Webinar Featuring: Dr. Houman Homayoun is a professor in the Department of Electrical and Computer Engineering at the University of California, Davis.
Abstract:
In the domain of Internet of Things (IoT) systems, firmware constitutes an essential element, orchestrating the operational control of hardware components and playing a pivotal role in maintaining both the functional integrity and security of these devices. This talk will delve into the security challenges and cutting-edge solutions pertinent to the firmware of IoT systems, presenting our latest findings from research published in recent NDSS and USENIX security conferences. Our studies focus on two types of firmware vulnerabilities: those in bare-metal firmware and those in Linux-based firmware, each with its unique security implications and solutions.
The first study investigates vulnerabilities in bare-metal firmware of IoT devices. We detail a specific vulnerability involving the malicious configuration of power management integrated circuits (PMIC), which can lead to significant device malfunctions such as battery degradation and sensor data corruption. Through a methodical reverse engineering process using tools like Ghidra and Python scripting, we present the FANDEMIC attack, which alters PMIC settings to induce such failures. Our research demonstrates the attack on actual hardware platforms and discusses effective mitigation strategies to safeguard against such vulnerabilities.
The second paper addresses firmware security in Linux-based IoT systems, focusing on BusyBox—an essential suite of Linux commands used ubiquitously in embedded devices. We reveal the presence of vulnerabilities due to outdated BusyBox versions and introduce innovative testing strategies, including the use of Large Language Models (LLM) for generating initial seeds in fuzz testing. This approach enhances the efficiency of identifying potential crashes and vulnerabilities. Additionally, we explore the effectiveness of reusing crash data from similar firmware to expedite the testing process, showcasing significant improvements in the discovery and management of firmware vulnerabilities.