Microcontroller Units (MCUs) play a vital role in embedded devices due to their energy efficiency and scalability. The firmware in MCUs contains vulnerabilities that can lead to digital and physical harm. However, testing MCU firmware faces challenge...
As the Internet of Things (IoT) era arrives, the proliferation of IoT devices exposed to the Internet presents a significant challenge to device security. Firmware is software that operates within Internet of Things (IoT) devices, directly governing...
With the rapid growth of IoT devices, ensuring the security of embedded firmware has become a critical concern. Despite advances in existing vulnerability discovery methods, previous research has been limited to vulnerabilities occurring in binary pr...
Low-power microcontrollers, wireless sensors, and embedded gateways form the backbone of many Internet of Things (IoT) deployments. However, their limited memory, constrained energy budgets, and lack of standardized firmware make them attractive targ...
The integrated circuit (IC) manufacturing process involves many players, from chip/board design and fabrication to firmware design and installation. In today’s global supply chain, any of these steps are prone to interference from rogue players, crea...
Identifying homologous vulnerabilities across diverse IoT firmware images is critical for large-scale vulnerability auditing and risk assessment. However, existing approaches often rely on coarse-grained components or single-dimensional metrics, lack...
This paper proposes a blockchain-based firmware update method using unmanned aerial vehicles (UAVs) to solve one of the security issues arising in the Internet of Things (IoT) environment, which is the firmware security problem. It has high scalabili...
Although the vigorous development of smart homes brings great convenience to people’s lives, smart homes usually suffer from various security threats due to firmware vulnerabilities. Firmware update is a possible solution, but existing methods...
In recent years, the Internet of Things (IoT) paradigm has been widely applied across a variety of industrial and consumer areas to facilitate greater automation and increase productivity. Higher dependability on connected devices led to a growing ra...
As the use of Internet of Things (IoT) devices becomes extensive, ensuring their security has become a critical issue for both individuals and organizations, particularly as these devices collect, transmit, and analyze diverse data. The firmware of I...
Embedded devices are pervasive nowadays with the rapid development of the Internet of Things (IoT). This brings significant security issues that make the security analysis of embedded devices important. This paper presents a survey on the security an...
The Unified Extensible Firmware Interface (UEFI) provides a specification of the software interface between an OS and its underlying platform firmware. UEFI UI is an interactive interface that allows users to configure and manage UEFI settings, which...
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires...
The broadly configured smart city network requires a variety of security considerations for a heterogeneous device environment. Because a network of heterogeneous devices facilitates an attacker’s intrusion through a specific device or node, a...
Over-the-air (OTA) updating is a critical mechanism for secure internet of things (IoT) systems for remotely updating the firmware (or keys) of IoT devices. Message queue telemetry transport (MQTT) is a very popular internet of things (IoT) communica...
The increasing connectivity and complexity of automotive systems require enhanced mechanisms for firmware updates to ensure security and integrity. Traditional methods are insufficient for modern vehicles that require seamless over-the-air (OTA) upda...
As the usage growth rate of Internet of Things (IoT) devices is increasing, various issues related to these devices need attention. One of them is the distribution of the IoT firmware update. The IoT devices’ software development does not end w...
Firmware vulnerabilities in embedded devices have caused serious security incidents, necessitating similarity analysis of binary program instruction embeddings to identify vulnerabilities. However, existing instruction embedding methods neglect progr...
Nowadays, the world witnesses cyber attacks daily, and these threats are becoming exponentially sophisticated due to advances in Artificial Intelligence (AI). This progress allows adversaries to accelerate malware development and streamline the explo...
With the development of 5G and network technology, the usage of IoT devices has become popular. Because most of these IoT devices can be controlled by an adversary away from the administrator, several security issues such as firmware dumping can aris...
Advanced Driver Assistance Systems (ADASs) are crucial components of intelligent vehicles, equipped with a vast code base. To enhance the security of ADASs, it is essential to mine their vulnerabilities and corresponding exploitation methods. However...
IoT web fuzzing is an effective way to detect security flaws in IoT devices. However, without enough information of the tested targets, IoT web fuzzing is often blind and inefficient. In this paper, we propose to use static analysis to assist IoT web...
This paper provides an overview of several secure boot architectures with a focus on key rotation. It expands on a practitioner note that the authors submitted to the 2023 IEEE Secure Development Conference. Key rotation is important due to the frequ...
Wireless Local Area Networks (WLANs), particularly Wi-Fi, serve as the backbone of modern connectivity, supporting billions of devices globally and forming a critical component in Internet of Things (IoT) ecosystems. However, the increasing ubiquity...
With the increasing utilization of drones, the cyber security threats they face have become more prominent. Code reuse in the software development of drone systems has led to vulnerabilities in drones. The binary code similarity analysis method offer...
With the advent of artificial intelligence, the research paradigm in natural language processing has been transitioned from statistical methods to machine learning-based approaches. One application is to develop a deep learning-based language model t...
Broken access control vulnerabilities pose significant security risks to the protected web interfaces of IoT devices, enabling adversaries to gain unauthorized access to sensitive configurations and even use them as stepping stones for attacking the...
The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important f...
The increasing adoption of electric vehicles (EVs) and the integration of 5G/6G networks are driving the demand for secure, intelligent, and interoperable charging infrastructure within the Internet of Vehicles (IoV) ecosystem. Electric Vehicle Charg...
Ensuring the security of modern cyberphysical devices is the most important task of the modern world. The reason for this is that such devices can cause not only informational, but also physical damage. One of the approaches to solving the problem is...
Combating the OS-level malware is a very challenging problem as this type of malware can compromise the operating system, obtaining the kernel privilege and subverting almost all the existing anti-malware tools. This work aims to address this problem...
The proliferation of Internet of Things (IoT) applications in safety-critical domains, such as healthcare, smart transportation, and industrial automation, demands robust solutions for data integrity, traceability, and security that surpass the capab...
The Internet of Things (IoT) has transformed various domains in our lives by enabling seamless communication and data exchange between interconnected devices, necessitating robust networking infrastructure. This paper presents a comprehensive analysi...
Modern cryptographic systems increasingly depend on certified hardware modules to guarantee trustworthy key management, tamper resistance, and secure execution across Internet of Things (IoT), embedded, and cloud infrastructures. Although numerous FI...
A complete low-power, low-cost and wireless solution for bridge structural health monitoring is presented. This work includes monitoring nodes with modular hardware design and low power consumption based on a control and resource management board cal...
The emergence of large-scale quantum computing presents an imminent threat to contemporary public-key cryptosystems, with quantum algorithms such as Shor’s algorithm capable of efficiently breaking RSA and elliptic curve cryptography (ECC). Thi...
This article proposes a novel, web-based, remote monitoring and control system design for a building’s electrical power, green power generation and environmental system that will save energy. The supervisory control system is based on the use of dist...
Smart home environments, which consist of various Internet of Things (IoT) devices to support and improve our daily lives, are expected to be widely adopted in the near future. Owing to a lack of awareness regarding the risks associated with IoT devi...
The exponential growth of autonomous systems demands robust security mechanisms that can operate within the extreme constraints of real-time embedded environments. This paper introduces SMART DShot, a groundbreaking machine learning-enhanced framewor...
This work demonstrates an open-source hardware and software platform for monitoring the performance of buildings, called Elemental, that is designed to provide data on indoor environmental quality, energy usage, HVAC operation, and other factors to i...
The integration of technology into healthcare has moved from being a luxury to being a need at a time when there is an ever-increasing focus on individual health and wellbeing. The real-time monitoring of one’s health metrics and prompt alerts...