GlobalSupervision: Ali Abbasi Start date: as soon as possible Duration: 6 month More details:
We have seen an increasing number of low-cost Low Earth Orbit (LEO) satellites with significant capabilities in recent years. Due to those satellites' cost-sensitive nature, such devices' security standards are not an essential target for their developers and are not on par with current embedded systems security standards.
In this thesis, we will provide you with various space-borne platform firmware, including firmware from already launched satellites to firmware of satellites that are already operational and are in space. Your goal is to analyze the firmware and possibly find security vulnerabilities in satellite firmware. Besides the usual static analysis task, you will also access our internal automated software testing platform for fuzzing embedded system firmware.
The student is expected to be comfortable in reading assembly code as well as programming in a language suited for the task (e. g., C/C++, Python). Knowledge of AFL and IDA Pro/Ghidra is a plus. The student also needs to be able to independently discover memory safety issues in firmware binaries such as from participating in CTFs.