Hardware Reverse Engineering Platform: An Open-source Educational Tool
Michael Ham Dakota State University
Andrew Kramer Dakota State University
Abstract Human dependency on Internet-connected devices, broadly known as the Internet of Things (IoT), continues to rise. Unfortunately, due to the manufacturing of these devices occurring across the globe, these devices are often vulnerable to attacks and cannot implicitly be trusted. Successful compromises against IoT devices can have outcomes ranging from mild inconveniences to disruptions in critical infrastructure. Detecting vulnerabilities in these devices is commonly performed via hardware reverse engineering (HRE); this requires expertise to determine device functionality, information I/O, and data storage.
Widely recognized designation requirements underscore the demand for students studying in cybersecurity programs to acquire hands-on HRE skills. The National Security Agency (NSA) specifically lists HRE as an optional knowledge unit for the Center of Academic Excellence (CAE) designations. Students meeting HRE learning outcomes will be equipped to probe, measure, and collect information from devices in the context of understanding and manipulating device functionality. Approximately 375 universities and colleges across the United States have CAE-designated programs in cyber operations and cyber defense. However, not all of these schools offer HRE in their curricula.
Various factors influence the exclusion of HRE offerings in coursework. Such barriers include the lack of faculty expertise, credit limitations imposed by mandatory program requirements, and a scarcity of hardware targets suitable for classroom use to meet learning outcomes. Many barriers to adoption accompany existing hardware targets, including high costs, proprietary software, use agreements prohibiting reverse engineering, and exceptionally complex circuit designs requiring specialized tools. This research proposes an open-source platform that educators can easily adopt and assess student progress toward the intended learning outcomes.
The researchers created a gamified series of capture-the-flag (CTF) challenges using the micro:bit platform representative of common hardware attack vectors. Gamification encourages students to explore solutions to challenges beyond specific instruction and promotes increased motivation. The challenges align with tasks identified in CAE learning outcomes for HRE. Students must identify available I/O mechanisms and interface with the available debug ports (USB, UART, or SPI) to obtain the device’s firmware. Upon successfully obtaining the firmware image, students unlock levels of the CTF by performing tasks such as reconstructing the device’s memory map, labeling interrupt vectors and peripheral access, deriving embedded commands, attaining a Bluetooth pin, live debugging, etc.
Researchers hypothesize that this platform will bolster student progress toward HRE learning outcomes and result in skills translatable to “real-world” scenarios. Through a summative assessment of the CTF challenges, the specific competencies of the HRE learning outcomes will be evaluated alongside a formative assessment of student perception of the impact of the platform.