Home Blog Device Evaluation Introducing Riscuberry, Riscure’s advanced embedded target

Introducing Riscuberry, Riscure's advanced embedded target

Author: Jan Willem Markus

For the past 7 years, Riscure has been delivering Embedded Systems Security training. In this course, the trainees get hands-on experience with embedded security concepts by attacking real-life embedded systems, from routers to IP cameras. As devices are getting more complex, it becomes difficult to predict how long the target will remain available and what (software) version it will have. To address these challenges, Riscure has developed its own state-of-the-art IoT target for Embedded Systems Security training, called Riscuberry.

Affected by the ever-changing security landscape, the training and its targets that were state of the art 10 years ago are no longer relevant. Today’s devices are ever more connected, and security implementations are increasingly more complex. For example, even basic models of smart-tv require features like Secure Boot, Trusted Execution Environments (TEE), and Hardware crypto.

Considering the changes in the security landscape, the new IoT target Riscuberry serves multiple purposes. Riscuberry is not only an up-to-date target for embedded security training but also a training target for FI and SCA. Riscuberry is also used to develop new training and serve as a research platform.

What is Riscuberry, and what can it do?

Riscuberry is based on the SAMA5D27 wireless module from Microchip. It features an ARM Cortex-A5 System on Chip with 4 Gbit LPDDR2 RAM, Secure Boot, ARM TrustZone, OpTEE, and much more. Riscuberry breaks out CAN, USB, UART, Ethernet, JTAG, and audio, making it suitable for many testing and training applications.

Starting from 2022, Riscure wil implement a variety of Trusted Applications with intentional vulnerabilities on Riscuberry. These software samples will then be used in our interactive training programs. We will also have firmware available similar to Piñata to make FI and SCA testing easier with Riscuberry.

Our goal for Riscuberry is to serve as a platform for learning how to implement, analyze and defeat security measures such as Secure Boot. What is more important is that the target will be used to demonstrate how to mitigate discovered security weaknesses.

How to access Riscuberry?

We successfully use Riscuberry in the Fundamentals of Embedded Systems Security course. Embedded Systems Security is an online training featuring group mentoring sessions with Riscure security experts. Each participant of this training receives the Riscuberry with a tools kit consisting of a multimeter, oscilloscope, and BusPirate.

Learn more about Fundamentals of Embedded Systems Security training and request it for your team here or contact us by filling in the form below. Fundamentals of Embedded Systems Security has limited availability, so do not miss out and book the training now.

Share This