The security industry has had decades of experience with designing and testing software with security in mind. Despite that, we’re still just barely getting standard methods and practices in place to enable developers to ship secure software.
Hardware security is still about 15 years behind that. There are no industry best practices. Most hardware vendors still haven’t started designing their hardware with security in mind, and most don’t even realize that they need to be doing some sort of hardware security validation. Those that do have compelling reasons to design for security rarely share details about their methodologies for the same compelling reasons.
There is far too much hardware security work to be done by the small pool of hardware security experts. To meet that need, Hardware Security Resources, LLC offers courses, workshops, and curriculum to help introduce and ramp existing software security experts and hardware validation experts into the field of hardware security.