AVRS: Emulating AVR Microcontrollers for Reverse Engineering and Security Testing

AVRS: Emulating AVR Microcontrollers for Reverse Engineering and Security Testing

Abstract

Embedded systems and microcontrollers are becoming more and more popular as the Internet of Things continues to spread. However, while there is a wealth of different methods and tools for analyzing software and firmware for architectures that are common to standard hardware, such as x86 or Arm, other systems have not been scrutinized so closely. One of these widely used architectures are AVR 8-bit microcontrollers, which are also used in projects like the Arduino platform. This lack of tools makes it more difficult to analyze such systems and identify potential security vulnerabilities. To get the most out of modern reverse engineering and debugging techniques such as fuzzing or concolic execution, sophisticated and correct emulators are required for dynamic analysis.The presented work tries to close this gap by introducing AVRS, a lean AVR emulator prototype developed with the goal of reverse engineering. It was implemented to overcome limitations in existing emulators, such as completeness or execution speed, and to provide simple interfaces for interaction with existing program analysis and reverse engineering tools. We provide an analysis of AVRS in relation to existing emulators and show the improvements in speed and completeness. In addition, we have created a setup that leverages AVRS to use fuzz tests to automatically identify errors in AVR firmware. Our results indicate that AVRS is a valuable addition to the arsenal of analysis tools for embedded firmware and can be easily extended to allow the use of existing analysis tools in the domain of AVR microcontrollers.

Grafik Top
Authors
  • Pucher, Michael
  • Kudera, Christian
  • Merzdovnik, Georg
Grafik Top
Shortfacts
Category
Paper in Conference Proceedings or in Workshop Proceedings (Paper)
Event Title
Proceedings of the 15th International Conference on Availability, Reliability and Security
Divisions
Security and Privacy
Subjects
Computersicherheit
Angewandte Informatik
Event Location
Virtual Event
Event Type
Conference
Event Dates
25-28 Aug 2020
Series Name
ARES '20
Publisher
Association for Computing Machinery
Date
2020
Official URL
https://doi.org/10.1145/3407023.3407065
Export
Grafik Top