2-DAY TRAINING 5 – Practical Intro to Embedded Attack & Defense




CAPACITY: 15 pax




Every developer makes mistakes. If you are unlucky, these mistakes result in a security vulnerability, an almost untraceable bug for the normal developer. Going around the world performing security reviews for the code of embedded and IoT developers I learned the different conceptions that lead developers to create vulnerabilities. This is what made me a better researcher and a better developer, and what I hope to teach you.

In this course you will get a the practical basics of embedded devices security from the beginning:

How vulnerabilities are created and how an attacker approaches a new device. From the internals, physical manipulations, buffer overflows, memory corruptions, timing attacks, all the way to the skill:

How to detect such mistakes, even the uncommon ones. Than you can decide: Should you fix it? Or exploit it? brought to you by LINK

Key Learning Objectives

  • Embedded & IoT – risks, common memory vulnerabilities and how to exploit and mitigate them
  • Physicals Attacks on IoT and Embedded – What attackers are capable of and how, how physicals attacks lead to memory vulnerabilities, how to secure embedded devices from physical attacks
  • Attacking and Defending Embedded Code: What to look for when reviewing embedded code, coding mistake patterns that results in vulnerabilities

Who Should Attend

  • Anyone who would like to learn about vulnerabilities, exploits and solutions in the embedded space
  • Security developers, architects and validation engineers who want to understand how to design secure embedded and IoT devices
  • Web/Network security experts who want to get the basics of low level and embedded security
  • Technical leads who want to gain a deeper understanding of risks in embedded devices
  • Newcomers to cyber security who want to become l33t

Prerequisite Knowledge

  • Basic programming knowledge
  • Knowledge in C/C++ and Python is recommended. Either way the workbook will guide you.
  • Ability to use Linux and bash commands

Hardware / Software Requirements

  • Laptop with 4G+ RAM
  • Wireless adapter for connecting to the lab server
  • Install software package sent before the course

Course Information:

In my training, students will learn about low level vulnerabilities from the basics: buffer overflows, integer overflows, command injections and more. All the way to complex vulnerabilities like TOCTOU attacks and physical intrusion. All subjects learned will focus on the world of embedded and IoT including the examples and exercises.

All exercises will be done on a Linux machine built by me to simulate everything needed. The setup for each lab runs on my server. I built a docker environment with a container for each student. To start an exercise each student login with the username/password of the exercise, where all of the required files reside, including instructions.

Since the make files for each exercise are visible to students, they can manipulate the code for debugging, and try to fix each vulnerability to understand how to avoid it (after they exploit it).

Each lab time consists of a few exercises I expect everyone to solve, which I will also show the solution for in class, and a few “buffer” tasks that are harder to solve.

Each exercise contains code example “hints” so that even students with limited amount of knowledge in C/C++/Python/Bash could finish it.

On each subject learned students will gain the tools to prevent such mistakes when developing and to detect such vulnerabilities when reviewing code.


Almost every subject includes an hand-on lab were you will detect, exploit and fix each vulnerability for deeper understanding.
All assembly examples will be in x86 assembly.

Day 1:

  • Introduction to Embedded Security:
    • Famous IoT attacks
    • Vulnerabilities types and classification
  • Memory Corruption Vulnerabilities:
    • Complied programs memory layout
    • Buffer overflows + Lab
    • Format string attacks + Lab
    • Integer overflows + Lab
    • Command Injections + Lab
    • Daily Summary

Day 2:

  • Cryptographic Security Mechanisms and Their Risks:
    • Hashes + Lab
    • Encryption + Lab
    • Signatures
    • Password Breaking Lab
  • Embedded Devices Attacks
    • TOCTOU Attacks + Lab
    • SPI Intrusion + Lab
    • Memory Swaps + Lab
    • Glitching + Lab
  • Final Exercise – Hacking a Secure Boot System

Location: Training Rooms Date: July 20, 2020 Time: 9:00 am - 6:00 pm Lior Yaari