IC Reverse Engineering 101

Olivier Thomas, Texplained | July 22-23 & July 24-25



Overview

Hardware low level attacks are the basis for counterfeits creation but also for extracting legitimate devices in order to get confidential data or to change their behavior. They also can be used to access restricted softwares which makes their analysis possible for creating remote attacks as recently seen with IoT based DDoS attacks. Security implemented in hardware is no longer immune to analysis and ICs may be the most vulnerable component of a security system.

For several decades, hardware security relied on obfuscation and the entry barrier for Integrated Circuit (IC) hacking being money and time made it possible for chip designers to rely on this strategy. Two phenomenons changed this postulate as the money investment dropped severely and the attack timing also significantly decreased.

Analyzing hardware requires various knowledge about circuits, how they are designed, manufactured and tested. However, the skills required for performing vulnerability and/or risk analysis are accessible to those who are already familiar with software and network security.

The primary goal of this training is to provide security professionals and team leaders the skills, mindset and background information necessary to successfully perform analysis of Integrated Circuits (ICs) and evaluate the efficiency of the existing counter-measures.

Students who complete this course will be familiar with all important classes of low-level hardware attacks (shield and hardware counter-measures bypass - ROM and Flash/EEPROM dump - bus passive and active probing - Circuitry Reverse-Engineering - ...) through real world examples covering the entire analysis workflow from the lab to the data analysis. The training will also describe modern analysis methods implying automation and discuss the efficiency of modern counter-measures in such a context.

Who Should Take this Course

  • Integrated Circuit (ICs) and Failure Analysis (FA) engineers
  • Engineers involved in securing hardware platforms against attacks
  • Researchers who want to understand the nature of many hardware attacks
  • Security Team leaders
  • Hardware hackers who want to become familiar with attacks on integrated circuits
  • Parties involved in hardware Reverse-Engineering and vulnerability analysis
  • Software / network security analysts who want to get into IC security evaluation

Student Requirements

No hard prerequisites. It would be helpful to know what is a bit, an instruction, assembly language...
The training is designed as a fun and interactive step by step guide for beginners as well as people with basic electronic knowledge.

What Students Should Bring

Students can come hands free as workbook and pens will be provided ;-)
Having a laptop can be useful to follow the course on screen with the PDF version (without assignment solutions that will also be provided at the end of the training).

What Students Will Be Provided With

Student will be provided with :
  • workbook with all assignments
  • PDF file of the training with and without assignments solutions

Trainers

Oliver Thomas studied Electrical Engineering (EE) and subsequently worked for a major semiconductor manufacturer designing analog circuits. Subsequently, Olivier began to work in the field of Integrated Circuit (IC) security as the head of one of the world's leading IC Analysis Labs. The lab primarily focused on securing future generation devices as well as developing countermeasures for current generation devices to combat piracy and counterfeiting. During this time Olivier helped develop many new and novel techniques for semi- and fully-invasive IC analysis. He has an extensive background in all the Failure Analysis techniques and equipment necessary for accessing vulnerable logic on a target device. Combined with his experience as an IC design engineer, Olivier continues to develop techniques for automating the analysis process. These techniques are not only applicable to lower-complexity devices such as smartcards, which are the traditional targets for IC analysis, but they are applicable to modern semiconductor devices with millions of gates, such as modern System-on-Chips (SoCs). Olivier is the author of ARES (Automated Reverse Engineering Software), a software toolchain for the efficient analysis of designs of independent of their logical size. He is the founder and a security consultant at Texplained SARL.