Название: The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks (Early Access) Автор: Jasper van Woudenberg and Colin O’Flynn. Издательство: No Starch Press Год: 2021 Формат: PDF Страниц: 178 Размер: 10 Mb Язык: English
The Hardware Hacking Handbook takes you deep inside embedded devices to show how different kinds of attacks work, then guides you through each hack on real hardware. Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks. Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget.
You’ll learn: • How to model security threats, using attacker profiles, assets, objectives, and countermeasures • Electrical basics that will help you understand communication interfaces, signaling, and measurement • How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips • How to use timing and power analysis attacks to extract passwords and cryptographic keys • Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization