Stefano Di Carlo

Stefano Di Carlo is a full professor of computer engineering at Politecnico di Torino, Department of Control and Computer Engineering, Italy. He received his Ph.D. and M.S. degrees in Computer Engineering from Politecnico di Torino in 1999 and 2003, respectively.

He has authored over 300 publications in major journals and conference proceedings on a wide range of topics. Major topics include dependable computing, artificial intelligence systems, and computational biology. His current research interests include emerging computing paradigms for reliable, energy-efficient computing; computer architectures; neuromorphic computing; systems; and computational biology.


Sessions

06-09
10:30
10min
Microarchitectural Side-Channel Attack on RISC-V
Sadia Shamas, Stefano Di Carlo, Alessandro Savino

Side-channel attacks leveraging microarchitectural features are well-studied on x86 and ARM, but less so on RISC-V. This work implements and evaluates Flush+Reload cache-side-channel attacks on user-space software in a RISC-V system simulated in gem5 full-system mode. We develop both eviction-based and cache-block-invalidate (cbo.inval) probes, establishing an attack methodology for an unprivileged process using the RISC-V cycle counter. Our experiments reveal timing differences between cached and evicted accesses, confirming the existence of exploitable timing channels. While key recovery remains partial, these results demonstrate the feasibility of cache side-channel attacks on RISC-V and validate gem5 as an effective platform for microarchitectural security research.

Blind Submission (Default)
Poster Island A
06-09
11:20
10min
InjectV: Modeling Fault Injection Attacks in RISC-V Simulation Environment
Niccolò Lentini, Giorgio Fardo, Stefano Di Carlo, Alessandro Savino

Fault Injection Attacks (FIAs) induce transient hardware faults to subvert software security mechanisms, yet assessing fault resilience, especially during early design phases, remains impractical without specialized laboratory equipment. Microarchitectural simulation provides a reproducible and scalable alternative. This paper presents InjectV, a gem5-based fault injection framework targeting RISC-V systems, which employs trace-guided fault injection by identifying Candidate Injection Points (CIPs) at security-critical operations including control-flow branches and conditional comparisons. Supporting transient corruption of architectural registers and physical memory under full-system simulation, InjectV demonstrates that guided fault injection requires 95.8% fewer injections than random exploration to expose successful attacks on the FISSC VerifyPIN benchmarks.

Blind Submission (Default)
Poster Island A
06-10
11:10
10min
Vitamin-V: Results and Lessons Learnt
Ramon Canal, Stefano Di Carlo, Dimitris Gizopoulos

Vitamin‑V (2023–2025) is a Horizon Europe project building a production‑grade, open‑source RISC‑V ecosystem for cloud environments. It extends RISC-V ISA support in three execution platforms (QEMU, gem5, FPGA), enables virtualization and contributes to the development of full cloud‑native stacks—OpenStack, Kubernetes, Kata Containers, RustVMM. The project also boosts commercial developments from Semidynamics, ZeroPoint, and Virtual Open Systems. This paper summarizes the technical outcomes and lessons learned.

Non-Blind submission
Poster Island C