tplat

Creating Attack Trees

Mon, 01 Jan 0001 00:00:00 +0000

Creating Attack Trees#

Creating attack trees helps structure your thinking about threats.

Core Steps#

Decide on a representation
Create a root node
Create subnodes
Consider completeness
Prune the tree
Check presentation

1. Decide on a Representation#

Choose:

OR tree (most common): any child achieves the parent
AND tree: all children required

Also decide:

Graphical vs outline format

2. Create a Root Node#

Two common approaches:

Attacker goal (recommended)
System component

Best practice:

Data Flow Diagrams

Mon, 01 Jan 0001 00:00:00 +0000

Data Flow Diagrams#

Data flow models are often the most effective way to perform threat modeling because security issues tend to follow data flow, not control flow. They can be applied to both networked systems and standalone software.

A Data Flow Diagram (DFD) is a structured representation of how data moves through a system. DFDs model:

Processes (running code)
Data stores (where data is held)
Data flows (communication paths)
External entities (outside the system boundary)

Distributions

Mon, 01 Jan 0001 00:00:00 +0000

Distributions#

A Linux distribution (distro) is an operating system built on the Linux kernel, bundled with userland tools, package management, and system utilities.

There are 600+ distributions, typically differentiated by:

Package management systems (e.g., APT, DNF, Pacman)
Default toolchains and utilities
Desktop environments / UI
Target use case (desktop, server, embedded, security)

Popular Distributions#

General Purpose#

Ubuntu — beginner-friendly, strong desktop ecosystem
Fedora — modern packages, upstream-focused
Debian — stability-focused

Enterprise#

Red Hat Enterprise Linux — commercial support, enterprise standard
CentOS — RHEL-compatible (community-driven variants)

Security / Offensive Tooling#

Kali Linux — extensive preinstalled security tools
Parrot OS — security, privacy, development focus
BlackArch — large penetration testing toolkit
Pentoo — Gentoo-based security distro
BackBox — Ubuntu-based security distro

Specialized / Other#

Raspberry Pi OS — optimized for ARM devices

Focus: Debian#

Overview#

Debian is a widely adopted distribution known for stability, reliability, and strict free software principles. It is commonly used across:

Focusing on Assets

Mon, 01 Jan 0001 00:00:00 +0000

Focusing on Assets#

An asset-focused approach to threat modeling-centering on “things of value" seems intuitive but is often less effective than expected.

Method#

identify assets;
map them to systems;
model interactions;
analyse threats.

Limitations#

Definition ambiguity: “Assets” can mean three overlapping things:

Things attackers want (e.g., passwords, financial data)
Things you want to protect (often intangible, like reputation)
Stepping stones to other assets (e.g., systems that provide access)

venn-beta
  title "The overlapping definitions of assets"
  set A["Things you protect"]
  set B["Stepping stones"]
  set C["Things attackers want"]
  union A,B,C
  union A,B
  union B,C
  union A,C

Teams often lack a shared definition, leading to confusion or unproductive discussions.

Foundational

Mon, 01 Jan 0001 00:00:00 +0000

Foundational#

Cryptography is the practice and study of techniques for securing communication in the presence of adversaries. The primary goal is to conceal a message so that only intended recipients can understand it.

On Security#

The principles of information security provide a framework for protecting data. Confidentiality ensures that information is only accessible to authorized users, for example, encrypting emails so only the intended recipient can read them. Integrity guarantees that data is accurate and unaltered, such as using a checksum to verify a downloaded file has not been tampered with. Availability ensures that information and systems are accessible when needed, like maintaining redundant servers so a website remains online during outages. Authentication confirms the identity of users or systems, for instance, requiring a username and password before accessing an account. Non-repudiation prevents parties from denying their actions, such as using digital signatures to prove the sender authored a document.

Foundational

Mon, 01 Jan 0001 00:00:00 +0000

Foundational#

Everybody threat models. For example, when you leave your parked car you lock the door and hide your valuables. This decision is derived from a subconcious action of threat modelling whereby you consider where your car is parked and what threats it may face (i.e., somebody breaking in). When your car is parked in secure garage, you might not think it necessary to hide your valuables. But when your car is parked on a secluded street in a sketchy part of town, your threat model is probably different and, thus, so is the precautions that you take.

If $n$ is even, then $n^2$ is even

Mon, 01 Jan 0001 00:00:00 +0000

If $n$ is even, then $n^2$ is even#

Claim:

If $n$ is even, then $n^2$ is even.

Proof:

Assume $n$ is even. Then, by definition, there exists an integer $k$ such that:

$$ n=2k $$

Then:

$$ n^2=(2k)^2 =4k^2 =2(2k)^2 $$

Since $2k^2$ is an integer, $n^2$ is divisible by $2$. Therefore, by direct example, $n^2$ is even.

Claim:

If $n^2$ is even, then $n$ is even.

Proof:

Assume $n$ is odd. Then, by definition, there exists integer $k$ such that:

Remote Photoplethysmography

Mon, 01 Jan 0001 00:00:00 +0000

Remote Photoplethysmography#

DepthPhys: Near-Infrared Remote Photoplethysmography in Driver Monitoring Systems

Subtle variations in the body can be used to detect underlying physiological signals from camera video data. Existing research in this space is largely focused on extracting physiological signals from traditional two-dimensional planar video data. This project explores how the addition of depth data may be used to augment the results of these approaches. In particular, a novel optical pathway is proposed for camera-based physiological sensing and is validated on a new dataset consisting of seven hours of three-dimensional volumetric near-infrared monochromatic video data. Both two-dimensional and three-dimensional signals are extracted from this dataset and the results of either approach are compared using state-of-the-art camera-based physiological sensing neural methods. These findings provide valuable and novel insight into the utility of three-dimensional signals for camera-based physiological sensing, as well as the capability and limitations of existing camera-based physiological sensing solutions when applied in a driver monitoring system application context.

Sets

Mon, 01 Jan 0001 00:00:00 +0000

Sets#

A set is just a collection of distinct objects.

Examples:

$\mathbb{R}$: real numbers
$\{1,2,3\}$
solutions to an equation

In pure math, you define things by properties, not construction.

Shell Prompt

Mon, 01 Jan 0001 00:00:00 +0000

Shell Prompt#

The shell prompt is the textual indicator that the shell is ready to accept input. It typically encodes contextual information such as the current user, host, and working directory.

Default Format#

<username>@<hostname><current-working-directory>$

Example:

user@host[/path/to/dir]$

Common Symbols#

Symbol	Meaning
`~`	User’s home directory
`$`	Regular (non-root) user
`#`	Root (privileged) user

Examples#

user@host[~]$

root@host[/root]#

Prompt Configuration (`PS1`)#

The prompt is controlled by the PS1 environment variable.

Example#

PS1="\u@\h[\w]\$ "

Common Escape Sequences#

Sequence	Description
`\u`	Username
`\h`	Hostname (short)
`\H`	Hostname (full)
`\w`	Current working directory
`\d`	Date (e.g., Mon Feb 6)
`\D{format}`	Custom date format
`\t`	Time (24-hour)
`\T`	Time (12-hour)
`\@`	Time (AM/PM format)
`\j`	Number of jobs
`\s`	Shell name
`\n`	Newline
`\r`	Carriage return

Customisation#

Prompt configuration is typically defined in:

Spoofing

Mon, 01 Jan 0001 00:00:00 +0000

Spoofing#

Spoofing is pretending to be something or someone you’re not. Spoofing violates authentication.

Typical victims include processes, external entities, or people.

Example Threats#

Spoofing a person
spoofing a process
spoofing a “file” on disk
spoofing a network address
spoofing a machine
spoofing a role.

Verilog

Mon, 01 Jan 0001 00:00:00 +0000

Verilog#

Keywords#

wire#

wire keyword represents a physical wire in a circuit and is used to connect gates or modules.

wire is a type of net that describes digital signals connecting multiple hardware elements.

wire does not store its value but must be driven by a continuous assignment statement assign or by connecting it to the output of a gate or module.

Value of a wire can be read or assigned inside a module but never inside procedural code such as intial or always blocks.

1-bit MUX

Mon, 01 Jan 0001 00:00:00 +0000

1-bit MUX#

A multiplexer (MUX) is an electronic switch that conencts one of several inputs to the output based on a selection signal S. The truth table for a 1-bit MUX is shown in Table 1.

Table 1: Truth table of a 1-bit MUX.

X	Y	S	Z
0	xx	1	0
1	xx	1	1
xx	0	0	0
xx	1	0	1

As shown in Table 1, when the selector signal is 1, the output signal mirrors input signal X. Conversely, when the selector signal is 0 the output signal mirrors the input signal Y.

Focusing on Attackers

Mon, 01 Jan 0001 00:00:00 +0000

Focusing on Attackers#

An attacker-focused approach to threat modeling—starting from “who might attack us and why”-is intuitive but generally not very effective.

Method#

Create attacker profiles (from simple lists to detailed personas).
Use these to guide brainstorming about possible attacks.
Often shifts toward human-centric scenarios (e.g., social engineering).

Appeal and use cases:

It feels logical: if attackers drive risk, understanding them should help.
It can work for experienced security practitioners, for incorporating less-technical input, and for communicating risk or prioritisation.
Makes threats more tangible, especially for non-technical stakeholders.
Useful for explaining who might attack and why, aiding communication and buy-in.

Limitations#

Discussions easily get bogged down in debating attacker capabilities (e.g., “state-sponsored or not?”).
Personas lack enough structure to reliably derive concrete threats.
Engineers may project their own assumptions onto attackers, leading to bias and missed risks.
Human-centric scenarios can be hard to translate into actionable system security measures.

Attacker-centric modelling does not produce consistent or systematic threat identification. It does not reliably answer the key question: what will attackers actually do to the system?

Functions

Mon, 01 Jan 0001 00:00:00 +0000

Functions#

A function $f: A \to B$ is:

a set $A$ (domain)
a set $B$ (codomain)
a rule assigning each element of $A$ to exactly one element of $B$
- many elements of $A$ may beassigned to one element of $B$, but to only one element of $B$

If $n$ is odd, then $n^2$ is odd

Mon, 01 Jan 0001 00:00:00 +0000

If $n$ is odd, then $n^2$ is odd#

Claim:

If $n$ is odd, then $n^2$ is odd.

Proof:

Assume $n$ is odd. Then, by definition, there exists an integer $k$ such that:

$$ n=2k+1 $$

Then:

$$ n^2=(2k+1)^2 =(2k+1)(2k+1) =4k^2+4k+1 =2(2k^2+2k)+1 $$

Let $m=2k^2+2k$, which is an integer. Then:

$$ n^2=2m+1 $$

Therefore, by direct example, $n^2$ is odd.

Claim:

If $n^2$ is odd, then $n$ is odd.

Proof:

Consider the contrapositive; if $n$ is odd, then $n^2$ is odd. We have already shown this to be true. Therefore, by contrapositive, $n$ is odd.

Permissions

Mon, 01 Jan 0001 00:00:00 +0000

Permissions#

Linux permissions control access to files and directories via a user–group–others model. Each filesystem object is associated with:

Owner (user)
Group
Permissions defining allowed operations

Users can belong to multiple groups, inheriting access rights accordingly.

Permission Types#

Symbol	Name	Meaning
`r`	Read	View file contents or list directory contents
`w`	Write	Modify file or directory contents
`x`	Execute	Run file or traverse directory

Permission Scope#

Permissions are defined for three classes:

Representing Attack Trees

Mon, 01 Jan 0001 00:00:00 +0000

Representing Attack Trees#

Attack trees can be represented in different formats depending on the audience and purpose.

Graphical Representation#

graph TD
    A[Attack system]

    A -->|AND| B[Gather knowledge]
    A -->|AND| C[Gain access]

    B -->|OR| B1[From insider]
    B -->|OR| B2[From components]

    C -->|OR| C1[Vendor access]
    C -->|OR| C2[Illegal entry]

Outline Format#

Attack system (AND)

1.1 Gather knowledge (OR)
- Insider
- Components
1.2 Gain access (OR)
- Vendor
- Illegal entry

Structured Representations#

Attack trees can also be treated as data structures.

Subsurface Scattering

Mon, 01 Jan 0001 00:00:00 +0000

Subsurface Scattering#

Harnessing coherent illuminator properties to detect subsurface scattering

The coherent light output by a laser yields unique interference properties in comparison to incoherent light sources. This project harnesses these unique properties to discern bare skin from other categories present on the face within the constraints defined by a driver monitoring software (DMS) application context. More specifically, the project uses various laser speckle imaging techniques on vertical-cavity surface-emitting laser illuminated images to perform clustering of bare skin. Three distinct methods are investigated: beam profile analysis, laser speckle variation analysis and laser speckle contrast imaging (LSCI). All methods are evaluated and a comparison is made highlighting the respective benefits and drawbacks of each technique in a DMS application context. In the final implementation, a convolutional neural network is trained to use temporal LSCI processed images to effectively classify skin. A comparison of models trained on light-emitting diode (LED) versus VCSEL illuminated datasets is presented and a consistent improvement in classification performance is demonstrated for the VCSEL models. Finally, a comprehensive evaluation is provided into the limitations of this model.

Tampering

Mon, 01 Jan 0001 00:00:00 +0000

Tampering#

Tampering is modifying something you’re not supposed to modify. Tampering violates integrity. It can include packets on the wire (or wireless), bits on disk, or the bits in memory.

Typical victims include data stores, data flows, or processes.

Example Threats#

Tampering with a file
racing to create a file (tampering with the file system)
tampering with a network packet
tampering with memory.

Unified Modeling Language

Mon, 01 Jan 0001 00:00:00 +0000

Unified Modeling Language#

Unified Modeling Language (UML) diagrams can be adapted for threat modeling, especially if they are already part of the development workflow. In this case, you need only add trust boundaries to highlight security-relevant separations between components.

Advantages#

Leverages existing artifacts (presuming you are already using UML in your project): No need to redraw system models
Expressive and detailed: UML supports a wide range of diagram types:
- Structure diagrams
- Behavior diagrams
- Interaction diagrams

Limitations#

High complexity: UML includes many symbol conventions, requiring strong familiarity to interpet correctly

1-bit Full Addder

Mon, 01 Jan 0001 00:00:00 +0000

1-bit Full Addder#

A full adder is an adder with carry-in and carry-out ports. The truth table for a 1-bit full adder is shown in Table 1.

Table 1: Truth table for a 1-bit full adder.

X	Y	C_in	Z	C_out
0	0	0	0	0
0	1	0	1	0
1	0	0	1	0
1	1	0	0	1
0	0	1	1	0
0	1	1	0	1
1	0	1	0	1
1	1	1	1	1

As shown in Table 1, the output $Z$ is the binary addition of $X + Y + C_{in}$, and the output $C_{out}$ is the carry bit of the addition.

Elevation of Privlege

Mon, 01 Jan 0001 00:00:00 +0000

Elevation of Privlege#

Elevation of Privelege is a game created by Adam Shostack in which

Example Attack Tree

Mon, 01 Jan 0001 00:00:00 +0000

Example Attack Tree#

Goal: Access a Building#

This is a simple OR-based attack tree.

graph TD
    A[Access building]

    A --> B[Through a door]
    A --> C[Through a window]
    A --> D[Through a wall]
    A --> E[Other means]

    %% Door branch
    B --> B1[Unlocked]
    B --> B2[Drill lock]
    B --> B3[Pick lock]
    B --> B4[Use key]
    B --> B5[Social engineering]

    B1 --> B11[Get lucky]
    B1 --> B12[Block latch]
    B1 --> B13[Distract staff]

    B4 --> B41[Find key]
    B4 --> B42[Steal key]
    B4 --> B43[Copy key]
    B4 --> B44[Social engineer key]

    B5 --> B51[Follow someone in]
    B5 --> B52[Build relationship]
    B5 --> B53[Carry items to appear legitimate]

    %% Window branch
    C --> C1[Break window]
    C --> C2[Lift window]

    %% Wall branch
    D --> D1[Use tools]
    D --> D2[Use vehicle]

    %% Other means
    E --> E1[Fire escape]
    E --> E2[Roof access]
    E --> E3[Another tenant]

Focusing on Software

Mon, 01 Jan 0001 00:00:00 +0000

Focusing on Software#

Shostack argues software-centric threat modelling (focusing on the system’s actual architecture and behavior) is more effective and practical than asset or attacker-centric modelling.

Method#

Model the software itself (architecture, data flows, components, APIs).
Use diagrams or shared representations to build a common understanding of how the system works.

Advantages#

Shared understanding: Exposes mismatches in how team members think the system behaves, often revealing security gaps.
Handles complexity: Helps untangle and make visible the accumulated complexity of long-running or large systems.
Surfaces assumptions: Forces explicit identification of hidden or incorrect assumptions between components.
Immediate security value: Even before identifying threats, aligning understanding improves security posture.
Works across different types of software:
- “Boxed” software (clearly defined boundaries like apps or packages)
- Deployed systems (evolving infrastructure and services)
Developers are familiar with their own software. This is reliable, unlike assumptions about assets or attackers.
Doesn’t rely on vague or inconsistent concepts (like “assets” or “attacker personas”).
Provides a concrete, structured foundation for systematically identifying threats.

Takeaway#

Software-centric modeling works because it starts from something concrete, shared, and well-understood: the system itself. This makes it more reliable, reproducible, and effective for identifying and addressing threats than asset or attacker-focused approaches.

If $x^2>0$, then $x>0$

Mon, 01 Jan 0001 00:00:00 +0000

If $x^2>0$, then $x>0$#

Claim:

If $x^2>0$, then $x>0$

Proof:

Let $x=-2$

Then $x^2=4>0$, but $x>0$ is false.

Therefore, by counterexample, the statement is false.

IoT Bushfire Detection

Mon, 01 Jan 0001 00:00:00 +0000

IoT Bushfire Detection#

Power Requirements of Ground-Based Bushfire Detection Devices

Recently, there has been increased interested in the use of ground-based Internet of Things (IoT) sensors for bushfire detection applications. Such a system typically comprises sensors and a gateway to collect information and relay it to a control station. A key requirement of such systems is that devices are optimised for the lowest possible power consumption. This paper will focus on the power requirements of such a system and seek to evaluate the feasibility of various power sources. Power consumption is investigated for various detection methods. This is used to calculate lifetime power consumption for various combinations of detection methods (device configurations) under different operating conditions. Finally, research is conducted into several potential power sources. This concludes with a recommendation for a secondary cell with a solar panel for visual detection methods and a primary cell for all other detection methods.

Logic

Mon, 01 Jan 0001 00:00:00 +0000

Logic#

Implication#

If $P$, then $Q$; written as $P \implies Q$

Whenever $P$ is true, then $Q$ must also be true

Repudiation

Mon, 01 Jan 0001 00:00:00 +0000

Repudiation#

Repudiation means claiming you didn’t do something (regardless of whether you did or not). Repudiation violates non-repudation.

Typical victims include processes.

Example Threats#

No logs means you can’t prove anything
logs come under attack
logs as a channel for attack.

Swim Lane Diagrams

Mon, 01 Jan 0001 00:00:00 +0000

Swim Lane Diagrams#

Swim lane diagrams are a visual method for modeling interactions between participants in a system or protocol. They are particularly useful for understanding message flows over time, or when modelling human + system interaction.

Each participant (e.g., client, server) is represented by a vertical “lane”
Time flows downward along each lane
Messages are shown as horizontal arrows between participants
Each lane is labeled to identify the participant

This layout resembles swimming lanes, hence the name.

Brainstorming

Mon, 01 Jan 0001 00:00:00 +0000

Brainstorming#

One of the most simple ways to identify threats is to host a brainstorming session. Brainstorming can be broken down into (1) a period of idea generation, and (2) a period of filtering where the best ideas are selected. Before brainstorming, it is often helpful to define the scope of attacks under consideration.

On its own, brainstorming is not a sufficient form of threat modelling. This is because it is (deliberately) unstructured, and does not provide a high degree of confidence that all threats have been identified - i.e., did your brainstorming session end because you found all threats, or because you became tired / the meeting ended?

Core Linux Commands

Mon, 01 Jan 0001 00:00:00 +0000

Core Linux Commands#

`man`#

Display manual pages for commands:

man ls

Comprehensive reference (syntax, options, behaviour)
Organized into sections (e.g., user commands, system calls)

`apropos`#

Search manual page descriptions by keyword:

apropos network

Useful when you don’t know the exact command name

External Resource#

explainshell — explains command syntax interactively

Common System Commands#

Command	Description
`whoami`	Print current user
`id`	Show user and group IDs
`hostname`	Get/set system hostname
`uname`	System/kernel information
`pwd`	Print current directory
`env`	Show or set environment variables

Networking#

Command	Description
`ifconfig`	Configure/view network interfaces (legacy)
`ip`	Modern network configuration tool
`netstat`	Network status (legacy)
`ss`	Socket inspection (modern replacement for netstat)

Process & System Inspection#

Command	Description
`ps`	Process status
`who`	Logged-in users
`lsof`	Open files by processes

Hardware Inspection#

Command	Description
`lsblk`	Block devices (disks)
`lsusb`	USB devices
`lspci`	PCI devices

File & Path Utilities#

`ls`#

List directory contents:

Hazards

Mon, 01 Jan 0001 00:00:00 +0000

Hazards#

The 1-bit multiplexer and 1-bit full adder exercises treat circuits as ideal, i.e., with instantaneous signal changes. However, transition times in digital circuits are non-zero. When designing asynchronous digital circuits, attention must be paid to the possible presence of hazards.

Note:

All combinational circuits are asynchronous.

Consider the previously defined 1-bit multiplexer.

Figure 1: Schematic description of 1-bit MUX.

Not all signal pathways corss the same number of gates, which means they will be affected by varying amounts of delay. This can introduce timing hazards.

Information Disclosure

Mon, 01 Jan 0001 00:00:00 +0000

Information Disclosure#

Information Disclosure is about exposing information to people who are not authorised to see it. Information disclosure violates confidentiality.

Typical victims include processes, data stores, or data flows.

Example Threats#

Network monitoring
directory of filename
file contents
API disclosure.

Real-World Attack Trees

Mon, 01 Jan 0001 00:00:00 +0000

Real-World Attack Trees#

Several published attack trees provide valuable reference material.

Fraud Attack Tree#

Election Threat Trees#

SSL Mind Map#

Observations#

Flexible but less structured
Harder to navigate visually
Inconsistent categorisation

State Diagrams

Mon, 01 Jan 0001 00:00:00 +0000

State Diagrams#

State diagrams model a system as a set of states and transitions between those states. They are useful for analysing how a system behaves in response to inputs and how it enforces rules over time.

A system is represented as a state machine with:

States (current condition of the system)
Transitions (movement between states)
Inputs/messages that trigger transitions
Internal data/memory influencing behavior

stateDiagram-v2
    [*] --> Closed

    Closed --> Opened: open
    Opened --> Closed: close

    Closed --> Locked: lock
    Locked --> Closed: unlock

From a threat modelling perspective, state diagrams can help to evaluate whether each transition enforces proper validation and security checks, and to identify:

Denial of Service

Mon, 01 Jan 0001 00:00:00 +0000

Denial of Service#

Denial of Service are attacks designed to prevent a system from providing service, including by crashing it, making it unusably slow, or filling all its storage. These threats often falls toward the bottom of the stack, because they primarily impact availability and not confidentiality or integrity. Denial of service violates availability.

Typical threats include processes, data stores, or data flows.

Example Threats#

Network flooding;
program resources;
system resources.

File Descriptors and Redirection

Mon, 01 Jan 0001 00:00:00 +0000

File Descriptors and Redirection#

Overview#

A file descriptor (FD) is a kernel-managed handle that represents an open I/O resource (file, socket, pipe, etc.). It provides a uniform interface for reading and writing data streams.

Windows equivalent: file handle

Standard File Descriptors#

By convention, every process starts with three predefined descriptors:

FD	Name	Description
`0`	STDIN	Standard input stream
`1`	STDOUT	Standard output stream
`2`	STDERR	Standard error stream

Basic Redirection#

Redirection operators control where data flows between streams and files.

Limitations and Perspective

Mon, 01 Jan 0001 00:00:00 +0000

Limitations and Perspective#

Attack trees are useful but not without challenges.

Key Issues#

1. Completeness#

No guarantee all attack paths are captured
Missing a root node can omit entire threat classes
Hard to know when you’re “done”

2. Scoping#

Some attacks fall outside your control
Example: hardware-level attacks vs software systems

You must define:

What is in scope
What is someone else’s responsibility

3. Meaning and Consistency#

AND/OR semantics often unclear
Sequence rarely well-defined
Different authors use different conventions

This increases cognitive load when interpreting trees.

Overflow Counter

Mon, 01 Jan 0001 00:00:00 +0000

Overflow Counter#

An overflow counter is a counter that can overflow back to zero when it fills up.

In the overflow counter subfolder, a 32-bit overflow counter is implemented for a Basys 3 FPGA board, part number: xc7a35tcpg236-1.

The counter has 3 inputs: (1) clk, (2) reset, and (3) enable with the output being a 16-bit bus entity called led. The counter has the following behaviour:

At every positive (i.e., rising) edge of the clk signal, the counter’s value increases by 1. This is achieved using a procedural block that will be edge-triggered by the clock. This is specified by the condition posedge clk.
For condition reset == 1, the counter’s value resets to 0. When reset == 0, the counter increments.
The counter increments when enabled (i.e., enable == 1) and stops incrementing when disbled (enable == 0).

The full procedural block describing this behaviour is given by:

Trust Boundaries

Mon, 01 Jan 0001 00:00:00 +0000

Trust Boundaries#

A trust boundary is any point where entities with different privileges or trust levels interact.

Every system has at least one trust boundary because all computation occurs in some context.

If no boundaries are visible:

Either everything is incorrectly assumed to have equal privilege
Or the model is missing structure

In the extreme case where everything truly shares the same trust level, draw one boundary around the entire system and move on.

Clock Division

Mon, 01 Jan 0001 00:00:00 +0000

Clock Division#

The overflow counter project uses a 100 MHz clock signal. In many cases, it is necessary to generate clock signals slower than 100 Hz. A very efficient way to do this is to perform clock division using an overflow counter.

Clock Division using an Overflow Counter#

The simplest way to generate a clock divided by a factor of $2^n$ is to output the (n-1)th bit of an overflow counter (n-1 because bus indexing starts at 0).

Elevation of Privelege

Mon, 01 Jan 0001 00:00:00 +0000

Elevation of Privelege#

Elevation of Privilege is when a program or user is technically able to do things that they’re not supposed to do. These threats are almost always going to fall into the highest priority category, because when they’re exploited they lead to so much damage. Denial of service violates authorisation.

Typical victims include processes.

Example Threats#

Data/code confusion;
control flow/memory corruption attacks;
command injection attacks.

SSH

Mon, 01 Jan 0001 00:00:00 +0000

SSH#

Secure Shell (SSH) refers to a protocol that allows clients to access and execute commands or actions on remote computers. On Linux-based hosts and servers, as well as other Unix-like operating systems, SSH is one of the permanently installed standard tools and is the preferred choice for many administrators to configure and maintain a computer through remote access. It is an older and very proven protocol that does not require or offer a graphical user interface (GUI). For this reason, it works very efficiently and occupies very few resources.

Regular Expressions (Regex)

Mon, 01 Jan 0001 00:00:00 +0000

Regular Expressions (Regex)#

Regular Expressions (regex) are patterns used to match and filter text. In Linux, they are commonly used with tools like grep, sed, and awk.

Practical note: Regex is dense but composable—focus on common patterns and reuse.

Core Constructs#

Pattern	Meaning
`.`	Any character
`*`	0 or more of previous
`+`	1 or more of previous
`?`	0 or 1 of previous
`^`	Start of line
`$`	End of line
`\b`	Word boundary
`\w`	Word character (`[a-zA-Z0-9_]`)
`[]`	Character class
`()`	Grouping
`\|`	OR operator

`grep` Modes#

Option	Description
`grep`	Basic regex
`grep -E`	Extended regex (preferred; enables `+`, `	`, etc.)
`grep -v`	Invert match

Exercises#

1. Exclude Lines Containing `#`#

cat /etc/ssh/sshd_config | grep -v "#"

-v → invert match (exclude comments)

2. Words Starting with `Permit`#

grep -E '\bPermit\w*' /etc/ssh/sshd_config

\bPermit → word starts with “Permit”
\w* → remaining characters

3. Words Ending with `Authentication`#

grep -E '\w*Authentication\b' /etc/ssh/sshd_config

\w* → prefix
Authentication\b → word ends with target

4. Lines Containing `Key`#

grep 'Key' /etc/ssh/sshd_config

Simple substring match (no regex needed)

5. Lines Starting with `Password` and Containing `yes`#

⚠️ Original pattern is incorrect (^Password|yes = OR logic)

Seven Segment Display

Mon, 01 Jan 0001 00:00:00 +0000

Seven Segment Display#

The Basys 3 board features a four-digit common anode seven-segment LED display. Each of the four digits is comprised of seven segments, with an LED embedded in each segment. Segment LEDs can be individually illuminated. Any of the 128 (2^7) patterns can be displayed on a digit by illuminating certain LED segments and leaving the others dark.

Figure 1: Seven segment display.

The anodes of the seven LED segments are tied together to form one common anode circuit node. The common anode signals are available as four digit enable input signals (i.e., 1000 will enable the first anode, but not the other three). The cathode circuit connections are shared amongst the four digits. There are only eight cathode signals that are drivable from the FPGA chip, called CA, CB, …, CG and DP (decimal point), and there are connected to all four digits on the display.

tplat

Creating Attack Trees

Creating Attack Trees#

Core Steps#

1. Decide on a Representation#

2. Create a Root Node#

Data Flow Diagrams

Data Flow Diagrams#

Distributions

Distributions#

Popular Distributions#

General Purpose#

Enterprise#

Security / Offensive Tooling#

Specialized / Other#

Focus: Debian#

Overview#

Focusing on Assets

Focusing on Assets#

Method#

Limitations#

Foundational

Foundational#

On Security#

Foundational

Foundational#

If $n$ is even, then $n^2$ is even

If $n$ is even, then $n^2$ is even#

Remote Photoplethysmography

Remote Photoplethysmography#

Sets

Sets#

Shell Prompt

Shell Prompt#

Default Format#

Common Symbols#

Examples#

Prompt Configuration (PS1)#

Example#

Common Escape Sequences#

Customisation#

Spoofing

Spoofing#

Example Threats#

Verilog

Verilog#

Keywords#

wire#

1-bit MUX

1-bit MUX#

Focusing on Attackers

Focusing on Attackers#

Method#

Limitations#

Functions

Functions#

If $n$ is odd, then $n^2$ is odd

If $n$ is odd, then $n^2$ is odd#

Permissions

Permissions#

Permission Types#

Permission Scope#

Representing Attack Trees

Representing Attack Trees#

Graphical Representation#

Outline Format#

Structured Representations#

Subsurface Scattering

Subsurface Scattering#

Tampering

Tampering#

Example Threats#

Unified Modeling Language

Unified Modeling Language#

Advantages#

Limitations#

1-bit Full Addder

1-bit Full Addder#

Elevation of Privlege

Elevation of Privlege#

Prompt Configuration (`PS1`)#

`man`#

`apropos`#

`ls`#