Hardware Hacking Lab: Physical Tools

Hardware Hacking Lab Series Overview

Are you wondering how to get started with embedded device security testing and what tools are needed for hardware hacking? Whether you are trying to reverse engineer and hack an embedded system or are looking to make modifications to an IoT device, part one of our Hardware Hacking Lab series will introduce you to some of the tools we rely upon to perform our smart device security assessments.

This is the first post in this series. Please check out part two on Analysis Tools if you haven’t already done so!

Physical Tools Overview

This post will focus on the basic physical tools that we use in our assessments. We’re going to break this down into a few different categories:

1. Workbench Tools
2. Soldering & Rework Tools
3. Misc Tools

Workbench Tools

Like any good professional or hobbyist, we’ll need to start with a good set of baseline tools on our workbench. The following should set you up for success once you’re ready to dive in.

First off, you’ll want to make sure you have a driver kit with many different security bits for taking apart your devices. You might also need to apply some force from time to time, so having a good set of pry tools, spudgers and a hobby knife will really help (especially with industrialized devices). Tweezers with different points and angles will help hold small wires and components as well. And finally, a thin-wire stripper and a micro cutter are useful when you get into soldering wires for signal inspection or debugging access.

It’s important to have a well-organized workspace because - we say this from experience! - things get messy in a hurry! There can be lots of small parts that you don’t want to lose track of. To help with that, we recommend buying a bright silicon mat with storage compartments to keep different parts organized and separated. The bright colors help you find tiny screws or springs that inevitably seem to jump out of the device you’re testing. As an added bonus, the mat will help protect your work surface from scratches and soldering iron burns!

Next, you’ll want something to hold your device while you’re trying to work on it. There are all sorts of ‘helping hands’ tools out there, ranging from inexpensive options with two clips and a magnifying glass, options that can hold large devices, or our personal favorite - a rotating six-arm option.

Now when it comes time to see what you’re doing, it all starts with good lighting. We have several of these magnifying lamps which are great for providing enough light to see what you’re doing as well as occasionally inspecting the device through the magnifying lens. You might also want to consider a head-mounted lighted magnifier (like dentists and jewelers use) for trying to solder in tight spaces or to grab markings off of components. Finally, a USB digital microscope can really be useful to capture hard to read markings or to draw on later while mapping out pins and pads.

Potential shopping list

Again, we have no association with the vendors linked below so shop around and support your local hardware and electronic hobby shops! Prices listed are what we paid when we bought these, so your experience may be different.

• Security Bits ( $13)
• Pry Tools & Spudgers ( $10)
• Hobby Knife ( $4)
• Tweezers $13)
• Wire Stripper ( $21)
• Micro Cutters ( $8)
• Silicon Mat ( $20)
• Magnetic Parts Holder ( $5)
• Helping Hands
  • Two Clips + Magnifier ( $8) — We’d suggest you skip this and go straight to the one with six arms
  • Large Device Holder ( $12)
  • Six Bendable Arms ( $30)
• Magnifying Lamp ( $40)
• Head-mounted Magnifier ( $16)
• Digital Microscope ( $28)

Soldering & Rework Tools

Soldering seems to be where many people get hung up during hardware testing, but with some practice, you should be able to learn enough basic skills for most testing scenarios. We’ve found the following tools have really helped us get through most projects.

Let’s start with the most important tool - the soldering iron. I still have a cheap RadioShack iron that served me well for 25 years, but upgrading to a higher-quality iron made a huge difference. The temperature control you can get with a more advanced iron is useful for zeroing in on the right amount of heat to melt what you want — and nothing more. You may want to consider buying a soldering iron that supports many different tip sizes to accommodate the type of soldering you’ll be doing. That said, you might want to just look for a used or less expensive one if you’re just getting started and don’t plan on doing much soldering.

As far as solder goes, there are many different sizes and compositions to choose from. We mostly use a 63-37 Tin/Lead flux-cored solder with a 0.020" diameter and rarely (for tight spaces or surface mounts) solder paste. Occasionally, you might run into some issues getting your solder to stick. It’s helpful to have a fiberglass brush to scuff the pads in case they are overly oxidized or the manufacturer applied a clear coat to deter future soldering efforts. Even though the solder contains flux, we sometimes find it helpful to apply flux directly to the pads using a small brush or via a syringe dispenser for increased precision and control. You might also need to mask off areas or tape down wires while soldering, so we highly recommend getting some high-temperature Kapton tape.

Removing components or fixing bad solder jobs can be made much easier with solder wick or a solder sucker. We find different uses for each, so you might as well pick up both. Finally, a hot air rework station - basically a targeted heat gun - makes removing components without damaging them a breeze!

Potential shopping list

Again, we have no association with the vendors linked below so shop around and support your local electronic hobby shops! Prices listed are what we paid when we bought these, so your experience may be different.

• Soldering Station
  • Weller W60P3 ( $70) with tip cleaner ( $9) and stand ( $5)
  • Hakko FX888D ( $99) with additional tips ( $20) — both soldering irons are very nice, but we give the edge to this one for temp control and the ability to swap out tips
• Solder ( $12)
• Solder Paste ( $11)
• Fiberglass Brush ( $10)
• Flux ( $8)
• Syringe-tip Flux ( $11)
• Kapton Tape ( $11)
• Solder Wick / Desoldering Braid ( $7)
• Solder Sucker ( $28) — you could get a cheap one like this that comes with wicks, but the cheap ones tend to break easily
• Hot Air Rework Station ( $42)

Misc Tools

To wrap up the physical tool recommendations, we’ll go through some of the basic prototyping and connector tools. For the most part, the following will allow you to hook up the hardware testing tools to your device for debugging purposes.

While you won’t need this for the majority of devices you’re likely to encounter, having a good DC bench power supply can greatly simplify some testing by allowing you to supply power to boards outside of their typical harnesses or enclosures. We built our own following this guide and it has served us well for years…up until a recent engagement. The power supply wasn’t able to power up a carrier board for a SMARC module we ripped out of a system, so we needed to buy a high-quality wall wart instead. So we still think it’s worth it to build your own, but just realize you might outgrow it eventually or need to buy better power sources for sensitive equipment.

Next, you might find a need to solder your own connections to your target device. If you’re lucky, there might already be headers ready to accept some jump wires or unpopulated headers for which you could add your own breakaway headers. If not, you might need to solder some thin gauge wire or rarely, some extremely thin gauge wrapping wire directly to some pads. From here, you might hook the wires up directly to your debugging tools or you might need to add some resistors on a breadboard.

We’re also seeing more and more devices standardizing their test headers to the Tag-Connect™ form factor. This innovative design is great for manufacturers, but just as great for us since it makes connecting to these boards a breeze! Another popular option for connecting specifically to SPI Flash ICs is the SOIC8 test clip. Sometimes you just can’t use convenient headers though, so these mini grabber test leads and alligator clips are great for temporary connections.

Finally, and perhaps our favorite purchase of 2019, are these hands-free, flexible spring-loaded needle probes. These have magnetic bases that anchor the probes to any metal base and heavy ends with spring-loaded needles that really stick well to the intended target. These probes have saved us a lot of time and have replaced soldering in many of our projects!

Potential shopping list

Again, we have no association with the vendors linked below so shop around and support your local electronic hobby shops! Prices listed are what we paid when we bought these, so your experience may be different.

• DC Bench Power Supply ( $40)
• Jumper Wires ( $6)
• Breakaway Headers ( $9)
• Wire Kit ( $22)
• Wrapping Wire ( $8)
• Resistors ( $8)
• Breadboard Kit ( $9)
• Tag-Connect Cables ( $varies)
• SOIC Test Clip ( $19)
• Mini Grabber Test Leads ( $9)
• Alligator Clips ( $7)
• Hands-free Probes ( $66)

What’s Next?

While this post sets the groundwork for creating your hardware hacking lab, the fun stuff is yet to come! Check out part two of this series where we show you what hardware anaylsis tools we find most useful. Feel free to reach out to us if you need additional help getting started with embedded device security!