14-829 / 18-638: Mobile and IoT Security - Fall 2018
Assignment #4 - Analyzing the Firmware of IoT Devices
- Due: November 8, 2018
- Description:
Similar to the previous assignment that asked you to analyze Android applications, this assignment asks you to analyze
the firmware of IoT devices. The goal of this assignment is to familiarize yourself with firmware analysis tools and to
identify vulnerabilities in the firmware of real-world IoT devices. A subset of the software tools that you can use for
your analysis will be discussed in class.
- Tasks:
- Collect firmware images - You must obtain at least two (2) firmware images that satisfy
the following constraints:
- The firmware images should correspond to different types of IoT devices.
- The firmware images should correspond to IoT devices from different vendors.
- The firmware images should correspond to IoT devices that provide interesting functionality that people are likely to use.
- The firmware images should not be obfuscated to the point that makes your analysis trivial and uninteresting.
- Analyze the collected firmware images - Use whatever tools you want to analyze the firmware images that you
collected in order to identify potential vulnerabilities. If the corresponding IoT devices can be controlled via Android
applications, you may analyze them as well in order to gain a better understanding of their functionality. However, you
should not focus on vulnerabilities that are unique to the Android applications. Instead, you should focus on potential
information leakage from the devices, potential backdoors in their firmware, the integrity of the firmware update processes, etc.
- Recommend security or privacy improvements - For each firmware image that you analyzed, provide at least one
recommendation that you would make to the development team in order to help them improve the security or privacy posture
of their IoT device. Make sure that your recommendations are clear and complete, while also keeping in mind the typical
business considerations that may compete against security or privacy.
- Deliverables: Each student will submit a written summary of their efforts for the above tasks. Your report should
include:
- A description of the structure of each firmware image that you collected as well as the process that you followed in order
to obtain them, the functionality of the corresponding IoT devices, and a justification for why these firmware images meet the
constraints of this assignment.
- A detailed description of the various vulnerabilities or issues that you identified for each firmware image in your
collection, including relevant details of the type of issue, whether it appears to be accidental or the result of an explicit
design decision, the severity of the issue in regard to security or privacy protections, and potential impact of the issue
for the developer or their users.
- A step-by-step explanation of the process that you followed in order to identify the vulnerabilities or issues described
for each firmware image, including any analysis or coding tools that you used and screenshots of interesting findings.
- A detailed explanation and justification of your recommendations to the developers of each firmware image.
The written summary should be formatted as a single-column document using font size 11 or greater, converted to a .pdf
document for submission.
- Submission Instructions: Each student should submit a
.pdf
version of their written summary via Canvas,
using the format requested above. All students are expected to complete the assignment on their own; discussion about the assignment
is allowed and encouraged, but all analysis and writing components must be done individually.
- Grading: This assignment is worth 35 points: eight (8) points for the description of the affected IoT devices
and the structure of the collected firmware images, ten (10) points for the discussion of the identified vulnerabilities
including severity, impact, etc., eight (8) points for the step-by-step description of the process used to identify
vulnerabilities, and nine (9) points for the description and justification of your recommendations to the developers of each
firmware image. We reserve the right to take off points for presentation aspects, e.g., incorrect format, poor writing, etc.