applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Utilizing Programmable Logic For Hardware Reverse-Engineering

Register for March 8-11 Course

Dmitry Nedospasov
Thorsten Schroeder


Off the shelf solutions for high-level hardware reverse engineering inevitably fall short when it comes to analyzing proprietary protocols or where accurate timing is necessary. Sooner or later, one is faced with the situation that custom hardware can do the job much more efficiently. Extremely versatile hardware comparable in function to custom ASICs can be implemented by utilizing programmable logic in conjunction with an ARM microcontroller and standard peripheral interfaces. Custom logic can be effectively used to process proprietary communications protocols and implement additional functionality in resource constrained environments and timing critical applications.

The main goal of this course is to familiarize participants with the concepts necessary to implement custom logic. The course will cover several techniques for hardware reverse-engineering such as firmware extraction, fuzzing and glitching. Participants will implement coprocessors on a Field Programmable Gate Array (FPGA) in Verilog HDL and interface them to the ARM microcontroller (MCU) using the C programming language. The DDK is a low-cost opensource hardware platform consisting of an Actel FPGA and an NXP LPC1700 family ARM Cortex-M3 MCU. Each participant will receive a DDK board for building custom HW reverse-engineering tools for specific targets.

Participants will become acquainted with the standard FPGA/ASIC development cycle, from simulation to place and route and the resulting netlist timing analysis. Participants will also gain hands-on experience by applying the techniques introduced in the course to several embedded hardware targets. One of the primary goals is for students of this course to become familiar with professional development workflows used by real world engineers. Participants will also be provided an opportunity to work with professional test equipment, such as professional oscilloscopes and logic analyzers, for debugging their hardware and logic.

This course is suitable for people that are unfamiliar with embedded development. All the theory and concepts behind the electronics, HDL and debugging will be taught during course.

Topics Covered

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Course Outline:

Laptop requirements