Old New Things: An Examination of the Philips TriMedia Architecture

Presented at ekoparty 14 (2018), Sept. 26, 2018, 1:50 p.m. (50 minutes).

In today's Intel/AMD and ARM controlled world, it's always interesting, for a reverse engineer, to find new or uncommon CPU architectures to learn and play with. It's always a challenge to deal with uncommon/unknown firmware files and weird file formats and try to unravel what's behind. This allows us to continuously improve and expand our knowledge. If you are willing to learn new stuff, this talk is for you.

In this presentation, by inspecting an IoT device, you will see an examination of the architectural and functional aspects of the Philips TriMedia architecture, an ‘obscure' CPU that makes you think you are in the darkest corner of the reverse engineering (RE) world. You'll see some characteristics of the architecture itself and the inner workings of the CPU, its assembly language (instruction set, encoding and decoding), and the toolset available at the moment to work with this architecture.

Also, you'll learn some general aspects related to the RE methods used to deal with an unknown/uncommon architecture like Philips TriMedia.


Presenters:

  • Nahuel Riva
    Nahuel C. Riva, aka +NCR/CRC! [ReVeRsEr], has been participating in the information security community since 2003. He was first interested in software protection mechanisms, specially packers. In 2007, he joined the Exploit Writers Team at Core where he worked for 10 years writing exploits. In 2018, he joined the embedded team at Quarkslab. Also, he has discovered vulnerabilities in high-level enterprise software from Symantec, HP, Adobe and he authored tools like SDT Cleaner, FUU, addp and VSD. He was an instructor at the "Defeating Software Protections" training at Ekoparty several times. He likes to share what he knows with the community and that is why he has written dozens of publicly available tutorials covering software protection mechanisms and how to defeat them.

Links:

Similar Presentations: