Modern integrated circuits are increasingly complex and often originate from opaque global supply chains, making independent verification of hardware behavior more important than ever. Reverse engineering has therefore become a critical skill—for example, when assessing trustworthiness, detecting malicious modifications, or understanding real-world implementations of cryptographic algorithms.

In this tutorial, we take our first steps in reverse engineering using the open-source HAL framework to analyze gate-level netlists. Together, we explore how to identify functional modules such as registers in order to analyze the hardware implementation of a modern block cipher. To this end, we will identify a malicious sub-circuit leaking the secret key of the cipher using both static and dynamic reverse engineering techniques.

To verify the findings we will run a full simulation using the Verilator to generate a cycle-accurate behavioral model. This also demonstrates the ability of HAL to integrate other reversing tools seamlessly.

Requirements
Some basic understanding of (symmetric) cryptography is helpful, but not strictly required.

The tutorial requires Ubuntu 24.04 (native or as VM) with at least 16 GB of RAM and 40 GB of free disk space. HAL installation instructions will be sent out before the tutorial. A VM will be provided for those not willing to install HAL themselves.

Modern integrated circuits are increasingly complex and often originate from opaque global supply chains, making independent verification of hardware behavior more important than ever. Reverse engineering has therefore become a critical skill—for example, when assessing trustworthiness, detecting malicious modifications, or understanding real-world implementations of cryptographic algorithms.

In this tutorial, we take our first steps in reverse engineering using the open-source HAL framework to analyze gate-level netlists. Together, we explore how to identify functional modules such as registers in order to analyze the hardware implementation of a modern block cipher. To this end, we will identify a malicious sub-circuit leaking the secret key of the cipher using both static and dynamic reverse engineering techniques.

To verify the findings we will run a full simulation using the Verilator to generate a cycle-accurate behavioral model. This also demonstrates the ability of HAL to integrate other reversing tools seamlessly.

Requirements
Some basic understanding of (symmetric) cryptography is helpful, but not strictly required.

The tutorial requires Ubuntu 24.04 (native or as VM) with at least 16 GB of RAM and 40 GB of free disk space. HAL installation instructions will be sent out before the tutorial. A VM will be provided for those not willing to install HAL themselves.

Recent years have produced a patchwork of promising methods for netlist reverse engineering, especially in partitioning and module identification. However, only a small fraction of this research translates into tools that are reliable, scalable, interoperable, and usable in practice. This talk argues that the dominant challenge today is no longer the invention of isolated algorithmic techniques, but the systematic integration of existing methods into an automated, end-to-end workflow that can be deployed, maintained, and trusted as an industry-grade tool. Only such an integrated approach enables reverse engineers to move beyond low-level structural recovery toward higher-level objectives, including the identification of implemented algorithms and the development of actionable, system-level understanding. We therefore need to examine how current state-of-the-art methods perform when applied to realistic netlists, and which techniques are sufficiently robust to be incorporated into a practical reverse engineering pipeline. Beyond purely algorithmic aspects, we also examine the organizational constraints and usability requirements that such a pipeline must address. This includes, for example, the need for on-premise deployment, support for multi-user collaboration, secure sharing of reverse engineering results, and a productive interplay between automated analysis and human expertise, acknowledging that reverse engineering outcomes are inherently imperfect. Finally, we ask how the field can move beyond fragmented and short-lived research prototypes toward a more unified and maintainable platform, and what would be required to make this transition viable for all stakeholders. We outline a roadmap of the technical, operational, and usability challenges ahead, with the goal of fostering discussion around the features and capabilities needed to make automated netlist reverse engineering feasible in practice.