On This Page

Hardware Attacks, Threats, Risks, and Mitigations

HardwareSecurity.training | August 6-7



Overview

Hardware Attacks, Threats, Risks, and Mitigations provides a high-level, comprehensive survey of the state-of-the-art in hardware attacks, threats, and risks. From the system level all the way down to the silicon level, attendees will be exposed to the many attack vectors within the hardware security landscape. Unique hands-on exercises using pen-and-paper will lead into group discussion of the implications, impact, and risk mitigation for each type of attack. Emphasis will be placed on the problem solving and hardware implications, not on in depth hardware setup or exhaustive coding of solutions.

Day 1: Hardware Threats, Top Down

By decomposing the hardware stack, we'll show how local hardware attacks can result in network software exploits. We'll step through the layers of hardware. For each layer - System, Board, Component, and Silicon - we'll have a topical expert present the threat landscape. We will follow each layer discussion with a hands-on opportunity for you to walk through an attack.

  • Lecture: Overview and context
  • Hands-on Hardware Attacks:
  • Lecture: Hardware OSINT + PCB RE
  • Lab: Identify hardware components from photos
  • Lab: Determine component connections from PCB
  • Lecture: Digital signal overview and tools
  • Lab: Signal analysis/decoding
  • Lecture: Firmware extraction techniques
  • Lab: Firmware analysis, filesystem exploration, backdoor detection
  • Lecture: Side channels and fault injection
  • Lab: Glitching simulation w/ ChipWhisperer
  • Lecture: Silicon-level threats/attacks
  • Lab: Visual reversing of mask ROM
  • Lecture: Survey of current hardware attacks and techniques used

Day 2, AM: Implications of Hardware Vulnerabilities

We'll review several recent cases of highly visible hardware attacks that contributed to major hacks or breaches. For each case study, you'll apply your newly gained knowledge of the hardware threat landscape to assess the oversights that enabled the vulnerabilities.

  • Lecture: Understanding hardware impact
  • Discussions on vulnerabilities:
  • Discussion: Analyzing hardware vulnerabilities
  • Lecture: Hardware threat modeling and product design constraints
  • Discussion: Hardware threat modeling
  • Lecture: Equipping a hardware lab
  • Discussion: Estimate cost/impact of hardware threats

Day 2, PM: Mitigating Hardware-Related Risks

Finally, we'll revisit several of our case studies from a different perspective: That of preventing or avoiding it in the future or within your organization. We'll cover best practices to mitigate hardware vulnerabilities via software countermeasures and secure hardware development process, assessing hardware risk when accepting devices for deployment, and techniques for isolating and containing vulnerable or untrustworthy hardware from the rest of your infrastructure.

  • Discussons on Risk and Mitigation
  • Lecture: Assessing Risk (30)
  • Lecture: Hardware security development lifecycle (SDL)
  • Discussion: Hardware SDL
  • Lecture: Component/subsystem supply chain and risks
  • Lecture: Countermeasures
  • Lecture: The luxury of hardware security
  • Closing Sermon from PoC || GTFO


Who Should Take this Course

Engineering managers, Product managers, Red Team leads, CxO (including CISOs and CTOs), and other executives responsible for or have hardware, mixed system, embedded, or IOT devices developed or deployed within their organization.

Student Requirements

Experience with software security concepts. Hardware background not required.

What Students Should Bring

Laptop

What Students Will Be Provided With

Course manual and tools to walk through a series of hardware attacks.

Trainers

Dmitry Nedospasov is a hardware hacker, hardware design engineer, security researcher, trainer, speaker and reverse-engineer. In 2014 Dmitry received his PhD (Dr-Ing.) in IC Security at TU Berlin. His academic research mostly focused on developing new and novel techniques for semi- and fully-invasive IC analysis. Dmitry is also a member of the world's oldest hacker club, the German Chaos Computer Club or CCC. Dmitry is renowned for his hardware reverse-engineering techniques and his unique hybrid hardware/software analysis workflow. He is experienced in analyzing anything ranging from electronics and embedded protocols to ICs at a gate and transistor level. He also has extensive experience in capturing, manipulating and emulating embedded protocols to bypass the security of embedded systems. In 2016, Dmitry Toothless Consulting a consulting company focusing primarily on providing customers hardware security consulting and design services. In 2017, he launched Rocketlogic, a company offering services in cloud hardware acceleration and migration of legacy applications to FPGA-based cloud instances.

The HardwareSecurity.Training Team: HardwareSecurity.Training is a collaboration of the world's top hardware security engineers and professionals focused on providing unique content and training covering all flavors of hardware. Founders include Joe Grand (Grand Idea Studio), Joe FitzPatrick (SecuringHardware.com), Colin O'Flynn (NewAE Technology), and Dmitry Nedospasov (Toothless Consulting).

Josh Datko is the owner of Cryptotronix, an embedded security consultancy. As a submarine officer, he was sent to Afghanistan to ensure that the Taliban did not develop a submarine force--mission accomplished! He wrote a book on BeagleBones and crypto hardware which not many people have read and presented a better way to make a hardware implant at DEFCON which hopefully helped the NSA improve their spying.