preview-image for Title image

The PROBoter software framework

10. Juli, 2023 #proboter #embedded security #secforcars #toolrelease

The last part of the PROBoter series showed how innovative algorithms can help an embedded system pentester to analyze recorded voltage signals of an unknown PCB. Besides basic signal characteristics, these algorithms can link signal lines and identify communication buses typically found on PCBs like I2C or SPI. In this final post of the PROBoter series, we draw the big picture of the PROBoter software framework. In parallel to the release of this post, all missing services forming the framework are released on the PROBoter Github repo.

preview-image for PROBoter title image

Visual PCB analysis with Neural Networks and classic Computer Vision algorithms

8. August, 2022 #proboter #embedded security #secforcars #toolrelease

The last part of the PROBoter series introduced the heart of the PROBoter framework - the hardware platform. The platform allows (semi) automated electrical probing of an unknown PCB which is usually a very time consuming and error prone task. This post focuses on methods to automate the initial analysis step of an embedded system - the visual analysis of the PCB(s) forming the device under test.

preview-image for PROBoter video title image

SecForCARs Demo Video of our PROBoter released

2. Februar, 2022 #proboter #automotive security #embedded security #secforcars #toolrelease #news

The PROBoter is a modular, self-calibrating probing machine to support PCB analysis tasks in penetration tests of embedded systems. The video of the PROBoter demonstrates its four main contributions: 1) The automatic visual detection of components and contact points on a PCB, 2) the automatic probing of contact points for net reversing and signal detection, 3) the mapping of signal lines to given bus protocols, and 4) the support in identification of potential attack vectors.

preview-image for PROBoter title image

The PROBoter hardware platform

2. Februar, 2022 #proboter #embedded security #secforcars #toolrelease

The first part of the PROBoter series gave an introduction to the manual process of embedded system pentesting. It then showed a possible automated workflow which will be implemented in the form of the PROBoter platform. After a longer phase of further internal development and evaluation, this post describes the core component of the PROBoter framework - a hardware platform for automated electrical probing and PCB image generation.

preview-image for Logo

SCHUTZWERK participated at escar Europe 2021 with two talks

15. November, 2021 #proboter #automotive security #event #research #secforcars

The escar is the world’s leading automotive cyber security conference. SCHUTZWERK participated at this year’s escar Europe with two talks. The first talk of Dr. Bastian Könings discussed the current challenges in automotive penetration testing. The second talk of Fabian Weber presented the PROBoter, a hardware platform to support penetration tests of embedded systems by automating time-consuming analysis tasks.

preview-image for Logo

Power analysis based software reverse engineering assisted by fuzzing II

3. September, 2020 #embedded security #secforcars #power analysis #reverse engineering #fuzzing #attacks

In the previous post a setup and a technique to extract a representative section of a powertrace of a specific instruction of a STM32F3 processor were described. This section is called a “template”. These templates should later be used to identify instructions via a power sidechannel and reconstruct the flow of an unknown program on a controller that can not be dumped via JTAG. In this part of our poweranalysis series the extracted templates from the previous post will be analyzed to determine whether they are representative enough to reverse engineer entire programs from a powertrace.


Power analysis based software reverse engineering assisted by fuzzing I

26. August, 2019 #embedded security #secforcars #power analysis #reverse engineering #fuzzing #attacks

This is the first part of a three part series about power analysis based software reverse engineering. It is part of our work in the SecForCARs project and the bachelor thesis ‘Poweranalyse basiertes Software Reverse Engineering mit Hilfe von Fuzzing’. The results will be summarized in this blogpost series. In this first part the goals of the research and the power analysis template extraction process are presented.

preview-image for Image of the Modify the Threats Tab of the TMTe4PT tool.

Threat Modeling with TMTe4PT

20. Februar, 2019 #threat modeling #toolrelease #automotive security #secforcars #embedded security

From a traditional point of view, vehicles used to be closed systems in which components communicated between each other over a central vehicle bus and no connection to remote systems was possible. However, this has drastically changed during the last years with increasing connectivity and autonomy of today’s vehicles. While car manufacturers have a long experience in dealing with safety problems, dealing with security risks raised by this development is a relatively new domain for them.

placeholder image igel_sm.png

Starke IT-Sicherheit für das Auto der Zukunft

25. Mai, 2018 #news #secforcars #automotive security #research #cooperation

München, 25. Mai 2018 – Je mehr die Elektronik Autos lenkt, beschleunigt und bremst, desto wichtiger wird der Schutz vor Cyber-Angriffen. Deshalb erarbeiten 15 Partner aus Industrie und Wissenschaft in den kommenden drei Jahren neue Ansätze für die IT-Sicherheit im selbstfahrenden Auto. Das Verbundvorhaben unter dem Namen „Security For Connected, Autonomous Cars“ (SecForCARs) wird durch das Bundesministerium für Bildung und Forschung mit 7,2 Millionen Euro gefördert. Infineon leitet das Projekt.

Kostenfreies Erstgespräch