Send in your ideas. Deadline February 1, 2025

Last update: 2014-04-01

Deep Firmware

Active discovery of known and unknown security vulnerabilities in firmware

Understanding firmware is very difficult without the proper tools. The project builds an advanced prototype for scanning of security aspects of firmware based on the open source Binary Analysis Tool.

Electronic devices typically derive their functionality because of embedded software, often referred to as firmware. Firmware suffers from all the normal weaknesses of software, but has the additional handicap that the interface to the device is often very limited. It is therefore often hard to adequately grasp the risk of devices being compromised.

Deep Firmware Inspection is an R&D project that add security capabilities to the open source firmware scanning tool Binary Analysis Tool. The result is a tool with a number of unique features, such as scanning of password databases, matching of security information from vulnerability disclosure with a corpus of firmware, version identification of software components and much more.

BAT uses symbol and string table comparisons to read binary code in firmware formats and compare it with source code without undertaking any reverse engineering. This approach has proven extremely effective in discovering real-world issues. Advanced users can also build a customized knowledgebase containing information about upstream suppliers, chip-sets, offsets, file systems and application strings to improve the fidelity of scans.

Download BAT v.27 (final version): Github.com | NLnet.nl

Or check out the fine manual

If you are interested in supporting future work similar to Deep Firmware, contact Michiel Leenaars (director of strategy at NLnet).

The project is led by Armijn Hemel.

Deep Firmware was co-funded by NCTV through the programme "veilig door innovatie" and NLnet.