Mastering ARM TrustZone with the USB Armory

Presented By: Andrea Barisani
The ARM® TrustZone® technology, in contrast to traditional TPMs, allows developers to engineer custom trusted platform modules by enforcing domain separation, between the “secure” and “normal” worlds, that propagates throughout System on a Chip (SoC) components, and therefore not only limited to the CPU core. Students will gain first hand experience on the low level concepts and ARM assembly required to audit and utilize implementations of the TrustZone® technology.

The 1 day course will take place on the 9th September 2015, before 44CON London 2015.

Course Outline
USB armory description & setup
TZ concepts & overview
Evaluating SoC security features
Evaluating hardware vendor specific TZ implementations
Evaluating software domain separation effectiveness
Implementing secure set-up of TZ domains
Developing a sample TZ application
Target Audience
The class is an intermediate level class targeted at IT security professionals interested in learning details about the security feature of ARM architectures. The class is ideal for hardware and software pentesters interested in gaining in depth knowledge of the security architecture of ARM based mobile and embedded devices protected by TrustZone.

Student requirements
Basic knowledge of the ARM architecture its instruction set and assembly language is preferred but not required. Students shall be prepared to install drivers and/or software if required.

Hardware and Software Requirements
The training material will be accessed and executed on the USB armory itself, running Debian. In order to connect to the USB armory a modern Linux distribution, MAC OS X or Windows (7 or more) is sufficient. A working USB port is required.

Students will be provided with:

one USB Armory MK I device w/microSD card
USB to serial converter
and course slides and materials.
About the trainer
Andrea Barisani is an internationally known security researcher. Since owning his first Commodore-64 he has never stopped studying new technologies, developing unconventional attack vectors and exploring what makes things tick…and break. His experiences focus on large-scale infrastructure administration and defense, forensic analysis, penetration testing and software development, with more than 14 years of professional experience in security consulting. Being an active member of the international Open Source and security community he contributed to several projects, books and open standards. He is now the founder and coordinator of the oCERT effort, the Open Source Computer Security Incident Response Team. He has been a speaker and trainer at BlackHat, CanSecWest, DEFCON, Hack In The Box, PacSec conferences among many others, speaking about TEMPEST attacks, SatNav hacking, 0-days, OS hardening and many other topics.