Hardware/Firmware Security (2020)

From CyberEdWiki
Revision as of 22:07, 21 November 2019 by GeralynUH (talk | contribs) (Text replacement - "To complete this KU, students should be able to:" to "After completing the KU, students will be able to:")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The intent of the Hardware/Firmware Security Knowledge Unit is to provide students with an understanding of the diverse components in hardware/firmware, their roles, and the associated security concerns.


After completing the KU, students will be able to:

  1. Outline physical vulnerabilities of hardware devices.
  2. Explain and make use of security capabilities implemented in hardware.
  3. Describe how systems are initialized and how software is validated and loaded.
  4. Describe the security role of intermediate software such as hardware abstraction layers or other forms of middleware.


  1. Physical Vulnerabilities.
    1. Unused, unsecured communications channels
    2. Test pads, test paths, and
    3. Back doors, trojans, and hidden circuits
    4. Doping and Induced Faults
    5. Reverse Engineering
    6. Unauthorized memory access
  2. Hardware side channel attacks
    1. Timing
    2. Power Analysis
    3. Electromagnetic
    4. RF analysis
    5. Hardware insertion (smartcards, USB, bus devices)
    6. Access through out-of-band management channels
  3. Sourcing attacks
    1. Pirated, Fake, and Counterfeit Parts
    2. Supply chain disruption
  4. Equipment Destruction Attacks
  5. Hardware Security Components
    1. Verifiable device IDs
    2. Random Number Generators
    3. Boot ROM Digital Signatures
    4. Hardware-base encryption modules
    5. Security Co-processors/Controllers
    6. Encryption accelerators (SSL, etc.)
  6. Physical Security Attributes
    1. Device validation
    2. Open and Accepted security algorithms
    3. Strong Random Number Generation
    4. Secure time source
    5. Standardized developer interface
    6. Clear documentation
    7. Key backup/Protection
    8. Tamper-resistance
    9. Scalability
  7. Bootloader vulnerabilities
    1. Boot sector attacks
    2. Single User Mode
    3. Boot to non-secure OS's
    4. Boot loader reconfiguration
  8. Microcode vulnerabilties
  9. Firmware vulnerabilties
    1. Reflashing BIOS/PROMs
  10. Security role of intermediate layers
    1. Hardware Abstraction Layer
    2. Virtualization Layers


NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]


Reference ID[edit]