Length: 2 Days
Hardware Security Training
A hardware vulnerability is an exploitable weakness in a computer system that enables a cyber-attack through remote or physical access to system hardware.
Hardware vulnerabilities are not generally exploited through random hacking attempts but more typically in targeted attacks of known high-value systems and organizations.
However, whenever code can be introduced to a computer this is inherently a hardware vulnerability. For example, when a user installs software, moves files such as CD/DVD ROMs or plugs in flash drives, those items can all be thought of as hardware vulnerabilities.
What is comes down to is that hardware is a serious cybersecurity risk.
That’s because cyber systems are built using the physical hardware of semiconductor chips. These are now found everywhere including in all computers, communication networks, modern electronics and other important infrastructures.
The rise of the Internet of Things (IoT), artificial intelligence and autonomous systems is due to the advances in chip technology.
But of course, as with software, along with the advances comes increased vulnerabilities. Hardware cyber-attacks take advantage of vulnerabilities in hardware-manufacturing supply chains. Modern chips are incredibly complex devices consisting of billions of transistor components that can be compromised during the processes of design, fabrication, and assembly and testing.
A compromised physical component can undermine all additional layers of a system’s cybersecurity to devastating effect. Hardware security, therefore, focuses on protecting systems against the vulnerabilities at the physical layer of devices.
Most cybersecurity professionals feel that hardware security should be approached cooperatively by the private and public sectors. This is because both sectors have an important role to play in ensuring the safety and security of our digital infrastructure.
But no matter how secure you can make your software, if your hardware leaks information, a cybercriminal can basically bypass all your security mechanisms.
Besides computer data systems, devices such as remote car keys, cable boxes and even credit card chips are all vulnerable to hardware attacks, typically because of their design. These devices are small and lightweight and operate on minimal power. Engineers optimize designs so the devices can work within these low-power constraints.
Many engineers believe the fix for leaky hardware is taking a design specification and restructuring it at an algorithmic level so that the algorithm draws the same amount of power in every cycle. This basically equalizes the amount of power consumed across all the cycles, whereby even if attackers have power measurements, they can’t do anything with that information.
What’s left is a more secure device with a more automated design. Rather than manually securing each hardware component, the algorithm automates the process.
Hardware Security Training Course by Tonex
This course introduces you to a variety of cryptographic processor and processing overhead, side-channel attacks, physically unclonable functions, hardware-based true random number generator, watermaking of IPS, FPGA security, passive and active metering and hardware based secure program execution.
Have you ever experienced extracting your secret keys from an embedded system? Are you having a product vulnerable to hardware attacks? Have you even wanted to study and protect you system against these kinds of unwanted attacks? If your answer to any of these questions is yes, this course is for you.
By taking the hardware security training, you will learn the basics of hardware security and hardware cryptography. Basic topics such as crypto system, cryptanalysis, ciphers, and data encryption standards (DES) are covered. Moreover, you will be introduced to the basics of VLSI and hardware devices important in computer security such as CMOS, PMOS and VLSI design cycles.
Participants Learn about:
- Counterfeit detection, criminal activities, detection standards and physical analysis in hardware security. This course gives you the sufficient knowledge to identify the hardware threats, methods of hardware metering, unclonable identifiers and ending piracy of integrated circuits (ICs).
- The fault injection attacks in hardware security, classification of attacks, invasive attacks, countermeasures, exploits, and data remanence.
- How a physical hardware attacks harm the hardware security by learning tamper resistance, classification of physical attacks, automated decapsulation, deprocessing methods, side channel attacks, or microprobing.
This hardware security training course also teaches you the design considerations for hardware security and introduces the secure algorithms for designing FPGAs.
In addition, the course helps you to discover the problems of embedded system security such as embedded system attacks or physical attacks to embedded system. You will also be introduced to the concept of radio frequency identification (RFID) and applications of RFID in hardware security.
Who Would Benefit From This Training?
If you are an IT professional who specializes in systems, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of hardware security training that will prepare yourself for your career.
Finally, Hardware Security Training will introduce the hardware Trojans which decrease the hardware system reliability and leads you to the basics of crypto processor design techniques.
The hardware security training is a 2-day course designed for:
- All individuals who need to understand the concept of hardware security.
- IT professionals in the areas of hardware security, embedded system security and secure hardware design
- Cybersecurity professionals, network engineers, security analysts, policy analysts
- Security operation personnel, network administrators, system integrators and security consultants
- IT professionals interested in the field of hardware security
- Security traders to understand the hardware security of embedded systems.
- Investors and contractors who plan to make investments in security system industry.
- Technicians, operators, and maintenance personnel who are or will be working on cyber security projects
- Managers, accountants, and executives of the cybersecurity industry.
Upon completion of the course, attendees are able to:
- Learn the state of the art security methods and devices
- Integrate the security as a design metric
- Explain the common hardware trojans
- Design secured hardware FPGA
- Understand the attacks in embedded system
- Explain the design procedures of crypto processor
- Protect the design intellectual property against privacy
- Understand the physical attacks in hardware security
- Understand hardware attacks and providing countermeasures
The hardware security training course consists of the following lessons, which can be revised and tailored to the client’s need:
Introduction to Hardware Security
- History of hardware security
- Smart cards prone to attacks
- Radio Frequency Identification (RFID)
- Microelectronic industry business model
- Hardware threats
- IP vendor
- System integrator
- Third IP design issue
- Design process-new approach
- Untrusted system integrator
- Supply chain vulnerabilities
- Basic definitions in Hardware security
- Security and protection objectives
- Hardware vulnerabilities
- Hardware control
- Embedded system security
- Basic terminology of Cryptography
- Advantages of Cryptography
- Crypto system with keys
- Classification of Cryptosystem keys
- Breakable encryption
- Caeser Cipher
- Statistical analysis
- Polyalphabetic Substitution
- Transposition Ciphers
- Product Ciphers
- Stream and block ciphers
- Data Encryption Standard (DES)
- Generation of round keys
- Security of DES
- Concept of AES
- Motivation for Public Key Encryption (PKE)
- RSA encryption
Basics of VLSI
- nMOS transistor
- PMOS transistor
- Performance comparison
- Boolean algebra
- CMOS logic implementation
- Definition of integrated circuit
- Introduction to VLSI
- VLSI design cycle
- VLSI design constraints
- VLSI logic design
- VLSI defects
- Lucrative business
- Criminal activity
- Counterfeit electronic
- Detection standards
- Laboratory standard
- Aerospace standard
- Risk classifications during test levels
- Detection flow and methodology
- Counterfeit types
- Recycled parts
- Supply chain vulnerability
- External Visual Inspection (EVI)
- Physical analysis
- Acoustic Microscopy scanning
- X-Ray inspection
- Electrical test
- Temperature cycling
- IC enabling by active metering
- Physical Unclonable Functions (PUFs)
- Hardware threats
- Why Hardware Metering?
- Passive Hardware Metering
- Active Hardware Metering
- No-nfuctional identification
- Unclonable identifiers
- Functional metering
- Internal active metering
- External active metering
- Ending Piracy of Integrated Circuits (EPIC)
- Logic Barriers
- Secure Split Test (SST)
- Finite State Machine (FEM)
- Remote Activation of ICs
Fault Injection Attacks in Hardware
- Classification of Attacks
- Security of Hardware
- Non-Invasive attacks
- Semi-invasive attacks
- Invasive attacks
- Data Remanence
- Timing attacks
- Power Analysis attacks
- Practical Fault injection attacks
Physical Hardware Attacks
- Definition of Tamper Resistance
- Categories of attackers
- Protection levels
- Classification of physical attacks
- Automated Decapsulation
- Reverse engineering
- Bus Encryption
- Bus Scrambling
- UV attacks
Side Channel Attacks
- Introduction to side-channel emissions
- Exploited side channel emissions
- Hardware targets
- Attack classifications
- Smart Cards
- Power Attacks
- Timing Attacks
- EMA attacks
- Simple Power Analysis (SPA)
- Differential Power Analysis (DPA)
- Kocher’s attack
- Spatial Positioning
Secure Hardware Design for FPGAs
- Introduction to FPGA Architechture
- Overview of FPGA
- Manufacturing Flow
- FPGA security design
- FPGA attacks
- FPGA defense technology
- Current advancement toward FPGA design
Embedded System Security
- Embedded system definition
- Examples of embedded systems
- Characteristics of embedded system
- Embedded system attacks
- Physical attacks
- Fault induction
- Electromagnetic Analysis
- Design challenges in embedded system security
- Countermeasures of embedded system security
Security of Radio Frequency Identification (RFID)
- Introduction to RFID
- Application of RFID
- Security attacks to passive RFID
- Information leakage
- Physical manipulation
- Protection methods of RFID
- PUF and Unclonable RFID tags
- Security measures
- Fingerprinting RFID Tags
- Definition of Hardware Trojan
- IC/IP trust problem
- Malicious addition
- Changing the functionality of hardware
- Reducing the hardware reliability
- Leaking hardware information
- Application and targeted attacks with Hardware Trojans
- Examples of Hardware Trojans
- Defense techniques
Crypto Processor Design
- Definition of Crypto processor
- Design of Crypto processor
- Performance of Cryptographic Hardware
- Trusted Platform Module
- Crypto processor attack
- Crypto processor defense techniques
- Documented Crypto processor attacks
Hands-on and In-Class Activities
- Group Activities
Sample Workshops Labs for Hardware Security Training
- specifying the security objective of an already designed device
- Security assessment of integrated circuits
- Simulating and Testing the hardware before synthesis
- Synthesizing a new design on an FPGA
- validating the hardware against directed tests
- fixing every one of the security vulnerabilities you uncover, every step of the way
- Security tests of multimedia hardware
- Security examination of embedded systems
- Hardware Trojan Design in Crypto-System
- Hardware Security Primitive – PUF Designs
- Hardware Trojan Detection in FPGA Bit Files
Hardware Security Training