Today many embedded devices are already interconnected and rapidly gaining access to our daily live. This trend can be observed in all major sectors of the industry such as building and home automation, transportation and manufacturing.
Apart from the many benefits that this trend provides, there are also massive security risks involved mainly due to the fact that the attack surface is increased by a large factor. Not only could all the small devices which are now connected to the Internet pose a security risk, but due to the strong interconnectivity, parts of the infrastructure which was previously strictly separated from the Internet could now become target of an attack.
At Blue Frost Security we are able to perform advanced security analysis of all kinds of embedded devices in order to identify security vulnerabilities or even backdoors in devices which your overall security depends on.
A typical analysis starts with the identification of the physical attack surface, including the identification of possible open debug interfaces like UARTs or unprotected JTAG interfaces. Accessible busses and pins on the circuit board are checked for ways to get access to the firmware and/or operating system running on the device. In the next step the firmware of the embedded device is obtained. This can be as easy as sniffing the firmware upgrade process or can require dumping of flash chips from the circuit board. After the firmware is obtained and decrypted the analysis of the operating system can begin.
All the provided functionality and used protocols of the embedded device will be reviewed for potential security vulnerabilities. This analysis is based on the obtained firmware which will be reverse engineered for this purpose and based on tests performed directly on the running device.