Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces

Embedded devices are becoming more widespread, interconnected, and web-enabled than ever. However, recent studies showed that these devices are far from being secure. Moreover, many embedded systems rely on web interfaces for user interaction or administration. Unfortunately, web security is known to be difficult, and therefore the web interfaces of embedded systems represent a considerable attack surface. In this paper, we present the first fully automated framework that applies dynamic firmware analysis techniques to achieve, in a scalable manner, automated vulnerability discovery within embedded firmware images. We apply our framework to study the security of embedded web interfaces running in Commercial Off-The-Shelf (COTS) embedded devices, such as routers, DSL/cable modems, VoIP phones, IP/CCTV cameras. We introduce a methodology and implement a scalable framework for discovery of vulnerabilities in embedded web interfaces regardless of the vendor, device, or architecture. To achieve this goal, our framework performs full system emulation to achieve the execution of firmware images in a software-only environment, i.e., without involving any physical embedded devices. Then, we analyze the web interfaces within the firmware using both static and dynamic tools. We also present some interesting case-studies, and discuss the main challenges associated with the dynamic analysis of firmware images and their web interfaces and network services. The observations we make in this paper shed light on an important aspect of embedded devices which was not previously studied at a large scale. We validate our framework by testing it on 1925 firmware images from 54 different vendors. We discover important vulnerabilities in 185 firmware images, affecting nearly a quarter of vendors in our dataset. These experimental results demonstrate the effectiveness of our approach

Towards a Base UML Profile for Architecture Description

This paper discusses a base UML profile for architecture description as supported by existing Architecture Description Languages (ADLs). The profile may be extended so as to enable architecture modeling both as expressed in conventional ADLs and according to existing runtime infrastructures (e.g., system based on middleware architectures).

Artistic production in centres and the periphery of the Byzantine Peloponnese. Aspects of monumental painting in the late palaiologan period.

Στην παρούσα μελέτη εξετάζεται μνημειακή ζωγραφική από τον Μυστρά (Ευαγγελίστρια) και την περιφέρεια του Δεσποτάτου του Μορέως (Άγιος Γεώργιος στο Νικάνδρι, Άγιος Γεώργιος Μολάων, Παντάνασσα Γερουμάνας, Αγία Παρασκευή Πλάτσας), χρονολογούμενη στα τέλη του 14ου και τις αρχές του 15ου αιώνα, η οποία είτε επηρεάζεται άμεσα από σημαντικά μνημεία του Μυστρά είτε αναπτύσσεται στη σφαίρα επιρροής άλλων κέντρων του Δεσποτάτου. Από το Πριγκιπάτο της Αχαΐας παρουσιάζονται τοιχογραφίες από την παλαιά μονή Ταξιαρχών Αιγιαλείας, ένα εξαιρετικό δείγμα κωνσταντινουπολίτικης ζωγραφικής στην περιφέρεια της αυτοκρατορίας.The study examines monumental painting from Mystras (Evangelistria) and the periphery of the Despotate of the Morea (St. George at Nikandri, St. George at Molaoi, Pantanassa at Geroumana, St. Paraskevē at Platsa), which is dated to the late fourteenth and the early fifteenth century and was either influenced directly by the important monuments of Mystras or developed in the sphere of influence of other centres in the Despotate. Presented from the Principality of Achaia are wall paintings from the old monastery of the Taxiarchs in Aigialeia, an outstanding example of Constantinopolitan painting in the periphery of the Empire

Fine-grained Metrics of Cohesion Lack for Service Interfaces

International audienceA design issue that often appears in real-world services is that their interfaces are not cohesive, i.e., they consist of many and possibly unrelated operations. This issue may complicate the comprehension of the services functionalities and the maintenance of the applications that use them. Currently, the state of the art on cohesion metrics for service interfaces is limited. In particular, there exist coarse-grained metrics of cohesion lack, which consider that the operations of a service interface are related if the types of certain of their input/output data exactly match. The problem in this approach is that operations which operate on data characterized by similar, but not exactly matching, types are treated as being totaly unrelated. Consequently, the aforementioned metrics may overestimate the cohesion lack of service interfaces. In this paper, we undertake a more elaborate approach. Specifically, we propose two fine-grained metrics of cohesion lack, which are defined with respect to the structural similarity of the input/output data types of interface operations. The proposed metrics are formally defined and analytically assessed with respect to fundamental properties of software metrics. Moreover, the usefulness of the metrics in identifying cohesion problems is evaluated in real-world services

The effect of gamma irradiation on selected growth factors and receptors mRNA in glycerol cryopreserved human amniotic membrane

Human amniotic membrane (HAM), due to its high biocompatibility, low immunogenicity, anti-microbial, anti-viral properties as well as the presence of its growth factors, has been used in various clinical applications. These growth factors are key factors in regulating many cellular processes such as cellular growth, proliferation and cellular differentiation. The current study aimed to explore the effect of glycerol cryopreservation and gamma irradiation on the selected growth factors and receptors mRNA present in HAM. Eight growth factors, namely, EGF, HGF, KGF, TGF-α, TGF-β1, TGF-β2, TGF-β3 and bFGF and two growth factor receptors, HGFR and KGFR were evaluated in this study. The total RNA was extracted and converted to complimentary DNA using commercial kits. Subsequently, the mRNA expressions of these growth factors were evaluated using quantitative PCR and the results were statistically analyzed using REST-MCS software. This study indicated the presence of these growth factors and receptors mRNA in fresh, glycerol cryopreserved and irradiated glycerol cryopreserved HAM. In glycerol cryopreserved HAM, the mRNA expression showed up-regulation of HGF and bFGF and down-regulation of the rest of 8 genes which were EGF, HGFR, KGF, KGFR, TGF-α, TGF-β1, TGF-β2 and TGF-β3. Interestingly, the glycerol cryopreserved HAM radiated with 15 kGy showed up-regulation in the mRNA expression of 7 genes, namely, EGF, HGF, KGF, KGFR, TGF-β1, TGF-β2 and TGF-β3 and down-regulated mRNA expression of HGFR, TGF-α and bFGF. However, these mRNA expressions did not show a statistically significant difference compared to control groups. Thus, it can be concluded that the glycerol cryopreservation did not have an effect on the growth factors’ and receptors’ mRNA expression levels in HAM. Similarly, 15 kGy gamma irradiation did not have an effect on the growth factors’ and receptors’ mRNA expression in glycerol cryopreserved HAM. This finding provides a useful information to clinicians and surgeons to choose the best method for HAM preservation that could benefit patients in their treatment

ForeverSOA: Towards the Maintenance of Service Oriented Software

International audienceIn this position paper, we argue about the need to adapt/refine fundamental object-oriented design principles with respect to the specificities of service- oriented software, to address realistic maintenance scenarios. Moreover, we sketch an approach that relies on a reverse engineering process, which recovers service abstractions out of available services, to enable the adoption of the refined principles in the development of service-oriented software towards improving its maintainability quality attribute

Service Substitution Revisited

International audienceThe current state of the art concerning the problem of service substitution raises the following issue: the complexity of the substitution process scales up with the number of available services that may serve as candidate substitutes for a target service. To deal with this issue, we propose a framework that is based on two substitution relations and corresponding theorems. The proposed relations and theorems allow organizing available services into groups. Then, the complexity of retrieving candidate substitute services for the target service and generating corresponding adapters scales up with the number of available groups, instead of scaling up with the number of available services

Systematic aid for developing middleware architectures

International audienceThe use of middleware is the current practice for developing distributed systems. Developers compose reusable services provided by standard middleware infrastructures, e.g., CORBA 1, DCOM2, Java RMI & re- lated services3, etc., to deal with problems like distribution, security, transactional processing, fault tolerance, etc.. The development process gets even easier after the evolution of the originally proposed Object-Oriented middleware paradigm, towards nowadays component-based middleware paradigm, e.g., CCM1, MTS2, EJB3. Developers do not have to burden with the, sometimes considerably complex, composition of different middleware services. Instead they build their middleware components and deploy them within of-the-shelf middleware containers realizing a customizable composition of middleware services. However, things are not as simple as they seem. Middleware vendors have to design and implement complex architectures combining available middleware services into a flexible/customizable way. Different ways of composing middleware services into a middleware architecture that satisfies application requirements are possible. The resulting compositions should be supported by the configurable middleware architecture that is provided by vendors to customers. Moreover, of-the-shelf middleware architectures should come along with a quality assessment of the different possible compositions they support. This shall give customers clues for selecting the most suitable middleware compositions for their particular systems. In this paper we address the above issues. More specifically, we present a developer-oriented environment that facilitates the design and quality analysis of flexible/configurable middleware architectures. The environment provides support for modelling middleware architectures. It further comprises a repository that is populated by a middleware vendor with basic middleware architectural patterns describing the use of individual services provided by the vendor's infrastructure. The environment further provides a tool which constructs all possible valid compositions of a set of basic middleware architectural patterns. Finally, the environment includes tool support for the automated generation of traditional quality models for the performance and reliability analysis of the different valid compositions of middleware architectural patterns. Those models serve as input to existing performance and reliability analysis tools, which are integrated into the environment

Processing, Adhesion and Corrosion-inhibiting Properties of Poly[2-methoxy-5-(2’-ethylhexyloxy)-1,4-phenylene vinylene], (MEH-PPV) on Aerospace Aluminum Alloys

Researchers at the Naval Air Warfare Center Weapons Division (NAWCWD) and Wright-Patterson Air Force Base (WPAFB) investigated poly[2-methoxy-5-(2’-ethylhexyloxy)-1,4-phenylene vinylene], (MEH-PPV) for its potential corrosion-inhibition properties on aerospace aluminum alloy AA2024-T3. Solution processing of the polymer, as well as adhesion testing and accelerated weathering tests were performed on MEH-PPV full military aerospace coatings. Wet and dry tape adhesion testing, as well as pencil hardness, impact flexibility and pneumatic adhesion tensile test instrument (PATTI) testing were used to demonstrate the adhesion performance of MEH-PPV on aluminum substrates. The results showed that MEH-PPV had acceptable adhesion characteristics when compared to hexavalent chromium (Cr(VI)) based coatings in all of these tests. Accelerated weathering analysis was performed on MEH-PPV coatings to determine their corrosion protection and weathering resistance capabilities. These tests included neutral salt spray (NSS) exposure and xenon-arc lamp testing. The results showed that while MEH-PPV does not exhibit significant color change after 500 hours of xenon arc lamp exposure, the polymer has poor corrosion protection performance under aggressive salt environments