Call for papers

Artificial intelligence is progressing ever faster with new applications and results that would not be possible only a few years ago. At the same time, hardware security is becoming increasingly important for embedded systems applications as hardware devices implementing both, cryptographic functions and AI algorithms are at the core of security systems.
In recent years, the connection between AI and hardware security is becoming more prominent and important. This comes as a natural consequence of the need to offer improved security in a more automated way. Yet, despite all the accomplishments and progress in this new field dealing with the interplay of AI and HW security, this process is not without its challenges. Examples of such challenges are the lack of explainability of results and not clear design choices in the selection of AI techniques.
With this workshop, we aim to connect researchers coming from both AI and security, academia and industry, to increase the understanding of AI in hardware security, but also to explore new applications where such techniques could bring improved security. We hope this workshop will become a standard event for researchers interested in AI and HW security to share their ideas and also improve the state-of-the-art in this challenging field.

Topics of the workshop

  • Side-channel attacks and countermeasures

  • Trustworthy manufacturing and testing of secure devices

  • Validation and evaluation methodologies for physical security

  • Reconfigurable devices for security

  • Hardware Trojans

  • Fault injection attacks

  • Physical Unclonable Function (PUFs)

  • Security of Artificial Intelligence (AI)

  • AI-assisted design cycle

  • AI-based cryptanalysis

Submission

We encourage researchers working on all aspects of AI and HW security to take the opportunity and use AIHWS to share their work and participate in discussions. The authors are invited to submit the papers using EasyChair submission system through submission link https://easychair.org/conferences/?conf=aihws2026.
Submitted papers must be written in English and be anonymous, as we follow the double-anonymized review process, with no author names, affiliations, acknowledgments, or any identifying citations. All submissions must follow the original LNCS format with a page limit of 18 pages, including references and possible appendices. Papers should be submitted electronically in PDF format. The post-proceedings will be published in Springer’s LNCS series. Every accepted paper must have at least one author registered for the workshop.
There will be an ACNS best workshop paper award (with 500 EUR prize sponsored by Springer), to be selected from the accepted papers of all workshops.

Important dates (AoE)

EXTENDED submission deadline!

Workshop paper submission deadline: April 15, 2026

previously March 14, 2026

Workshop paper notification: May 1, 2026

previously April 14, 2026

Camera-ready papers for pre-proceedings: May 22, 2026

Workshop date: June 24, 2026

(in parallel with the main conference)

ACNS Springer LNCS

Keynote

Architect, Attacker, Target: AI Agents at the Hardware Security Frontier

Berk Sunar, Worcester Polytechnic Institute, USA

Over the past decade, AI has evolved at a remarkable pace—from embeddings to large language models, from assistants to autonomous agents—fundamentally transforming how we design and test hardware and how we assess security vulnerabilities. Yet this same technological leap has handed attackers powerful new weapons; frontier models like Mythos exemplify the growing offensive potential of AI-enabled tools. The threat landscape has since shifted further: AI systems themselves, including their underlying hardware, have become high-value targets.
In this talk, I draw on firsthand experience to explore three converging frontiers: using AI techniques to discover and patch security vulnerabilities in microarchitectures; hardware-level exploits that target large language models running on GPUs; and reliability attacks on AI systems at scale. The lessons learned in these studies will be further discussed. I will close by examining how autonomous agents are beginning to reshape hardware design workflows—and the emerging threat surface that comes with them.

Program

The program starts at 09:00 am, EDT (Eastern Daylight Time, UTC - 4h).

TIME
EDT (UTC-4h) 		SESSION/TITLE
09:00 - 10:20 ACNS Keynote 3
10:20 - 10:50 Coffee break
11:10 - 11:40 Security Analysis of Microscaling Formats Under Fault Injection on a RISC-V Edge Platform
Dillibabu Shanmugam and Patrick Schaumont
11:40 - 12:10 Model Poisoning Against Federated Model Adaptation with Chain of Bit-Flips
Bastien Vuillod, Kevin Hector, Pierre-Alain Moëllic, Jean-Max Dutertre and Olivier Potin
12:10 - 12:40 FaultFlipper: A Dynamic Fault Analysis Tool
Ryan Evans, Brendan Kirkpatrick, Minh Khiem Ha, Prateek Kharangate and Boyang Wang
12:40 - 14:00 Lunch break
14:00 - 15:00 Keynote talk: Architect, Attacker, Target: AI Agents at the Hardware Security Frontier
Berk Sunar
15:00 - 15:30 Side Channel-Based Disassember for the Security of Cyber-Physical Systems in the Context of Hardware-in-the-Loop Testing
Simon Bellemare and Audrey Lacourisière-Lamonde
15:30 - 16:00 Coffee break
16:00 - 16:15 Closing remarks

Organizing Committee

General Chairs

Lejla Batina

Radboud University, NL

Stjepan Picek

University of Zagreb Faculty of Electrical Engineering and Computing, Croatia

Radboud University, NL

Technical Program Committee

Gorka Abad, University of Bergen

Shivam Bhasin, Nanyang Technological University

Durba Chatterjee, Radboud University

Łukasz Chmielewski, Masaryk University

Dirmanto Jap, Nanyang Technological University

Navid Kagalwalla, Google

Marina Krček, Radboud University

Luca Mariot, University of Twente

Silvia Mella, Radboud University

Marc Stöttinger, RheinMain University of Applied Science

Lichao Wu, University of Bristol

Kota Yoshida, Ritsumeikan University

Web Chair

Marina Krček, Radboud University, NL

Questions about the workshop?
Contact Us