Sandia Labs FY21 LDRD Annual Report


Scalable firmware re-hosting. Embedded systems that execute low-level software (i.e., firmware) control our vehicles, airplanes, traffic signals, critical components in the power grid, and many other systems including the Internet of Things. Because these systems are increasingly targeted by cyber-attackers, the U.S. needs to be able to assess for vulnerabilities and understand their impact within the system context. Modeling systems at the high fidelity needed to understand cyber vulnerabilities and system-level consequences is challenging. Re-hosting firmware in a safe environment is complicated by the tight coupling of firmware with its hardware and requires custom emulators built for each system, a process that can take up to a year for each device. This LDRD project leveraged a technique called high-level emulation whereby low-level common application programming interface (API) functions responsible for hardware interaction are replaced during emulation with models. Any firmware using those APIs can be rapidly re-hosted and the modeled API can be reused for many devices. As a proof of concept, the research team implemented support for key functionality of the VxWorks Real Time Operating Systems, which is commonly used in critical infrastructure. The time to re-hosting the first device with serial and filesystem support was reduced from 12–18 months to only six weeks for the last device. Using this scalable way to employ firmware re-hosting, teams will be able to understand the impacts of vulnerabilities in embedded systems on the larger systems they comprise. (PI: Abraham Clements)

By employing high-level emulation in scalable firmware rehosting, significant development time is saved across embedded systems.



Made with FlippingBook Ebook Creator