CSCE 50103 – Embedded Systems Security (Spring 2025)

Quick Nav

Course Information
Schedule
Assignments
Resources
Syllabus – 5013

Course Information

Instructor: Alexander Nelson, ahnelson-at-uark.edu
Lecture: T/Th – 2:00-3:15, JBHT 239
Office Hours: T/Th 3:30-5:00 and by appointment

Schedule

 

Date

Notes

Info

01/14/25 Syllabus, Lecture 1 – Introduction to Embedded Systems Security Reading 1: Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi
1/16/25 Presentation 1 – Stute 2021
Lecture 2 – Review of Embedded Systems
1/21/25 Finish Lecture 2
Lecture 3 – Real-time operating systems
Reading 2: Mangard, Stefan. “A simple power-analysis (SPA) attack on implementations of the AES key expansion.” In International Conference on Information Security and Cryptology, pp. 343-358. Springer, Berlin, Heidelberg, 2002.
1/23/25 Presentation 2 – Mangard 2002
Finish Lecture 3
1/28/25 Chipwhisperer Introduction
Chipwhisperer 2_1A
Reading 3: T. Tucker, H. Searle, K. Butler and P. Traynor, “Blue’s Clues: Practical Discovery of Non-Discoverable Bluetooth Devices,” 2023 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2023, pp. 3098-3112, doi: 10.1109/SP46215.2023.10179358.
1/30/25 Presentation 3 – Tucker 2023
Chipwhisperer 2_1B
2/4/25 Lecture 4 – Symmetric Encryption
AES In Class Python
Reading 4: Rodrigues, Cristiano, Daniel Oliveira, and Sandro Pinto. “BUSted!!! Microarchitectural Side-Channel Attacks on the MCU Bus Interconnect.” 2024 IEEE Symposium on Security and Privacy (SP). IEEE, 2024.
2/6/25 Presentation 4 – Rodrigues 2024
Chipwhisperer 3_1
2/11/25 Lecture 5 – Embedded Communications, and how to exploit them!
Chipwhisperer 3_2
Reading 5:

Puschner, Endres, Thorben Moos, Steffen Becker, Christian Kison, Amir Moradi, and Christof Paar. “Red team vs. blue team: a real-world hardware Trojan detection case study across four modern CMOS technology generations.” In 2023 IEEE Symposium on Security and Privacy (SP), pp. 56-74. IEEE, 2023.
2/13/25 Presentation 5 – Puschner 2023
Chipwhisperer 3_3 – DPA
2/18/25 Alternative Instruction (Snow) Reading 6: Klix, Simon, Nils Albartus, Julian Speith, Paul Staat, Alice Verstege, Annika Wilde, Daniel Lammers et al. “Stealing Maggie’s Secrets-On the Challenges of IP Theft Through FPGA Reverse Engineering.” In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, pp. 3391-3405. 2024.
2/20/25 Alternative Instruction (Snow)
2/25/25 Presentation 6 – Klix 2024
Lecture 6 – Side Channel Analysis
Reading 7: Mun, Hyeran, Kyusuk Han, and Dong Hoon Lee. “Ensuring safety and security in CAN-based automotive embedded systems: A combination of design optimization and secure communication.” IEEE Transactions on Vehicular Technology 69, no. 7 (2020): 7078-7091.
2/27/25 Presentation 7 – Mun 2020
3/4/25 Reading 8: Davis, Abe, Michael Rubinstein, Neal Wadhwa, Gautham J. Mysore, Fredo Durand, and William T. Freeman. “The visual microphone: Passive recovery of sound from video.” (2014).
3/6/25 Presentation 8 – Abe 2014
3/11/25 Reading 9: David, Yaniv, Nimrod Partush, and Eran Yahav. “Firmup: Precise static detection of common vulnerabilities in firmware.” ACM SIGPLAN Notices 53, no. 2 (2018): 392-404.
3/13/25 Presentation 9 – Yaniv 2018
3/18/25 Reading 10: Chen, Zitai, Georgios Vasilakis, Kit Murdock, Edward Dean, David Oswald, and Flavio D. Garcia. “{VoltPillager}: Hardware-based fault injection attacks against intel {SGX} enclaves using the {SVID} voltage scaling interface.” In 30th USENIX Security Symposium (USENIX Security 21), pp. 699-716. 2021.
3/20/25 Presentation 10 – Chen 2021
3/25/25 No Class – Spring Break
3/27/25 No Class – Spring Break
4/1/25 Reading 11: M. Busch, A. Machiry, C. Spensky, G. Vigna, C. Kruegel and M. Payer, “TEEzz: Fuzzing Trusted Applications on COTS Android Devices,” 2023 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2023, pp. 1204-1219, doi: 10.1109/SP46215.2023.10179302.
4/3/25 Presentation 11 – Busch 2023

Assignments

All dates are tentative and subject to change.

Date Assigned

Date Due

Assignment

Info

2/11/2025 2/26/2025 Assignment 1 – AES on Embedded Device (see Blackboard)

 

Resources

Type

Links

Course Textbook (Optional) The Hardware Hacking Handbook:

Breaking Embedded Security with Hardware Attacks

by Colin O’Flynn and Jasper van Woudenberg

ISBN-13: 9781593278748
Chipwhisperer GitHub https://github.com/newaetech/chipwhisperer
Class Discord Invite Link
Reading Summary Template Link