As we move further and further into the age of the Internet of Things (IoT) we are increasingly surrounded by devices that collect, analyze, and share information about the world around us. This course serves as an introduction to IoT hacking, where we look at familiar devices and lay the groundwork for hardware security analysis.

IoT devices are currently being developed and deployed to optimize processes, analyze natural phenomenon, diagnose and treat medical conditions, automate mundane tasks, and create additional conveniences for the human race.  Some of these devices simply over share information that we may consider private.  Others may be subverted to pose a threat to society or personal safety. 

The crowd-funding and maker movements have also spawned a new class of non-traditional hardware development revenue streams.  This rapid prototyping and rush to market environment is excellent for innovation. However, initial offerings may be completely void of security features. In the hardware world, lack of security features can be very difficult, if not impossible, to overcome.  Once a device makes it into the hands of consumers, it may remain in service with latent vulnerabilities for a very long period of time.  Typical consumers also lack the ability to distinguish between secure and insecure alternatives existing in the market.  In many cases, the deciding factor driving purchase is device cost. 

As a result, the security community must begin to understand and develop test methodologies for these types of devices so vulnerabilities can be discovered and communicated in the same responsible nature that occurs in the general computing world. 

This course will serve as an introduction to IoT hacking, where we look at familiar devices and lay the groundwork for hardware security analysis. 

In this two-day training class, the following course outline will be covered along with the opportunity to hack on several different IoT devices.

Hardware Identification