Securing Over-the-Air Firmware Updates
How to secure over-the-air firmware updates with signed manifests, rollback protection, and TLS, the three controls you must have.
Secure Boot and the Embedded Chain of Trust
How embedded secure boot builds a chain of trust, how to prove it rejects tampering, and why rollback protection is not optional.
Reverse Engineering Firmware with Ghidra
How to reverse engineer firmware with Ghidra, pivoting from strings and cross-references to the decompiled logic and hidden backdoors.
Random Number Generation Weaknesses in Embedded Systems
How weak random number generation silently breaks keys and nonces on embedded devices, how to audit entropy, and how to fix it.
Proxmark3 and RFID Access Control Testing
How RFID access control fails when badges use broken MIFARE Classic, demonstrated with a Proxmark3, and the move to modern credentials.
Protecting Device Keys with a Secure Element
How a secure element like the ATECC608 protects device keys by generating them on-chip so a firmware dump yields nothing usable.
Power Side-Channel Analysis with ChipWhisperer
How power side-channel analysis with ChipWhisperer recovers an AES key from a chip’s power draw, and the constant-time defenses against it.
Modbus Security for Industrial Control Systems
How Modbus security fails on a modern network, reading and writing a PLC with no authentication, and the segmentation that defends it.
MQTT Broker Security for IoT Fleets
How one trusting MQTT broker exposes and controls an entire IoT fleet, and the per-device auth and topic ACLs that lock it down.
LoRaWAN Security for IoT Networks
How LoRaWAN security is undermined by static ABP keys and ignored frame counters, and how OTAA with unique keys fixes it.