Type of thesis

• Bachelor thesis
• Master thesis

Background

The ESP32 [1] is a low-cost microcontroller with WLAN and Bluetooth connectivity. As a result, it is widely used for Internet of Things (IoT) devices, for example in light bulbs, power sockets or door locks. Due to its free SDK [2], it is also popular in the open source community, so there are numerous function-extending libraries for it.

It can be helpful to know which open-source libraries are used in a firmware, for example to:

• To check for the presence of known security vulnerabilities in a library.
• To reverse engineer the firmware
• For legal reasons, if there is suspicion that the terms of a licence have not been implemented.

However, firmwares for microcontrollers are usually developed in C or C++ and compiled into executable binary code. This makes it difficult to detect whether a library has been included or not. In the context of this work, therefore, methods are to be developed for reliably detecting known program code in ESP32 binary code.

Questions

While working on this topic, the following questions can be addressed, for example:

How is an ESP32 firmware image structured?
What approaches are available for decompiling ESP32 binary code and what are the limits?
Can machine learning approaches be transferred to executable binary code?

Literature

1. www.espressif.com/en/products/socs/esp32
2. www.espressif.com/en/products/software/esp-sdk/overview

Requirements

1. Programming knowledge
2. Basic knowledge of the function of microcontrollers
3. Basic knowledge of the function of compilers and linkers

Further information

If you are interested, please contact Johann Bauer.