Review on Firmware

Tan, Chu Jay; Mohamad–Saleh, Junita; Zain, Khairu Anuar Mohamed; Aziz, Zulfiqar Ali Abd

doi:10.1145/3132300.3132337

Cited by 8 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that firmware is the most critical component of the device, responsible for running the customized programs of the vendor on the device. Due to the closed-source and hard-to-upgrade nature of device firmware [38], [32], they are often vulnerable, and particularly easily affected by taint-style vulnerabilities [7], resulting in serious security issues.…”

Section: Introductionmentioning

confidence: 99%

Faster and Better: Detecting Vulnerabilities in Linux-based IoT Firmware with Optimized Reaching Definition Analysis

Gao,

Zhang,

Liu

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

IoT devices are often found vulnerable, i.e., untrusted inputs may trigger potential vulnerabilities and flow to sensitive operations in the firmware, which could cause severe damage. As such vulnerabilities are in general taint-style, a promising solution to find them is static taint analysis. However, existing solutions have limited efficiency and effectiveness. In this paper, we propose a new efficient and effective taint analysis solution, namely HermeScan, to discover such vulnerabilities, which utilizes reaching definition analysis (RDA) to conduct taint analysis and gets much fewer false negatives, false positives, and time costs. We have implemented a prototype of HermeScan and conducted a thorough evaluation on two datasets, i.e., one 0-day dataset with 30 latest firmware and one N-day dataset with 98 older firmware, and compared with two state-of-theart (SOTA) solutions, i.e., KARONTE and SaTC. In terms of effectiveness, HermeScan, SaTC, and KARONTE find 163, 32, and 0 vulnerabilities in the 0-day dataset respectively. In terms of accuracy, the true positive rates of HermeScan, SaTC, and KARONTE are 81%, 42%, and 0% in the 0-day dataset. In terms of efficiency, HermeScan is 7.5X and 3.8X faster than SaTC and KARONTE on average in finding 0-day vulnerabilities.

show abstract

Section: Introductionmentioning

confidence: 99%

Faster and Better: Detecting Vulnerabilities in Linux-based IoT Firmware with Optimized Reaching Definition Analysis

Gao,

Zhang,

Liu

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Firmware is a form of embedded software that supports fundamental device functionalities [4]. To begin with, when a device is turned on, the firmware is the first one to run and send the necessary instructions for the device to communicate with other devices or function properly.…”

Section: Introductionmentioning

confidence: 99%

Utilization of Impedance Disparity Incurred from Switching Activities to Monitor and Characterize Firmware Activities

Awal

Thompson

Rahman

2022

2022 IEEE Physical Assurance and Inspection of Electronics (PAINE)

View full text Add to dashboard Cite

The massive trend toward embedded systems introduces new security threats to prevent. Malicious firmware makes it easier to launch cyberattacks against embedded systems. Systems infected with malicious firmware maintain the appearance of normal firmware operation but execute undesirable activities, which is usually a security risk. Traditionally, cybercriminals use malicious firmware to develop possible back-doors for future attacks. Due to the restricted resources of embedded systems, it is difficult to thwart these attacks using the majority of contemporary standard security protocols. In addition, monitoring the firmware operations using existing side channels from outside the processing unit, such as electromagnetic radiation, necessitates a complicated hardware configuration and in-depth technical understanding. In this paper, we propose a physical side channel that is formed by detecting the overall impedance changes induced by the firmware actions of a central processing unit. To demonstrate how this side channel can be exploited for detecting firmware activities, we experimentally validate it using impedance measurements to distinguish between distinct firmware operations with an accuracy of greater than 90%. These findings are the product of classifiers that are trained via machine learning. The implementation of our proposed methodology also leaves room for the use of hardware authentication.

show abstract

Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologies

Wijesundara,

Lee,

Tith

et al. 2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

With the increase of IoT devices generating large amounts of user-sensitive data, improper firmware harms users’ security and privacy. Latest home appliances are integrated with features to assure compatibility with smart home IoT. However, applying complex security mechanisms to IoT is limited by device hardware capabilities, making them vulnerable to attacks. Such attacks have recently become frequent. To address this issue, we developed a secure verification mechanism for firmware released by the device’s manufacturer. We proposed an IoT gateway for secure firmware verification and updating for smart home IoT devices utilizing the IOTA MAM (Masked Authenticated Messaging) protocol and a distributed file system with IPFS (Inter-Planetary File System) protocol. These two communication protocols ensure decentralized communication and firmware file distribution between the IoT device vendor and the IoT end device. The proposed scheme securely shares latest firmware content over IOTA and IPFS networks, performs a secure firmware update on IoT end devices and ensures authenticity and integrity of the firmware. Two types of validation methods were proposed for firmware updating and validation. We implemented the proposed scheme using three entities, Vendor, IoT gateway, and IoT end device. Our system yielded promising results in performing secure automated firmware updates on IoT end devices with very low computational power. The system’s functionality was implemented using IOTA’s MAM run on Raspberry Pi as an IoT gateway along with an ESP8266 Wi-Fi microcontroller, demonstrating the effectiveness of our approach. Our proposed methodology can be used for secure firmware distribution on home IoT applications.

show abstract

Review on Firmware

Cited by 8 publications

References 15 publications

Faster and Better: Detecting Vulnerabilities in Linux-based IoT Firmware with Optimized Reaching Definition Analysis

Faster and Better: Detecting Vulnerabilities in Linux-based IoT Firmware with Optimized Reaching Definition Analysis

Utilization of Impedance Disparity Incurred from Switching Activities to Monitor and Characterize Firmware Activities

Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologies

Contact Info

Product

Resources

About