More and more attacks on embedded systems are being detected in the wild and both defenders and attackers should know how these attacks are being performed, says Henrik Ferdinand Nölscher, an expert in hardware and embedded systems security.
Henrik Ferdinand Nölscher and Javier Vazquez Vidal have worked on various embedded security projects and together, they presented the CAN Badger, a novel automotive hacking tool, at Black Hat and DEF CON 2016.
Firmware and hardware engineers can find it difficult to imagine attacks on a system. Knowledge on hardware reversing can help engineers learn how an attacker thinks and what common attacks they have to consider when designing a system. On the other hand, there are a lot of penetration testers who have been limited to testing software. A sound knowledge on hardware reversing can also help a pentester know the basics to start assessing hardware systems.
More and more attacks on embedded systems are being detected in the wild and both defenders and attackers should know how these attacks are being performed. It is also important for a hardware engineer to know about embedded systems forensics.
The industry wants to build secure products, but in embedded systems there are a lot of limitations to that. Manufacturers, for example, are limited to what their suppliers can sell them and silicon development cycles can be very long. Also, classic vulnerabilities tend to appear even in brand-new products, because people are not aware of their risks. Hardware engineers too could use a framework for understanding and implementing attacks on embedded systems, which will help people to build and test better products.
Hardware reversing of any electronics and/or behavior is a complicated subject in itself. While reversing hardware,sometimes it’s hard to know where to start, what kind of attack approaches to follow, what intent to keep in mind. Beginners usually start with using common methods of hardware hacking and their implementation. Hardware reversing being a niche field, there are very few experts who know the methodology well. But that also means there is high demand in the industry with large manufacturers looking for expertise in the market.
Henrik Ferdinand Nölscher and Javier Vazquez Vidal will be conducting a training on Low Level Hardware Reversing at Hardwear.io. The objective of this training is to provide the attendees a starting point on pure and low-level hardware hacking. For more details or to sign up, click here.