• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1185-1189
• /
• 2016

In modern society, the number of embedded devices has been increasing. However, embedded devices is growing, and the backdoor and vulnerabilities are found continously. It is necessary for this analysis. In this paper, we developed a tool to extract the base address information for the static analysis environment built of the embedded device's firmware. By using this tool, we built the environment for static analysis. As a result, this point enables us to parse the strings and to check the reference. Also, through the increased number of functions, we proved the validity of the tool.

• Journal of Internet Computing and Services
• /
• v.3 no.5
• /
• pp.19-29
• /
• 2002

With the progress of information-oriented society, many device with advanced technologies invented by many companies. However, the current firmware technologies have many problems to meet such high level of new Technologies, Recently it become necessary new manufactures of information-oriented society to require such embedded operating system as their system-level platform. Embedded linux, which could be on alternative proposal of existing high-cost embedded operating system, become available commercially by many companies Linux has many programs, But, embedded databases require very high cost. In this paper, we suggest ERT DE which has a small size and is suitable for embedded real-time technologies.

• Proceedings of the KIEE Conference
• /
• 2003.11c
• /
• pp.653-656
• /
• 2003

We have designed embedded web sewer system and ported Linux operating system version 2.4.5 at our system. And then We implemented to control and monitor widely separated hardware and implemented to monitor widely separated image using CMOS image sensor HV7131B. Web server is the Boa web server with General Public License. We designed for this system using of Intel's SA1110 ARM core base processor and connecting input and output device at GPIO port of SA1110. Device driver of General purpose I/O for Embedded Linux OS is designed. And then the application program controlling driver is implemented to use of common gate interface C language. User is available to control and monitor at client PC. This method have benefit to reduce the Expenditure of hardware design and development time against PC base system and have various and capacious application against firmware base system.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.12 no.6
• /
• pp.582-590
• /
• 2019

As Korea's low fertility and aging progress, Korea is facing a social change such as an increase of one generation by entering an aging society that has raised 14% of the population. An effective way to prevent a gas fire accident caused by an increase in one generation in an aging society is to install a control valve to forcibly shut off the gas after a set time. In this study, we developed a valve that can be opened and closed by rotating the valve left and right by transmitting power to the worm gear and the helical gear by using a motor by pressing the switch. It is easy to assemble and inspect by developing a dedicated valve that is easy to attach and detach. It was developed to enhance competitiveness by reducing cost by reducing the number of parts and product size. In addition, through endurance test, it was developed to be used for more than 9 years by repeating ON / OFF once every 12 seconds so that it can operate stably for 10,000 times for 34 hours. The instrument and PCB were designed using solid works and Altium Designer tools. Firmware development was developed in IAR Embedded Workbench environment.

• Journal of the Society of Disaster Information
• /
• v.10 no.2
• /
• pp.254-262
• /
• 2014

KISStool is developed and established by KIGAM, in order to link and share the earthquake data easily with institutes related, this study includes the development of a KISStool program format and protocol supporting Kit. The Kit has functions such as transforming and sending a seismic data. The functions of the kit are implemented in modules, which are running on the realtime basis. The firmware is embedded into the Kit, which transforms the seismic data into the formats, miniSEED and QSCD20. These data are sent to KISStool program. We have confirmed the results of the data transforming, transmissions and storage functions are conducted normally, the speed of transmission shows same level when comparing with a standard system. We expect that the firmware developed in this study will have high usability not only for linking with KISStool program through being embedded into incompatible digitizers, but also for improving performance of older ones.

• Journal of Institute of Control, Robotics and Systems
• /
• v.15 no.9
• /
• pp.946-951
• /
• 2009

The small multi-jointed robots for most education are developed with the way of firmware. But the firmware may be very difficult to develop as gradually increasing throughputs and control routines. Due to limit of firmware we try to use on RTOS, but hard to adapt on the small multi-jointed robots. It would be hard to install RTOS into the small multi-jointed robots because of the size capacity of RTOS, and lack of libraries for control of the particular hardware. Moreover, even its RTOS with many functions causes its to make overheads scheduling, TCB (Task Control Block), and task states. Also to keep maintenance of RTOS, it is composed of components for the whole structure of my proposed RTOS. Additionally, We provided with libraries of servo motor and sensor control and developed RMS (Rate Montonic scheduler) to handle tasks on real time and reduce overheads. Therefore, It is possible to work the fixed priority and task preemptive way. We show one example of the multi-jointed robot installed with my proposed RTOS, which shows to obstacle avoidance and climbing up the slope.

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.54 no.3
• /
• pp.141-147
• /
• 2005

In the field of electrical industry, embedded computing environment including hardware and software is getting more important as the industry shifts to the knowledge-based one. Java could play a great role as bridging technology in such a transition because it provides a lot of benefits like dynamic application download, compatibility of cross platform, and its own security solution. However, the Java technology has a limitation of real-time problem when it is applied to the embedded computing system of the electrical industry. To solve the problem, a novel java-native combination model has been proposed and designed to a firmware level. This scheme has been employed in four kinds of control boards. The result shows that the proposed model has great potential to implement the real-time processing in control of the devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.31-49
• /
• 2021

IoT devices refer to embedded devices that can communicate with networks. Since there are various types of IoT devices and they are widely used around us, in the event of an attack, damages such as personal information leakage can occur depending on the type of device. While the security team analyzes IoT devices, they should target firmware as well as software interfaces since IoT devices are operated by both of them. However, the problem is that it is not easy to extract and analyze firmware and that it is not easy to manage product quality at a certain level even if the same target is analyzed according to the analyst's expertise within the security team. Therefore, in this paper, we intend to establish a vulnerability analysis process for the firmware of IoT devices and present available tools for each step. Besides, we organized the process from firmware acquisition to analysis of IoT devices produced by various commercial manufacturers, and we wanted to prove their validity by applying it directly to drone analysis by various manufacturers.

• Journal of Software Assessment and Valuation
• /
• v.16 no.1
• /
• pp.65-79
• /
• 2020

As Programmable Logic Controllers (PLCs), popular components in industrial control systems (ICS), are incorporated with the technologies such as micro-controllers, real-time operating systems, and communication capabilities. As the latest PLCs have been connected to the Internet, they are becoming a main target of cyber threats. This paper proposes two sanitizers that improve the security of uC/OS-II based firmware for a PLC. That is, we devise BU sanitizer for detecting out-of-bounds accesses to buffers and UaF sanitizer for fixing use-after-free bugs in the firmware. They can sanitize the binary firmware image generated in a desktop PC before downloading it to the PLC. The BU sanitizer can also detect the violation of control flow integrity using both call graph and symbols of functions in the firmware image. We have implemented the proposed two sanitizers as a prototype system on a PLC running uC/OS-II and demonstrated the effectiveness of them by performing experiments as well as comparing them with the existing sanitizers. These findings can be used to detect and mitigate unintended vulnerabilities during the firmware development phase.

• Journal of IKEEE
• /
• v.16 no.4
• /
• pp.389-394
• /
• 2012

Most current systems have ignored security vulnerability concerned with boot firmware. It is highly likely that boot firmware may cause serious system errors, such as hardware manipulations by malicious programs or code, the operating system corruption caused by malicious code and software piracy under a condition of no consideration of security mechanism because boot firmware has an authority over external devices as well as hardware controls. This paper proposed a structural security mechanism based on software equipped with encrypted bootstrap patterns different from pre-existing bootstrap methods in terms of securely loading an operating system, searching for malicious codes and preventing software piracy so as to provide reliability of boot firmware. Moreover, through experiments, it proved its superiority in detection capability and overhead ranging between 1.5 % ~ 3 % lower than other software security mechanisms.