International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Cutting Through the Complexity of Reverse Engineering Embedded Devices

Authors:
Sam L. Thomas , University of Birmingham, Birmingham, United Kingdom
Jan Van den Herrewegen , University of Birmingham, Birmingham, United Kingdom
Georgios Vasilakis , University of Birmingham, Birmingham, United Kingdom
Zitai Chen , University of Birmingham, Birmingham, United Kingdom
Mihai Ordean , University of Birmingham, Birmingham, United Kingdom
Flavio D. Garcia , University of Birmingham, Birmingham, United Kingdom
Download:
DOI: 10.46586/tches.v2021.i3.360-389
URL: https://tches.iacr.org/index.php/TCHES/article/view/8978
Search ePrint
Search Google
Abstract: Performing security analysis of embedded devices is a challenging task. They present many difficulties not usually found when analyzing commodity systems: undocumented peripherals, esoteric instruction sets, and limited tool support. Thus, a significant amount of reverse engineering is almost always required to analyze such devices. In this paper, we present Incision, an architecture and operating-system agnostic reverse engineering framework. Incision tackles the problem of reducing the upfront effort to analyze complex end-user devices. It combines static and dynamic analyses in a feedback loop, enabling information from each to be used in tandem to improve our overall understanding of the firmware analyzed. We use Incision to analyze a variety of devices and firmware. Our evaluation spans firmware based on three RTOSes, an automotive ECU, and a 4G/LTE baseband. We demonstrate that Incision does not introduce significant complexity to the standard reverse engineering process and requires little manual effort to use. Moreover, its analyses produce correct results with high confidence and are robust across different OSes and ISAs.
Video from TCHES 2021
BibTeX
@article{tches-2021-31288,
  title={Cutting Through the Complexity of Reverse Engineering Embedded Devices},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universit├Ąt Bochum},
  volume={2021, Issue 3},
  pages={360-389},
  url={https://tches.iacr.org/index.php/TCHES/article/view/8978},
  doi={10.46586/tches.v2021.i3.360-389},
  author={Sam L. Thomas and Jan Van den Herrewegen and Georgios Vasilakis and Zitai Chen and Mihai Ordean and Flavio D. Garcia},
  year=2021
}