If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
We propose a set of methods of hardening existing embedded systems against attack by employing Binary Autotomy or the automated removal of unnecessary binaries from each embedded device according to its current configuration.
The configuration of the embedded device to be protected is analyzed. The firmware binary corresponding to the features enabled in the configuration is kept. The firmware corresponding to features not enabled in the configuration is removed from the firmware image. The firmware to be removed is determined by applying static and dynamic binary code analysis on the original firmware image. This analysis maps each configurable feature with a set of binary executable code within the firmware image. When a particular configuration is analyzed, a list of enabled features is built from this file. Using the feature to code mapping created from the original dynamic and static analysis, autotomic binary reduction simply removes all code that belongs to features that are not enabled, or should not be used, in the particular configuration file in question.
We present quantitative analysis of the effectiveness of Binary Autotomy algorithms on a collection of common embedded devices along with several live demonstrations of embedded devices running post FFC firmware images. How much unnecessary binary can be ripped out of XYZ*? Come and find out!
* XYZ = {Home routers | Enterprise routers | VoIP phones | Printers | Web Cams}