Conference proceeding
A Friend's Eye is A Good Mirror: Synthesizing MCU Peripheral Models from Peripheral Drivers
PROCEEDINGS OF THE 33RD USENIX SECURITY SYMPOSIUM, SECURITY 2024, pp.7085-7102
01 Jan 2024
Featured in Collection : UN Sustainable Development Goals @ Drexel
Abstract
The extensive integration of embedded devices within the Internet of Things (IoT) has given rise to significant security concerns. Various initiatives have been undertaken to bolster the security of these devices at the software level, involving the analysis of MCU firmware and the implementation of automatic MCU rehosting methods. However, existing hardware-oriented rehosting techniques often face scalability challenges, while firmware-oriented approaches may have limited universality and fidelity. To address these limitations, we propose PERRY, a system that synthesizes faithful and extendable peripheral models for MCUs. By extracting peripheral models from hardware drivers, PERRY ensures compatibility and accurate emulation of targeted MCUs. The process involves gathering hardware metadata, analyzing driver code, capturing traces of peripheral accesses, and converting software beliefs into hardware behaviors. PERRY is implemented with approximately 19,000 lines of code. A comprehensive evaluation of 75 firmware samples has show-cased its effectiveness, consistency, universality, and scalability in generating hardware models for MCUs. PERRY can efficiently synthesize hardware models consistent with the actual hardware and achieve a 74.24% unit test passing rate, outperforming the state-of-the-art techniques. The hardware models produced by PERRY can faithfully emulate diverse firmware and can be readily expanded with minimal manual intervention. Through case studies, we show that PERRY can help reproduce firmware vulnerabilities, discover specification-violation bugs in drivers, and fuzz RTOS for vulnerabilities. These case studies have led to the identification of two specification-violating bugs and the discovery of seven new vulnerabilities, underscoring PERRY's potential to enhance various security-focused tasks.
Metrics
1 Record Views
Details
- Title
- A Friend's Eye is A Good Mirror: Synthesizing MCU Peripheral Models from Peripheral Drivers
- Creators
- Chongqing Lei - Southeast UniversityZhen Ling - Southeast Univ, Nanjing, Peoples R ChinaYue Zhang - Drexel UniversityYan Yang - Southeast Univ, Nanjing, Peoples R ChinaJunzhou Luo - Southeast Univ, Nanjing, Peoples R ChinaXinwen Fu - University of Massachusetts LowellUSENIX
- Publication Details
- PROCEEDINGS OF THE 33RD USENIX SECURITY SYMPOSIUM, SECURITY 2024, pp.7085-7102
- Publisher
- Usenix Assoc
- Number of pages
- 18
- Grant note
- 62232004 / National Natural Science Foundation of China; National Natural Science Foundation of China (NSFC) 93K-9 / Key Laboratory of Computer Network and Information Integration of Ministry of Education of China BM2003201 / Jiangsu Provincial Key Laboratory of Network and Information Security Grant 1931871; 2325451 / US National Science Foundation (NSF); National Science Foundation (NSF) Collaborative Innovation Center of Novel Software Technology and Industrialization BE2021729; BE2022680; BE2022065-5 / Jiangsu Provincial Key RD Programs
- Resource Type
- Conference proceeding
- Language
- English
- Academic Unit
- Computer Science (Computing)
- Identifiers
- 991022036303404721
UN Sustainable Development Goals (SDGs)
This output has contributed to the advancement of the following goals:
InCites Highlights
These are selected metrics from InCites Benchmarking & Analytics tool, related to this output
- Collaboration types
- Domestic collaboration
- International collaboration
- Web of Science research areas