IoT/connected device bare-metal and monolithic firmware security analysis engine
Bare-metal and Monolithic Firmware Analysis
General purpose Linux is currently still the dominant operating system used in IoT devices, with 22% market share in 2017, but this trend is currently shifting towards use of embedded OS and monolithic firmware specially in low power devices in which the application directly runs on the hardware without an operating system. A number of open-source tools have been published to facilitate manual static analysis of non-Linux embedded firmware specifically for automating the annotation of memory-mapped peripherals in the disassembled binary code. These tools are intended for IoT security researchers with intermediate level knowledge of an ARM architecture and binary reverse engineering in manual code audit engagements. Determining the attack surface of the target firmware binary and discovering vulnerabilities targeting those vectors are still manual and expensive tasks that are not scalable for an IoT device vendor with multiple product lines.
Firmalyzer analysis engine for bare-metal and monolithic firmwares enables device manufacturers and security testing labs to perform automated security analysis without access to the firmware source code. With a combination of static code analysis and targeted code emulation, Firmalyzer can discover the following classes of vulnerabilities: