Side channel analysis, laser fault injection, electromagnetic fault injection, and similar topics have a long history in both security and safety engineering. Many of them have been used offensively for twenty years or more - but if they have been known for so long, why is it surprising that a device released in 2021 can be easily broken with these attacks? The theory has always been there, but the application of the attacks was often locked away behind proprietary and high-cost equipment. In this talk Colin will discuss both the history of some popular hardware attacks, along with efforts to make them more accessible. This includes both Colin's ChipWhisperer (and related) projects, along with other efforts in demonstrating even lower-cost tools by true cheapskates that have attacked brand new devices with less than $10 worth of tools. Beyond the technical how-to, this talk will also offer some insight into keeping this accessible in the future, and looking at upcoming projects from a variety of sources which promise to further increase the accessibility of this field.
Colin O'Flynn runs NewAE Technology Inc., a startup designing tools and equipment to teach engineers about embedded security. He started the open-source ChipWhisperer project as part of his PhD, and was previously an assistant professor with Dalhousie University teaching embedded systems and security. He has authored articles in both academic and industry-focused publications, including a bimonthly column in Circuit Cellar and co-authoring the book “The Hardware Hacking Handbook” from No Starch Press (being released Fall 2021, for real this time). He lives in Halifax, Canada.