Symposium sur la sécurité des technologies de l'information et des communications

Conférence francophone sur le thème de la sécurité de l'information.
Elle a eu lieu à Rennes du 2 au 4 juin 2021.

Analyzing ARCompact firmware with GhidraNicolas Iooss

Date : 04 June 2021 à 12:00 — 15 min.

Some microcontroller units use the ARCompact instruction set. When analyzing their firmware, several tools exist to recover the code in assembly instructions. Before this publication, no tool existed which enabled to recover the code in a language which is easier to understand, such as C language.

Ghidra is a powerful reverse-engineering project for which it is possible to add support for many instruction sets. This presentation presents how ARCompact support was added to Ghidra and some challenges which were encountered in this journey. This support enabled using Ghidra's decompiler to recover the semantics of the code of studied firmware in a language close to C.

(Pull Request