Please note: the training ticket does not include access to the conference. Similarly, the conference ticket does not grant access to the trainings. If you have any questions, reach out to us.
This training teaches how to analyze, fuzz test, and exploit deeply embedded devices using custom embedded operating systems. These systems play a crucial role in the ever-growing Internet of Things and typically offer a lucrative attack surface with over-the-air interfaces, hardcoded secrets, and missing security protections.
During the training, we will understand the inner workings of a typical embedded system, and re-discover memory corruption vulnerabilities in real-world embedded operating systems by combining reverse engineering, emulation and fuzzing. We will then develop proof-of-concept exploits using the discovered vulnerabilities to demonstrate how an attacker can compromise the target system.
The full training is accompanied with various practical hands-on exercises and tinkering with a physical embedded training platform created for this training. After the training, we expect participants to feel comfortable to independently analyze deeply embedded systems of their choice.
In this training, you’ll learn about:
Day 1: Obtaining and Analyzing Firmware
Day 2: Emulation and Fuzzing
Day 3: Exploitation and Outlook
Marius is an assistant professor at the University of Birmingham. His research interests cover (in-)security of embedded systems, binary & microarchitectural exploitation, and defenses. He obtained his PhD from Sorbonne University in cooperation with EURECOM and worked as postdoctoral researcher at the Vrije Universiteit Amsterdam. He developed and maintains avatar2, a framework for analyzing embedded systems firmware, and FirmWire, an emulation platform for cellular basebands.Throughout his career, Marius publicly shared his findings and presented at venues such as Black Hat USA, REcon, Hardwear.io, and Nullcon.
Tobias is an embedded systems security researcher at CISPA. In his academic research he focuses on the automated security testing of embedded firmware. He is the author of Fuzzware, a full-system fuzzer for monolithic firmware. Previously, he participated in countless CTFs, including the finals of Real World CTF, Hack-a-Sat, and DEF CON CTF. He also presented on Siemens PLC security and was the first to demonstrate a hack of DNP3 at Pwn2Own Miami, the protocol that powers the American electric grid.