Talk Title:

Firmware Security Village

Abstract:

The firmware security village presents multiple ways of analyzing firmware of commonly used devices such as routers, printers and IP cameras regarding their level of security.

Participants will be able to find design flaws and vulnerabilities in real-world devices while also learning how to adapt these specific techniques to find similar issues in other devices.

The village is largely based on the FACT firmware analysis tool. FACT will be hosted at the venue so that participants may either use it from the personal computing devices or use one of the laptop PCs offered at the village.

To exercise the different analysis methods, we provide a number of challenges that can be solved on site to have a hands-on experience of firmware security analysis.

There is no necessary entry level of experience.
All techniques and tools will be explained on site.

Presented analysis steps include, but are not limited to:

• Extraction of arbitrary firmware images
• Detection of utilized software components and libraries
• Comparison (diff) of different firmware versions
• Detection of weak implementations (CWEs)
• Feed & signature-based detection of vulnerabilities
• Basic static behavioral analysis

Speaker Bio:

Christopher Krah is researcher at Fraunhofer FKIE and part of the software and firmware security group of Fraunhofer FKIE. His research focus is vulnerability research and firmware security. He has contributed to FACT since being a student assistant in 2017.

Jörg Stucke is researcher at Fraunhofer FKIE and is part of the Software and Firmware Security research group. Since its inception in 2015, he is a core developer of FACT.