1、#SECTORCA BlackHatEventsSecurity is Easier Before PCB AssemblyDeploymentEasy Threat Modeling for HardwareEric EvenchickManaging Partner at Tetrel SecurityEE backgroundFirmware,embedded,automotive,etcBuilt a CAN bus tool(CANtact)and a access control system implant(BLEKey)Firmware Reverse Engineering
2、Trainer for Black HatBlack Hat USA/EU and SecTor review board memberEric EAdamshostack.org/about/adamJoe FitzPatrickEE background plus some silicon debug and security researchApplied Physical Attacks Training:Embedded SystemsHardware PentestingHardware Hacking tools:TigardErebusNot actually a conspi
3、racy theoristJoe FitzPHardware is hard.Hardening hardware is harder.Threat modeling for hardwareis not that hard!Who is this for?People designing hardware but also:People who buy hardwarePeople who deploy hardwarePeople who run code on hardwareAnyone who depends on hardwareThats everyone!Case studie
4、sOpenWRT OneAccess Control SystemCommercial off the shelfBought through a sales channel or with NDAOpen hardwarefull public detailsProprietaryClosed design May be a deviceyou design or sellMay be a device you deploy or supportCould also be a deviceyou deploy and supportCould also be a deviceyou desi
5、gn and sell#SECTORCA BlackHatEvents1.The state of Threat Modeling2.Special considerations about hardware3.Case Study A:Deploying a Device4.Case Study B:Designing a Device5.Now,for the Hard(ware)part6.Documenting our processEasy Threat modeling for HardwareWhat is threat modeling?Using models to help
6、 us think about security“Threats”meaning possible future problemsThe“measure twice,cut once”of security“You can fix it on the drawing board with an eraser,or on the job site with a sledgehammer”Frank Lloyd Wright Four Question Framework What are we working on?What can go wrong?What are we going to d