Hardware Security Training

Hardware Security Training

Hardware Security Training is a 2-day course where participants learn state of the art hardware security methods and devices.

Hardware Security is a type of security that protects the machine and peripheral hardware from harm.

Hardware security’s main objective is to prevent loss, damage, and another compromise of information system assets simply to make sure that there are no interruptions of business activities and services.

To complement software-based security and quickly apply and administer protections to your computing infrastructure, hardware-based security takes a multifaceted approach. This requires high firmware visibility, as well as assurance that workloads are operating on stable platforms.

Important hardware such as servers and employee endpoints require robust security measures to ensure smooth daily operations. Threat actors may also operate from within an organization, making the drafting and enforcement of a solid internal hardware security policy as important as creating a robust external security strategy.

Cybersecurity professionals believe that one of the best ways to ensure hardware security is to turn off automatic connections. You’re vulnerable to attack when you leave your computer or phone on and connected to the internet.

Even if you have a strong password, it’s not enough to deter a determined hacker. Turning off automatic connections will make it more difficult for hackers to access your system and help conserve battery power. In addition, you should only connect to networks that you trust.

Inadequate encryption can also cause issues. An increasing number of enterprise devices are moving toward becoming IP-connected. However, not all of them are linked to a network using the correct encryption protocols.

Encryption for both, data at rest and data in motion, is vital for the security of operational technology devices connected to a network. Information that is not encrypted appropriately can be collected by an attacker who connects to the network, while an unencrypted device can be stolen and its data accessed easily.

Hardware Security Training Course by Tonex

Have you ever experienced extracting your secret keys from an embedded system? Are you having a product vulnerable to hardware attacks? Have you even wanted to study and protect you system against these kinds of unwanted attacks? If your answer to any of these questions is yes, this course is for you.

Hardware Security Training course introduces participants to a variety of cryptographic processor and processing overhead, side-channel attacks, physically unclonable functions, hardware-based true random number generator, watermaking of IPS, FPGA security, passive and active metering and hardware based secure program execution.

By taking the hardware security training, you will learn the basics of hardware security and hardware cryptography. Basic topics such as crypto system, cryptanalysis, ciphers, and data encryption standards (DES) are covered. Moreover, you will be introduced to the basics of VLSI and hardware devices important in computer security such as CMOS, PMOS and VLSI design cycles.

Participants Will Learn about:

• Counterfeit detection, criminal activities, detection standards and physical analysis in hardware security. This course gives you the sufficient knowledge to identify the hardware threats, methods of hardware metering, unclonable identifiers and ending piracy of integrated circuits (ICs).
• The fault injection attacks in hardware security, classification of attacks, invasive attacks, countermeasures, exploits, and data remanence.
• How a physical hardware attacks harm the hardware security by learning tamper resistance, classification of physical attacks, automated decapsulation, deprocessing methods, side channel attacks, or microprobing.

This hardware security training course also teaches you the design considerations for hardware security and introduces the secure algorithms for designing FPGAs.

In addition, the course helps you to discover the problems of embedded system security such as embedded system attacks or physical attacks to embedded system. You will also be introduced to the concept of radio frequency identification (RFID) and applications of RFID in hardware security.

Who Would Benefit From This Training?

If you are an IT professional who specializes in systems, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of hardware security training that will prepare yourself for your career.

Finally, Hardware Security Training will introduce the hardware Trojans which decrease the hardware system reliability and leads you to the basics of crypto processor design techniques.

Audience

The hardware security training is a 2-day course designed for:

• All individuals who need to understand the concept of hardware security.
• IT professionals in the areas of hardware security, embedded system security and secure hardware design
• Cybersecurity professionals, network engineers, security analysts, policy analysts
• Security operation personnel, network administrators, system integrators and security consultants
• IT professionals interested in the field of hardware security
• Security traders to understand the hardware security of embedded systems.
• Investors and contractors who plan to make investments in security system industry.
• Technicians, operators, and maintenance personnel who are or will be working on cyber security projects
• Managers, accountants, and executives of the cybersecurity industry.

Learning Objectives

Upon completion of the course, attendees are able to:

• Learn the state of the art security methods and devices
• Integrate the security as a design metric
• Explain the common hardware trojans
• Design secured hardware FPGA
• Understand the attacks in embedded system
• Explain the design procedures of crypto processor
• Protect the design intellectual property against privacy
• Understand the physical attacks in hardware security
• Understand hardware attacks and providing countermeasures

Course Outline (Included Optional Modules for Private Classes)

The hardware security training course consists of the following lessons, which can be revised and tailored to the client’s need:

Introduction to Hardware Security

• History of hardware security
• Smart cards prone to attacks
• Radio Frequency Identification (RFID)
• Microelectronic industry business model
• Hardware threats
• IP vendor
• System integrator
• Manufacture
• Third IP design issue
• Design process-new approach
• Untrusted system integrator
• Counterfeiting
• Supply chain vulnerabilities
• Basic definitions in Hardware security
• Security and protection objectives
• Hardware vulnerabilities
• Adversaries
• Hardware control
• Embedded system security

Hardware Cryptography

• Basic terminology of Cryptography
• Advantages of Cryptography
• Crypto system with keys
• Classification of Cryptosystem keys
• Cryptanalysis
• Breakable encryption
• Ciphers
• Caeser Cipher
• Statistical analysis
• Polyalphabetic Substitution
• Transposition Ciphers
• Product Ciphers
• Stream and block ciphers
• Data Encryption Standard (DES)
• Generation of round keys
• Security of DES
• Concept of AES
• Motivation for Public Key Encryption (PKE)
• RSA encryption

Counterfeit Detection

• Lucrative business
• Criminal activity
• Counterfeit electronic
• Detection standards
• Laboratory standard
• Aerospace standard
• Risk classifications during test levels
• Detection flow and methodology
• Counterfeit types
• Recycled parts
• Overproduction
• Supply chain vulnerability
• External Visual Inspection (EVI)
• Physical analysis
• Acoustic Microscopy scanning
• X-Ray inspection
• Electrical test
• Temperature cycling
• IC enabling by active metering
• Physical Unclonable Functions (PUFs)

Hardware Metering

• Hardware threats
• Why Hardware Metering?
• Passive Hardware Metering
• Active Hardware Metering
• Non functional identification
• Unclonable identifiers
• Functional metering
• Internal active metering
• External active metering
• Ending Piracy of Integrated Circuits (EPIC)
• Logic Barriers
• Secure Split Test (SST)
• Finite State Machine (FEM)
• Remote Activation of ICs

Fault Injection Attacks in Hardware

• Classification of Attacks
• Threats
• Security of Hardware
• Non-Invasive attacks
• Semi-invasive attacks
• Invasive attacks
• Countermeasures
• Exploits
• Data Remanence
• Timing attacks
• Power Analysis attacks
• Practical Fault injection attacks

Physical Hardware Attacks

• Definition of Tamper Resistance
• Categories of attackers
• Protection levels
• Classification of physical attacks
• Automated Decapsulation
• Deprocessing
• Reverse engineering
• Microprobing
• Bus Encryption
• Bus Scrambling
• Sensors
• UV attacks

Side Channel Attacks

• Introduction to side-channel emissions
• Exploited side channel emissions
• Hardware targets
• Attack classifications
• Smart Cards
• FPGAs
• Power Attacks
• Timing Attacks
• EMA attacks
• Simple Power Analysis (SPA)
• Differential Power Analysis (DPA)
• Kocher’s attack
• Spatial Positioning

Secure Hardware Design for FPGAs

• Introduction to FPGA Architecture
• Overview of FPGA
• Manufacturing Flow
• FPGA security design
• FPGA attacks
• FPGA defense technology
• Current advancement toward FPGA design

Embedded System Security

• Embedded system definition
• Examples of embedded systems
• Characteristics of embedded system
• Embedded system attacks
• Physical attacks
• Fault induction
• Electromagnetic Analysis
• Design challenges in embedded system security
• Countermeasures of embedded system security

OPTIONAL MODULES

Basics of VLSI

• nMOS transistor
• PMOS transistor
• CMOS
• Performance comparison
• Boolean algebra
• CMOS logic implementation
• Definition of integrated circuit
• Introduction to VLSI
• VLSI design cycle
• VLSI design constraints
• VLSI logic design
• VLSI defects

Security of Radio Frequency Identification (RFID)

• Introduction to RFID
• Application of RFID
• Security attacks to passive RFID
• Impersonation
• Information leakage
• Physical manipulation
• Protection methods of RFID
• PUF and Unclonable RFID tags
• Security measures
• Fingerprinting RFID Tags

Hardware Trojans

• Definition of Hardware Trojan
• IC/IP trust problem
• Malicious addition
• Changing the functionality of hardware
• Reducing the hardware reliability
• Leaking hardware information
• Application and targeted attacks with Hardware Trojans
• Examples of Hardware Trojans
• Defense techniques

Crypto Processor Design

• Definition of Crypto processor
• Design of Crypto processor
• Performance of Cryptographic Hardware
• Trusted Platform Module
• Crypto processor attack
• Crypto processor defense techniques
• Documented Crypto processor attacks

Hands-on and In-Class Activities

• Labs
• Workshops
• Group Activities

Sample Workshops Labs for Hardware Security Training

• specifying the security objective of an already designed device
• Security assessment of integrated circuits
• Simulating and Testing the hardware before synthesis
• Synthesizing a new design on an FPGA
• validating the hardware against directed tests
• fixing every one of the security vulnerabilities you uncover, every step of the way
• Security tests of multimedia hardware
• Security examination of embedded systems
• Hardware Trojan Design in Crypto-System
• Hardware Security Primitive – PUF Designs
• Hardware Trojan Detection in FPGA Bit Files

Hardware Security Training