Smart Home Devices: Firmware Analysis and Certification

An Internet of Things (IoT) system is a network of interconnected devices. These devices range from simple sensors or actuators with limited computational capabilities to devices with higher processing power. The behaviour of a device is driven by the firmware, software which interacts with the device's hardware and performs some actions. An example of an IoT system is the Smart Home, which is equipped with devices that enhance the quality of life of its inhabitants. The rapid growth of IoT systems comes with challenges such as security, standardisation and a lack of proper certification. Regarding IoT systems security, our research has mainly focused on firmware security. A good deal of firmware are designed without respecting security and programming best practices, thus exposing devices to attacks. We concentrated on static and dynamic firmware analysis. We propose two static analysis tools that could be integrated into firmware analysis: weighted-code-coverage and complex-code-spotter. We also tried to address the gap in firmware certification. Indeed, there is a lack of well-structured certification processes to validate devices in terms of behaviour and security and to inform users about their potential dangers. We have focused on Smart Home firmware devices' behaviour and defined the hazard concept. A hazard can indicate a potential safety, privacy, and financial risk associated with the execution of determined devices' actions within a house. To partly address this issue, we have developed hazard-generator and code-certifier. These tools can be used in Smart Home firmware development and integrated into a broader certification process to inform and certify about the risks associated with devices' actions within a Smart Home. The implemented tools have been highly tested and written in Rust, a new programming language we have chosen for its security, optimisation and performance aptitude. In the first part of the thesis, we provide an overview of the state of the art of IoT systems. Afterwards, we discuss the most significant challenges and security threats, presenting potential solutions from the literature. In the second part, we present the tools we have been working on. To address the firmware analysis problem, we have added some features to the static analysis tools mentioned previously. weighted-code-coverage implements three new software quality metrics. complex-code-spotter extracts overly complex snippets of code. To address the gap in the description of Smart Home devices' behaviour, we have developed the hazard-generator. This tool receives a hazard ontology as input and generates the API necessary to describe device hazards. The Rust library used to create firmware, which incorporates this API, aims to enhance the classification of devices' behaviour while reducing firmware developer effort. To partially fill the current gap in device behaviour certification, we have developed the code-certifier software, which provides two main functionalities. The first one extracts all public APIs from the Rust library used for Smart Home firmware development. The second functionality takes the source code of a Smart Home firmware as input and generates as output a manifest which lists all the devices contained in the firmware. This manifest provides a detailed description of each device, outlining its actions and associated hazards. The thesis concludes with a performance analysis in terms of time and memory of some of the developed tools.