Firmware Re-Hosting: An Evaluation and Verification of FirmAE

Abstract

Firmware re-hosting has been getting more attention as its use cases in developing embedded systems and security analysis are invaluable. In this thesis, we compare five state-of-the-art tools based on the properties ideal firmware re-hosting solutions must have and verify the results of the firmware emulation framework FirmAE. FirmAE is a fully automated dynamic analysis framework for Linux-based systems and extends the Firmadyne framework by implementing heuristics based on failure case analysis. We validated the published results using the publicized dataset and constructed a new set consisting of images from the top vendors on home networks. The firmware collection was then used to evaluate the overall emulation success rate. In addition, the impact of each arbitration technique was assessed. Our results show that FirmAE increases the emulation success rate of Firmadyne from 3.08% to 32.3%. Regarding the impact of each arbitration, the categories network and boot seem to have the most influence, reducing the emulation success rate by an average of 24% and 20% when disabled. NVRAM arbitration seems to be the least important, reducing the rate by about 4% across the board.

Publication
TU Wien
Sebastian Dietz
Sebastian Dietz
Research Intern

My research interests include systems security and embedded security.