Researchers can apply to get this special hardware here. As you might expect, Apple will only let applicants who have a previous history of tracking down security bugs in its platforms apply.
There is now a way for security researchers to gain (legal) access to unlocked iPhone test devices which do not have the usual protections surrounding arbitrary code execution and other defences. Access to ‘rooted’ hardware enables security researchers to inspect core parts of the operating system more easily, which helps to track down exploits in the kernel and other low-level areas of the iOS operating system. Apple announced its plans to do this almost a year ago.