Fault Injection (FI) attacks are very effective at bypassing Secure Boot checks and especially useful when software vulnerabilities to do so are unknown or absent. During this presentation, using electromagnetic FI, we go a little deeper than simply bypassing a check. We show that a cocktail of design, software and hardware vulnerabilities enabled us to bypass a product's Secure Boot implementation in several interesting ways.
Cristofaro as been in the security field for 15+ years. He has 10 years of experience with evaluating software and hardware security of secure devices, as well as more than 5 years of experience in testing and assessing the security of Trusted Execution Environments (TEEs).
Niek has been analyzing and testing the security of software and hardware of secure devices for over a decade. His interest is typically sparked by technologies where the hardware of the device is fundamentally part of the equation.