SlideShare uma empresa Scribd logo

Efficient Reverse Engineering of Automotive Firmware

Riscure
Riscure

The fi rmware executed by components found in a car provide a starting point for adversaries to obtain con fidential information and discover potential vulnerabilities. However, the process of reverse engineering a specific component is typically considered a complex and time-consuming task. In this paper we discuss several techniques which we used to significantly increase the efficiency of reverse engineering the fi rmware of an instrument cluster.

Tecnologia
1 de 32
Baixar para ler offline
1 Efficient Reverse Engineering of Automotive Firmware Alyssa Milburn Security Analyst, Riscure milburn@riscure.com / @noopwafel (with Niek Timmers)
2 Reverse Engineering Getting Firmware IP Tuning / manipulation Efficient Reverse Engineering of Automotive Firmware Hacking ??? Reverse Engineering Understanding
3 Automotive Firmware?
4 Instrument Cluster • Speedometer/gauges • Display (screen) • Speaker! • Blinky lights! • 32-bit CPU • CAN bus • I2C bus • EEPROM
5 How can we get the firmware? Efficient Reverse Engineering of Automotive Firmware External flash Debug interfaces Leaks Software vulnerabilities Hardware attacks
6 What makes this challenging? • “Non-standard” platforms • New concepts • Complexity Efficient Reverse Engineering of Automotive Firmware
7
8 What makes this challenging? No tools?! Let’s make some! • Static analysis (disassembly): too complicated • Dynamic analysis (emulation / debugging): no tools? Efficient Reverse Engineering of Automotive Firmware
9 What do we need? • Processor (instruction set) emulator • Timers, interrupts • CAN controller • I2C controller • EEPROM • Display controller Efficient Reverse Engineering of Automotive Firmware
10Efficient Reverse Engineering of Automotive Firmware Emulating the CPU architecture
11 “Implementing” peripherals Efficient Reverse Engineering of Automotive Firmware
12 How difficult was it? ~ 1 man-week of work ~ 3000 lines of (terrible) code (excluding support tooling) Efficient Reverse Engineering of Automotive Firmware
13 Dynamic analysis
14 Debugging Efficient Reverse Engineering of Automotive Firmware Step! Break! Watch! gdb “stub” gdb
15 Debugging (gdb) hbreak *0x11032 Hardware assisted breakpoint 1 at 0x11032 (gdb) c Continuing. 0x00011032 in ?? () (gdb) Efficient Reverse Engineering of Automotive Firmware
16 Execution tracing Efficient Reverse Engineering of Automotive Firmware
17 Execution tracing Efficient Reverse Engineering of Automotive Firmware 0x02920 0x02922 (jump) 0x02926 0x02928 0x0292c 0x02930
18 Execution tracing Efficient Reverse Engineering of Automotive Firmware 0x02920 0x02922 (jump) 0x02926 0x02928 0x0292c 0x02930
19 Execution tracing Efficient Reverse Engineering of Automotive Firmware
20 Execution tracing Efficient Reverse Engineering of Automotive Firmware
21 Hacks! Efficient Reverse Engineering of Automotive Firmware
22 Hacks! Efficient Reverse Engineering of Automotive Firmware
23 Initial state Running (booted) Send CAN message Observe CAN response State rewinding 100ms boot time Efficient Reverse Engineering of Automotive Firmware
24 Taint tracking Efficient Reverse Engineering of Automotive Firmware 1 ?? 2 ?? 3 ?? 4 ?? 5 ?? 6 ?? 7 ?? 8 ?? CAN messageData[2] = CAN.read() Data[7] = Data[2] CAN message CAN message Data[7] == Y?
25 Fuzzing Efficient Reverse Engineering of Automotive Firmware CAN message Memory Memory[5] == 0xc7? Path 1 Path 2
26 ./cc.py dcm discovery CARING CARIBOU v0.1 ------------------- Starting diagnostics service discovery Found diagnostics at arbitration ID 0x????, reply at 0x???? UDS Efficient Reverse Engineering of Automotive Firmware
27 UDS: security access Efficient Reverse Engineering of Automotive Firmware Random key Random key == calculateKey(seed)? We found calculateKey! Seed (challenge)
28 UDS: security access sending requestSeed (0x3) CAN0: RCV [id ####] 02 27 03 aa aa aa aa aa CAN0: TRQ [id ####] 06 67 03 47 2e 8e 70 aa sending sendKey CAN0: RCV [id ####] 06 27 04 41 9b 35 42 aa comparison at 0002f390 (419b3542 vs 419b3542) is tainted with 000000c0 CAN0: TRQ [id ####] 02 67 04 aa aa aa aa aa Efficient Reverse Engineering of Automotive Firmware
29 EEPROM contents Efficient Reverse Engineering of Automotive Firmware Reverse engineering is hard work! updateEEPROM(id, value) Identification (VIN) Features/ configuration (UDS) security state Odometer 
30 Takeaways Efficient Reverse Engineering of Automotive Firmware • Reverse engineering is not so hard! • Lots of other “tricks” to try: • Symbolic execution • Deobfuscation (if necessary) • Smarter fuzzing • You can’t hide secrets in firmware: • Use asymmetric cryptography (i.e. public keys) • Use the secure hardware inside modern processors
31 Thanks to… Efficient Reverse Engineering of Automotive Firmware Santiago CordobaEloi Sanfelix Ramiro Pareja
32 Challenge your security Alyssa Milburn Security Analyst, Riscure milburn@riscure.com / @noopwafel Efficient Reverse Engineering of Automotive Firmware icons8.com • Training • Tools • Services

Recomendados

Software Attacks on Hardware Wallets
Software Attacks on Hardware WalletsSoftware Attacks on Hardware Wallets
Software Attacks on Hardware WalletsRiscure
 
Riscure Assurance for Premium Content at a glance
Riscure Assurance for Premium Content at a glanceRiscure Assurance for Premium Content at a glance
Riscure Assurance for Premium Content at a glanceRiscure
 
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & DefensesSecure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & DefensesRiscure
 
Controlling PC on ARM using Fault Injection
Controlling PC on ARM using Fault InjectionControlling PC on ARM using Fault Injection
Controlling PC on ARM using Fault InjectionRiscure
 
Bypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault InjectionBypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault InjectionRiscure
 
Fault Injection on Automotive Diagnosis Protocols
Fault Injection on Automotive Diagnosis ProtocolsFault Injection on Automotive Diagnosis Protocols
Fault Injection on Automotive Diagnosis ProtocolsRiscure
 
Java Card Security
Java Card SecurityJava Card Security
Java Card SecurityRiscure
 
Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Riscure
 

Recomendados

Software Attacks on Hardware Wallets
Software Attacks on Hardware WalletsSoftware Attacks on Hardware Wallets
Software Attacks on Hardware WalletsRiscure
 
Riscure Assurance for Premium Content at a glance
Riscure Assurance for Premium Content at a glanceRiscure Assurance for Premium Content at a glance
Riscure Assurance for Premium Content at a glanceRiscure
 
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & DefensesSecure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & DefensesRiscure
 
Controlling PC on ARM using Fault Injection
Controlling PC on ARM using Fault InjectionControlling PC on ARM using Fault Injection
Controlling PC on ARM using Fault InjectionRiscure
 
Bypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault InjectionBypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault InjectionRiscure
 
Fault Injection on Automotive Diagnosis Protocols
Fault Injection on Automotive Diagnosis ProtocolsFault Injection on Automotive Diagnosis Protocols
Fault Injection on Automotive Diagnosis ProtocolsRiscure
 
Java Card Security
Java Card SecurityJava Card Security
Java Card SecurityRiscure
 
Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Riscure
 
PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyPEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyNiek Timmers
 
CheapSCAte: Attacking IoT with less than $60
CheapSCAte: Attacking IoT with less than $60CheapSCAte: Attacking IoT with less than $60
CheapSCAte: Attacking IoT with less than $60Riscure
 
How to secure HCE
How to secure HCEHow to secure HCE
How to secure HCERiscure
 
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat Security Conference
 
Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104pgmaynard
 
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...BlueHat Security Conference
 
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations BlueHat Security Conference
 
Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...Priyanka Aash
 
Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finPacSecJP
 
Industrial protocols for pentesters
Industrial protocols for pentestersIndustrial protocols for pentesters
Industrial protocols for pentestersAleksandr Timorin
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Security Weekly
 
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02Ryder robertson security-considerations_in_the_supply_chain_2017.11.02
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02PacSecJP
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityChris Sistrunk
 
Protecting Your DNP3 Networks
Protecting Your DNP3 NetworksProtecting Your DNP3 Networks
Protecting Your DNP3 NetworksChris Sistrunk
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsAshley Zupkus
 
Safe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSafe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSoumitra Bhattacharyya
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems qqlan
 
Hardware Security Training By TONEX
Hardware Security Training By TONEXHardware Security Training By TONEX
Hardware Security Training By TONEXBryan Len
 
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008guest642391
 
Le company presentation
Le company presentationLe company presentation
Le company presentationleadembeddedsoftware
 
Functional verification techniques EW16 session
Functional verification techniques EW16 sessionFunctional verification techniques EW16 session
Functional verification techniques EW16 sessionSameh El-Ashry
 

Mais conteúdo relacionado

Mais procurados

PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyPEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyNiek Timmers
 
CheapSCAte: Attacking IoT with less than $60
CheapSCAte: Attacking IoT with less than $60CheapSCAte: Attacking IoT with less than $60
CheapSCAte: Attacking IoT with less than $60Riscure
 
How to secure HCE
How to secure HCEHow to secure HCE
How to secure HCERiscure
 
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat Security Conference
 
Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104pgmaynard
 
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...BlueHat Security Conference
 
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations BlueHat Security Conference
 
Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...Priyanka Aash
 
Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finPacSecJP
 
Industrial protocols for pentesters
Industrial protocols for pentestersIndustrial protocols for pentesters
Industrial protocols for pentestersAleksandr Timorin
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Security Weekly
 
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02Ryder robertson security-considerations_in_the_supply_chain_2017.11.02
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02PacSecJP
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityChris Sistrunk
 
Protecting Your DNP3 Networks
Protecting Your DNP3 NetworksProtecting Your DNP3 Networks
Protecting Your DNP3 NetworksChris Sistrunk
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsAshley Zupkus
 
Safe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSafe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSoumitra Bhattacharyya
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems qqlan
 
Hardware Security Training By TONEX
Hardware Security Training By TONEXHardware Security Training By TONEX
Hardware Security Training By TONEXBryan Len
 
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008guest642391
 

Mais procurados (20)

PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyPEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot Securely
 
CheapSCAte: Attacking IoT with less than $60
CheapSCAte: Attacking IoT with less than $60CheapSCAte: Attacking IoT with less than $60
CheapSCAte: Attacking IoT with less than $60
 
How to secure HCE
How to secure HCEHow to secure HCE
How to secure HCE
 
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
 
Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104
 
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...
BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault In...
 
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
 
Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
 
Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_fin
 
Industrial protocols for pentesters
Industrial protocols for pentestersIndustrial protocols for pentesters
Industrial protocols for pentesters
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)
 
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02Ryder robertson security-considerations_in_the_supply_chain_2017.11.02
Ryder robertson security-considerations_in_the_supply_chain_2017.11.02
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS Security
 
Protecting Your DNP3 Networks
Protecting Your DNP3 NetworksProtecting Your DNP3 Networks
Protecting Your DNP3 Networks
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEs
 
Safe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSafe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devices
 
Techniques of attacking ICS systems
Techniques of attacking ICS systems Techniques of attacking ICS systems
Techniques of attacking ICS systems
 
Hardware Security Training By TONEX
Hardware Security Training By TONEXHardware Security Training By TONEX
Hardware Security Training By TONEX
 
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
 

Semelhante a Efficient Reverse Engineering of Automotive Firmware

Functional verification techniques EW16 session
Functional verification techniques EW16 sessionFunctional verification techniques EW16 session
Functional verification techniques EW16 sessionSameh El-Ashry
 
Chapter_01_See_Program_Running.pptx
Chapter_01_See_Program_Running.pptxChapter_01_See_Program_Running.pptx
Chapter_01_See_Program_Running.pptxWaleedAbdullah2k19EE
 
Understanding and Improving Device Access Complexity
Understanding and Improving Device Access ComplexityUnderstanding and Improving Device Access Complexity
Understanding and Improving Device Access Complexityasimkadav
 
IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...
IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...
IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...Christopher Diamantopoulos
 
Leveraging Artificial Intelligence Processing on Edge Devices
Leveraging Artificial Intelligence Processing on Edge DevicesLeveraging Artificial Intelligence Processing on Edge Devices
Leveraging Artificial Intelligence Processing on Edge DevicesICS
 
“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMD
“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMD“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMD
“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMDEdge AI and Vision Alliance
 
Navigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding StandardsNavigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding StandardsChantalWauters
 
Introduction to architecture exploration
Introduction to architecture explorationIntroduction to architecture exploration
Introduction to architecture explorationDeepak Shankar
 
Analyzing the Security of Cars Efficiently
Analyzing the Security of Cars EfficientlyAnalyzing the Security of Cars Efficiently
Analyzing the Security of Cars EfficientlyNiek Timmers
 
Ecd302 unit 01(investigate ecad systems)
Ecd302 unit 01(investigate ecad systems)Ecd302 unit 01(investigate ecad systems)
Ecd302 unit 01(investigate ecad systems)Xi Qiu
 
Understanding Modern Device Drivers
Understanding Modern Device DriversUnderstanding Modern Device Drivers
Understanding Modern Device Driversasimkadav
 
201306170 a vuk - faar industry overview
201306170 a vuk - faar industry overview201306170 a vuk - faar industry overview
201306170 a vuk - faar industry overviewkamar zinoun
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersMicroEJ
 
FPGA_prototyping proccesing with conclusion
FPGA_prototyping proccesing with conclusionFPGA_prototyping proccesing with conclusion
FPGA_prototyping proccesing with conclusionPersiPersi1
 

Semelhante a Efficient Reverse Engineering of Automotive Firmware (20)

Le company presentation
Le company presentationLe company presentation
Le company presentation
 
Functional verification techniques EW16 session
Functional verification techniques EW16 sessionFunctional verification techniques EW16 session
Functional verification techniques EW16 session
 
AdnanAlbujuq_2
AdnanAlbujuq_2AdnanAlbujuq_2
AdnanAlbujuq_2
 
Chapter_01_See_Program_Running.pptx
Chapter_01_See_Program_Running.pptxChapter_01_See_Program_Running.pptx
Chapter_01_See_Program_Running.pptx
 
Understanding and Improving Device Access Complexity
Understanding and Improving Device Access ComplexityUnderstanding and Improving Device Access Complexity
Understanding and Improving Device Access Complexity
 
IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...
IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...
IMAGE CAPTURE, PROCESSING AND TRANSFER VIA ETHERNET UNDER CONTROL OF MATLAB G...
 
OBD II Stack Solutions and Services
OBD II Stack Solutions and ServicesOBD II Stack Solutions and Services
OBD II Stack Solutions and Services
 
Leveraging Artificial Intelligence Processing on Edge Devices
Leveraging Artificial Intelligence Processing on Edge DevicesLeveraging Artificial Intelligence Processing on Edge Devices
Leveraging Artificial Intelligence Processing on Edge Devices
 
“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMD
“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMD“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMD
“Programming Vision Pipelines on AMD’s AI Engines,” a Presentation from AMD
 
Navigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding StandardsNavigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding Standards
 
Introduction to architecture exploration
Introduction to architecture explorationIntroduction to architecture exploration
Introduction to architecture exploration
 
Analyzing the Security of Cars Efficiently
Analyzing the Security of Cars EfficientlyAnalyzing the Security of Cars Efficiently
Analyzing the Security of Cars Efficiently
 
UNIT-III ES.ppt
UNIT-III ES.pptUNIT-III ES.ppt
UNIT-III ES.ppt
 
CodeChecker summary 21062021
CodeChecker summary 21062021CodeChecker summary 21062021
CodeChecker summary 21062021
 
Ecd302 unit 01(investigate ecad systems)
Ecd302 unit 01(investigate ecad systems)Ecd302 unit 01(investigate ecad systems)
Ecd302 unit 01(investigate ecad systems)
 
Understanding Modern Device Drivers
Understanding Modern Device DriversUnderstanding Modern Device Drivers
Understanding Modern Device Drivers
 
201306170 a vuk - faar industry overview
201306170 a vuk - faar industry overview201306170 a vuk - faar industry overview
201306170 a vuk - faar industry overview
 
SoC: System On Chip
SoC: System On ChipSoC: System On Chip
SoC: System On Chip
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for Microcontrollers
 
FPGA_prototyping proccesing with conclusion
FPGA_prototyping proccesing with conclusionFPGA_prototyping proccesing with conclusion
FPGA_prototyping proccesing with conclusion
 

Mais de Riscure

PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyPEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyRiscure
 
Lowering the bar: deep learning for side-channel analysis
Lowering the bar: deep learning for side-channel analysisLowering the bar: deep learning for side-channel analysis
Lowering the bar: deep learning for side-channel analysisRiscure
 
Riscure Introduction
Riscure IntroductionRiscure Introduction
Riscure IntroductionRiscure
 
Practical Differential Fault Attack on AES
Practical Differential Fault Attack on AESPractical Differential Fault Attack on AES
Practical Differential Fault Attack on AESRiscure
 
How to secure electronic passports
How to secure electronic passportsHow to secure electronic passports
How to secure electronic passportsRiscure
 
How multi-fault injection breaks the security of smart cards
How multi-fault injection breaks the security of smart cardsHow multi-fault injection breaks the security of smart cards
How multi-fault injection breaks the security of smart cardsRiscure
 
Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?Riscure
 
Defeating RSA Multiply-Always and Message Blinding Countermeasures
Defeating RSA Multiply-Always and Message Blinding CountermeasuresDefeating RSA Multiply-Always and Message Blinding Countermeasures
Defeating RSA Multiply-Always and Message Blinding CountermeasuresRiscure
 
Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Secure initialization of Trusted Execution Environments: When Secure Boot fal...Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Secure initialization of Trusted Execution Environments: When Secure Boot fal...Riscure
 

Mais de Riscure (9)

PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot SecurelyPEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot Securely
 
Lowering the bar: deep learning for side-channel analysis
Lowering the bar: deep learning for side-channel analysisLowering the bar: deep learning for side-channel analysis
Lowering the bar: deep learning for side-channel analysis
 
Riscure Introduction
Riscure IntroductionRiscure Introduction
Riscure Introduction
 
Practical Differential Fault Attack on AES
Practical Differential Fault Attack on AESPractical Differential Fault Attack on AES
Practical Differential Fault Attack on AES
 
How to secure electronic passports
How to secure electronic passportsHow to secure electronic passports
How to secure electronic passports
 
How multi-fault injection breaks the security of smart cards
How multi-fault injection breaks the security of smart cardsHow multi-fault injection breaks the security of smart cards
How multi-fault injection breaks the security of smart cards
 
Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?
 
Defeating RSA Multiply-Always and Message Blinding Countermeasures
Defeating RSA Multiply-Always and Message Blinding CountermeasuresDefeating RSA Multiply-Always and Message Blinding Countermeasures
Defeating RSA Multiply-Always and Message Blinding Countermeasures
 
Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Secure initialization of Trusted Execution Environments: When Secure Boot fal...Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Secure initialization of Trusted Execution Environments: When Secure Boot fal...
 

Último

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 

Último (20)

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 

Efficient Reverse Engineering of Automotive Firmware