The intent of the Hardware/Firmware Security Knowledge Unit is to provide students with an understanding of the diverse components in hardware/firmware, their roles, and the associated security concerns.
- Physical Vulnerabilities.
- Sourcing attacks
- Pirated, Fake, and Counterfeit Parts
- Supply chain disruption
- Bootloader vulnerabilities
- Microcode vulnerabilities
- Firmware vulnerabilities
- Physical Security Attributes
- Hardware side channel attacks
b. Power Analysis
d. RF analysis
e. Hardware insertion (smartcards, USB, bus devices)
f. Access through out-of-band management channels
- Outline physical vulnerabilities of hardware devices.
- Explain and make use of security capabilities implemented in hardware.
- Describe how systems are initialized and how software is validated and loaded.
- Describe the security role of intermediate software such as hardware abstraction layers or other forms of middleware.
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
||Knowledge of systems engineering theories, concepts, and methods.
||Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
||Knowledge of application vulnerabilities.
||Knowledge of computer algorithms.
||Knowledge of encryption algorithms
||Knowledge of middleware (e.g., enterprise service bus and message queuing).