Hardware Security Analysis on Soft-Core RISC-V Processors

Attacks against embedded systems cover a wide range of surfaces. Some of them, such as power analysis and fault injection, are low-level attacks that depend on the construction of the microcontroller running your firmware. The release of open-source RISC-V microcontroller cores allows you to investigate how changes in the microcontroller core impacts these attacks in a way that using off-the-shelf microcontrollers never allowed before. This talk will demonstrate how power analysis & fault injection works, and then demonstrate how you can setup different types of RISC-V cores on a FPGA platform to perform these sorts of attacks.

Go to Session

Live Q&A - Hardware Security Analysis on Soft-Core RISC-V Processors

Live Q&A with Colin O'Flynn for the talk titled Hardware Security Analysis on Soft-Core RISC-V Processors

Go to Session

Electromagnetic Fault Injection Made Easy with PicoEMP

Electromagnetic Fault Injection (EMFI) is a powerful method of injecting "faults" into devices, which can be used for both security and safety evaluations. Various platforms for EMFI exist (including the ChipSHOUTER tool Colin has designed), but they are often overkill when it comes to performing basic work or trying to get started with EMFI. This talk introduces the PicoEMP, a low-cost EMFI tool Colin designed and released as open-source hardware. Coverage of the theory behind EMFI along with how to build your own PicoEMP will be covered, including some recent examples of real-world usage.

Go to Session

Live Q&A - Electromagnetic Fault Injection Made Easy with PicoEMP

Live Q&A with Colin O'Flynn for the theatre talk titled Electromagnetic Fault Injection Made Easy with PicoEMP

Go to Session

The $5 Wrench: Realistic Embedded Security Threats

Blockchain. Secure Boot. E-Fuse. ECDSA. Secure Manufacturing. When it comes time to ship your product you'll hear all sorts of comforting words like this - but when it comes time for attackers to steal your IP, they will ignore about 95% of them. This talk will discuss some recent attacks & show you where they fall in terms of realism. It will then show you how to recreate some of them, which is useful in understanding how to protect your own products. It will also discuss products that have shown to be vulnerable, and how you can still use these products without totally redesigning your product.

Go to Session

Live Q&A - The $5 Wrench: Realistic Embedded Security Threats

Live Q&A with Colin O'Flynn for the talk titled The $5 Wrench: Realistic Embedded Security Threats

Go to Session

Hardware Hacking: Hands-On (2020)

Designers releasing embedded devices need to understand what sort of hardware attacks they will face in the field. We will discuss how two different types of advanced attacks work: side channel power analysis and fault injection. Not limited to theory, we will demonstrate how they are used in practice and work through real products the attacks have been used on. Low-cost tools and open-source material will be highlighted, so the attendee can learn more details & even perform these attacks themselves.

Go to Session

Live Discussion - Hardware Hacking: Hands-On (2020)

This is your chance to chat with Colin O'Flynn about Hardware Hacking

Make sure to watch Colin's talk: https://www.embeddedonlineconference.com/session/Hardware_Hacking_Hands_On

Go to Session