Hardware Security Training
Hardware Security Training course introduces participants to a variety of cryptographic processor and processing overhead, side-channel attacks, physically unclonable functions, hardware-based true random number generator, watermaking of IPS, FPGA security, passive and active metering and hardware based secure program execution.
Effective hardware security is crucial because organizations consist of a multitude of hardware devices and components and each one of them has its own share of vulnerabilities.
This makes hardware security not only critical but also a complicated process. Vulnerabilities can arise in several ways, such as:
- Outdated firmware
- Lack of encryption
- Trigger faults
- Modification attacks
- Counterfeit hardware
- Keeping default passwords
- Unsecured local access
In general, hardware-based security takes a multidimensional approach to not only complement software-based security but also add efficiency to implementing and managing protections to your computing infrastructure.
Hardware security originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity, measures to ensure that the supply chain that built the product is secure among other things.
Although any device should be protected if it connects even indirectly to the internet, the stringency of that protection should be in accordance with need. A system controlling the color and intensity of lights in Wi-Fi LED for a dwelling, for example, may not require much security.
In the case of more significant hardware and more critical function, the added reliability and lower number of vulnerabilities associated with hardware-based security may make it advisable.
Hardware security and software security are quite different. Hardware security is a process of protecting hardware against vulnerabilities that are targeting these devices, where software security is a process of protecting software against malicious attacks and other hackers’ risks.
Additionally, hardware cannot modify features just like software. Instead, one has to evaluate old hardware, identify the problem, formulate updates, coordinate with ecosystem partners and then push manufacturing for new build to fix the problem.
Hardware Security Training Course by Tonex
Have you ever experienced extracting your secret keys from an embedded system? Are you having a product vulnerable to hardware attacks? Have you even wanted to study and protect you system against these kinds of unwanted attacks? If your answer to any of these questions is yes, this course is for you.
By taking the hardware security training, you will learn the basics of hardware security and hardware cryptography. Basic topics such as crypto system, cryptanalysis, ciphers, and data encryption standards (DES) are covered. Moreover, you will be introduced to the basics of VLSI and hardware devices important in computer security such as CMOS, PMOS and VLSI design cycles.
Participants Will Learn about:
- Counterfeit detection, criminal activities, detection standards and physical analysis in hardware security. This course gives you the sufficient knowledge to identify the hardware threats, methods of hardware metering, unclonable identifiers and ending piracy of integrated circuits (ICs).
- The fault injection attacks in hardware security, classification of attacks, invasive attacks, countermeasures, exploits, and data remanence.
- How a physical hardware attacks harm the hardware security by learning tamper resistance, classification of physical attacks, automated decapsulation, deprocessing methods, side channel attacks, or microprobing.
This hardware security training course also teaches you the design considerations for hardware security and introduces the secure algorithms for designing FPGAs.
In addition, the course helps you to discover the problems of embedded system security such as embedded system attacks or physical attacks to embedded system. You will also be introduced to the concept of radio frequency identification (RFID) and applications of RFID in hardware security.
Who Would Benefit From This Training?
If you are an IT professional who specializes in systems, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of hardware security training that will prepare yourself for your career.
Finally, Hardware Security Training will introduce the hardware Trojans which decrease the hardware system reliability and leads you to the basics of crypto processor design techniques.
Audience
The hardware security training is a 2-day course designed for:
- All individuals who need to understand the concept of hardware security.
- IT professionals in the areas of hardware security, embedded system security and secure hardware design
- Cybersecurity professionals, network engineers, security analysts, policy analysts
- Security operation personnel, network administrators, system integrators and security consultants
- IT professionals interested in the field of hardware security
- Security traders to understand the hardware security of embedded systems.
- Investors and contractors who plan to make investments in security system industry.
- Technicians, operators, and maintenance personnel who are or will be working on cyber security projects
- Managers, accountants, and executives of the cybersecurity industry.
Learning Objectives
Upon completion of the course, attendees are able to:
- Learn the state of the art security methods and devices
- Integrate the security as a design metric
- Explain the common hardware trojans
- Design secured hardware FPGA
- Understand the attacks in embedded system
- Explain the design procedures of crypto processor
- Protect the design intellectual property against privacy
- Understand the physical attacks in hardware security
- Understand hardware attacks and providing countermeasures
Course Outline (Included Optional Modules for Private Classes)
The hardware security training course consists of the following lessons, which can be revised and tailored to the client’s need:
Introduction to Hardware Security
- History of hardware security
- Smart cards prone to attacks
- Radio Frequency Identification (RFID)
- Microelectronic industry business model
- Hardware threats
- IP vendor
- System integrator
- Manufacture
- Third IP design issue
- Design process-new approach
- Untrusted system integrator
- Counterfeiting
- Supply chain vulnerabilities
- Basic definitions in Hardware security
- Security and protection objectives
- Hardware vulnerabilities
- Adversaries
- Hardware control
- Embedded system security
Hardware Cryptography
- Basic terminology of Cryptography
- Advantages of Cryptography
- Crypto system with keys
- Classification of Cryptosystem keys
- Cryptanalysis
- Breakable encryption
- Ciphers
- Caeser Cipher
- Statistical analysis
- Polyalphabetic Substitution
- Transposition Ciphers
- Product Ciphers
- Stream and block ciphers
- Data Encryption Standard (DES)
- Generation of round keys
- Security of DES
- Concept of AES
- Motivation for Public Key Encryption (PKE)
- RSA encryption
Counterfeit Detection
- Lucrative business
- Criminal activity
- Counterfeit electronic
- Detection standards
- Laboratory standard
- Aerospace standard
- Risk classifications during test levels
- Detection flow and methodology
- Counterfeit types
- Recycled parts
- Overproduction
- Supply chain vulnerability
- External Visual Inspection (EVI)
- Physical analysis
- Acoustic Microscopy scanning
- X-Ray inspection
- Electrical test
- Temperature cycling
- IC enabling by active metering
- Physical Unclonable Functions (PUFs)
Hardware Metering
- Hardware threats
- Why Hardware Metering?
- Passive Hardware Metering
- Active Hardware Metering
- Non functional identification
- Unclonable identifiers
- Functional metering
- Internal active metering
- External active metering
- Ending Piracy of Integrated Circuits (EPIC)
- Logic Barriers
- Secure Split Test (SST)
- Finite State Machine (FEM)
- Remote Activation of ICs
Fault Injection Attacks in Hardware
- Classification of Attacks
- Threats
- Security of Hardware
- Non-Invasive attacks
- Semi-invasive attacks
- Invasive attacks
- Countermeasures
- Exploits
- Data Remanence
- Timing attacks
- Power Analysis attacks
- Practical Fault injection attacks
Physical Hardware Attacks
- Definition of Tamper Resistance
- Categories of attackers
- Protection levels
- Classification of physical attacks
- Automated Decapsulation
- Deprocessing
- Reverse engineering
- Microprobing
- Bus Encryption
- Bus Scrambling
- Sensors
- UV attacks
Side Channel Attacks
- Introduction to side-channel emissions
- Exploited side channel emissions
- Hardware targets
- Attack classifications
- Smart Cards
- FPGAs
- Power Attacks
- Timing Attacks
- EMA attacks
- Simple Power Analysis (SPA)
- Differential Power Analysis (DPA)
- Kocher’s attack
- Spatial Positioning
Secure Hardware Design for FPGAs
- Introduction to FPGA Architecture
- Overview of FPGA
- Manufacturing Flow
- FPGA security design
- FPGA attacks
- FPGA defense technology
- Current advancement toward FPGA design
Embedded System Security
- Embedded system definition
- Examples of embedded systems
- Characteristics of embedded system
- Embedded system attacks
- Physical attacks
- Fault induction
- Electromagnetic Analysis
- Design challenges in embedded system security
- Countermeasures of embedded system security
OPTIONAL MODULES
Basics of VLSI
- nMOS transistor
- PMOS transistor
- CMOS
- Performance comparison
- Boolean algebra
- CMOS logic implementation
- Definition of integrated circuit
- Introduction to VLSI
- VLSI design cycle
- VLSI design constraints
- VLSI logic design
- VLSI defects
Security of Radio Frequency Identification (RFID)
- Introduction to RFID
- Application of RFID
- Security attacks to passive RFID
- Impersonation
- Information leakage
- Physical manipulation
- Protection methods of RFID
- PUF and Unclonable RFID tags
- Security measures
- Fingerprinting RFID Tags
Hardware Trojans
- Definition of Hardware Trojan
- IC/IP trust problem
- Malicious addition
- Changing the functionality of hardware
- Reducing the hardware reliability
- Leaking hardware information
- Application and targeted attacks with Hardware Trojans
- Examples of Hardware Trojans
- Defense techniques
Crypto Processor Design
- Definition of Crypto processor
- Design of Crypto processor
- Performance of Cryptographic Hardware
- Trusted Platform Module
- Crypto processor attack
- Crypto processor defense techniques
- Documented Crypto processor attacks
Hands-on and In-Class Activities
- Labs
- Workshops
- Group Activities
Sample Workshops Labs for Hardware Security Training
- specifying the security objective of an already designed device
- Security assessment of integrated circuits
- Simulating and Testing the hardware before synthesis
- Synthesizing a new design on an FPGA
- validating the hardware against directed tests
- fixing every one of the security vulnerabilities you uncover, every step of the way
- Security tests of multimedia hardware
- Security examination of embedded systems
- Hardware Trojan Design in Crypto-System
- Hardware Security Primitive – PUF Designs
- Hardware Trojan Detection in FPGA Bit Files
Hardware Security Training