supply chain

IEEE PAINE 2020: Decoding & Defending the Trusted Platform Module Against Malicious Hardware Implants

January 11, 2021

River Loop Security’s team members presented at IEEE International Conference on Physical Assurance and Inspection of Electronics (PAINE). The presentation provided a background on hardware implants, secure boot, and background on the Trusted Platform Module (TPM). We then focused on explaining and demonstrating our team’s work developing an TPM interposer and decoder. It concluded in discussing defending agaisnt malicious hardware implants.

Continue reading

River Loop Security team members invited to speak at DARPA’s 2019 Electronics Resurgence Initiative Summit

July 15, 2019

River Loop Security’s team members were invited to provide the opening presentation at DARPA’s 2019 Electronics Resurgence Initiative (ERI)1 Summit Workshop on “Security: From Chip to Board”. Ryan Speers, Partner at River Loop Security, and Sophia d’Antoine, Program Analysis Lead at River Loop Security, will be presenting “Supply Chain Security at the Hardware Level”. DARPA’s Microsystems Technology Office is hosting the 2019 ERI Summit to highlight advances in electronics for semiconductor designers, manufacturers, and a broad electronics user base across industries including automotive, telecommunications, and defense.

Continue reading

A Tale of Two Supply Chains

December 3, 2018

This is the first of a multi-part series where we will share some of our methodology for supply chain verification in situations where there is very limited information. This content was previously shared by Sophia d’Antoine at Square’s r00ted1 Conference on November 14th, 2018 in NYC. We have previously shared our thoughts on the importance of supply chain validation with regard to hardware attacks, but this blog series will delve deeper into the specifics related to case alleged in Bloomberg Businessweek’s “The Big Hack” article.

Continue reading

Hardware Hacks: The Importance of Supply Chain Validation

October 9, 2018

In the past few months, media reporting1 2 on alleged Chinese backdoors via one or more types of hardware implants which compromised American products and companies has raised the public’s awareness of the risk of security compromise via hardware. For those of us who deal with hardware security daily, such allegations are not a big surprise. Our team has worked on designing, securing, and hacking hardware used in places ranging from startups to security-critical government applications, and one item that is in almost every assessment that we do is a circuit board tear-down and detailed parts identification.

Continue reading