Talk Title:

Firmware Security Village

Abstract:

The firmware security village presents multiple ways of analyzing firmware of commonly used devices such as routers, printers and IP cameras regarding their level of security.

Participants will be able to find design flaws and vulnerabilities in real world devices while also learning how to adapt these specific techniques to find similar issues in other devices.

The village is largely based on the FACT firmware analysis tool.

FACT will be hosted at the venue so that participants may either use it from the personal computing devices or use one of the laptop PCs offered at the village.

To exercise the different analysis methods, we provide a number of challenges that can be solved on site to have a hands-on experience of firmware security analysis.

There is no necessary entry level of experience. All techniques and tools will be explained on site. Presented analysis steps include, but are not limited to:

• Extraction of arbitrary firmware images
• Detection of utilized software components and libraries
• Comparison (diff) of different firmware versions
• Detection of weak implementations (CWEs)
• Feed & signature-based detection of vulnerabilities
• Basic static behavioral analysis

Speaker Bio:

Johannes vom Dorp is researcher at Fraunhofer FKIE and currently head of the applied system security group of Fraunhofer FKIE. He works on security analysis focusing on firmware and hardware security. Since its inception in 2015 he is core developer of FACT.

Christopher Krah is researcher at Fraunhofer FKIE and part of the applied system security group of Fraunhofer FKIE. His research focus includes vulnerability hunting and firmware security. He has contributed to FACT since being a student assistant in 2017.