Old New Things: An Examination of the Philips TriMedia Architecture

Presented at Black Hat Europe 2018, Dec. 5, 2018, 4:30 p.m. (50 minutes).

In today's Intel/AMD and ARM controlled world, it's always interesting, for a reverse engineer, to find new or uncommon CPU architectures to learn and play with. It's a challenge to deal with uncommon/unknown firmware files and weird file formats and try to unravel what's behind them. This allows us to continuously improve and expand our knowledge. If you are willing to learn new stuff, this talk is for you.

In this presentation, by inspecting an IoT device, you will see an examination of the architectural and functional aspects of the Philips TriMedia architecture, an 'obscure' CPU that makes you think you are in the darkest corner of the reverse engineering (RE) world. You'll see some characteristics of the architecture itself and the inner workings of the CPU, its assembly language (instruction set, encoding and decoding), and the toolset available at the moment to work with this architecture.


Presenters:

  • Nahuel Cayetano Riva - Reverse Engineer, Quarkslab
    Nahuel C. Riva, aka +NCR/CRC! [ReVeRsEr], has been participating in the information security community since 2003. He was first interested in software protection mechanisms, specially packers. He has previously worked as Exploit Writer at Core Security for 10 years and now he has joined Quarkslab. Also, he has discovered vulnerabilities in high-level enterprise software from Symantec, HP, Adobe and he authored tools like SDT Cleaner, FUU, addp and VSD. He was an instructor at the "Defeating Software Protections" training at Ekoparty several times. He likes to share what he knows with the community and that is why he has written dozens of publicly available tutorials covering software protection mechanisms and how to defeat them.

Links:

Similar Presentations: