DATASHEET ANDREA BARISANI
───────────────────────────────────────────────────────────────────────────────
Twenty years of work at the convergence of secure hardware and software,
penetration testing, code auditing, and security engineering for
mission-critical environments.
Author of the USB armory and the TamaGo bare-metal framework.
Co-author of the very first research on vehicle security, innovative
side-channel attacks, flaws in EMV payment systems, exotic packet-in-packet
attacks.
Since owning his first Commodore-64 he has never stopped studying new
technologies, developing unconventional attack vectors, and exploring what
makes things tick — and break.
DOMAINS
───────────────────────────────────────────────────────────────────────────────
Automotive • Avionics • Consumer • Enterprise • Financial • Industrial
EXPERTISE
───────────────────────────────────────────────────────────────────────────────
┌──────────┐ ┌───────────┬─────────┐
│ HARDWARE ├───┐ ┌───────────── research → │ RDS-TMC │ TEMPEST │█
└──────────┘ │ │ │ 802.3 PIP │ EMV │█
┌──────────┐ │ ░░░░░░░░ ├── penetration testing └─────────────────────┘█
│ FIRMWARE ├───┼─ SECURITY ─┤ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
└──────────┘ │ ░░░░░░░░ ├──────── code auditing
┌──────────┐ │ │ ┌────────────┬────────┐
│ SOFTWARE ├───┘ └────────── engineering → │ USB ARMORY │ TAMAGO │█
└──────────┘ └─────────────────────┘█
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
OPEN SOURCE
───────────────────────────────────────────────────────────────────────────────
┌────────────┐ ┌─ MK I ──┐ ┌─ crucible ┌─ mxc-scc2boot-transparency ─┐
│ USB ARMORY ├─┐ ├──┘ ┌─ mxs-dcp ┌──────── go-boot ─┘
└────────────┘ └─ MK II ─┘ └─ interlock ─┴─ caam-keyblob ┌────────── kanzashi
│ │ ┌────────── kotamaArmory Boot ──────┘ ┌────────┐ ┌─ amd64 ──┘ │
Armory Drive ──────┘ ─── arm ────┤ TAMAGO ├────┼─ arm64 │ ┄┄┄┄┄┄┄┄┄┄┄
Armored Witness ───┘ ─┬─ └────────┘ └─ riscv64 ──┘ ┆ tenshi ┆
│ ───┬─── ┆ ftester ┆
└─────── GoTEE ────────────┘ ┄┄┄┄┄┄┄┄┄┄┄
かいしゃ
───────────────────────────────────────────────────────┬───────────────────────
2025/05 → Head of Security Engineering Reversec ┤ foundry.reversec.com
2022/03 → Head of Product Security WithSecure ┤ foundry withsecure.com
2017/02 → Head of Hardware Security F-Secure ┤ foundry f-secure.com
2017/02 → 🮙🮙🮙🮙🮙🮙🮙 Inverse Path is acquired by F-Secure │ 🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘🮘
FOUNDATION
───────────────────────────────────────────────────────┬───────────────────────
2005/11 → Co-Founder Inverse Path ┤ inversepath.comMISC
───────────────────────────────────────────────────────────────────────────────
Co-Founder • Open Source CSIRT • ocert.org ← 2008/03 - 2017/08
Researcher • University of Trieste, Department of Astronomy ← 2005/06 - 2007/12
UNIX Programming Consultant • London Internet Exchange ← 2004/11 - 2004/12
Infrastructure Developer • Gentoo Linux ← 2003/07 - 2006/02
UNIX Security Engineer • Live Network Security ← 2001/10 - 2005/10
Sysadmin and Security Officer • NE&T, Webtechna ← 2000/11 - 2001/07
TALKS
───────────────────────────────────────────────────────────────────────────────
▾ all
─ 2026 ───────────────────────────────────────────────┬────────────────────────
Jun → GopherCon Europe • Berlin ┤ TamaGo
─ 2025 ───────────────────────────────────────────────┬────────────────────────
Oct → Transparency.dev Summit • Gothenburg ┤ Armored Witness
Oct → Open Source Firmware Conference • Sunnyvale ┤ TamaGo
─ 2024 ───────────────────────────────────────────────┬────────────────────────
Oct → Transparency.dev Summit • London ┤ Armored Witness
Sep → Open Source Firmware Conference • Bochum ┤ TamaGo
Apr → Asilomar Microcomputer Workshop • Pacific Grove ┤ TamaGo
Mar → CanSecWest • Vancouver ┤ Armored Witness
─ 2023 ───────────────────────────────────────────────┬────────────────────────
Oct → Airbus CYCON • Undisclosed ┤ TamaGo
─ 2020 ───────────────────────────────────────────────┬────────────────────────
Oct → GoLab • The Internet ┤ TamaGo
─ 2019 ───────────────────────────────────────────────┬────────────────────────
Dec → Chaos Communication Congress • Leipzig ┤ TamaGo
Nov → escar europe • Stuttgart ┤ Insecure Boot
Nov → PacSec • Tokyo ┤ Insecure Boot
Oct → t2 • Helsinki ┤ USB armory
Oct → escar asia • Tokyo ┤ Insecure Boot
Sep → BSidesVarazdin • Varaždin ┤ USB armory
Sep → No Hat • Bergamo ┤ USB armory
─ 2018 ───────────────────────────────────────────────┬────────────────────────
Nov → Hack In The Box • Beijing ┤ USB armory
Oct → Air Power Conference • Helsinki ┤ Avionics security
Jul → FSec IoT Hacking Summer School • Varaždin ┤ TZ, Avionics security
Jun → Aero'Nov Connection • Marseille ┤ Avionics security
─ 2016 ───────────────────────────────────────────────┬────────────────────────
Oct → Airbus Aircraft Sec. User Panel • Marseille ┤ Keynote
Sep → FSEC • Varaždin ┤ USB armory
Sep → Internet of Broken Things • Milan ┤ Avionics security
Jun → RMLL • Paris ┤ USB armory
Jun → Area41 • Zurich ┤ USB armory
Apr → Int'l Journalism Festival • Perugia ┤ Evil maid
Mar → CanSecWest • Vancouver ┤ Mastering TrustZone
─ 2015 ───────────────────────────────────────────────┬────────────────────────
Oct → t2 • Helsinki ┤ USB armory
Oct → Hack.lu • Luxembourg ┤ USB armory
Oct → HackInBo • Bologna ┤ 802.3 PIP, Avionics
Sep → 44CON • London ┤ USB armory
Aug → Black Hat USA • Las Vegas ┤ USB armory
May → Hack In The Box • Amsterdam ┤ USB armory
Mar → Black Hat Asia • Singapore ┤ USB armory
Mar → CanSecWest • Vancouver ┤ Mastering TrustZone
Mar → BSidesLjubljana • Ljubljana ┤ USB armory
─ 2014 ───────────────────────────────────────────────┬────────────────────────
Dec → Chaos Communication Congress • Hamburg ┤ EMV MITM, USB armory
Nov → NoSuchCon • Paris ┤ USB armory
Nov → PacSec • Tokyo ┤ USB armory
Oct → Hack In The Box • Kuala Lumpur ┤ USB armory
May → PXE • Berlin ┤ TEMPEST inception
─ 2012 ───────────────────────────────────────────────┬────────────────────────
Oct → Hack In The Box • Kuala Lumpur ┤ USB armory
Jun → Airbus Aircraft Sec. User Panel • Montauban ┤ Avionics security
May → (the last) PH-Neutral • Berlin ┤ 802.3 Packet-in-Packet
─ 2010 ───────────────────────────────────────────────┬────────────────────────
Nov → PacSec • Tokyo ┤ panel discussion
Jun → IT-SECA, CERT-BW • Stuttgart ┤ RDS-TMC, TEMPEST
Feb → HackCon • Oslo ┤ TEMPEST
Feb → IT-Defense • Cologne ┤ TEMPEST
─ 2009 ───────────────────────────────────────────────┬────────────────────────
Oct → t2 • Helsinki ┤ TEMPEST
Oct → Hack In The Box • Kuala Lumpur ┤ TEMPEST
Jul → DEFCON • Las Vegas ┤ TEMPEST
Jul → Black Hat USA • Las Vegas ┤ TEMPEST
Jun → Shakacon • Honolulu ┤ TEMPEST
May → PH-Neutral • Berlin ┤ TEMPEST
Mar → CanSecWest • Vancouver ┤ TEMPEST
─ 2008 ───────────────────────────────────────────────┬────────────────────────
Nov → PacSec • Tokyo ┤ Linux Hardening Dojo
Sep → SecVest • Bergen ┤ oCERT
Mar → CanSecWest • Vancouver ┤ Linux Hardening Dojo
Feb → HackCon • Oslo ┤ RDS-TMC
Jan → IT-Defense • Hamburg ┤ RDS-TMC
─ 2007 ───────────────────────────────────────────────┬────────────────────────
Nov → PacSec • Tokyo ┤ Linux Hardening Dojo
Nov → MEITSEC • Sharjah ┤ RDS-TMC
Oct → Hack.lu • Luxembourg ┤ RDS-TMC
Sep → Hack In The Box • Kuala Lumpur ┤ RDS-TMC
Aug → DEFCON • Las Vegas ┤ RDS-TMC
Aug → Black Hat USA • Las Vegas ┤ RDS-TMC
May → PH-Neutral • Berlin ┤ RDS-TMC
May → AusCERT • Gold Coast ┤ rsync 0-day, LDAP
Apr → CanSecWest • Vancouver ┤ RDS-TMC
Mar → IT Underground • Prague ┤ LDAP security
─ 2006 ───────────────────────────────────────────────┬────────────────────────
Oct → IT Underground • Warsaw ┤ LDAP security
Oct → 0sec • Bern ┤ LDAP security
Feb → FOSDEM • Brussels ┤ LDAP security
Feb → EuSecWest • London ┤ Gentoo rsync 0-day
─ 2005 ───────────────────────────────────────────────┬────────────────────────
Nov → PacSec • Tokyo ┤ LDAP security