Assessing the security of a hardware design sometimes seems like a combination of the guy looking under a streetlight for his car keys, because that’s where the light is (we have this tool, let’s see what problems it can find) and a whack-a-mole response to the latest publicized vulnerabilities (Cache timing side channels)?