacy and anonymity
• Hardware enclaves and Trusted Execution Environments
• Security co-processors
• Leveraging hardware features at the software level (e.g. compiler, OS) for security
• Hardware/software contracts for security
• Formal methods applied to the hardware-assisted security
• Hardware trace mechanisms for security
• OS and VM introspection
• Software side-channel attacks
• Software attacks against micro-architecture
• Software-activated fault attacks

Location and Venue

HS3 2025 is co-located with the 30th European Symposium on Research in Computer Security in Toulouse, France. The workshop will take place right after the main conference, on the 25th of September 2025.

Important Dates

• Submission: May 21, 2025 – 11:59pm AoE
• Author Notification: June 15, 2025
• Camera Ready Version: June 27, 2025
• Workshop: September 25, 2025

A plain-text version of this Call for Papers is available.

Submission and Publication

There are two categories of submissions:

1. Regular papers describing fully developed work and complete results (20 pages, references included, LNCS format)
2. Short papers, position papers, industry experience reports, work-in- progress submissions and ideas (10 pages, references included, LNCS format; work-in-progress and idea submissions should clearly outline the research hypothesis, evaluation strategy and potential impact)

All papers must be written in English and describe original work that has not been published or submitted elsewhere. The submission category (regular paper, short paper, special theme) should be clearly indicated. Members of the The Program Committee will fully review all submissions. Papers will be published by Springer in the Lecture Notes in Computer Science (LNCS) series. Contact the Program Chairs if you do not want your short paper to appear in the proceedings.

Papers must be typeset in LaTeX using the LNCS template. Failure to adhere to the page limit and formatting requirements can be grounds for rejection.

For accepted papers, at least one author must attend the workshop.

Participation and Programme

Details on participation will appear soon. For now please focus on submitting something :-)

Organisation and Programme Committee

• Guillaume Hiet, IRISA, CentraleSupelec/Inria, France (co-chair)
• Yuko Hara, Institute of Science, Tokyo, Japan (co-chair)

• Jan Tobias Muehlberg, Universite Libre de Bruxelles, Belgium (co-chair)

• Iness Ben Guirat, Universite Libre de Bruxelles
• Pascal Cotret, ENSTA Bretagne
• Kevin Cheang, University of California, Berkeley
• Chris Dalton, HP Labs
• Merve Gülmez, Ericsson Research/KU Leuven
• Vianney Lapôtre, Univ. South Brittany
• Clémentine Maurice, CNRS
• Maria Méndez Real, Université Bretagne Sud
• Kaveh Razavi, ETH Zurich
• Shweta Shinde, ETH Zurich
• Volker Stolz, HVL

• Pierre Wilke, CentraleSupélec/Inria

• Contact email: hs3-workshop@inria.fr

Image Credits

Title image by Ryan on Unsplash.