1,457 research outputs found
Board Identifier (BoardID) Locked Firmware Images
This publication describes a method for a firmware developer to push out re-writable (RW) firmware images that support legacy-generation, current-generation, and future-generation boards. To do so, the firmware developer uses a minimum of three (3) 32-bit-writable words that describe a board identifier, herein called BoardID. The BoardID contains three (3) fields, which describe a board type, an inverse of the board type, and flags. This BoardID solution allows the firmware developer to push out RW firmware that are not as universal and global as traditional mass-production firmware images and are not as unique as node-locked firmware images. The firmware developer, using this BoardID solution, may push out firmware updates to a subset of boards. Furthermore, any original device manufacturer (ODM) can support existing RW firmware images using this BoardID solution, while increasing their ability to better-manage future board-development phases
Usability and security support offered through ADSL router user manuals
ADSL routers are often used as either the target or the means for cyber crime. Many ADSL router threats could be mitigated through the effective use of inbuilt security controls and firmware updates available from vendors. Unfortunately, endāusers typically lack the technical expertise to correctly configure and secure the device. Subsequently, endāusers are reliant on well documented procedures provided by vendors in their user manuals and quick start guides. This study investigates the usability and security recommendations and encouragements put forth by vendors in their user manuals. The study demonstrates that user manual usability does not conform to ideal technical publication practices. In addition, endāusers are typically not encouraged to utilise the inābuilt security features and in a few instances are actually deterred from securing their ADSL router
Usability and Security Support Offered Through ADSL Router User Manuals
ADSL routers are often used as either the target or the means for cyber crime. Many ADSL router threats could be mitigated through the effective use of inbuilt security controls and firmware updates available from vendors. Unfortunately, endāusers typically lack the technical expertise to correctly configure and secure the device. Subsequently, endāusers are reliant on well documented procedures provided by vendors in their user manuals and quick start guides. This study investigates the usability and security recommendations and encouragements put forth by vendors in their user manuals. The study demonstrates that user manual usability does not conform to ideal technical publication practices. In addition, endāusers are typically not encouraged to utilise the inābuilt security features and in a few instances are actually deterred from securing their ADSL router
Recommended from our members
When Firmware Modifications Attack: A Case Study of Embedded Exploitation
The ability to update firmware is a feature that is found in nearly all modern embedded systems. We demonstrate how this feature can be exploited to allow attackers to inject malicious firmware modifications into vulnerable embedded devices. We discuss techniques for exploiting such vulnerable functionality and the implementation of a proof of concept printer malware capable of network reconnaissance, data exfiltration and propagation to general purpose computers and other embedded device types. We present a case study of the HP-RFU (Remote Firmware Update) LaserJet printer firmware modification vulnerability, which allows arbitrary injection of malware into the printerās firmware via standard printed documents. We show vulnerable population data gathered by continuously tracking all publicly accessible printers discovered through an exhaustive scan of IPv4 space. To show that firmware update signing is not the panacea of embedded defense, we present an analysis of known vulnerabilities found in third-party libraries in 373 LaserJet firmware images. Prior research has shown that the design flaws and vulnerabilities presented in this paper are found in other modern embedded systems. Thus, the exploitation techniques presented in this paper can be generalized to compromise other embedded systems
IMPLEMENTATION OF CONTROL STRATEGIES ON CONTROL LOOPS FIELDBUS FOUNDATION PROTOCOL
The first process control systems used mechanical and pneumatic controllers. Ever since
then, the process control sector has seen numerous developments; amongst them is the
foundation fieldbus technology. Fieldbus has been around for sometime, but not until
recently has it caught the attention of users and manufacturers alike. Fieldbus claims to
require less hardware, have easy installation and commissioning, provide good data both
in quality and quantity, need easy and simple maintenance and be interoperable with
other devices. This project aims to prove those claims. A foundation fieldbus test
platformwill be designed and built. This test platform will include a simple control loop
with fieldbus transmitters, gauges and control valves. A control strategy of cascade
control and PID control will be used. Influenced by the safety system of a plant, the test
platform is designed to emulate part of the fire water pump system. When there is a leak
in the fire water pipes, the drop in pressure inside the pipes will trigger the system to
pump in more water. The first part of this project will cover the research and design
stages. Thorough research on the fieldbus technology, different control strategies and
installation and commissioning is needed for the success ofthe second part of the project.
Once the design has been finalized, and deemed feasible, the test platform will be built.
Tests, troubleshooting and maintenance will follow. In the light of further improving this
project, state-space mode can be used as an alternative control strategy. It should provide
greater performance, increased stability and controllability. Fieldbus has the potential of
being the best, with its extra features, such as diagnostics and predictive maintenance.
Digital control is the thing ofthe future
Aerospace Ground Equipment for model 4080 sequence programmer. A standard computer terminal is adapted to provide convenient operator to device interface
The Aerospace Ground Equipment (AGE) provides an interface between a human operator and a complete spaceborne sequence timing device with a memory storage program. The AGE provides a means for composing, editing, syntax checking, and storing timing device programs. The AGE is implemented with a standard Hewlett-Packard 2649A terminal system and a minimum of special hardware. The terminal's dual tape interface is used to store timing device programs and to read in special AGE operating system software. To compose a new program for the timing device the keyboard is used to fill in a form displayed on the screen
A NASA family of minicomputer systems, Appendix A
This investigation was undertaken to establish sufficient specifications, or standards, for minicomputer hardware and software to provide NASA with realizable economics in quantity purchases, interchangeability of minicomputers, software, storage and peripherals, and a uniformly high quality. The standards will define minicomputer system component types, each specialized to its intended NASA application, in as many levels of capacity as required
- ā¦