Search

Hardening Secure Boot Training

Compromise of a Secure Boot typically leads to a full compromise of your device. Brought to you by the proven experts in hardware security and Secure Boot hacking, this intensive one-day workshop will help you learn common weaknesses of Secure Boot and enhance your secure development process where it really matters.

Course is available on request

Who is this training for?

This course is intended for software developers, system designers and system architects who are tasked with designing, developing or maintaining a secure boot implementation.

Aims and Objectives

More and more embedded devices have strong requirements on the integrity of the code running on the platform. Hackers are finding new ways to compromise these systems and a robust secure boot implementation that ensures the software integrity is considered essential. However, implementing a robust secure boot is a major challenge. Several attacks of widely deployed embedded devices got high profile media attention, exposing manufacturers to lost revenue, liability claims and brand damage.

This workshop covers the most common pitfalls of secure boot implementation based on our extensive security evaluation experience. We discuss common logical vulnerabilities that allow attackers to bypass secure boot and also more sophisticated attack techniques such as fault injection. These attacks are extremely effective against any code which has not been specifically hardened against FI attacks making the manufacturers take on additional cost of re-developing the code of high enough quality too meet the rising industry standards.

Fault injection attacks are becoming mainstream as better and cheaper tools are becoming rapidly available. In this workshop we demonstrate how attackers use these techniques to compromise your system and how to implement software based counter measures to defend against it, making your product more in line with the relevant industry requirements.

  • Introduction to the secure boot
  • Recognize attacks on secure boot:
    • Logical attacks on secure boot
    • Fault Injection attacks on secure boot
    • Combined attacks
  • Implement countermeasures on the secure boot examples
  • Interactive testing of the effectiveness of countermeasures

Learn from the experts in Secure Boot evaluation

Our Expertise

Riscure has strong expertise in hardware security and, in particular, in Secure Boot vulnerabilities. Some of the techniques we used to bypass secure boot were shared publicly. In this workshop we share our distilled expertise of many evaluation projects.

Custom code

Since there are no publicly available hardened secure boot implementations, we have developed two Secure Boot implementations of different complexity levels which are used as examples in the workshop.

FiSim Interactive Simulator

For testing the effectiveness of countermeasures on the robustness of the secure boot, we have developed FiSim. The FiSim simulator takes the bootloader binary of a simulated platform, simulates glitches by running the boot loader in slightly different conditions. FiSim can indicate where the code can be glitched. FiSim comes with a simple GUI allowing the student to modify the source code and immediately get feedback on the effectiveness of the implemented countermeasure.

Interested? View the upcoming courses or get in touch with us

Please click here to access our e-learning platform where you will be able to view the upcoming dates for this training. Once you have your plans defined, there you can also register and purchase your seat right away. If you have questions or would like to discuss a special training program for your company, please contact us at trainingacademy@riscure.com.

By continuing to browse this website, you agree to the use of cookies and data processing according to our privacy statement. Close