skip to main content
10.1145/2995289.2995296acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
invited-talk

Analyzing Thousands of Firmware Images and a Few Physical Devices: What's Next?

Published: 28 October 2016 Publication History

Abstract

This talk will make an overview of security problems that have been found with both large scale automated static analysis (within the firmware.re project) and with more focused and more manual dynamic analysis (using the Avatar project). I will then discuss what I think we can do about it and how.

References

[1]
A. Costin, J. Zaddach, A. Francillon, and D. Balzarotti. A Large Scale Analysis of the Security of Embedded Firmwares. USENIX Security, 2014.
[2]
A. Costin, A. Zarras, and A. Francillon. Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces. ASIACCS, 201
[3]
A. Francillon. Trust, But Verify: Why and how to establish trust in embedded devices (invited paper). DATE, 2016.
[4]
J. Zaddach, L. Bruno, A. Francillon, and D. Balzarotti. Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares. NDSS, 2014.
[5]
J. Zaddach, A. Kurmus, D. Balzarotti, E. O. Blass, A. Francillon, T. Goodspeed, M. Gupta, and I. Koltsidas. Implementation and implications of a stealth hard-drive backdoor. ACSAC, 2013.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
TrustED '16: Proceedings of the 6th International Workshop on Trustworthy Embedded Devices
October 2016
74 pages
ISBN:9781450345675
DOI:10.1145/2995289
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 2016

Check for updates

Author Tags

  1. embedded systems security
  2. trust

Qualifiers

  • Invited-talk

Conference

CCS'16
Sponsor:

Acceptance Rates

TrustED '16 Paper Acceptance Rate 6 of 12 submissions, 50%;
Overall Acceptance Rate 24 of 49 submissions, 49%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 234
    Total Downloads
  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)0
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media