Hardware Intrusion Intermediate - 5 days - 4800€
Description
The objective of this training is to increase skills in hardware security analysis. It is aimed at both novices and those with an intermediate level.
At the end of this training, students must know the basic principles of electronics and soldering. They will be able to recognize the various components of a PCB and search for relevant information in component datasheets such as System on Chip (SoC) or external Flash to take advantage of them (RST implementation, debug functionality).
Finally, they will be able to identify possible test points, infer and then interact with the most common protocols (UART, JTAG/SWD, SDIO, SPI).
During the training, students will also learn to use equipment and tools useful for analysis (logic analyzers & Logic2, probes based on FT2232H & OpenOCD/flashrom)
-
5 days (35 hours)
-
17h theoretical courses / 18h practical labs
Objectives
- Understand the fundamentals of hardware analysis and embedded architectures (microcontrollers, buses, protocols)
- Learn techniques for accessing and interacting with hardware components via debugging interfaces and specialized tools
- Perform practical attacks and hardware manipulations to identify intrusion vectors and physical vulnerabilities
Public and prerequisites
Hardware Intrusion Primer is a beginner to intermediate level training course designed for pentesters, security researchers and security teams.
-
Pentesters
-
Security researchers
-
Security teams
Basic knowledge of electricity and electronics (how to use a multimeter, Ohm's law) is recommended.
Content
Day 1
Component Fundamentals: PCB, SoC, Flash, resistors, capacitors, transistors, crystal oscillators and PMIC.
Day 2
Theoretical reminders: electricity, security, analog and digital electronics.
Day 3 to 5
Common protocols: theory (characteristics, variation, usefulness in security analysis, signal shape) and practice (identify ports of interest, know how to use the hardware and tools to connect to them). Welding: principle, equipment and good practices.
All the details regarding how the training is conducted are described on this page.