Praetorian, BRIDGING THE GAP - An Introduction to IoT Security from Serial to Bluetooth - DCTLV2025

Name of Training: Bridging the GAP - An Introduction of IoT Security from Serial to Bluetooth
Trainer(s): Aaron Wasserman, Cody Hein, Garrett Freibott, and Will McCardell
Dates: August 11-12, 2025
Time: 8:00 am to 5:00 pm PT
Venue: Las Vegas Convention Center
Cost: $2000

Course Description: 

Dive into the world of hardware hacking with this intensive, hands-on class that bridges the gap between software security and physical hardware. Over the course of two action-packed days, you'll learn to identify and exploit vulnerabilities common in IoT devices, medical equipment, and embedded systems. Starting with hardware basics and circuit board analysis, you'll quickly progress to mastering essential interfaces like UART, SPI, and JTAG. Get hands-on experience with industry software tools while learning to extract firmware, bypass authentication systems, and analyze Bluetooth Low Energy (BLE) implementations. Perfect for security professionals, researchers, and hardware enthusiasts, this course combines real-world case studies with practical exercises using actual devices. You'll leave equipped with a solid foundation in hardware security assessment, understanding common attack vectors, and knowing how to integrate hardware security testing into your product development lifecycle. Bring your curiosity - we'll provide the hardware!

Course Outline: 

DAY 1

• Agenda
• Introduction
  • Ice breaker
  • History of IoT security
• Hardware Overview (60 minutes)
  • Reading circuit boards - Demo/‘microscope’
  • Electricity fundamentals
  • Components and recognition
  • Multimeter practical exercise
• Interface Discovery (40 minutes)
  • Physical Interface Identification
  • Dev Board Analysis Exercise
• Using and exploiting UART & SPI (120 minutes)
  • UART Analysis
  • Logic Analyzer Setup
  • Exercise - UART Analysis
  • Walkthrough - UART Exploitation Techniques
  • Exercise - UART Practical Application
  • UART Outro
  • SPI Protocol Analysis (10 minutes)
  • Walkthrough - SPI Logic Analyzer (30 minutes)
  • SPI Security Testing (60 minutes)
• Using and exploiting SWD/JTAG and Debuggers (60 minutes)
  • SWD Overview
  • JTAG Overview
  • Common Debug Features
  • Interface Access
  • Interacting with JTAG/SWD
  • Demo & Exercise: JTAG Interaction & Debugging (90 minutes)
  • Authentication Bypass Development
  • Security Considerations
  • Troubleshooting Procedures
• Day 1 Conclusions (15 minutes)
  • Learning objective review
  • Next day preparation

DAY 2

• Reintroduction (10 minutes)
  • Topic revie
  • Day 2 objectives
• Firmware Analysis (180 minutes)
  • Extraction Methodologies
  • Filesystem Analysis
  • Manipulation and Backdooring
  • Exercise - Firmware Manipulation
  • Reflashing Techniques
  • Exercise - Reflashing
  • System Emulation
• Bluetooth Low Energy (180 minutes)
  • BLE Specifics
  • Protocol Stack
  • Key Concepts
  • Attack Surface Analysis
  • Lab Environment
  • Attack Implementation
  • Mobile Analysis Tools
  • Interaction techniques
• Course Conclusion (30 minutes)
  • Security Gap Analysis
  • Future Development
  • Closing Procedure

Difficulty Level:

The course is especially valuable for those who need to evaluate hardware products as part of their job, want to understand both attack and defense perspectives, or are responsible for integrating hardware security testing into their product development lifecycle.

The course is particularly valuable for:

• Security Professionals - Including penetration testers and red team members in need of hardware attack capabilities, security researchers interested in expanding their skill sets, and security architects responsible for IoT/embedded system security.

• Development Teams - Embedded systems developers, IoT product developers, and firmware engineers who need to understand security implications of their design decisions, as well as quality assurance professionals working with hardware products.

• Technical Specialists - Electronics engineers transitioning to security, IT professionals working with embedded systems, technical security consultants, and hardware design reviewers who need to evaluate product security.

• Industry-Specific Practitioners - Medical device security professionals, industrial control system specialists, automotive security engineers, and consumer IoT security teams who face unique hardware security challenges in their sectors.

Suggested Prerequisites:

This course requires a basic understanding of computer security principles, an interest in fundamental electronics elements, and basic command-line proficiency - no advanced hardware experience is necessary.

The course instructors will provide all necessary hardware and tools. A basic understanding of computer architecture, operating systems, and standard protocols will be helpful, but the course is designed to build these concepts from foundational principles.

What Students Should Bring: 

Participants should bring their own computer running a modern Linux operating system. Our course instructors will provide all the necessary hardware components for exercises and labs.

Trainer(s) Bio:

Aaron Wasserman is an accomplished IoT penetration tester with a passion for uncovering hardware vulnerabilities. He is a Senior Security Engineer at Praetorian and a member of the IoT Penetration Testing team. Aaron is dedicated to advancing cybersecurity practices and sharing knowledge within the community. He holds both a Masters and Bachelor’s from Georgia Tech's School of Electrical and Computer Engineering and also several offensive security certifications including the ACIP and OSCP.

Cody Hein is a Senior Security Engineer at Praetorian and a member of the IoT Penetration Testing team. His background includes audio video systems engineering and US Army Space operations, including SATCOM and other RF communications. He specializes in hardware reverse engineering, firmware analysis, and RF wireless communications with a focus on securing connected devices. Cody is passionate about lifelong learning and dedicated to sharing knowledge with others.

Garrett Freibott is a Senior Security Engineer at Praetorian and a member of the IoT Penetration Testing team. He has experience in open-source software development, application penetration testing, and enterprise software security. Garrett has a B.S. in Computer Science from Arizona State University and the OSCP.

Will McCardell is a Lead Offensive Security Engineer at Praetorian and a member of the IoT Penetration Testing team. He has a decade of software engineering and offensive security experience as well as a deep passion for hardware testing.

Registration Terms and Conditions: 

Trainings are refundable before July 8, 2025, minus a non-refundable processing fee of $250.

Trainings are non-refundable after July 8, 2025.

Training tickets may be transferred. Please email us at training@defcon.org for specifics.

If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).

Failure to attend the training without prior written notification, will be considered a no-show. No refund will be given.

By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.

Several breaks will be included throughout the day. Please note that food is not included.