pith. sign in

arxiv: 2605.07486 · v1 · submitted 2026-05-08 · 💻 cs.CR

Spying Across Chiplets: Side-Channel Attacks in 2.5/3D Integrated Systems

Giorgio Di Natale , Christelle Rabache , Pierre-Louis Hellier , Florence Podevin , Sylvain Bourdel , Romain Siragusa , Paolo Maistri This is my paper

Pith reviewed 2026-05-11 01:56 UTC · model grok-4.3

classification 💻 cs.CR
keywords side-channel attackschiplets2.5D/3D integrationhardware securitycross-chiplet leakageadversary model
0
0 comments X p. Extension

The pith

A communication-oriented chiplet can capture side-channel signals correlated with a neighboring victim chiplet's activity.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper shows that side-channel attacks are feasible across chiplets in 2.5/3D integrated systems. The central idea is that a chiplet designed for external communication, such as through an antenna or RFID structure, can be repurposed by an adversary to observe signals from an adjacent victim chiplet inside the same package. The authors formalize a realistic adversary model and back it with experimental evidence that activity correlations are detectable through the communication interface. This finding matters because chiplet architectures are promoted for their modularity and performance, yet they create new physical attack surfaces that standard isolation may not address. If correct, security assumptions about inter-chiplet separation must be revisited for systems handling sensitive data.

Core claim

The paper's core claim is that signals captured through a communication-oriented interface can reveal information correlated with the activity of a neighboring victim chiplet. The authors describe an adversary who controls or observes the communication chiplet, originally intended for external interaction, and demonstrate through experiments that this setup allows extraction of usable side-channel data without direct access to the victim.

What carries the argument

The communication-oriented chiplet repurposed as an internal observation platform that captures side-channel information via its external interface.

If this is right

  • Side-channel leakage becomes possible between chiplets without physical probing of the victim.
  • Inter-chiplet signal correlations must be considered in the security analysis of 2.5/3D packaged systems.
  • Communication interfaces originally added for external functionality expand the internal attack surface.
  • Existing packaging-level isolation may fail to prevent cross-chiplet side-channel attacks.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Chiplet-based secure systems may require new package-level shielding or filtering to limit unintended signal coupling.
  • Similar leakage risks could appear in other modular architectures that combine contactless interfaces with active compute elements.
  • Security standards for heterogeneous integration might need explicit requirements for side-channel resistance across chiplet boundaries.

Load-bearing premise

A communication-oriented chiplet can be controlled or observed by an adversary and its interface captures usable side-channel information from a neighboring victim without system-level isolation blocking it.

What would settle it

An experiment in which no statistical correlation appears between the signals measured at the communication chiplet's interface and the computational activity of the victim chiplet under controlled conditions.

Figures

Figures reproduced from arXiv: 2605.07486 by Christelle Rabache, Florence Podevin, Giorgio Di Natale, Paolo Maistri, Pierre-Louis Hellier, Romain Siragusa, Sylvain Bourdel.

Figure 1
Figure 1. Figure 1: Illustration of the proposed attack scenario. [PITH_FULL_IMAGE:figures/full_fig_p003_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Baseline DPA result obtained from the externally observed supply [PITH_FULL_IMAGE:figures/full_fig_p005_2.png] view at source ↗
Figure 4
Figure 4. Figure 4: 3D view of the system showing the victim chip ground plane (dark [PITH_FULL_IMAGE:figures/full_fig_p005_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: 3D view of the system showing the victim chip ground plane (dark [PITH_FULL_IMAGE:figures/full_fig_p005_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: Electrical schematic for transient analysis of the attack. [PITH_FULL_IMAGE:figures/full_fig_p006_6.png] view at source ↗
Figure 8
Figure 8. Figure 8: Transient analysis results using the inductive+capacitive probe [PITH_FULL_IMAGE:figures/full_fig_p006_8.png] view at source ↗
Figure 11
Figure 11. Figure 11: Outcome of the DPA applied to the reconstructed traces obtained [PITH_FULL_IMAGE:figures/full_fig_p007_11.png] view at source ↗
Figure 9
Figure 9. Figure 9: Waveforms associated with the capacitive coupling scenario. (a): [PITH_FULL_IMAGE:figures/full_fig_p007_9.png] view at source ↗
Figure 10
Figure 10. Figure 10: Outcome of the DPA applied to the reconstructed traces obtained [PITH_FULL_IMAGE:figures/full_fig_p007_10.png] view at source ↗
read the original abstract

Advanced packaging and chiplet-based integration are increasingly adopted to build complex heterogeneous systems beyond the limits of monolithic scaling. While these architectures offer major benefits in terms of modularity, yield, and performance, they also introduce new physical attack surfaces. In this paper, we show that side-channel attacks can be mounted across chiplets within the same package or stack. Our key idea is that a communication-oriented chiplet, originally intended to interact with the external environment through an antenna, an RFID-like element, or another contactless coupling structure, can be repurposed as an internal observation platform. We formalize this threat through a realistic adversary model, describe the corresponding attack principle, and experimentally assess its feasibility. The obtained results demonstrate that signals captured through such a communication-oriented interface can reveal information correlated with the activity of a neighboring victim chiplet.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper claims that side-channel attacks can be mounted across chiplets in 2.5D/3D integrated systems by repurposing a communication-oriented chiplet (originally for external interaction via antenna, RFID-like element, or contactless coupling) as an internal observation platform. It formalizes a realistic adversary model, describes the attack principle, and experimentally assesses feasibility, with results showing that signals captured through the communication interface can reveal information correlated with the activity of a neighboring victim chiplet.

Significance. If the experimental results hold under realistic conditions, this work is significant as it identifies a novel attack surface in emerging heterogeneous chiplet architectures, which are increasingly adopted for modularity and performance beyond monolithic scaling. A concrete demonstration of cross-chiplet leakage could inform packaging security practices and isolation techniques in future systems.

major comments (2)
  1. Abstract: the assertion of experimental feasibility and correlation is presented without any quantitative results (e.g., correlation coefficients, SNR values, error bars, or measurement setup parameters), which are load-bearing for substantiating the central claim that usable side-channel information can be obtained from a neighboring victim.
  2. Experimental assessment section: the description does not address whether the testbed incorporates realistic interposer shielding, ground planes, TSV isolation, or other standard mitigations that would normally suppress package-level electromagnetic or power coupling; without this, the observed correlation may not generalize to production 2.5/3D stacks.
minor comments (2)
  1. The abstract could more explicitly state the specific side-channel modality (e.g., EM emanation or power) being exploited through the communication interface.
  2. Ensure experimental figures include clear axis labels, legends, and scale information to support reproducibility of the correlation observations.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive feedback on our manuscript. The comments highlight opportunities to strengthen the presentation of our results and the description of our experimental setup. We address each major comment below.

read point-by-point responses

  1. Referee: Abstract: the assertion of experimental feasibility and correlation is presented without any quantitative results (e.g., correlation coefficients, SNR values, error bars, or measurement setup parameters), which are load-bearing for substantiating the central claim that usable side-channel information can be obtained from a neighboring victim.

    Authors: The abstract serves as a high-level summary of the contribution. The quantitative details of the experimental results, including correlation coefficients and SNR values, appear in the experimental assessment section. To address the concern, we will revise the abstract to incorporate a concise quantitative statement highlighting the strength of the observed correlations, thereby better substantiating the central claim without exceeding typical abstract length constraints. revision: yes

  2. Referee: Experimental assessment section: the description does not address whether the testbed incorporates realistic interposer shielding, ground planes, TSV isolation, or other standard mitigations that would normally suppress package-level electromagnetic or power coupling; without this, the observed correlation may not generalize to production 2.5/3D stacks.

    Authors: This is a valid observation regarding the scope of our testbed. Our prototype setup was intentionally configured without additional shielding or isolation mechanisms to isolate and demonstrate the existence of the cross-chiplet leakage path. In the revised manuscript, we will expand the experimental assessment section to explicitly describe the testbed configuration, note the absence of standard mitigations, and include a discussion of how the results underscore the importance of considering such leakage in the design of future 2.5/3D packaging. revision: yes

Circularity Check

0 steps flagged

No derivation chain or equations present; experimental demonstration only

full rationale

The paper is an experimental threat demonstration that formalizes an adversary model and reports measured correlations from a testbed. It contains no equations, fitted parameters, predictive derivations, or self-citations that bear load on a mathematical result. The central claim rests on physical measurements rather than any reduction of outputs to inputs by construction. No steps match the enumerated circularity patterns.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The claim rests on the domain assumption that physical side-channel leakage propagates across chiplet boundaries and can be captured by a communication interface; no free parameters or invented entities are introduced.

axioms (1)
  • domain assumption Side-channel information leaks through physical proximity and can be observed via repurposed communication structures in multi-chiplet packages
    Invoked when formalizing the adversary model and attack principle in the abstract.

pith-pipeline@v0.9.0 · 5464 in / 1146 out tokens · 26548 ms · 2026-05-11T01:56:16.354309+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

19 extracted references · 19 canonical work pages

  1. [1]

    Fletcher

    B. Fletcher. (2019, Nov.) Wireless 3d integration – making stacking silicon as easy as stacking lego (2/2). Arm Research blog. [Online]. Available: https://developer.arm.com/community/arm-research/b/articles/posts/ wireless-3d-integration-making-stacking-silicon-as-easy-as-stacking-lego-2-2

    work page 2019

  2. [2]

    Toshi – towards secure heterogeneous integration: Security risks, threat assessment, and assurance,

    N. Vashistha, M. L. Rahman, M. S. U. Haque, A. Uddin, M. S. U. I. Sami, A. M. Shuo, P. Calzada, F. Farahmandi, N. Asadizanjani, F. Rahman, and M. Tehranipoor, “Toshi – towards secure heterogeneous integration: Security risks, threat assessment, and assurance,” IACR Cryptology ePrint Archive, Paper 2022/984, 2022. [Online]. Available: https://eprint.iacr.o...

    work page 2022

  3. [3]

    On hardware security and trust for chiplet-based 2.5D and 3D ICs: Challenges and innovations,

    J. Suzano, F. Abouzeid, G. D. Natale, A. Philippe, and P. Roche, “On hardware security and trust for chiplet-based 2.5D and 3D ICs: Challenges and innovations,”IEEE Access, vol. 12, pp. 29 778–29 794, 2024

    work page 2024

  4. [4]

    On mitigation of side-channel attacks in 3d ics: Decorrelating thermal patterns from power and activity,

    J. Knechtel and O. Sinanoglu, “On mitigation of side-channel attacks in 3d ics: Decorrelating thermal patterns from power and activity,” in Proceedings of the 54th Annual Design Automation Conference 2017, ser. DAC ’17, 2017, pp. 12:1–12:6

    work page 2017

  5. [6]

    An inside job: Remote power analysis attacks on fpgas,

    F. Schellenberg, D. R. E. Gnad, A. Moradi, and M. B. Tahoori, “An inside job: Remote power analysis attacks on fpgas,”IEEE Design & Test, vol. 38, no. 3, pp. 58–66, 2021

    work page 2021

  6. [7]

    Remote inter-chip power analysis side-channel attacks at board- level,

    ——, “Remote inter-chip power analysis side-channel attacks at board- level,” inProceedings of the 2018 IEEE/ACM International Conference on Computer-Aided Design, ser. ICCAD ’18, 2018

    work page 2018

  7. [8]

    System-level exploration of in-package wireless communication for multi-chiplet platforms,

    R. Medina, J. Kein, G. Ansaloni, M. Zapater, S. Abadal, E. Alarcón, and D. Atienza, “System-level exploration of in-package wireless communication for multi-chiplet platforms,” inProceedings of the 28th Asia and South Pacific Design Automation Conference, ser. ASP-DAC ’23, 2023, pp. 561–566

    work page 2023

  8. [10]

    Available: https://arxiv.org/abs/2501.17567

    [Online]. Available: https://arxiv.org/abs/2501.17567

    work page arXiv

  9. [11]

    FPGA-based remote power side-channel attacks,

    M. Zhao and G. E. Suh, “FPGA-based remote power side-channel attacks,” in2018 IEEE Symposium on Security and Privacy (SP), 2018, pp. 229– 244

    work page 2018

  10. [12]

    An inside job: Remote power analysis attacks on FPGAs,

    F. Schellenberg, D. R. E. Gnad, A. Moradi, and M. B. Tahoori, “An inside job: Remote power analysis attacks on FPGAs,”IEEE Design & Test, vol. 38, no. 3, pp. 58–66, 2021

    work page 2021

  11. [13]

    Remote inter-chip power analysis side-channel attacks at board- level,

    ——, “Remote inter-chip power analysis side-channel attacks at board- level,” in2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), 2018, pp. 1–8

    work page 2018

  12. [14]

    Hardware security threats and potential countermeasures in emerging 3D ICs,

    J. Dofe, Q. Yu, H. Wang, and E. Salman, “Hardware security threats and potential countermeasures in emerging 3D ICs,” inProceedings of the Great Lakes Symposium on VLSI 2016, 2016, pp. 69–74

    work page 2016

  13. [15]

    On mitigation of side-channel attacks in 3D ICs: Decorrelating thermal patterns from power and activity,

    J. Knechtel and O. Sinanoglu, “On mitigation of side-channel attacks in 3D ICs: Decorrelating thermal patterns from power and activity,” in Proceedings of the 54th Annual Design Automation Conference (DAC), 2017, pp. 12:1–12:6

    work page 2017

  14. [16]

    Analysis of the security vulnerabil- ities of 2.5-D and 3-D integrated circuits,

    V . V . Rao, A. Sasan, and I. Savidis, “Analysis of the security vulnerabil- ities of 2.5-D and 3-D integrated circuits,” in2022 23rd International Symposium on Quality Electronic Design (ISQED), 2022, pp. 1–7

    work page 2022

  15. [17]

    ToSHI – towards secure heterogeneous integration: Security risks, threat assessment, and assurance,

    N. Vashistha, M. L. Rahman, M. S. U. Haque, A. Uddin, M. S. U. I. Sami, A. M. Shuo, P. Calzada, F. Farahmandi, N. Asadizanjani, F. Rahman, and M. Tehranipoor, “ToSHI – towards secure heterogeneous integration: Security risks, threat assessment, and assurance,” 2022. [Online]. Available: https://eprint.iacr.org/2022/984

    work page 2022

  16. [18]

    Covert channel communication as an emerging security threat in 2.5D/3D integrated systems,

    I. Miketic, K. Dhananjay, and E. Salman, “Covert channel communication as an emerging security threat in 2.5D/3D integrated systems,”Sensors, vol. 23, no. 4, p. 2081, 2023

    work page 2081

  17. [19]

    Evaluating vulnerability of chiplet-based systems to contactless probing techniques,

    A. Deric, K. Mitard, S. Tajik, and D. E. Holcomb, “Evaluating vulnerability of chiplet-based systems to contactless probing techniques,” in2024 IEEE International Test Conference (ITC), 2024, pp. 71–75

    work page 2024

  18. [20]

    Enhancing DFT security in chiplet-based systems with encryption and integrity checking,

    J. Suzano, A. Philippe, F. Abouzeid, G. D. Natale, and P. Roche, “Enhancing DFT security in chiplet-based systems with encryption and integrity checking,”IEEE Journal on Emerging and Selected Topics in Circuits and Systems, vol. 15, no. 3, pp. 493–505, 2025

    work page 2025

  19. [21]

    An integrated validation environment for differential power analysis,

    G. D. Natale, M.-L. Flottes, and B. Rouzeyre, “An integrated validation environment for differential power analysis,” in4th IEEE International Symposium on Electronic Design, Test and Applications (delta 2008), 2008, pp. 527–532

    work page 2008