News
Extending deadline for Exercise sheet 3Written on 20.05.25 by Ali Abbasi Hi, Some of you had a problem with the Renode challenge. We extended the deadline for the Renode challenge until the end of this week. The answer sheet will also be released end of the week. Additionally, based on CISPA's front office request we have to move our tutorial location from C0.05 to… Read more Hi, Some of you had a problem with the Renode challenge. We extended the deadline for the Renode challenge until the end of this week. The answer sheet will also be released end of the week. Additionally, based on CISPA's front office request we have to move our tutorial location from C0.05 to C0.02 (right across the hall). The first lecture slide is updated to reflect this change.
Cheers, Ali
|
First Exercise Sheet ReleasedWritten on 30.04.25 by Julian Rederlechner Hello everyone, Just a quick reminder: We released the first exercise sheet yesterday. It's due next Tuesday, 06.05, at 12:00, right when the lecture starts. Hope you're having a great day, and see you in the tutorial! |
Room for tutorialWritten on 22.04.25 by Ali Abbasi Hi,
As mentioned today, the tutorial room for tomorrow is C0-0.07. Also, you do not need to register for two or three time slots simultaneously, you just have to register for one slot. Tomorrow you will get familiar with basic hardware stuff such as the UART… Read more Hi,
As mentioned today, the tutorial room for tomorrow is C0-0.07. Also, you do not need to register for two or three time slots simultaneously, you just have to register for one slot. Tomorrow you will get familiar with basic hardware stuff such as the UART interface.
Cheers, Ali
|
Tutorial slotWritten on 16.04.25 (last change on 16.04.25) by Julian Rederlechner Hey everyone, Hope you're all settling into the semester smoothly. The first tutorial session for our course will be happening next week! That means it’s time to choose your preferred tutorial slot. Here are your options, all on… Read more Hey everyone, Hope you're all settling into the semester smoothly. The first tutorial session for our course will be happening next week! That means it’s time to choose your preferred tutorial slot. Here are your options, all on Wednesday:
Each slot has limited space, so if one of them is crucial for your schedule, make sure to sign up quickly! Registration opens today at 16:00 and will close on Tuesday, April 22nd at 16:00 See you soon! |
Foundations of Firmware Security
This course introduces students to the security of embedded systems, with a focus on identifying and analyzing firmware vulnerabilities. The course begins with core concepts in embedded systems and hardware communication protocols such as UART, SPI, and JTAG. Students will learn to extract and analyze firmware from real-world devices.
The curriculum then moves into reverse engineering of unknown binaries, teaching foundational techniques for recovering control and data structures. Tools such as Ghidra and QEMU are used for firmware emulation and reverse engineering. Students then explore vulnerability discovery through fuzzing and re-hosting techniques and learn to design or adapt fuzzers for analyzing embedded firmware. Additional topics include software vulnerabilities, side-channel analysis, and bug triaging. The course also includes a weekly hands-on tutorial session.
Instead of a written exam, students complete a final project report and oral exam, where they should demonstrate their skills by identifying 0-day vulnerabilities in embedded firmware.
Prerequisites
A strong background in high-level programming languages such as C and cybersecurity is essential for this course. Without it, you are very likely to struggle and fail, regardless of your confidence or prior experience. If you lack this foundation, we strongly advise against enrolling. Do not play with the fire when you know you are going to get burned.
Course Book:
We recommend the following course books so you can get familiar with the topics:
1. Fuzzing Against the Machine: Automate vulnerability research with emulated IoT devices on QEMU, ISBN: 978-1804614976
2. The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks, ISBN: 978-1593278748
3. Microcontroller Exploits, ISBN: 978-1718503885
More info: https://www.infomath-bib.de/tmp/vorlesungen/info-advanced_foundations-of-firmware-security.html
Time, Location, and Structure
Lectures: Tuesdays 12:00-14:00, CISPA C0-05
Tutorials: Wednesdays 10:00-12:00 (First three tutorials, are gonna be between 10:00 AM to 16:00 (in 3 blocks)
Kickoff Lecture: 22nd of April.
Course practical session for hardware-based firmware extraction
Grading
There is no written exam in this course. 40% of your final grades come from tasks and homework. 60% of your grades come from the final project report and your verbal exam. To be admitted to the exam, you must achieve at least 50% of the points from the exercises. The final project is applying learned techniques in the class to a set of targets (bypassing fuzzing obstacles, selecting and building the targets, finding vulnerable code, and writing PoC). Then the students should write a "Final Project Report". The final project report should contain a step-by-step detailed description of the whole process. To pass the course, you must score at least 50% on the final oral exam.
Strict no cheating policy
You may discuss the assignments with other students, but you are not allowed to collaborate with others on the solution. Your solution should be original and not an existing solution (e.g., from someone else, the internet, LLMs, etc). All submissions will be automatically checked for plagiarism, as we have a strict no-cheating policy. If we find a case of plagiarism, we will assign zero points. If you ever get stuck, you can ask questions in the forum or participate in the exercise lessons. We invite you to help fellow students who have asked questions but avoid giving away the solution. Nobody likes spoilers :)
Regardless, the course is designed in such a way that by cheating you guarantee your failure on the final project and oral exam.
Verbal Exam
This course does not have a written exam. At the end of the semester, there will be an oral exam of your final project for 30 minutes. All questions of the oral exam are in English. You need to bring your laptop and present your final project report step by step. We will ask related questions about the report and lectures.
Verbal Exam Date: 12-14 August, Between 08:00 to 17:00, room 2.01 at C0.