Embedded Devices Security and Firmware Reverse Engineering presented at BlackHatUSA 2013

by Andrei Costin, Jonas Zaddach,

Summary : Embedded devices have become the "usual presence" in the network of (m)any household(s), SOHO, enterprise or critical infrastructure.
The preached Internet of Things promises to "gazillion"uple their number and heterogeneity in the next few years.
However, embedded devices are becoming lately the "usual suspects" in security breaches and security advisories and thus become the "Achilles' heel" of one's overall infrastructure security.
An important aspect is that embedded devices run on what's commonly known as firmwares.
To understand how to secure embedded devices, one needs to understand their firmware and how it works.
This workshop aims at presenting a quick-start at how to inspect firmwares and a hands-on presentation with exercises on real firmwares from a security analysis standpoint.