Print Print  
Award Information
Proposal Number: FY18.1-H-SB018.1-008-0008-I
Proposal Title: Automated and Scalable Analysis of Mobile and IoT Device Firmware
Topic Number: H-SB018.1-008
Phase: Phase I
Topic Title: Automated & Scalable Analysis of Mobile & IoT Device Firmware
Organization: RAM Laboratories, Inc.
Address: 591 Camino de la Reina
Suite 610
San Diego, CA 92108-3108  
Abstract: As Internet of Things (IoT) and mobile devices become increasingly popular and widely used, the security of the firmware running on these devices is paramount. However, due to the lack of an efficient and scalable analysis framework, combined with the increasing pressure to get products to market as quickly as possible, the software running on these devices is never properly checked for security vulnerabilities and backdoors. This results in a large potential attack surface, with millions of devices owned by individuals, enterprises, and government agencies that could be exploited by external adversaries. To fill this gap RAM Laboratories is proposing Firmalytics, a modular and scalable framework that automatically analyzes firmware images for security vulnerabilities, backdoors, and malware. The results, along with any metadata gathered about the firmware, are added to a database to support a correlation engine used for identifying groups of similar firmware. This grouping helps give contextual information of what vulnerabilities might be common among the firmware, allowing for us to prioritize vulnerabilities to search for when scanning the image. Additionally, our framework supports the use of more advanced vulnerability detection methods that rely on complex techniques such as symbolic execution. While these techniques have trouble scaling, we can utilize the correlation engine to intelligently sample images from the firmware database to analyze and potentially find 0-day vulnerabilities that have yet to be discovered. We can then verify which similar images might also be vulnerable and report the results back to the end user.
Award/Contract Number: 70RSAT18C00000024
Period of Performance: 05/02/2018 - 11/01/2018
Award/Contract Value: $149,999.85
Award/Obligated Amount: $149,999.85