Embedded Devices Security and Firmware Reverse Engineering

Presented at Black Hat USA 2013, July 31, 2013, 2:15 p.m. (60 minutes)

Embedded devices have become the "usual presence" in the network of (m)any household(s), SOHO, enterprise or critical infrastructure.

The preached Internet of Things promises to "gazillion"uple their number and heterogeneity in the next few years.

However, embedded devices are becoming lately the "usual suspects" in security breaches and security advisories and thus become the "Achilles' heel" of one's overall infrastructure security.

An important aspect is that embedded devices run on what's commonly known as firmwares.

To understand how to secure embedded devices, one needs to understand their firmware and how it works.

This workshop aims at presenting a quick-start at how to inspect firmwares and a hands-on presentation with exercises on real firmwares from a security analysis standpoint.

Presenters:

• Jonas Zaddach - Eurecom
  Jonas Zaddach is a Computer Science graduate of the Technische Universitaet Muenchen and Telecom ParisTech, where he wrote his thesis on securing infrastructure-as-a-service clouds in a double-degree program. Results from this research is at basis of the well-received presentation "SatanCloud:A Journey Into the Privacy and Security Risks of Cloud Computing." In his youth he spent his time making his Lego Mindstorms robot do things it was not supposed to do by hacking its firmware. Since then he has shifted his attention to hard drives, and is currently a PhD candidate with EURECOM in the field of dynamic analysis of embedded devices' firmware.
• Andrei Costin - EURECOM
  Andrei is a Computer Science graduate of the Politehnica University of Bucharest where he did his thesis work in Biometrics and Image Processing. While starting out his IT-career in the Computer Games industry, he has worked in the Telecom field and also was a senior developer at a specialized firm programming various GSM/UMTS/GPS sub-systems. He is the author of the MiFare Classic Universal toolKit (MFCUK), the first publicly available (FOSS) card-only key cracking tool for the MiFare Classic RFID card family and is known as the "printer guy" for his "Hacking MFPs" and "Hacking PostScript" series of hacks & talks at various international conferences. Lately he was spotted security-harassing airplanes with ADS-B hacks, though no planes were harmed during the experiments. He is passionate about security in a holistic fashion. Currently he is a PhD candidate with EURECOM in field of "Security of embedded devices."

Links:

• https://www.blackhat.com/us-13/archives.html#Costin
• https://media.blackhat.com/us-13/US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-Slides.pdf
• https://media.blackhat.com/us-13/US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-WP.pdf

Similar Presentations:

• Black Hat Asia 2016 / Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces
• ToorCon San Diego 20 (2018) / Infecting the Embedded Supply Chain
• 32C3 (2015) / (In)Security of Embedded Devices' Firmware - Fast and Furious at Large Scale