Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Embedded system firmware security analysis method and system

An embedded system and security analysis technology, applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems such as difficulty in security analysis, difficulty in repeating embedded devices, and unsafe hidden dangers in embedded devices.

Inactive Publication Date: 2019-03-08
NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Embedded device security concerns are on the rise, and recently based on the analysis of individual firmware images, attention has been drawn to the insecurities posed by embedded devices
However, the research on vulnerability analysis methods for embedded devices cannot be directly carried out, because embedded devices are completely different from other devices, and it is difficult to design a standard analysis method, so the research on embedded devices is difficult to repeat, and the results cannot be compared with each other. comparison, which makes security analysis difficult

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Embedded system firmware security analysis method and system
  • Embedded system firmware security analysis method and system
  • Embedded system firmware security analysis method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] An embedded system firmware security analysis method and system, the evaluation steps of which are: determining factor set A, determining comment set B, determining the weight C of each factor, calculating the relative size D of weights between evaluation indicators and comprehensive evaluation E, determining The factor set A is the evaluation index system set U={u 1 ,u 2 ,...,u n}. (For example, the firmware is analyzed by using the TROMMEL tool here, and 13 major vulnerability threats U={u are listed in the firmware analysis report 1 ,u 2 ,...,u 13}), to determine that the comment set B often forms different grades due to the different evaluation values ​​of each index. For example, the evaluation of safety level includes ultra-high risk, high risk, medium risk, low risk, safe and so on. A collection of different decisions is called a collection of comments. Write it here as:

[0033] V = {super high risk v 1 , high risk v 2 , medium risk v 3 , low risk v ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an embedded system firmware security analysis method and system, wherein the evaluation steps comprise determining a factor set, determining a comment set, determining weightsof each factor, calculating relative weights between evaluation indexes and comprehensive evaluation, and determining the factor set, that is, an evaluation index system set U. For example, a TROMML tool is used to analyze firmware, and the firmware analysis report lists 13 main vulnerability threats U, and determining that the evaluation value of each indicator is different, so that the evaluation value of each indicator will often form a different level. For example, the evaluation of safety grade has super high risk, high risk, medium risk, low risk, safety, etc. A collection of different decisions is called a set of comments.

Description

technical field [0001] The invention relates to the field, in particular to an embedded system firmware security analysis method and system. Background technique [0002] Embedded systems are systems used to control or monitor large-scale equipment such as machines, devices, and factories. The definition of embedded system generally accepted in China is: a special computer system centered on application, based on computer technology, software and hardware can be tailored, and meet the strict requirements of application system on function, reliability, cost, volume, power consumption, etc. Embedded systems are increasingly present in our daily lives. It is at the heart of some consumer-oriented general-off-the-shelf devices such as watches, microwave ovens, VCRs, automobiles, printers, cell phones, etc., as well as non-consumer-oriented devices such as video surveillance systems, medical implants, Play an important role in automotive components, SCADA and PLC equipment. Th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 刘中金方喆君张晓明李建强孙中豪张嘉玮何跃鹰张乐王儒
Owner NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com