Hack9: Embedded Security

In the age of IoT devices, smart cars, or industrial controls, a world without the topic of “embedded security” is not imaginable. When lighting is controlled over the phone, cars contain more than 100 computers, and the smooth production process can be checked on the internet, there are new avenues opening up for attackers to compromise systems. The IT security of the actual hardware and the following questions should not be neglected: Were the debug accesses closed after the production? Is an attacker able to read out sensitive data from the memory, or even to run arbitrary code on the device?

Having exploited typical weaknesses, one quickly realizes what is essential when wanting to prevent such security problems. The participants turn into hackers and, with the aid of practical exercises, learn how embedded devices are attacked and secured. The boards used for the exercises are included in the price. The participants may keep them and continue hacking at home.

Topics

General information

  • Principles of embedded security
  • Working on the PCB
  • Assigning hardware components
  • Reading and understanding data sheets
  • What happens while booting?
  • File systems for embedded devices

Typical interfaces

  • UART
  • I2C/SPI
  • JTAG/SWD

Secure booting

  • Securing U-Boot
  • Secure Boot

Secure data storage

  • Internal/external memory
  • Hardware Security Module (HSM)

Handling of various tools

  • Logic Analyzer
  • JTAGulator/JTAGEnum
  • JTAG Debug Probe/J-Link
  • UART adapter (FT232H)

Technical requirements

Basic knowledge of Linux

Duration

Three days

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

GET IN TOUCH

+49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours

+49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number