Abstract
In recent years, issues related to information security have received increasing attention. Expanding the security-related functionality of SSD firmware can provide an additional method for implementing security features in the host system while taking advantage of the excellent performance of the SSD controller. This paper proposes a stealth security hardening method based on SSD Firmware Function Extension. By reverse engineering the firmware program and inserting jump instructions at specific locations, the firmware program can jump to and execute the extension program inserted into the original unused space of the firmware. This can be done without affecting the normal use of the SSD, realizing the functional expansion of the firmware, which mainly includes executing remote code sent by the host, invoking timers, direct read and write flash memory, and self-destruction under specific circumstances. The availability of extended functions and the change in read and write performance after the expansion were experimentally tested.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
IBMArchives, 20th century disk storage chronology. https://www.ibm.com/ibm/history/exhibits/storage/storage_chrono20.html. Accessed 10 Jun 2023
Schultz: Research on Key Technologies of Solid State Disk Storage System. National University of Defense Technology, Hunan (2019)
Zhou, J.: Research on Firmware Optimization Algorithm in Solid State Disk. Hangzhou University of Electronic Science and Technology, Zhejiang (2019)
Luo, Y., Ghose, S., Cai, Y., et al.: HeatWatch: improving 3D NAND flash memory device reliability by exploiting self-recovery and temperature awareness. In: 2018 IEEE International Symposium on High Performance Computer Architecture (HPCA) (2018)
Mingbo, Y.: Research on Firmware Optimization of Solid State Disk. Hangzhou University of Electronic Science and Technology, Zhejiang (2020)
Vladimirov, S., Pirmagomedov, R., Kirichek, R., et al.: Unique degradation of flash memory as an identifier of ICT device. IEEE Access 7, 107626–107634 (2019)
Yang, C., Jin, P., Yue, L., et al.: Efficient buffer management for tree indexes on solid state drives. Int. J. Parallel Prog. 44, 5–25 (2016)
Wang, Y.L., Kim, K.T., Lee, B., et al.: A novel buffer management scheme based on particle swarm optimization for SSD. J. Supercomput. 74, 141–159 (2018)
Jiecheng, B.: Optimization Design of Solid State Disk Firmware Based on Thermal Data Identification. Hangzhou University of Electronic Science and Technology, Zhejiang (2022)
Xie, W., Chen, Y., Roth, P.C.: ASA-FTL: an adaptive separation aware flash translation layer for solid state drives. Parallel Comput. 61, 3–17 (2017)
Zhou, J., Han, D., Wang, J., et al.: A correlation-aware page-level FTL to exploit semantic links in workloads. IEEE Trans. Parallel Distrib. Syst. 30(4), 723–737 (2018)
Tang, H.: Research and Design of Management Algorithm for Super Block Flash Conversion Layer. Zhejiang University, Zhejiang (2020)
Zhang, J., Kwon, M., Swift, M., et al.: Scalable parallel flash firmware for many-core architectures. In: Proceedings of the 18th USENIX Conference on File and Storage Technologies, pp. 121–136 (2020)
Zheng, Y., Davanian, A., Yin, H., et al.: FIRM-AFL: high-throughput greybox fuzzing of IoT firmware via augmented process emulation. In: 28th USENIX Security Symposium, pp. 1099–1114 (2019)
Scharnowski, T., Bars, N., Schloegel, M., et al.: Fuzzware: using precise {MMIO} modeling for effective firmware fuzzing. In: 31st USENIX Security Symposium, pp. 1239–1256 (2022)
Liang, H., Xie, Z., Chen, Y., et al.: FIT: inspect vulnerabilities in cross-architecture firmware by deep learning and bipartite matching. Comput. Secur. 99, 102032 (2020)
Falas, S., Konstantinou, C., Michael, M.K.: A modular end-to-end framework for secure firmware updates on embedded systems. ACM J. Emerg. Technol. Comput. Syst. (JETC) 18(1), 1–19 (2021)
He Y., Zou Z., Sun K. et al.: {RapidPatch}: firmware hotpatching for {real-time} embedded devices. In: 31st USENIX Security Symposium, pp. 2225–2242 (2022)
Acknowledgments
This study was supported by the National Key Research and Development Program of China (2020YFB1005704).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yu, X., Li, Z., Qiao, X., Tan, Y., Li, Y., Zhang, L. (2024). A Stealth Security Hardening Method Based on SSD Firmware Function Extension. In: Luo, B., Cheng, L., Wu, ZG., Li, H., Li, C. (eds) Neural Information Processing. ICONIP 2023. Communications in Computer and Information Science, vol 1963. Springer, Singapore. https://doi.org/10.1007/978-981-99-8138-0_29
Download citation
DOI: https://doi.org/10.1007/978-981-99-8138-0_29
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-8137-3
Online ISBN: 978-981-99-8138-0
eBook Packages: Computer ScienceComputer Science (R0)