Ƶ18

Search

Tamara Lehman receives CAREER award to strengthen hardware security

Tamara Lehman 2025 portrait

Lehman lands the 2025 CAREER award through the National Science Foundation to advance computer architecture security.

Computers are faster than ever—but at what cost? Speed and performance have long been prioritized over security in hardware design, leaving modern systems vulnerable to attacks.

Assistant ProfessorTamara Lehman, from CU Boulder’sDepartment of Electrical, Computer and Energy Engineering, is working to address these vulnerabilities in microarchitecture designs while exploring security metrics for future hardware designs.

Lehman recently received a prestigious $615,000, five-year National Science Foundation to advance computer architecture security.

Addressing security gaps in hardware design

Microarchitectural security is the defense mechanisms that can be added at microarchitectural design time.

“Microarchitectural security has been in the back seat for a long time. For years, we’ve focused on making computers faster without fully considering what that means for security,” Lehman said. “That’s why we’re now dealing with systems that are high-performing but often lack security guarantees.”

Microarchitectural design is the functional level design of the hardware; one level above logic gates and one level below the operating system. It is the implementation of the software interface using the hardware constructs.

Since the 2018 disclosure of the Spectre and Meltdown attacks—security vulnerabilities affecting modern processors—industry and academia have faced increasing pressure to address hardware security risks. However, the lack of standardized metrics for assessing microarchitectural security makes it difficult to compare designs and implement effective safeguards.

Lehman’s research aims to bridge this gap by integrating security metrics directly into the hardware design process.

Tamara Lehman lab PhD student

Lehman working with PhD student, Zach Moolman, in her lab.

Evaluating microarchitectural vulnerabilities

The first phase of the project focuses on caches—critical memory structures that are among the most vulnerable components in modern processors.

Lehman and her PhD students will define security metrics for caches and integrate them into commonly used processor simulators, ensuring these tools become widely available to both researchers and industry professionals. She hopes to propose a novel approach to quantify hardware security risks.

“Right now, companies in industry make trade-offs between performance and security with little concrete data about the security guarantees afforded by defense mechanisms,” she said. “My goal is to develop standardized security metrics that allow designers to measure and compare the security of different microarchitectural components in parallel to performance.”

Once they can prove those security metrics provide a meaningful assessment of security risks, they can expand the framework to other parts of the processor microarchitecture, she said.

Real-world implications: strengthening critical infrastructure

Lehman’s research has significant implications for global cybersecurity.

“We rely on computing devices for everything from banking to autonomous vehicles,” she said. “If a microarchitectural attack compromises the hardware running an autonomous driving system, lives could be at risk.”

Beyond personal and commercial computing, her research could help protect critical infrastructure from cyberattacks, such as power grid systems and banking systems.

Lehman noted how the 2021 Colonial Pipeline cyberattack disrupted oil supply chains across the United States and a prime example of how vulnerabilities in computing systems can have far-reaching consequences.

Bringing security for hardware designs

Ultimately, Lehman’s research aims to shift the conversation from viewing security as a trade-off to seeing it as a fundamental design requirement.

“There are no standardized security metrics for hardware or for software,” she said. “We hope to establish widely accepted security evaluation methods that can be integrated into both research and industry design practices.”

“I want to move us toward a more concrete, data-driven approach where security is as quantifiable as performance in hardware design,” Lehman said.