# eCTF Organization ## Basic Information About the Game First, watch the [video](https://mitre-ectf.slack.com/files/U01GEEF6VMK/F06E8MNBXLM/2024_ectf_kickoff.mp4) posted on Slack. After, check out the [eCTF 2024 main website](https://ectfmitre.gitlab.io/ectf-website/2024/index.html#) for more details about the game. This year, we are designing a security solution for microcontrollers on a medical device. An example for code structure is found at [this GitHub link](https://github.com/mitre-cyber-academy/2024-ectf-insecure-example/tree/release). The most important articles on the website that we will likely need to reference during the design phase are as follows: - [Detailed Specifications](https://ectfmitre.gitlab.io/ectf-website/2024/specs/detailed_specs.html) - [System Architecture](https://ectfmitre.gitlab.io/ectf-website/2024/specs/system_architecture.html) - [Functional Requirements](https://ectfmitre.gitlab.io/ectf-website/2024/specs/functional_reqs.html) - [Security Requirements](https://ectfmitre.gitlab.io/ectf-website/2024/specs/security_reqs.html) ## Prerequisite Knowledge - [Rust](https://www.rust-lang.org/) - This is the language we will be coding in. Rust provides for runtime checks, meaning it is much more difficult to write insecure code versus C or C++. Check out the [Embedded Rust book](https://docs.rust-embedded.org/book/) for better documentation for writing code for microcontrollers. - [Nix](https://nixos.org/) - The toolchain to deploy code onto the microcontroller uses Nix to manage the environment - [Git](https://git-scm.com/) - Our version control system of choice. ## Roles and Delegations | Role | Person(s) Assigned | Is Done | | -------- | -------- | -------- | | Function Header Design | Diana, Kiran | Y | | I2C | Vrishak, Diana | N | | UART | Diana, Kiran, Sebastian | N | | Application Processor Code | Aedan, Brian, Elijah | N | | Component Code | Malik, Vrishak | N | | Ongoing Refactors for Readability | Aedan | N | | Code Review | Sebastian, Diana | N | | Write Deployment | Aedan | N | | Testing Library | Diana | N | ## Writing Code Kiran and I will be writing function headers as general guideliens for what to implement in the Application Processor and Component code. Furthermore, before we implement the communications code, we will provide function headers for our communications library so you know what tools are available to you. ## Useful Information About the Microcontroller - [MAX78000 User Guide](https://www.analog.com/media/en/technical-documentation/user-guides/max78000-user-guide.pdf) ## Useful Information About the Toolchain - We have a quick reflash functionality! Given that the board has the eCTF-provided insecure bootloader installed with another program on it, you can cd into `application_processor/` or `component/` and run `cargo run` to automatically build and flash your code onto the board (given that the board is plugged in and DAPLINK is working). This does not edit params.rs, so you need to manually do it yourself if you want to change any parameters between builds. - You can generate documentation for our MAX78000 library by going into the max78000-pac folder and running `cargo doc`. - If you need to use a part of that generated library, you may want to reference (and/or reverse engineer) the [C MSDK](https://github.com/Analog-Devices-MSDK/msdk) to see what peripherals you'll need. - [List of included MSDK libraries](https://github.com/Analog-Devices-MSDK/msdk/blob/main/Libraries/PeriphDrivers/max78000_files.mk) ### Proper Git Use Our repository for this year can be found at [this GitHub link](https://github.com/TJCSec/2024-tjhsst-ectf-design). When you want to push a component of your code for us to view, do **not** do so on the `release` branch. Instead, push onto your own branch, named depending on what part of the system it is referring to: - `random` - Random seeding code - `ap` - Application processor code - `comp` - Component code If you are testing a feature for a part but do not want to merge into your main code just yet, make a new branch with the following schema: `<part of system>/<feature name>`. For example, if I want to test using the camera as a source of randomness for secure random seeding, I would make a new branch called `random/camera`. After you make this branch with `git checkout -b branch-name`, `git add --all`, and `git commit -m "message"` your code to it, remember to `git push -u origin branch-name` to publish your changes. ## Timeline | Date | Task Done | | --- | --- | | Jan 24 | Work Out General Design | | Jan 27 | Write Design Document | | Jan 31 | Write Function Headers | | Feb 3 | Push Currently-Written Code to Repository | | Feb 10 | Finish Implementation Draft |