{"id":1327,"date":"2022-09-30T10:51:06","date_gmt":"2022-09-30T08:51:06","guid":{"rendered":"https:\/\/fordaysec.de\/firmware-hardening\/"},"modified":"2023-12-14T12:08:07","modified_gmt":"2023-12-14T11:08:07","slug":"firmware-hardening","status":"publish","type":"page","link":"https:\/\/fordaysec.de\/en\/firmware-hardening","title":{"rendered":"Firmware hardening"},"content":{"rendered":"\n<div class=\"wp-block-cover alignfull is-light mb-2rem\" style=\"min-height:2rem;aspect-ratio:unset;\"><span aria-hidden=\"true\" class=\"wp-block-cover__background has-gray-background-color has-background-dim-100 has-background-dim\"><\/span><div class=\"wp-block-cover__inner-container is-layout-flow wp-block-cover-is-layout-flow\">\n<p class=\"has-text-align-center has-large-font-size\"><\/p>\n<\/div><\/div>\n\n\n<div class=\"yoast-breadcrumbs\"><span><span><a href=\"https:\/\/fordaysec.de\/en\">Home<\/a><\/span> | <span class=\"breadcrumb_last\" aria-current=\"page\">Firmware hardening<\/span><\/span><\/div>\n\n\n<div class=\"wp-block-group pl-0 pr-0\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div class=\"wp-block-columns mb-0 is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\">\n<h3 class=\"wp-block-heading\">FIRMWARE HARDENING<\/h3>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns mb-0 is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p>A variety of Internet of Things (IoT) devices are increasingly being used in homes and businesses. These devices run software that is often based on open source products in combination with proprietary code developed by manufacturers. However, manufacturers often pay little attention to IT security. Especially for low-cost products, security updates are provided only for a limited time or not at all, and customer support may be unreliable. Thus, known security vulnerabilities in the incorporated open source projects remain permanently open and attackers can still successfully exploit them years later.    <\/p>\n\n\n\n<p>The goal of this project is to harden the IoT infrastructure by closing vulnerabilities directly on the devices. Known vulnerabilities in open source projects are to be collected and, with the help of samples, detected directly in the device software and subsequently eliminated, even if a manufacturer does not provide any assistance for this.  <\/p>\n\n\n\n<p>The focus of this project is on the software aspects of such an approach for hardening firmware. Semantic patches will precisely match and remove specific vulnerabilities, while preserving the integrity and functionality of the firmware. Functional tests will confirm the successful application.   <\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<div class=\"wp-block-group teilprojekt-bild\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"667\" src=\"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1.jpg\" alt=\"\" class=\"wp-image-473\" srcset=\"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1.jpg 1000w, https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1-300x200.jpg 300w, https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1-768x512.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><figcaption class=\"wp-element-caption\">from left to right.: Johannes Kinder; Sebastian J\u00e4nich<\/figcaption><\/figure>\n<\/div><\/div>\n\n\n\n<p style=\"font-size:28px\"><strong>Contact<\/strong><\/p>\n\n\n\n<p>Prof. Dr. Johannes Kinder<br>Ludwig-Maximilians-Universit\u00e4t M\u00fcnchen<br>E-Mail: <a href=\"mailto:johannes.kinder@ifi.lmu.de\">johannes.kinder@ifi.lmu.de<\/a><br>Phone: +49 (0) 89 6004-7335<\/p>\n\n\n\n<p>Sebastian J\u00e4nich<br>E-Mail: <a href=\"mailto:&#115;ebast&#105;&#097;&#110;&#046;&#106;a&#101;&#110;&#105;c&#104;&#064;&#105;fi.lmu.d&#101;\">&#115;&#101;ba&#115;t&#105;an.j&#097;en&#105;&#099;&#104;&#064;&#105;&#102;i&#046;l&#109;u.&#100;e<\/a><\/p>\n<\/div>\n<\/div>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>A variety of Internet of Things (IoT) devices are increasingly being used in homes and businesses. These devices run software&hellip;<\/p>\n","protected":false},"author":4,"featured_media":0,"parent":0,"menu_order":20,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-1327","page","type-page","status-publish"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Firmware hardening - fordaysec<\/title>\n<meta name=\"description\" content=\"The focus of this project is on the software side aspects for hardening open source firmware when it has security vulnerabilities.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/fordaysec.de\/en\/firmware-hardening\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Firmware hardening - fordaysec\" \/>\n<meta property=\"og:description\" content=\"The focus of this project is on the software side aspects for hardening open source firmware when it has security vulnerabilities.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/fordaysec.de\/en\/firmware-hardening\" \/>\n<meta property=\"og:site_name\" content=\"fordaysec\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-14T11:08:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening\",\"url\":\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening\",\"name\":\"Firmware hardening - fordaysec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/fordaysec.de\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/A02-Kinder-1.jpg\",\"datePublished\":\"2022-09-30T08:51:06+00:00\",\"dateModified\":\"2023-12-14T11:08:07+00:00\",\"description\":\"The focus of this project is on the software side aspects for hardening open source firmware when it has security vulnerabilities.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening#primaryimage\",\"url\":\"https:\\\/\\\/fordaysec.de\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/A02-Kinder-1.jpg\",\"contentUrl\":\"https:\\\/\\\/fordaysec.de\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/A02-Kinder-1.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en\\\/firmware-hardening#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/fordaysec.de\\\/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Firmware hardening\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en#website\",\"url\":\"https:\\\/\\\/fordaysec.de\\\/en\",\"name\":\"fordaysec\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/fordaysec.de\\\/en?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en#organization\",\"name\":\"fordaysec\",\"url\":\"https:\\\/\\\/fordaysec.de\\\/en\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/fordaysec.de\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/ForDaySec-Logo.png\",\"contentUrl\":\"https:\\\/\\\/fordaysec.de\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/ForDaySec-Logo.png\",\"width\":1000,\"height\":410,\"caption\":\"fordaysec\"},\"image\":{\"@id\":\"https:\\\/\\\/fordaysec.de\\\/en#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Firmware hardening - fordaysec","description":"The focus of this project is on the software side aspects for hardening open source firmware when it has security vulnerabilities.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/fordaysec.de\/en\/firmware-hardening","og_locale":"en_US","og_type":"article","og_title":"Firmware hardening - fordaysec","og_description":"The focus of this project is on the software side aspects for hardening open source firmware when it has security vulnerabilities.","og_url":"https:\/\/fordaysec.de\/en\/firmware-hardening","og_site_name":"fordaysec","article_modified_time":"2023-12-14T11:08:07+00:00","og_image":[{"url":"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1.jpg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/fordaysec.de\/en\/firmware-hardening","url":"https:\/\/fordaysec.de\/en\/firmware-hardening","name":"Firmware hardening - fordaysec","isPartOf":{"@id":"https:\/\/fordaysec.de\/en#website"},"primaryImageOfPage":{"@id":"https:\/\/fordaysec.de\/en\/firmware-hardening#primaryimage"},"image":{"@id":"https:\/\/fordaysec.de\/en\/firmware-hardening#primaryimage"},"thumbnailUrl":"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1.jpg","datePublished":"2022-09-30T08:51:06+00:00","dateModified":"2023-12-14T11:08:07+00:00","description":"The focus of this project is on the software side aspects for hardening open source firmware when it has security vulnerabilities.","breadcrumb":{"@id":"https:\/\/fordaysec.de\/en\/firmware-hardening#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/fordaysec.de\/en\/firmware-hardening"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/fordaysec.de\/en\/firmware-hardening#primaryimage","url":"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1.jpg","contentUrl":"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/A02-Kinder-1.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/fordaysec.de\/en\/firmware-hardening#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/fordaysec.de\/en"},{"@type":"ListItem","position":2,"name":"Firmware hardening"}]},{"@type":"WebSite","@id":"https:\/\/fordaysec.de\/en#website","url":"https:\/\/fordaysec.de\/en","name":"fordaysec","description":"","publisher":{"@id":"https:\/\/fordaysec.de\/en#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/fordaysec.de\/en?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/fordaysec.de\/en#organization","name":"fordaysec","url":"https:\/\/fordaysec.de\/en","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/fordaysec.de\/en#\/schema\/logo\/image\/","url":"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/ForDaySec-Logo.png","contentUrl":"https:\/\/fordaysec.de\/wp-content\/uploads\/2022\/09\/ForDaySec-Logo.png","width":1000,"height":410,"caption":"fordaysec"},"image":{"@id":"https:\/\/fordaysec.de\/en#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/pages\/1327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/comments?post=1327"}],"version-history":[{"count":7,"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/pages\/1327\/revisions"}],"predecessor-version":[{"id":1837,"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/pages\/1327\/revisions\/1837"}],"wp:attachment":[{"href":"https:\/\/fordaysec.de\/en\/wp-json\/wp\/v2\/media?parent=1327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}