For two decades, reverse engineering has evolved from a niche manual craft into a foundational pillar of security assurance. Yet, as the two impulse talks at the beginning of this session have shown, the field currently stands at a crossroads. While we look upon years of research and hundreds of technical methods, the practical reality is a landscape of fragmented prototypes, low reproducibility, and significant "translation friction" between academic theory and industry application.

This panel discussion moves beyond the "what" of reverse engineering to confront the "how" of its future. We bring together a diverse cohort of experts to bridge the gap between academic success, open-source mindset and contributions, and industry-grade workflows. This panel will discuss a range of ongoing challenges and their potential for tension between stakeholders, but also promising solutions, all to aim for a future where automated netlist analysis is not just a research possibility, but a reliable, scalable, and trustworthy reality.

In this talk, we present a case study of various defensive measures we encountered during an ongoing research project targeting a widely deployed, though older generation (180nm), secure element from a major vendor.

Well over a hundred unique library cells were reverse engineered, ranging from simple NAND/NOR gates with a range of drive strengths to clock gating cells, latches, scan chain flipflops, and more. Several distinct cell libraries were found in different parts of the device, which may point to these modules having been developed by different engineering teams, or that they are third party hard IP blocks.

Many different protection mechanisms were identified including front side active mesh, internal memory address and data bus scrambling, and deliberately convoluted routing passing through many buffer cells to obfuscate the ultimate destination of the signal. We discuss the effectiveness of these countermeasures and how difficult or time-consuming we found each to overcome.