Precursor: Towards Evidence-Based Trust in Hardware

Conference:  BlackHat EU 2020



The presentation discusses the importance of evidence-based trust in software and hardware, and how it can be achieved through certain techniques and tools. It also introduces a development platform called Precursor that embodies these principles.
  • Evidence-based trust in software and hardware is crucial for ensuring security and reliability
  • Tools like hashing and signing can transfer trust in software
  • Open source and reproducible builds can help audit code and prevent tampering
  • Hardware supply chains pose challenges for evidence-based trust
  • Precursor is a development platform that embodies evidence-based trust principles
  • Precursor features a physical keyboard for easy verification
  • Touch surfaces are harder to verify due to firmware and memory
  • Precursor is designed for simple and verifiable applications
The presenter explains how malicious actors can insert implants into the hardware supply chain, even through simple hacks like returning tampered devices to the warehouse. This highlights the need for evidence-based trust in hardware and the challenges in achieving it.


In hardware, the status quo is that we may have faith in our wares, but we have no direct, evidence-based reason to trust it. Even the best microscopes can only reveal partial information about the way a chip is constructed, and typically only in a destructive fashion. Trusted fabs are also insufficient, especially considering literal MITM agents such as delivery couriers and customs inspectors.Ideally, the case to trust a specific instance of hardware should be built on evidence that can be collected using relatively inexpensive tools that an end-user directly operates. This talk will discuss my vision for evidence-based trust in hardware, through the lens of the Precursor platform. Precursor is an FPGA-based, open hardware platform. Critically, the use of an FPGA delays the binding of the CPU core to the hardware, giving users the option to design-in countermeasures and apply patches. This shifts the balance of power, taking us from a situation where users have no choice but to have faith in their hardware, to one where users have some agency to reason about its security properties, as well as having options to defend their turf apropos to their threat model. We will also touch on how Precursor also extends the boundary of evidence-based trust to the input and output attack surfaces.