|PRESENTATION:||Reverse Engineering the CoolRunner-II Bitstream Format|
|PRESENTER:||Dr. Andrew Zonenberg, Senior Security Consultant for IOActive|
|LOCATION:||Hyatt Regency Montreal, Montreal, Canada|
|DATE & TIME:||Sunday June 21, 2015 at 1:00PM|
Programmable logic devices (PLDs) have historically been locked up behind proprietary vendor toolchains and undocumented firmware formats, preventing the creation of a proper third-party compiler or decompiler. While vendors typically prohibit reverse engineering of their software in the license agreement, no such ban applies to the silicon level. Given the choice between reverse engineering gigabytes of spaghetti code and looking at a clean, regular die layout, the choice is clear.
Dr. Andrew Zonenberg’s talk will cover reverse engineering the Xilinx XC2C32A, a 180 nm 32-macrocell CPLD. He will discuss his work at the silicon level and the progress toward a fully open-source toolchain (compiler, decompiler, and floorplanner) for the device. He will also provide a live demonstration of firmware generated by his own proprietary tools running on actual hardware.
For a video overview of IOActive’s recently expanded hardware lab, providing services from chip to code, please visit: http://www.ioactive.com/labs/resources-white-papers.html
Dr. Andrew Zonenberg is a senior security consultant at IOActive and works in the company’s hardware lab researching Integrated Circuit (IC) security, IC reverse engineering, and embedded/hardware security.
Andrew received a PhD in computer science from the Rensselaer Polytechnic Institute earlier this year, focusing on System on Chip (SoC) and Operating System security. During this time he designed and taught a one-semester course on hardware reverse engineering. He is an active contributor to siliconpr0n.org.
REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. The conference offers a single track of presentations over the span of three days along with technical training sessions held before the presentation dates. Technical training varies in length between two and four days.
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Read the IOActive Labs Research Blog: http://blog.ioactive.com. Follow IOActive on Twitter: http://twitter.com/ioactive.
This information was brought to you by Cision http://news.cision.com