SecAppDev 2022 Lecture Details

Security of embedded devices - an introduction

Lennert Wouters
Monday June 13, 11:00 - 12:30
Short description

This session provides an introduction to the field of hardware security, and will be guided by real-world case studies and vulnerabilities. We discuss the embedded attacker, their tools and techniques and their influence on threat models.

Abstract

This session provides an introduction to the exciting field of hardware security. We do this by taking a practical approach to investigating the security of embedded devices. We introduce the general anatomy and attack surface of common embedded devices, and provide an overview of the tools and techniques used by the attacker. We discuss the influence of the attacker's capabilities on embedded threat models.

The session is guided by several real-world case studies in which we analyse smart home and automotive products, for each of these we will uncover and discuss a few common security issues.

Key takeaway

Physical attackers are a major threat to IoT security, allowing everyone to hack embedded devices

Content level

Introductory

Target audience

Anyone interested to learn about embedded security through practical examples.

Prerequisites

None

Download handouts

Lennert Wouters

Lennert Wouters

PhD researcher, imec-COSIC, KU Leuven

Lennert Wouters obtained a Master in Engineering Technology and an Advanced Master in Artificial Intelligence from the University of Leuven. After completing his studies, Lennert joined the Computer Security and Industrial Cryptography (COSIC) research group, an imec research group at KU Leuven. As a PhD researcher his research interests include hardware security of connected embedded devices, reverse engineering and physical attacks.

Full speaker profile

Related iot and low-level security sessions

Trusted Execution and how far you can trust it

Lecture by Jan Tobias Muehlberg

Modern processors provide Trusted Execution Environments that allow you to protect software components even from an untrusted operating system. Learn when and how to use them!

IoT and low-level security Tuesday June 14, 09:00 - 10:30