Hardware Security Testing
A hardware review aims to determine the resiliency of a device when an adversary has physical access to the hardware at some point in time. The outcome of a review can help protect the solution against threats such as: theft of a service, intellectual property or customer data; reverse engineering; or compromise of other equivalent devices in the ecosystem.
Hardware reviews are commonly performed on consumer premise equipment, such as routers, set-top boxes and Internet of Things appliances but can also be performed on specialised equipment like industrial control systems and custom embedded devices.
Security testing includes a review of exposed functionality and inputs such as USB or wireless protocols, and discovery of low-level data and debug interfaces that can be accessed via the circuit board. Additionally, security testing can include analysis of firmware to discover software level vulnerabilities.
A security review can determine if it is possible to extract sensitive data, such as firmware or encryption keys, from flash storage or as it traverses a bus; gain privileged access within the software running on the target device; or develop attacks that can be used to compromise another device not directly under the attacker’s control.
Hardware security testing can also involve chip removal, side-channel attacks, and fault injection attacks to achieve a specific goal.