B. Open Source Hardware Security Do’s and Don’ts
So you are building open source hardware that will change the world? Ideally, it will be used by thousands—if not millions—of users, and everyone will have one—if not two—of your devices! You might not think that your device needs to be secure, but if people depend on it and make decisions based on the data the device presents, then it needs to be secure and reliable. Adding security to your OSHW project after it’s deployed is too late; you need to think about this issue before your hardware ships.
The following tips are geared toward embedded OSHW devices that run firmware, whether in a FPGA, a microcontroller, or a CPU. More complete resources are listed in this appendix. Here are ...