VULNERABILITY RESEARCH FOR EMBEDDED SYSTEMS
This is a follow-on course to our Reverse-Engineering for Embedded Systems course. It is intended for engineers who need to perform assessments and then actually demonstrate vulnerabilities on embedded systems, IOT devices or similar systems. In this course, students learn how to find vulnerabilities, demonstrate them by writing exploits, and communicate the nature and severity of vulnerabilities to a non-technical audience.
This is a majority hands-on course, with theory and lectures as needed. Exercises focus on embedded Linux and ARM but some other architectures are mixed in for perspective. This course balances application of skills with fundamental knowledge so no one is just “going through the steps” but rather is engaging in a creative problem-solving experience, just like in the real world.
Students will be able to identify vulnerabilities in embedded products
Students will be able to bypass multiple exploit mitigations
Students will know the pros and cons of different approaches
Students will be able to communicate findings to management
Students are expected to be familiar with reading disassembly in one or more architectures and feel comfortable reading and writing programs in C and Python We are experienced teachers and are prepared for a variance in backgrounds in each class. We specifically address this through our exercises and environment.
Jeremy Blackthorne is co-founder and lead instructor of the Boston Cybernetics Institute (BCI). He is a former researcher at MIT Lincoln Laboratory in the Cyber System Assessments group. There his research focused on building and breaking cybersecurity solutions for the military. He also created and delivered training in reverse-engineering and exploitation to technical specialists and management personnel from the Air Force, Navy, and Special Operations communities. He is the co-creator and instructor of the MIT IAP 2016 Software Reverse-Engineering course
He is also the co-creator and instructor of the Rensselaer Polytechnic Institute (RPI) courses: Modern Binary Exploitation, Spring 2015 and Malware Analysis, Spring 2013. Blackthorne was an active member of the student security club and CTF team, RPISEC, from 2012 to 2015, where he taught seminars on reverse-engineering, exploitation, and various other cybersecurity topics. He served in the U.S. Marine Corps from 2002 to 2006 and completed three tours in Iraq. He has a BS in computer science from the University of Michigan-Dearborn and an MS in computer science from RPI. He is currently a PhD candidate in computer science at RPI focusing on anti-analysis techniques in computer programs.
Evan Jensen is co-founder and CTO of BCI, where he splits his time between performing assessments and creating solutions for clients and teaching. He is an experienced instructor in reverse-engineering and exploitation. Evan has taught reverse-engineering at BU, RPI, NYU, MIT, the United States Military Academy at West Point and MIT Lincoln Laboratory. Before founding BCI, Evan worked for MIT Lincoln Laboratory’s Cyber System Assessments Group and Facebook’s redteam. He was an instructor for NYU's weekly Hack Night from 2011 to 2014, covering reverse-engineering, exploitation, and various other cybersecurity topics. He developed nearly all of the lessons for Trail of Bits' CTF Field Guide, covering vulnerability discovery, exploitation, forensics, and operational tradecraft.
Jensen was heavily involved in teaching cybersecurity in the NYU Polytechnic community. He was co-instructor with Dan Guido for the course Penetration Testing and Vulnerability Analysis during Fall 2012 and Fall 2013, and was a teaching assistant for Neil Daswani for the course Application Security during Spring 2013. Passionate about enabling others to learn via the medium of repeated failure, he was CTF captain of Brooklynt_Overflow from 2012 to 2014 and founding member/captain of Lab RATs from 2014 to 2016 which placed 10th in Defcon finals in 2017. He has a BS in computer science from NYU Tandon School of Engineering.