Home Publications Technical Extracting and Analyzing Automotive Firmware Efficiently

There Will Be Glitches: Extracting and Analyzing Automotive Firmware Efficiently

Author: Nils Wiersma, Ramiro Pareja, Santiago Cordoba Pellicer

In this paper we discuss hardware attacks, like fault injection, which can be used to efficiently extract automotive firmware from secured ECUs. These attacks do not rely on an exploitable software vulnerability. Access to the plain-text firmware allows an attacker to understand the ECU’s functionality, extract the ECU’s secrets and identify exploitable software vulnerabilities. We describe multiple techniques in order to analyze binary firmware efficiently. We use an instrument cluster from a modern car to demonstrate the practicality of the described techniques on a real ECU.

In this paper we discuss hardware attacks, like fault injection, which can be used to efficiently extract automotive firmware from secured ECUs. These attacks do not rely on an exploitable software vulnerability. Access to the plain-text firmware allows an attacker to understand the ECU’s functionality, extract the ECU’s secrets and identify exploitable software vulnerabilities. We describe multiple techniques in order to analyze binary firmware efficiently. We use an instrument cluster from a modern car to demonstrate the practicality of the described techniques on a real ECU.

Recent publications

Whip the Whisperer: Blackhat 2022

Whip the Whisperer: Blackhat 2022

Aug 29, 2022 |

Cryptographic side channels are well-known and understood in the industry. There are also many countermeasures against side channels to reduce the leakage risk. However, many implementations in the field are leaky because of the combination of security experts and the...

read more
Share This