News
Currently, no news are available
Foundations of Firmware Security
In this course, students will learn about embedded systems, focusing on firmware vulnerabilities and bug hunting. Participants will start with the basics of embedded systems and hardware communication protocols (e.g., UART, SPI, JTAG), learning to extract and analyze firmware from real-world devices.
The course progresses to reverse engineering unknown binaries, covering foundational techniques to recover control and data structures. Students will learn firmware emulation and reverse engineering using tools such as Ghidra and QEMU.
We then look for bugs in the firmware fuzzing and re-hosting techniques. In the process, the students learn to design and adapt fuzzers such as LibAFL to uncover vulnerabilities. Additional topics include memory corruption (stack and heap), symbolic execution, side-channel analysis, and bug triaging. Hands-on tutorial sessions reinforce theory with practical exercises.
Instead of a written exam, students complete a final project and verbal exam, identifying 0-day vulnerabilities in embedded systems firmware.
Prerequisites
A strong background in high-level programming languages such as C and cybersecurity is essential for this course. Without it, you are very likely to struggle and fail, regardless of your confidence or prior experience. If you lack this foundation, we strongly advise against enrolling. Do not play with the fire when you know you are going to get burned.
Time, Location and Structure
TBA
Course practical session for hardware-based firmware extraction
Grading
There is no written exam in this course. 40% of your final grades come from tasks and homework. 60% of your grades come from the final project report and your verbal exam. To be admitted to the exam, you must achieve at least 50% of the points from the exercises. The final project is applying learned techniques in the class to a set of targets (bypassing fuzzing obstacles, selecting and building the targets, finding vulnerable code, and writing PoC). Then the students should write a "Final Project Report". The final project report should contain a step-by-step detailed description of the whole process.
Strict no cheating policy
You may discuss the assignments with other students, but you are not allowed to collaborate with others on the solution. Your solution should be original and not an existing solution (e.g., from someone else, the internet, LLMs, etc). All submissions will be automatically checked for plagiarism, as we have a strict no-cheating policy. If we find a case of plagiarism, we will assign zero points. If you ever get stuck, you can ask questions in the forum or participate in the exercise lessons. We invite you to help fellow students who have asked questions but avoid giving away the solution. Nobody likes spoilers :)
Regardless, the course is designed in such a way that by cheating you guarantee your failure on the final project and oral exam.
Verbal Exam
This course does not have a written exam. At the end of the semester, there will be an oral exam of your final project for 30 minutes. All questions of the oral exam are in English. You need to bring your laptop and present your final project report step by step. We will ask related questions about the report and lectures.