Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices

Sebastian Vasile; David Oswald; Tom Chothia

doi:10.1007/978-3-030-15462-2_12

Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices

Sebastian Vasile, David Oswald, Tom Chothia

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Citations (Scopus)

939 Downloads (Pure)

Abstract

In this paper, we systematically review and categorize different hardware-based firmware extraction techniques, using 24 examples of real, wide-spread products, e.g. smart voice assistants (in particular Amazon Echo devices), alarm and access control systems, as well as home automation devices. We show that in over 45% of the cases, an exposed UART interface is sufficient to obtain a firmware dump, while in othercases, more complicated, yet still low-cost methods (e.g. JTAG or eMMC readout) are needed. In this regard, we perform an in-depth investigation of the security concept of the Amazon Echo Plus, which contains significant protection methods against hardware-level attacks. Based on the results of our study, we give recommendations for countermeasures to mitigate the respective methods.

Original language	English
Title of host publication	CARDIS 2018: Smart Card Research and Advanced Applications
Publisher	Springer
Pages	171-185
Number of pages	15
DOIs	https://doi.org/10.1007/978-3-030-15462-2_12
Publication status	E-pub ahead of print - 7 Mar 2019
Event	17th Smart Card Research and Advanced Application Conference - Montpellier, France Duration: 12 Nov 2018 → 14 Nov 2018

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	17th Smart Card Research and Advanced Application Conference
Country/Territory	France
City	Montpellier
Period	12/11/18 → 14/11/18

Access to Document

10.1007/978-3-030-15462-2_12Licence: None: All rights reserved

Sebastian_Vasile_et_al_Breaking_all_the_things_Lecture_Notes_in_Computer_Science_2018_
Checked for eligibility: 20/12/2018 This is a post-peer-review, pre-copyedit version of an article published in Lecture Notes in Computer Science. The final authenticated version is available online at: https://doi.org/10.1007/978-3-030-15462-2_12
Accepted author manuscript, 6.9 MBLicence: None: All rights reserved

Cite this

@inproceedings{371f6a7be1be4929942b27b60ac93a97,

title = "Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices",

abstract = "In this paper, we systematically review and categorize different hardware-based firmware extraction techniques, using 24 examples of real, wide-spread products, e.g. smart voice assistants (in particular Amazon Echo devices), alarm and access control systems, as well as home automation devices. We show that in over 45% of the cases, an exposed UART interface is sufficient to obtain a firmware dump, while in othercases, more complicated, yet still low-cost methods (e.g. JTAG or eMMC readout) are needed. In this regard, we perform an in-depth investigation of the security concept of the Amazon Echo Plus, which contains significant protection methods against hardware-level attacks. Based on the results of our study, we give recommendations for countermeasures to mitigate the respective methods. ",

author = "Sebastian Vasile and David Oswald and Tom Chothia",

year = "2019",

month = mar,

day = "7",

doi = "10.1007/978-3-030-15462-2_12",

language = "English",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "171--185",

booktitle = "CARDIS 2018: Smart Card Research and Advanced Applications",

note = "17th Smart Card Research and Advanced Application Conference ; Conference date: 12-11-2018 Through 14-11-2018",

}

Vasile, S, Oswald, D & Chothia, T 2019, Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices. in CARDIS 2018: Smart Card Research and Advanced Applications. Lecture Notes in Computer Science, Springer, pp. 171-185, 17th Smart Card Research and Advanced Application Conference, Montpellier, France, 12/11/18. https://doi.org/10.1007/978-3-030-15462-2_12

Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices. / Vasile, Sebastian; Oswald, David ; Chothia, Tom.
CARDIS 2018: Smart Card Research and Advanced Applications. Springer, 2019. p. 171-185 (Lecture Notes in Computer Science).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Breaking all the things

T2 - 17th Smart Card Research and Advanced Application Conference

AU - Vasile, Sebastian

AU - Oswald, David

AU - Chothia, Tom

PY - 2019/3/7

Y1 - 2019/3/7

N2 - In this paper, we systematically review and categorize different hardware-based firmware extraction techniques, using 24 examples of real, wide-spread products, e.g. smart voice assistants (in particular Amazon Echo devices), alarm and access control systems, as well as home automation devices. We show that in over 45% of the cases, an exposed UART interface is sufficient to obtain a firmware dump, while in othercases, more complicated, yet still low-cost methods (e.g. JTAG or eMMC readout) are needed. In this regard, we perform an in-depth investigation of the security concept of the Amazon Echo Plus, which contains significant protection methods against hardware-level attacks. Based on the results of our study, we give recommendations for countermeasures to mitigate the respective methods.

AB - In this paper, we systematically review and categorize different hardware-based firmware extraction techniques, using 24 examples of real, wide-spread products, e.g. smart voice assistants (in particular Amazon Echo devices), alarm and access control systems, as well as home automation devices. We show that in over 45% of the cases, an exposed UART interface is sufficient to obtain a firmware dump, while in othercases, more complicated, yet still low-cost methods (e.g. JTAG or eMMC readout) are needed. In this regard, we perform an in-depth investigation of the security concept of the Amazon Echo Plus, which contains significant protection methods against hardware-level attacks. Based on the results of our study, we give recommendations for countermeasures to mitigate the respective methods.

UR - http://www.scopus.com/inward/record.url?scp=85070747026&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-15462-2_12

DO - 10.1007/978-3-030-15462-2_12

M3 - Conference contribution

T3 - Lecture Notes in Computer Science

SP - 171

EP - 185

BT - CARDIS 2018: Smart Card Research and Advanced Applications

PB - Springer

Y2 - 12 November 2018 through 14 November 2018

ER -

Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this