EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A methodology for determining the image base of ARM-based industrial control system firmware

Ruijin Zhu, Baofeng Zhang, Junjie Mao, Quanxin Zhang and Yu-an Tan

International Journal of Critical Infrastructure Protection, 2017, vol. 16, issue C, 26-35

Abstract: A common way to evaluate the security of an industrial control system is to reverse engineer its firmware; this is typically performed when the source code of the device is not available and the firmware is not trusted. However, many industrial control systems are based on the ARM architecture for which the firmware format is always unknown. Therefore, it is difficult to obtain the image base of firmware directly, which significantly complicates reverse engineering efforts. This paper describes a methodology for automatically determining the image base of firmware of ARM-based industrial control systems. Two algorithms, FIND-String and FIND-LDR, are presented that obtain the offsets of strings in firmware and the string addresses loaded by LDR instructions, respectively. Additionally, the DBMSSL algorithm is presented that uses the outputs of the FIND-String and FIND-LDR algorithms to determine the image base of firmware. Experiments are performed with 10 samples of industrial control system firmware collected from the Internet. The experimental results demonstrate that the proposed methodology is effective at determining the image bases of the majority of the firmware samples.

Keywords: Industrial Control Systems; ARM Architecture; Firmware; Image Base; Reverse Engineering (search for similar items in EconPapers)
Date: 2017
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (2)

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S1874548216300014
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:ijocip:v:16:y:2017:i:c:p:26-35

DOI: 10.1016/j.ijcip.2016.12.002

Access Statistics for this article

International Journal of Critical Infrastructure Protection is currently edited by Leon Strous

More articles in International Journal of Critical Infrastructure Protection from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:eee:ijocip:v:16:y:2017:i:c:p:26-35