CROSS-ABSTRACTION ANALYSIS FOR COMPLEX EMBEDDED SYSTEMS (AVATARINATOR)

Abstract

With a growing dependency on connected embedded devices, it becomes crucial to test the security of a wide variety of heterogeneous embedded systems. In particular, off the shelf devices are deployed and interconnected at a growing rate. Those devices often have limited capabilities and are often developed on a tight budget, for a specific application, and by using custom code and custom hardware. This makes embedded devices exposed to attacks and vulnerable. Moreover, the large hardware diversity and the customization of their code makes it difficult to perform dynamic analysis, as emulation environments are generally not available. Furthermore, analysis of the firmware on the actual hardware is not providing the necessary visibility on the execution for advanced analysis to be useful. While in recent years many advances have been made to improve this situation, it remains difficult to analyze embedded devices firmware and many research challenges must be overcome to improve this situation. This project aims to join the effort of two teams doing research on firmware emulation for security analysis. Those teams took so far different approaches: in one case by connecting an emulator to the actual hardware (Avatar²/EURECOM), and in the other by replacing code that interacts with hardware with a high level behavioral model (HALucinator/EPFL). This main goal of this project is to combine those two approaches in a unified framework. The use of this framework will allow us to address research challenges that hamper progress towards better automation and analysis of more complex systems, such as multiprocessor systems.

Document Details

Document Type

DoD Grant Award

Publication Date

Aug 11, 2021

Source ID

FA86552017048

Entities

Tags