Computer Laboratory

[What's New] [Research Proposal] [Scientific Interests] [My Skills] [Research and Plans] [Old Projects] [Contact Details] [Publications]

Dr Sergei Skorobogatov

I am a Senior Research Associate in the Security Group at the Computer Laboratory of the University of Cambridge in the UK.

I have background in electronics, chemistry, computer science and physics. Before starting my research at the University of Cambridge in 2000, I was working for industry designing various electronic devices for eye sight diagnostic and correction.

My research interests include Hardware Security, Embedded memory security, Smartcards, Semiconductors Failure Analysis methods.


I work in the Hardware Security field on attack technologies and tamper-resistant processors.
My Hardware Security research is aimed at finding vulnerabilities, hidden functions and backdoors in silicon chips. Many new attack methods and techniques were developed by me in the past decade.

I am a Direct-From-Memory project manager in collaboration with Quo Vadis Labs working on security analysis of semiconductor memory. Within the University part of the project I supervise a postdoctoral researcher Dr Franck Courbon. The project is aimed at exploring the limits for non-penetrative analysis of embedded memory for failure analysis and integrity testing purposes. We are developing new probing techniques to analyse the contents of on-chip semiconductor memory including but not limited to SRAM, ROM, EEPROM, Flash and FRAM (FeRAM) using non-invasive, semi-invasive and invasive methods. The project will run until April 2017 with possibility of extension.

Here is the list of some of my recent research projects:

Usually new areas of research require additional work force. For that collaborators from industry and academia are sought and new grant applications are submitted. Should a new postdoc position be open this will be announced at the University Job site.

I am a member of the following communities:

  • Hardware-Oriented Security and Trust (HOST), Program Committee (2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016)
  • Cryptographic Hardware and Embedded Systems (CHES), Program Committee (2010, 2012, 2016)
  • Fault Diagnosis and Tolerance in Cryptography (FDTC), Program Committee (2010, 2011, 2012, 2013, 2014, 2015, 2016)
  • Smart Card Research and Advanced Application Conference (CARDIS), Program Committee (2011, 2012, 2013)
  • Constructive Side-Channel Analysis and Secure Design (COSADE), Program Committee (2012)
  • Digital System Design (DSD) Euromicro conference, Special Session Program Committee (2014, 2015, 2016)
  • Design, Automation and Test in Europe (DATE), Program Committee (2017)
  • European Research Council (ERC), Peer Reviewer (2010)
  • Technology Foundation STW, Dutch Research Funding Council, Peer Reviewer (2013)
  • Journal of Cryptographic Engineering (JCEN), Associate Editor and Peer Reviewer (2011, 2012, 2013, 2014, 2015)
  • IEEE Transactions on Computers (TC), Peer Reviewer (2006, 2007, 2009, 2012, 2013, 2014)
  • IEEE Transactions on Reliability (TR), Peer Reviewer (2014)
  • IEEE Transactions on Computer-Aided Design of ICs and Systems (2014)
  • Wiley Publisher, Reviewer (2010)
  • Journal of Information Security, Peer Reviewer (2011)
  • Journal of Microelectronics Reliability, Peer Reviewer (2012, 2013)
  • Journal of Information Science and Engineering, Peer Reviewer (2013)
  • The Computer Journal (COMPJ), Peer Reviewer (2013)
  • ACM Transactions on Reconfigurable Technology and Systems, Peer Reviewer (2008, 2013)
  • ACM Transactions on Information and System Security, Peer Reviewer (2013)
  • Microprocessors and Microsystems (Elsevier), Peer Reviewer (2015)

Here are some of my current project ideas for undergraduate students. Old project ideas are placed here and here.


Since 2008 I have been giving guest lectures on Tamper resistance and hardware security in the Part II Security course for undergraduate students.

Since 2013 I have been contributing to the PartIII/MPhil ACS course Current Applications and Research in Computer Security as a guest convener with topic "Tampering with hardware".

I am invited from time to time to give lectures about my research achievements. The usual places are security-related workshops and other universities. Please refer to my publications section for the full list.

I now have a dedicated teaching course on Hardware Security aimed at industrial engineers and graduate students. It covers the following subjects: Introduction to Hardware Security; Common mistakes in the design of secure hardware; Data remanence effects in memory; Imaging techniques and Optical attacks; Side-channel attacks; Lessons, Countermeasures and Defence technologies. The course was well received by various people from industry and academia. I now have a contract with a large industrial chip manufacturing company for running yearly teaching course for their design engineers during the next five years.

As an initial reading on the hardware security subject I recommend my PhD thesis and a book "Introduction to Hardware Security and Trust" to which I contributed on Physical Security (Chapter 7). For further reading please see my publications list. Also latest research achievements in that area are usually published at the following conferences: CHES, HOST, FDTC, COSADE and CARDIS.

If you are keen about Hardware Security, have some amazing projects in mind and want to do PhD research under my supervision please first see information about PhD degree at the Computer Laboratory before contacting me.

What's New

I am a project manager in collaboration with Quo Vadis Labs working on security analysis of semiconductor memory. Within the University part of the project I supervise a postdoctoral researcher Dr Franck Courbon. The project is aimed at exploring the limits for non-penetrative analysis of embedded memory for failure analysis and integrity testing purposes. We are developing new probing techniques to analyse the contents of on-chip semiconductor memory including but not limited to SRAM, ROM, EEPROM, Flash and FRAM (FeRAM) using non-invasive, semi-invasive and invasive methods. The project will run until April 2017 with possibility of extension.

I have been criticised a lot about the fact that most of the chips I analyse and publish successful attacks on, are built with 0.7-micron or even 0.9-micron technology. This is now changed, meaning that chips I use in my new research investigations are built with at least 0.5-micron technology (still popular in some secure chips) and some tests applied down to 90nm chips, with some interesting results recently published on 0.13-micron chips.

I was contacted many times in the past with questions about consulting projects I can perform here in the lab. It was mainly caused by rapidly growing concerns about hardware security of semiconductor products (mostly microcontrollers, CPLDs and FPGAs) and growing intellectual property theft in Asian countries where most outsourcing is taking place. Some projects were aimed on finding security flaws in existing devices in order to improve their security or to select the most secure parts from a list. Other projects were dedicated for teaching and educating personnel. While other projects were about developing of certain attack techniques. More information on the types of research projects and possible collaboration with industry.

Upcoming events (soonest first)

We are currently hiring a new postdoc to work on Security Analysis of Semiconductor Memory project for at least 12 months.

The cause of embedded systems sporadic failures was found and this could have very serious consequences. You might have come across situations when some microcontroller-based systems started behaving odd or stopped working. This might be home appliances, cars, industrial equipment etc. It seems that a serious reliability issue was overlooked and we might see more systems and devices starting to behave unpredictably or going off. If it is a toaster or microwave oven you can cope, but what about old electronic equipment used in cars, avionics and industrial infrastructure? Draft report will be published soon.

Past events (latest first)

Chip and Skim: cloning EMV cards with the pre-play attack. Co-authored paper presented at IEEE Symposium on Security and Privacy ("Oakland"), 18-21 May, 2014, San Jose, USA

I gave a talk at the Security Group seminar on 13 May 2014 (slides: Security, Reliability and Backdoors). I presented my research into backdoors present in hardware or embedded firmware causing a potential security threat. However, the reason for their existence is questionable. In this talk implications imposed by backdoors on real systems were presented at various levels from silicon hardware (SoC FPGA ), through embedded firmware (Smartcard) to system software (Industrial controller). I showed how the backdoors can be found and exploited. The aim of this talk was to raise a discussion about the influence of backdoors on security and reliability.

I gave a guest lecture "Tamper resistance and hardware security" in the Part II Security course for undergraduate students 2013-14.

I gave a lecture course on Hardware Security of semiconductor chips at Nanyang Technological University in Singapore for undergraduates and PhD students of Temasek Laboratory department in May 2013.

I gave invited talk "Silicon scanning technology for hidden backdoors in semiconductor chips" at National University of Singapore, Department of Engineering on 20 May 2013.

My research proposal for the 2015-2016 academic year

(public open abstract part only; detailed proposal and other parts are confidential)

  • Using new methods of side-channel analysis for finding backdoors and trojans in secure chips

    Status: ongoing research project

  • Using side-channel analysis and fault attacks for partial reverse engineering of secure chips

    Status: ongoing research project

  • EEPROM and Flash memory analysis methods. This research project is aimed on developing new techniques for analysing EEPROM and Flash memory contents using semi-invasive methods.

    Status: ongoing research project

  • Investigation of hardware security related problems in Flash and EEPROM memory structures. Evaluation against: fault injection, data remanence, external influence, side-channel leakage, memory extraction and new attacks.

    Status: ongoing research project

  • Practical use of fault-injection attacks. We introduced these attacks in 2002. Unfortunately they have still not been properly investigated. Research is needed to estimate the requirements on these attacks for each chip manufacturing technology and possible success rate. We are currently setting up the equipment necessary for this research.

    Status: ongoing research project

  • Practical reverse engineering of programmable logic chips. It is strongly believed that CPLDs and FPGAs offer superior IP protection by design as there is no sequential programming execution flow and the device functionality is obscured using proprietary encoding. The question is how far an attacker can go by observing the device configuration process and analysing the differences.

    Status: proposed research project

  • Data remanence in EEPROM and Flash memory devices under special conditions. Additional directions for my previous research on data remanence in semiconductor memory devices.

    Status: ongoing research projects

  • Advanced optical probing attacks. Research into practical methods of reading SRAM, EEPROM and Flash memory contents using semi-invasive approach.

    Status: proposed research project

  • Advanced EMA attacks. Research into combining of EMA attacks with semi-invasive methods.

    Status: proposed research project

  • High-resolution power analysis. Research into improving effectiveness of power analysis attacks by using special data acquisition, measurement and post-processing techniques.

    Status: ongoing research project

  • Using nanotechnologies for hardware security analysis. Current trends in the miniaturisation of electronic devices demand the ability to understand the structure and properties on the deep submicron level (latest technology is 14nm and 10nm is already proposed). Recent achievements in scanning probe microscopy allow us to observe many characteristics of semiconductor chip surface such as landscape (with atomic force microscopy), doping concentration (with scanning capacitance microscopy), resistance (with scanning spreading resistance microscopy), magnetic field (with magnetic force microscopy), temperature (with scanning thermal microscopy), and many others. We need research to estimate how much information could be extracted from silicon chips by using such technologies. This research might involve designing and building some special microscopes. As such research requires large investments in equipment, it is difficult to predict when it will be started.

    Status: proposed research project

My scientific interests


Some of my special skills and fields of knowledge include:

  • Secure microcontrollers
  • Tamper resistance, smartcard systems, analysis of secure systems
  • Decapsulation and chemical (wet) etching
  • Semi-invasive attacks
  • FIB workstation (FEI Vectra 200)
  • Laser cutting systems
  • Probing stations and microprobing techniques
  • Submicron mechanical positioning (stage1, stage2, stage3, stage4 ).
  • Laser microscopy
  • Advanced imaging techniques
  • Assembler programming (8048, Z80, 8051, 6502, 80x86, 6805/08/11, PIC12/16/18/24, 68000, AVR, MIPS, ARM, MSP430, H8/300, PowerPC)
  • C/C++ programming for PC and embedded systems
  • Verilog HDL programming (Altera, Xilinx)
  • Designing of hardware devices using CPLDs and FPGAs (Altera, Xilinx)
  • Printed Circuit Boards (PCB) design
  • IBM PC hardware design and programming
  • Hardware design and programming for Sinclair ZX Spectrum, Nintendo (NES) game console, SEGA Megadrive game console

Some of my research and plans

Up-to-date information on my hardware security research.

My first security-related research project was an analysis of the copy protection mechanisms in modern microcontrollers. I still work in this area and I occasionally provide penetration testing and consulting services for old and new microcontroller designs. My work aims at understanding the detailed mechanism of how protection can be broken and how the security of new designs can be improved.

Using new methods of side-channel analysis for finding backdoors and trojans in secure chips.

Using side-channel analysis and fault attacks for partial reverse engineering of secure chips.

Developing new technology for effective side-channel analysis and secret key extraction from real-world devices.

My other research is more about a general evaluation of different memory structures against all kind of attacks, rather than testing any particular samples. As I expected long time ago (it was announced by me in 1999) Flash and EEPROM memories are not very good candidates for hardware security on their own, unless special attention was taken into data flow control and interface protocols. It was also suggested in my popular article on copy protection in microcontrollers with its first edition in year 2000. Much more information about various problems in EPROM, EEPROM and Flash memories are in my Ph.D. thesis which is available for public. My further research will involve detailed investigation in different Flash/EEPROM memory cells as well as in antifuse cells which are believed to be highly secure and my personal opinion is that it was not properly proved and tested. The next step would be learning and testing FRAM and MRAM memory structures as they are considered to be a highly secure replacement to Flash and EEPROM memories.

Past projects

How you can contact me

Dr Sergei P. Skorobogatov
University of Cambridge
Computer Laboratory
William Gates Building
15 JJ Thomson Avenue
Cambridge CB3 0FD
United Kingdom
Phone:  +44 (0)1223 763563
        +44 (0)1223 763744
Fax:    +44 (0)1223 334678
Email:  Sergei.Skorobogatov (at)
        sps32 (at)
        sps32 (at)
        Sergei.Skorobogatov (at)

Secure email: For confidential messages use HushMail and send email to my HushMail address Sergei.Skorobogatov (at) Alternatively, use my PGP key.

I always reply to personal emails. But sometimes due to server problems or spam filters mail could be lost. Therefore please resend your message if I have not replied within one week. In case of important messages I would prefer you to forward a copy of your letter to my HushMail address. Please avoid using HTML format in your emails (such messages are very likely to be filtered out) and ask my permission if you want to attach any files to your emails.


Please do not copy any of my publications onto your own Internet server for public access without explicit permission. If you want to refer to any of my texts, please use a hyperlink to my original and not a copy. I update these texts frequently and I want to prevent the confusion that arises if people read somewhere else obsolete versions that are not under my control.

Press releases September 2012

Press releases May 2012

Press releases 2002


English texts

Russian texts

[What's New] [Research Proposal] [Scientific Interests] [My Skills] [Research and Plans] [Old Projects] [Contact Details] [Publications]

Sergei Skorobogatov <Sergei.Skorobogatov (at)>
last modified 19-05-2016 --

Keywords: hardware security, hardware assurance, analysis, evaluation, computer testing, microcontroller, smartcard, embedded systems, tamper resistance, trojans, backdoors, smartcard systems, breaking copy protection, IP, data extraction, AES key, DES, TDES, RSA, SHA-1, electronic engineering, invasive, non-invasive, semi-invasive attacks, optical probing, side-channel, EMA, power analysis, cryptography, encryption, crypto, digital electronics, controllers, MCU, CPLD, FPGA, ASIC, IC, fuse, antifuse, flash, EPROM, EEPROM, lock bits, attacking, cracking, hacking, crack, hack, unlock, unprotect, break, reverse engineer, recover, recovery, Motorola, Atmel, Microchip, NEC, Texas Instruments, Hitachi, Renesas, Winbond, Freescale, Cypress, Maxim, Dallas, Zilog, STMicroelectronics, SGS Thomson, Ubicom, Scenix, Intel, Cygnal, Philips, Holtek, Mitsubishi, Siemens, Samsung, Toshiba, Actel, NXP, ARM, Elan, Altera, Infineon, Lattice, Xilinx, Fujitsu, Maxim, Temic, Macronix, National Semiconductor, PIC, AVR, MSP430, H8, ST62, Z86, MC68HC, HC908, HC12, PIC16, PIC18, PIC24, dsPIC30, dsPIC33, DS2432, 78K, V850, V850E, V850E1, V850ES, V850E2, AT89, AT90, ATMEGA, ATtiny, PA3, A3P, ProASIC, ProASIC3, Igloo, Fusion, SmartFusion, passkey, flashlock, ibutton, Nintendo, SEGA, SONY, WII, NES, Newport, PM500 card, motorized stage, motion control, Kensington