Quick Nav
Course Information
Schedule
Assignments
Resources
Syllabus – 5013
Course Information
Instructor: Alexander Nelson, ahnelson-at-uark.edu
Lecture: T/Th – 2:00-3:15, JBHT 239
Office Hours: T/Th 3:30-5:00 and by appointment
Schedule
Date |
Notes |
Info |
---|---|---|
01/14/25 | Syllabus, Lecture 1 – Introduction to Embedded Systems Security | Reading 1: Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi |
1/16/25 | Presentation 1 – Stute 2021 Lecture 2 – Review of Embedded Systems |
|
1/21/25 | Finish Lecture 2 Lecture 3 – Real-time operating systems |
Reading 2: Mangard, Stefan. “A simple power-analysis (SPA) attack on implementations of the AES key expansion.” In International Conference on Information Security and Cryptology, pp. 343-358. Springer, Berlin, Heidelberg, 2002. |
1/23/25 | Presentation 2 – Mangard 2002 Finish Lecture 3 |
|
1/28/25 | Chipwhisperer Introduction Chipwhisperer 2_1A |
Reading 3: T. Tucker, H. Searle, K. Butler and P. Traynor, “Blue’s Clues: Practical Discovery of Non-Discoverable Bluetooth Devices,” 2023 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2023, pp. 3098-3112, doi: 10.1109/SP46215.2023.10179358. |
1/30/25 | Presentation 3 – Tucker 2023 Chipwhisperer 2_1B |
|
2/4/25 | Lecture 4 – Symmetric Encryption AES In Class Python |
Reading 4: Rodrigues, Cristiano, Daniel Oliveira, and Sandro Pinto. “BUSted!!! Microarchitectural Side-Channel Attacks on the MCU Bus Interconnect.” 2024 IEEE Symposium on Security and Privacy (SP). IEEE, 2024. |
2/6/25 | Presentation 4 – Rodrigues 2024 Chipwhisperer 3_1 |
|
2/11/25 | Lecture 5 – Embedded Communications, and how to exploit them! Chipwhisperer 3_2 |
Reading 5:
Puschner, Endres, Thorben Moos, Steffen Becker, Christian Kison, Amir Moradi, and Christof Paar. “Red team vs. blue team: a real-world hardware Trojan detection case study across four modern CMOS technology generations.” In 2023 IEEE Symposium on Security and Privacy (SP), pp. 56-74. IEEE, 2023.
|
2/13/25 | Presentation 5 – Puschner 2023 Chipwhisperer 3_3 – DPA |
|
2/18/25 | Alternative Instruction (Snow) | Reading 6: Klix, Simon, Nils Albartus, Julian Speith, Paul Staat, Alice Verstege, Annika Wilde, Daniel Lammers et al. “Stealing Maggie’s Secrets-On the Challenges of IP Theft Through FPGA Reverse Engineering.” In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, pp. 3391-3405. 2024. |
2/20/25 | Alternative Instruction (Snow) | |
2/25/25 | Presentation 6 – Klix 2024 Lecture 6 – Side Channel Analysis |
Reading 7: Mun, Hyeran, Kyusuk Han, and Dong Hoon Lee. “Ensuring safety and security in CAN-based automotive embedded systems: A combination of design optimization and secure communication.” IEEE Transactions on Vehicular Technology 69, no. 7 (2020): 7078-7091. |
2/27/25 | Presentation 7 – Mun 2020 Chipwhisperer 4_3 – Correlation Power Analysis |
|
3/4/25 | Lecture 7 – Side Channel Prevention | Reading 8: Davis, Abe, Michael Rubinstein, Neal Wadhwa, Gautham J. Mysore, Fredo Durand, and William T. Freeman. “The visual microphone: Passive recovery of sound from video.” (2014). |
3/6/25 | Presentation 8 – Abe 2014 Finish Chipwhisperer 4_3 |
|
3/11/25 | Lecture 8 – Generalizing an Attack Model Lecture 9 – Introduction to Fault Injection |
Reading 9: David, Yaniv, Nimrod Partush, and Eran Yahav. “Firmup: Precise static detection of common vulnerabilities in firmware.” ACM SIGPLAN Notices 53, no. 2 (2018): 392-404. |
3/13/25 | Presentation 9 – Yaniv 2018 Chipwhisperer Fault 101-2_1 – Fault Attacks |
|
3/18/25 | Lecture 10 – Fault Injection Countermeasures Chipwhisperer Fault 101-2_2 – Voltage Glitching |
Reading 10: Chen, Zitai, Georgios Vasilakis, Kit Murdock, Edward Dean, David Oswald, and Flavio D. Garcia. “{VoltPillager}: Hardware-based fault injection attacks against intel {SGX} enclaves using the {SVID} voltage scaling interface.” In 30th USENIX Security Symposium (USENIX Security 21), pp. 699-716. 2021. |
3/20/25 | Presentation 10 – Chen 2021 Finish Chipwhisperer Fault 101-2_2 |
|
3/25/25 | No Class – Spring Break | |
3/27/25 | No Class – Spring Break | |
4/1/25 | Lecture 11 – Future Directions | Reading 11: M. Busch, A. Machiry, C. Spensky, G. Vigna, C. Kruegel and M. Payer, “TEEzz: Fuzzing Trusted Applications on COTS Android Devices,” 2023 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2023, pp. 1204-1219, doi: 10.1109/SP46215.2023.10179302. |
4/3/25 | Presentation 11 – Busch 2023 Finish Lecture 11 |
|
4/8/25 | Assignment 2 Help | Reading 12: Xiao, Yinhao, Yizhen Jia, Xiuzhen Cheng, Jiguo Yu, Zhenkai Liang, and Zhi Tian. “I can see your brain: Investigating home-use electroencephalography system security.” IEEE Internet of Things Journal 6, no. 4 (2019): 6681-6691. |
4/10/25 | Presentation 12 – Xiao 2019 | |
4/15/25 | Assignment 2 Evaluation | Reading 13: A. A. Ahmed and M. K. Hasan, “Multi-Layer Perceptrons and Convolutional Neural Networks Based Side-Channel Attacks on AES Encryption,” 2023 International Conference on Engineering Technology and Technopreneurship (ICE2T), Kuala Lumpur, Malaysia, 2023, pp. 69-73, doi: 10.1109/ICE2T58637.2023.10540465. |
4/17/25 | Presentation 13 – Ahmed 2023 Final Exam Review |
|
4/22/25 | Final Project Workday | |
4/24/25 | Presentation 14 – Presentation 15 – |
|
4/29/25 | In-Class Final Project Presentations | |
5/1/25 | In-Class Final Project Presentations |
Assignments
All dates are tentative and subject to change.
Date Assigned |
Date Due |
Assignment |
Info |
---|---|---|---|
2/11/2025 | 2/26/2025 | Assignment 1 – AES on Embedded Device (see Blackboard) | |
4/1/2025 | 4/15/2025 | Assignment 2 – Attacking a “Secure” embedded device
(see Blackboard) |
|
4/17/2025 | 5/1/2025 | Assignment 3 – Test Vector leakage Assessment |
Resources
Type |
Links |
---|---|
Course Textbook (Optional) | The Hardware Hacking Handbook:
Breaking Embedded Security with Hardware Attacks
|
Chipwhisperer GitHub | https://github.com/newaetech/chipwhisperer |
Class Discord | Invite Link |
Reading Summary Template | Link |