嵌入式设备固件仿真器综述

Review of Firmware Emulators in Embedded Devices

随着物联网(IoT)技术的发展,嵌入式设备面临更加严峻的安全威胁,特别是嵌入式设备漏洞严重影响物联网产业的安全发展.但受限于嵌入式设备自身硬件资源的限制,通用计算机系统常用的动态漏洞检测技术,例如模糊测试难以直接应用到嵌入式设备上.因此,近年来嵌入式设备固件仿真技术成为学术界的研究热点,通过对嵌入式设备硬件依赖的仿真或替换,可以将模糊测试、符号执行等通用高效漏洞检测技术应用于嵌入式设备.围绕最新嵌入式设备仿真技术,搜集整理近年来国际顶级学术论文,对相关研究成果进行归纳、总结.基于采用的仿真技术和衍生关系进行分类介绍,然后对这些固件仿真器进行评估和细化比较,为使用者选择固件仿真器提供技术参考.最后,根据当前嵌入式设备固件仿真器的现状,提出固件仿真器的挑战和机遇,对固件仿真器的研究进行了展望.

With the development of IoT technology,embedded devices are facing more severe security threats,especially the serious impact of embedded device vulnerabilities on the security development of the IoT industry.However,due to the limitations of hardware resources of embedded devices,dynamic vulnerability detection technologies commonly used in general computer systems such as fuzz testing are difficult to apply directly to embedded devices.Therefore,in recent years,embedded device firmware emulation technology has become a research hotspot in academia.By emulating or replacing the hardware dependency of embedded devices,general and efficient vulnerability detection technologies such as fuzz testing and symbolic execution can be applied to embedded devices.We focus on the latest embedded device emulation technology,collect and summarize top international academic papers in recent years,summarize and classify relevant research results based on the emulation technology and derivative relationships used,and then evaluate and refine these firmware emulators for technical reference for users to choose firmware emulators.Finally,based on the current situation of embedded device firmware emulators,we put forward the challenges and opportunities of firmware emulators and prospects for future research on firmware emulators.