•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Hardware/Firmware Security

The intent of the Hardware/Firmware Security Knowledge Unit is to provide students with an understanding of the diverse components in hardware/firmware, their roles, and the associated security concerns.

Topics

  1. Physical Vulnerabilities.
  2. Sourcing attacks
  3. Pirated, Fake, and Counterfeit Parts
  4. Supply chain disruption
  5. Bootloader vulnerabilities
  6. Microcode vulnerabilities
  7. Firmware vulnerabilities
  8. Physical Security Attributes
  9. Hardware side channel attacks a. Timing b. Power Analysis c. Electromagnetic d. RF analysis e. Hardware insertion (smartcards, USB, bus devices) f. Access through out-of-band management channels

Outcomes

  1. Outline physical vulnerabilities of hardware devices.
  2. Explain and make use of security capabilities implemented in hardware.
  3. Describe how systems are initialized and how software is validated and loaded.
  4. Describe the security role of intermediate software such as hardware abstraction layers or other forms of middleware.

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0280 Knowledge of systems engineering theories, concepts, and methods.
K0169 Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
K0009 Knowledge of application vulnerabilities.
K0015 Knowledge of computer algorithms.
K0018 Knowledge of encryption algorithms
K0172 Knowledge of middleware (e.g., enterprise service bus and message queuing).
ID DESCRIPTION
ID DESCRIPTION
ID DESCRIPTION