Note: To ensure that all training kits are delivered to the attendees before the start of the trainings, we encourage everyone to register for Advanced Microcontrollers Firmware Exploitation before Wednesday, 13th Jan 2021. After this day, we cannot ensure that all kits are delivered in time.
This 4-day training is focused on the advanced topics that arise when you reverse engineer and exploit embedded devices based on the microcontrollers. The main focus will be real-world tasks and questions that could be met when you are performing a security assessment of Harvard-architecture microcontroller firmware. For example, you could find such devices in automotive (e.g. inside engine control units or electronic fuel injections subsystems) and smart home systems, input devices (e.g. wireless keyboards), IoT sensors and security access control devices. All of them share the same "feature" -- separate storage and signal pathways for instructions and data combined with small memory size. This creates a lot of challenges during reverse engineering and exploit creation, which will be the topics for this course.
Microchip/Atmel AVR-based devices including ATmega328p, Atmega32U4 and ATmega4809.
This training is intended for online (remote) participation. If it will not be possible to carry on offline training, participants will be provided with hardware kits and instructions on how to setup / use them. On the day of training, students will receive information about how to access online class.
Alexander is a Senior Security Consultant for F-Secure. He holds a Ph.D. in computer security and his research interests lie in distributed systems, mobile, ICS and embedded systems security. He has presented at various conferences including Black Hat USA/EU/UK/Asia, t2.fi, hardwear.io, ZeroNights, CONFIdence, and S4.
Tao is a Sr. Security Engineer at Anvil Ventures. He is interested in web, mobile, code review, firmware analysis and embedded systems. During his spare time, he enjoys bug hunting and co-maintains CANToolz, a python framework for black-box CAN bus analysis.