Hardware Videos

All News Deals Social Blogs Videos Podcasts Digests

Hardware Cybersecurity

SecTor 2025 | Security Is Easier Before PCB Assembly: Easy Threat Modeling for Hardware

•May 25, 2026

Black Hat

Black Hat•May 25, 2026

Why It Matters

Doing threat modeling before production or procurement reduces costly retrofits and mitigations, mitigates supply-chain and firmware risks, and helps organizations prioritize security measures across both designed and third-party hardware. Early, documented threat modeling makes security decisions measurable and repeatable for engineers and procurement teams.

Summary

Speakers from Tetral Security and collaborators argued that threat modeling for hardware is most effective when done before PCB assembly, presenting a practical four-question framework—what are we building, what can go wrong, what will we do, and did we do it—to guide assessments. They stressed that threat modeling for hardware is not fundamentally different from software but has unique considerations, and showed two case studies: an open-design OpenWRT-like device and a closed, proprietary access-control system. The talk covered hardware-specific attack surfaces (firmware, supply chain, deployment contexts), risk treatment options, and the need to document the process for repeatable use. Presenters urged that buyers, deployers, and designers alike incorporate threat modeling early to anticipate and prioritize mitigations.

Original Description

Most threat modeling ignores hardware — but hardware problems can be impossible to fix when products have left the factory. The industry has spent decades refining threat modeling processes so they're approachable, organized, and useful; however most of this was done with software security in mind.

Three leading experts have performed a threat model of the OpenWRT One. We'll share our complete results, a case study threat modeling document, and our process. We chose it because it's open and attendees may be familiar with it, but also because the scenario mirrors real threat modeling: you don't have to reverse out all the details.

Whether we're dealing with IoT/OT devices, hardware security modules, multi-tenant cloud hardware, or specialized compute accelerators, we've seen when and how hardware-specific threats come into play. When is hardware in scope? When is it someone else's problem? When and how do we decide if it is just an acceptable risk?

We'll explain when, why and how your next model should consider hardware threats, even if you don't think you have hardware to worry about or you think it's out of scope. We'll call out a number of assumptions you should keep in mind and share the process for you to assess mixed hardware/software systems yourself.

Attendees will learn how to develop a better understanding of what hardware you're already working with, what can go wrong with it, and what you can do about it. Hopefully this, combined with a fully worked example of how that all comes together, will help you do a good job of incorporating hardware concerns into your threat model to make long term product security easier.

By:

Eric Evenchick | Co-Founder and Managing Partner, Tetrel Security

Joe FitzPatrick | Trainer and Researcher, SecuringHardware.com

Adam Shostack | President, Shostack + Associates

https://blackhat.com/sector/2025/briefings/schedule/?#security-is-easier-before-pcb-assembly-easy-threat-modeling-for-hardware-48723

Comments

Want to join the conversation?

Loading comments...