Hardware Hacking, Reversing and Instrumentation 4-Day Hardware Hacking, Reversing and Instrumentation

Date
23 April 2018 - 26 April 2018
Hosted by
Hilton Washington DC/Rockville (click for group rate)
Location
1750 Rockville Pike, Rockville, MD, 20852-1699
View on Google Maps
Trainer
Dmitry Nedospasov
Language
English
Capacity
15

Course Description

Students that complete the course will receive the target platform, an FPGA developer board, as well as a certificate of completion of the course.

Dmitry Nedospasov’s Hardware Hacking Training is one the world’s leading courses on hardware security. The course is ideally suited for both hardware engineers who wish to better understand potential security issues that may exist in hardware implementations and software security engineers who may lack experience in analyzing hardware and embedded systems. The training teaches participants a unique hybrid hardware/software workflow that is extremely effective for identifying security issues in hardware, embedded devices, automotive and IoT (Internet of Things). Students will be familiarized with the concepts of hardware analysis and have a first-hand chance to build and instrument the analysis of hardware targets using FPGAs.

Students will implement complex algorithms in a modern high-level scripting language (python) while implementing all low-level timing critical components in hardware (Verilog HDL). This training will also cover how these techniques can be utilized for applications ranging from black box reverse-engineering of undocumented protocols to validating an overall hardware design. This training also offers a unique opportunity for students to work with real-world test and measurement equipment. Additionally, the training covers the minimal amount of electrical engineering required for instrumenting targets in practice.

As such there are no specific prerequisites for this course beyond a basic programming background. Students will be provided sufficient background and templates for the python scripting language to successfully complete the assignments. All the aspects of hardware design (FPGA development, RTL design, Verilog HDL as well as simulation and functional verification) will be covered in the course. Each day will feature one CTF (capture the flag) style assignment that will take approximately the entire day for students to solve. Each assignment will cover one common flaw that can be found in real-world hardware implementations.

Students should bring a notebook capable of running VMware Fusion, VMware Workstation or the free VMware Player.

Topics Covered During the Course

Common hardware vulnerabilities, embedded device security, IoT security, test and measurement equipment (oscilloscopes, logic analyzers), JTAG, FPGA implementations, HDL development, core generation, debugging, soft cores, glitching, fuzzing, Man-in-The-Middle (MITM) of protocols, protocol injection, hardware acceleration, cloud FPGA platforms.

Course Outline

Read the full training description.

  • Day 1: Introduction
    • Theory/Basics
    • Combinatorics
    • Verilog 101
    • Hardware Logic Implementation
    • FPGA/ASIC Development Workflow
    • Gotchas
  • Day 1 assignment: FPGA bring up
    • UART TX/RX Implementation
    • Simulation
    • Synthesis
    • Implementation
    • Hello world
  • Day 2 assignment: Invalid protocol states
    • Instrument communications
    • Man-in-the-Middle (MitM)
    • Packet injection, flooding
    • Denial of Service (DoS)
  • Day 3 assignment: Basic Glitching
    • Instrument communications
    • Board layout
    • JTAG basics
    • Brute force
  • Day 4 assignment: Timing analysis
    • Instrument communications
    • Analysis of the communication protcol
    • Timing analysis implementation
    • Adaptations for tighter timing differences

Class requirements

Participants should have some familiarity with scripting languages, i.e. Python. This course is suitable for people that are new to hardware security and electronics. All the theory and concepts related to electronics, HDL and debugging will be explained during course.

What to bring

A notebook capable of running a VMware image.

Minimum software to install

VMware Player, VMware Workstation, VMware Fusion or Virtualbox.

Please ensure that your virtualization solution supports USB in the Virtual Machine.

Registration

$4000 (until March 26th)
$5500 (after March 26th)
Cancellation requests by paid registrants must be made at least 45 days before the event and may be subject to an administration fee. In the event of course cancellation by the trainer, students may choose to attend an alternate course (space pending) or receive a full refund.

Pay by Credit Card


Pay by Check/Wire or
Request a Group Discount


Group discounts are available for 3 or more registrations.
Request Invoice

Onsite Training


Can't make it? Our trainings are also available at a location of your choice.
Request an Onsite Quote