Applied Physical Attacks on Embedded Systems
This course introduces and explores attacks on several different relatively accessible interfaces on embedded systems. Attendees will get hands-on experience implementing and deploying a number of low-cost hardware devices to enable access, privilege, and deception which is in some cases imperceptible from software. We’ll examine UART, JTAG, and SPI interfaces on both ARM and MIPS embedded devices, representative of a wide range of embedded devices that span consumer electronics, medical devices, industrial control hardware, and mobile devices. We will observe, interact with, and exploit each interface to use physical access to enable software privilege.
This course is geared toward pen testers, developers and others with a security background who wish to learn how to take advantage of physical access to systems to assist and enable other attacks.
No hardware or electrical background is required. Computer architecture knowledge, low-level programming experience, and Linux command-line familiarity are all very helpful, but not truly required.
What to Bring
All hardware and software is provided for use in the class. Optionally, bring your own USB keyboard/mouse if you have strong preferences.