Brussels / 1 & 2 February 2020


Introducing AUTOREV

An automatic reverse-engineering framework for firmware BLOBs

Modern Open Source boot firmware ships with an increasing amount of BLOBs. While it's often claimed that it eases the integration, it makes life of Open Source developers harder, as it's not documented what is done inside BLOBs and what should be done outside of the same.

We will show how to trace the MMIO access of BLOBs in firmware by using Open Source tools. As analysing the traces for possible branches and loops is hard and stressful work, we created our own framework for automatic reverse engineering. Our framework allows to capture and analyse MMIO traces, fuzz the BLOB under test and finally generates readable code in a high level language, like C, for easy analysing.

During this talk, we will discuss the legal side, the motivation behind reverse engineering, and the benefit for the Open Source community. We will explain the problems we faced, and explain the basic concept used, with examples from the real world.


Photo of Patrick Rudolph Patrick Rudolph