Firmware is low-level software that can be found in cameras, computers, consoles, telephones, TV sets and Internet of Things devices. It allows the operating system of a given hardware to communicate with its individual components. It can also act as the operating system for the entire device.
Although so important for the operation of devices that we use every day, the firmware is often designed without taking into account its security (especially when it comes to preventing physical attacks). This is dangerous because it can expose the device to cyberattacks, which may be aimed at spying on users, stealing data or taking control of the equipment. Firmware attacks can be difficult to detect, so prevention is the best way to fight them.
AFINE specializes in the analysis of firmware for errors, potentially existing backdoors, and the ways of implementing functionalities. Depending on the protections used, we download the firmware from the device, and we decipher and locate susceptibility within the code. We also verify whether the attacker may try to permanently replace the code within the firmware to add an unauthorized functionality.
Depending on your individual needs, we can offer you:
- analysis of the options of reading firmware from the layout,
- analysis of the possibility of placing unauthorized firmware code for component,
- analysis of the cryptographic protection of the code (e.g., encryption of the section to avoid reading and to perform retroactive analysis),
- analysis of the existence of backdoors,
- analysis of binary code for typical safety errors for a given architecture.