image image
image

Integrated Circuits Reverse Engineering & Embedded Code Extraction Techniques

11th - 12th June 2019 | 2 Days

TRAINER

Olivier Thomas


COURSE DESCRIPTION

The primary goal of this training is to provide security professionals and team leaders the skills, mindset and background information necessary to successfully perform analysis of Integrated Circuits (ICs), get knowledge about the diverse means of code extraction and evaluate the efficiency of the existing counter-measures.

It is designed to give to Integrated Circuit professionals a deep understanding of the complete Reverse-Engineering and Attack chain to help them explore and/or build more secure designs but also to give to newcomers a detailed overview for a fast ramp-up.

Students who complete this course will be familiar with all important classes of low-level hardware attacks (shield and hardware counter-measures bypass - ROM and Flash/EEPROM dump - bus passive and active probing - ...) through real world examples covering the entire analysis workflow from the lab to the data analysis.

The training describes modern analysis methods involving automation and discuss the efficiency of encryption and modern counter-measures in such a context.

Texplained training combines theoretical lectures and practical assignments so students are ready to analyze any Integrated Circuit at different level from SEM pictures and layout information to schematics.

TRAINING DETAILS

Texplained « HW RE & Embedded Code Extraction Techniques » training is built to give a complete understanding of Integrated Circuits while explaining the different threats that they face, including the extraction of their embedded software and data.

The different chapters are organized so as to let the attendees discover each new topic in a progressive manner that reflects the Reverse-Engineering specific mindset.

This proposed learning curve aims at letting the attendees complete the training by strategizing an Invasive Attack involving Reverse-Engineering, circuit modification and micro-probing.

Finally, the « HW RE & Embedded Code Extraction Techniques » training is also useful to discuss the current state of Integrated Circuits and embedded counter-measures security.

TOPICS COVERED DURING THE COURSE

  • INTRODUCTION
  • RECOMMENDED READING
  • INTEGRATED CIRCUITS
  • TRANSISTORS
  • DIGITAL ELECTRONICS
    • Combinatorial Logic
    • Sequential Logic
    • Memories
  • MANUFACTURING PROCESS
  • FAILURE ANALYSIS
    • Deprocessing / Delayering
    • Principle
    • Wet Chemicals
    • Dry Chemicals
    • CMP
    • Imagery
    • Circuit Modification
  • INVASIVE ATTACKS
    • First Step
    • ROM Code Recovery
    • FLASH Code Recovery
    • Linear Code Extraction
    • Invasive Attacks involving Reverse Engineering
    • Reverse Engineering Standard Cells
  • SHIELD / MESH
  • SHIELD / MESH
  • AUTOMATING THE REVERSE ENGINEERING

WHO SHOULD ATTEND?

  • Digital police investigators
  • Forensic investigators in law-enforcement agencies
  • Integrated circuit design & test engineers
  • Engineers involved in securing hardware platforms against attacks
  • Researchers who want to understand the nature of many hardware attacks
  • Team leaders
  • Hardware hackers who want to become familiar with attacks on integrated circuits
  • Parties involved in hardware reverse-engineering and Vulnerability analysis

MINIMUM SOFTWARE TO INSTALL

None. Students will be provided assignments on paper as well as the training material as a .pdf file.

ABOUT TRAINER

Oliver THOMAS studied Electrical Engineering (EE) and subsequently worked for a major semiconductor manufacturer designing analog circuits. Then, Olivier began to work in the field of Integrated Circuit (IC) security as the head of one of the world’s leading IC Analysis Labs. The lab primarily focused on securing future generation devices as well as developing countermeasures for current generation devices to combat piracy and counterfeiting. During this time Olivier helped develop many new and novel techniques for semi- and fully-invasive IC analysis.

He has an extensive background in all the Failure Analysis techniques and equipment necessary for accessing vulnerable logic on a target device. Combined with his experience as an IC design engineer, Olivier continues to develop techniques for automating the analysis process. These techniques are not only applicable to lower-complexity devices such as smartcards, which are the traditional targets for IC analysis, but they are applicable to modern semiconductor devices with millions of gates, such as modern System-on-Chips (SoCs). Olivier is the author of ARES (Automated Reverse Engineering Software), a software toolchain for the efficient analysis of designs of independent of their logical size.

He is the founder and CTO at Texplained SARL.