Length: 2 Days
Hardware Security Training
While much is made about software vulnerabilities, hardware is also a cybersecurity risk.
That’s because cyberspace does not exist in a vacuum. All cyber systems are built using the physical hardware of the semiconductor chips found in all modern electronics, computers, communications networks and other critical infrastructure.
These chips are becoming faster, cheaper and more powerful, and this has enabled the rise of artificial intelligence, the internet of things (IoT), and autonomous systems as key technologies of the future.
However, as the world becomes increasingly reliant on advanced technologies for economic growth and national security, implicit trust in hardware becomes an untenable option.
Ultimately, hardware is the foundation for digital trust. A compromised physical component can undermine all additional layers of a system’s cybersecurity to devastating effect. Hardware security, therefore, focuses on protecting systems against the vulnerabilities at the physical layer of devices.
In general, hardware attacks take advantage of vulnerabilities in hardware-manufacturing supply chains. Modern chips are incredibly complex devices consisting of billions of transistor components that can be compromised during the processes of design, fabrication, and assembly and testing.
Consequently, the complexity of integrated circuits and microelectronics makes hardware vulnerabilities difficult to detect. Physical modifications to a single integrated circuit can be well hidden among the sheer number of valid components, and can function undetected for a long time.
Attack vectors may be exploited by a variety of groups, from a disgruntled former employee of your organization that wants to disrupt your business to the intelligence service of a foreign government that wants to steal your technology.
There are also many different known attack vectors that these groups can effectively exploit to gain unauthorized access to your IT infrastructure. IT organizations can mitigate against cyber-attacks through a number of different methods, including real-time event detection and response capabilities that neutralize cyber-attacks before they can lead to data loss.
Experts in this area report that to more accurately assess the security of a hardware device, it’s necessary to consider vulnerabilities existing from its manufacture as well as other potential sources such as running code and the device’s data I/O on a network.
Although any device should be protected if it connects even indirectly to the internet, the stringency of that protection should be in accordance with need. A system controlling the color and intensity of lights in Wi-Fi LED for a dwelling, for example, may not require much security.
In the case of more significant hardware and more critical function, the added reliability and lower number of vulnerabilities associated with hardware-based security may make it advisable.
Critical infrastructure includes systems, networks and assets whose continuous function is deemed necessary to ensure the security of a given nation, its economy, and the public’s health and/or safety.
Hardware Security Training Course by Tonex
This course introduces you to a variety of cryptographic processor and processing overhead, side-channel attacks, physically unclonable functions, hardware-based true random number generator, watermaking of IPS, FPGA security, passive and active metering and hardware based secure program execution.
Have you ever experienced extracting your secret keys from an embedded system? Are you having a product vulnerable to hardware attacks? Have you even wanted to study and protect you system against these kinds of unwanted attacks? If your answer to any of these questions is yes, this course is for you.
By taking the hardware security training, you will learn the basics of hardware security and hardware cryptography. Basic topics such as crypto system, cryptanalysis, ciphers, and data encryption standards (DES) are covered. Moreover, you will be introduced to the basics of VLSI and hardware devices important in computer security such as CMOS, PMOS and VLSI design cycles.
Participants Learn about:
- Counterfeit detection, criminal activities, detection standards and physical analysis in hardware security. This course gives you the sufficient knowledge to identify the hardware threats, methods of hardware metering, unclonable identifiers and ending piracy of integrated circuits (ICs).
- The fault injection attacks in hardware security, classification of attacks, invasive attacks, countermeasures, exploits, and data remanence.
- How a physical hardware attacks harm the hardware security by learning tamper resistance, classification of physical attacks, automated decapsulation, deprocessing methods, side channel attacks, or microprobing.
This hardware security training course also teaches you the design considerations for hardware security and introduces the secure algorithms for designing FPGAs.
In addition, the course helps you to discover the problems of embedded system security such as embedded system attacks or physical attacks to embedded system. You will also be introduced to the concept of radio frequency identification (RFID) and applications of RFID in hardware security.
Who Would Benefit From This Training?
If you are an IT professional who specializes in systems, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of hardware security training that will prepare yourself for your career.
Finally, Hardware Security Training will introduce the hardware Trojans which decrease the hardware system reliability and leads you to the basics of crypto processor design techniques.
The hardware security training is a 2-day course designed for:
- All individuals who need to understand the concept of hardware security.
- IT professionals in the areas of hardware security, embedded system security and secure hardware design
- Cybersecurity professionals, network engineers, security analysts, policy analysts
- Security operation personnel, network administrators, system integrators and security consultants
- IT professionals interested in the field of hardware security
- Security traders to understand the hardware security of embedded systems.
- Investors and contractors who plan to make investments in security system industry.
- Technicians, operators, and maintenance personnel who are or will be working on cyber security projects
- Managers, accountants, and executives of the cybersecurity industry.
Upon completion of the course, attendees are able to:
- Learn the state of the art security methods and devices
- Integrate the security as a design metric
- Explain the common hardware trojans
- Design secured hardware FPGA
- Understand the attacks in embedded system
- Explain the design procedures of crypto processor
- Protect the design intellectual property against privacy
- Understand the physical attacks in hardware security
- Understand hardware attacks and providing countermeasures
The hardware security training course consists of the following lessons, which can be revised and tailored to the client’s need:
Introduction to Hardware Security
- History of hardware security
- Smart cards prone to attacks
- Radio Frequency Identification (RFID)
- Microelectronic industry business model
- Hardware threats
- IP vendor
- System integrator
- Third IP design issue
- Design process-new approach
- Untrusted system integrator
- Supply chain vulnerabilities
- Basic definitions in Hardware security
- Security and protection objectives
- Hardware vulnerabilities
- Hardware control
- Embedded system security
- Basic terminology of Cryptography
- Advantages of Cryptography
- Crypto system with keys
- Classification of Cryptosystem keys
- Breakable encryption
- Caeser Cipher
- Statistical analysis
- Polyalphabetic Substitution
- Transposition Ciphers
- Product Ciphers
- Stream and block ciphers
- Data Encryption Standard (DES)
- Generation of round keys
- Security of DES
- Concept of AES
- Motivation for Public Key Encryption (PKE)
- RSA encryption
Basics of VLSI
- nMOS transistor
- PMOS transistor
- Performance comparison
- Boolean algebra
- CMOS logic implementation
- Definition of integrated circuit
- Introduction to VLSI
- VLSI design cycle
- VLSI design constraints
- VLSI logic design
- VLSI defects
- Lucrative business
- Criminal activity
- Counterfeit electronic
- Detection standards
- Laboratory standard
- Aerospace standard
- Risk classifications during test levels
- Detection flow and methodology
- Counterfeit types
- Recycled parts
- Supply chain vulnerability
- External Visual Inspection (EVI)
- Physical analysis
- Acoustic Microscopy scanning
- X-Ray inspection
- Electrical test
- Temperature cycling
- IC enabling by active metering
- Physical Unclonable Functions (PUFs)
- Hardware threats
- Why Hardware Metering?
- Passive Hardware Metering
- Active Hardware Metering
- No-nfuctional identification
- Unclonable identifiers
- Functional metering
- Internal active metering
- External active metering
- Ending Piracy of Integrated Circuits (EPIC)
- Logic Barriers
- Secure Split Test (SST)
- Finite State Machine (FEM)
- Remote Activation of ICs
Fault Injection Attacks in Hardware
- Classification of Attacks
- Security of Hardware
- Non-Invasive attacks
- Semi-invasive attacks
- Invasive attacks
- Data Remanence
- Timing attacks
- Power Analysis attacks
- Practical Fault injection attacks
Physical Hardware Attacks
- Definition of Tamper Resistance
- Categories of attackers
- Protection levels
- Classification of physical attacks
- Automated Decapsulation
- Reverse engineering
- Bus Encryption
- Bus Scrambling
- UV attacks
Side Channel Attacks
- Introduction to side-channel emissions
- Exploited side channel emissions
- Hardware targets
- Attack classifications
- Smart Cards
- Power Attacks
- Timing Attacks
- EMA attacks
- Simple Power Analysis (SPA)
- Differential Power Analysis (DPA)
- Kocher’s attack
- Spatial Positioning
Secure Hardware Design for FPGAs
- Introduction to FPGA Architechture
- Overview of FPGA
- Manufacturing Flow
- FPGA security design
- FPGA attacks
- FPGA defense technology
- Current advancement toward FPGA design
Embedded System Security
- Embedded system definition
- Examples of embedded systems
- Characteristics of embedded system
- Embedded system attacks
- Physical attacks
- Fault induction
- Electromagnetic Analysis
- Design challenges in embedded system security
- Countermeasures of embedded system security
Security of Radio Frequency Identification (RFID)
- Introduction to RFID
- Application of RFID
- Security attacks to passive RFID
- Information leakage
- Physical manipulation
- Protection methods of RFID
- PUF and Unclonable RFID tags
- Security measures
- Fingerprinting RFID Tags
- Definition of Hardware Trojan
- IC/IP trust problem
- Malicious addition
- Changing the functionality of hardware
- Reducing the hardware reliability
- Leaking hardware information
- Application and targeted attacks with Hardware Trojans
- Examples of Hardware Trojans
- Defense techniques
Crypto Processor Design
- Definition of Crypto processor
- Design of Crypto processor
- Performance of Cryptographic Hardware
- Trusted Platform Module
- Crypto processor attack
- Crypto processor defense techniques
- Documented Crypto processor attacks
Hands-on and In-Class Activities
- Group Activities
Sample Workshops Labs for Hardware Security Training
- specifying the security objective of an already designed device
- Security assessment of integrated circuits
- Simulating and Testing the hardware before synthesis
- Synthesizing a new design on an FPGA
- validating the hardware against directed tests
- fixing every one of the security vulnerabilities you uncover, every step of the way
- Security tests of multimedia hardware
- Security examination of embedded systems
- Hardware Trojan Design in Crypto-System
- Hardware Security Primitive – PUF Designs
- Hardware Trojan Detection in FPGA Bit Files
Hardware Security Training