{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T20:58:18Z","timestamp":1773521898403,"version":"3.50.1"},"reference-count":151,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2024,1,22]],"date-time":"2024-01-22T00:00:00Z","timestamp":1705881600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>In recent years, the Internet of Things (IoT) paradigm has been widely applied across a variety of industrial and consumer areas to facilitate greater automation and increase productivity. Higher dependability on connected devices led to a growing range of cyber security threats targeting IoT-enabled platforms, specifically device firmware vulnerabilities, often overlooked during development and deployment. A comprehensive security strategy aiming to mitigate IoT firmware vulnerabilities would entail auditing the IoT device firmware environment, from software components, storage, and configuration, to delivery, maintenance, and updating, as well as understanding the efficacy of tools and techniques available for this purpose. To this effect, this paper reviews the state-of-the-art technology in IoT firmware vulnerability assessment from a holistic perspective. To help with the process, the IoT ecosystem is divided into eight categories: system properties, access controls, hardware and software re-use, network interfacing, image management, user awareness, regulatory compliance, and adversarial vectors. Following the review of individual areas, the paper further investigates the efficiency and scalability of auditing techniques for detecting firmware vulnerabilities. Beyond the technical aspects, state-of-the-art IoT firmware architectures and respective evaluation platforms are also reviewed according to their technical, regulatory, and standardization challenges. The discussion is accompanied also by a review of the existing auditing tools, the vulnerabilities addressed, the analysis method used, and their abilities to scale and detect unknown attacks. The review also proposes a taxonomy of vulnerabilities and maps them with their exploitation vectors and with the auditing tools that could help in identifying them. Given the current interest in analysis automation, the paper explores the feasibility and impact of evolving machine learning and blockchain applications in securing IoT firmware. The paper concludes with a summary of ongoing and future research challenges in IoT firmware to facilitate and support secure IoT development.<\/jats:p>","DOI":"10.3390\/s24020708","type":"journal-article","created":{"date-parts":[[2024,1,22]],"date-time":"2024-01-22T12:01:13Z","timestamp":1705924873000},"page":"708","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":58,"title":["A Review of IoT Firmware Vulnerabilities and Auditing Techniques"],"prefix":"10.3390","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4750-7864","authenticated-orcid":false,"given":"Taimur","family":"Bakhshi","sequence":"first","affiliation":[{"name":"Center for Information Management & Cyber Security, National University of Computer & Emerging Sciences, Lahore 54770, Pakistan"},{"name":"School of Engineering, Computing and Mathematics, University of Plymouth, Plymouth PL4 8AA, UK"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1788-547X","authenticated-orcid":false,"given":"Bogdan","family":"Ghita","sequence":"additional","affiliation":[{"name":"School of Engineering, Computing and Mathematics, University of Plymouth, Plymouth PL4 8AA, UK"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6917-4234","authenticated-orcid":false,"given":"Ievgeniia","family":"Kuzminykh","sequence":"additional","affiliation":[{"name":"Department of Informatics, King\u2019s College London, London WC2R 2ND, UK"}]}],"member":"1968","published-online":{"date-parts":[[2024,1,22]]},"reference":[{"key":"ref_1","first-page":"7235984","article-title":"Autonomous WiFi Sensor for Heating Systems in the Internet of Things","volume":"2016","author":"Blasco","year":"2016","journal-title":"J. Sensors"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"18352","DOI":"10.1109\/ACCESS.2022.3148140","article-title":"Ranking Security of IoT-based Smart Home Consumer Devices","volume":"10","author":"AlLifah","year":"2022","journal-title":"IEEE Access"},{"key":"ref_3","unstructured":"Das, A., Sharma, S.C.M., and Ratha, B.K. (2018). Smart Cities Cybersecurity and Privacy, Elsevier."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"1435","DOI":"10.1080\/03772063.2019.1649215","article-title":"Smart-Monitor: Patient Monitoring System for IoT-Based Healthcare System Using Deep Learning","volume":"68","author":"Jeyaraj","year":"2022","journal-title":"IETE J. Res."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"TajDini, M., Sokolov, V., Kuzminykh, I., Shiaeles, S., and Ghita, B. (2020). Wireless Sensors for Brain Activity-A Survey. Electronics, 9.","DOI":"10.3390\/electronics9122092"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"3459","DOI":"10.1109\/ACCESS.2021.3139663","article-title":"Scheduled Access Strategy for Improving Sensor Node Battery Lifetime and Delay Analysis of Wireless Body Area Network","volume":"10","author":"Pradha","year":"2022","journal-title":"IEEE Access"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"324","DOI":"10.1109\/JPROC.2019.2950349","article-title":"Toward Reliable and Scalable Internet of Vehicles: Performance Analysis and Resource Management","volume":"108","author":"Ni","year":"2020","journal-title":"Proc. IEEE"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Kuzminykh, I. (2016, January 23\u201326). Development of traffic light control algorithm in smart municipal network. Proceedings of the 2016 13th International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science (TCSET), Lviv, Ukraine.","DOI":"10.1109\/TCSET.2016.7452218"},{"key":"ref_9","unstructured":"Hunzinger, R. (2017). Internet of Things and Data Analytics Handbook, Wiley."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Liberg, O., Wang, Y.P.E., Sachs, J., Sundberg, M., and Bergman, J. (2017). Cellular Internet of Things\u2014Technologies, Standards and Performance, Academic Press. Chapter 9.","DOI":"10.1016\/B978-0-12-812458-1.00001-0"},{"key":"ref_11","unstructured":"Chaudhari, B.S., and Zennaro, M. (2020). LPWAN Technologies for IoT and M2M Applications, Academic Press."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1016\/j.telpol.2016.11.002","article-title":"The evolution of the internet of things industry and market in China: An interplay of institutions, demands and supply","volume":"41","author":"Kshetri","year":"2017","journal-title":"Telecommun. Policy"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"46","DOI":"10.1007\/978-3-030-97777-1_5","article-title":"The Challenges with Internet of Things Security for Business","volume":"Volume 13158","author":"Koucheryavy","year":"2022","journal-title":"Internet of Things, Smart Spaces, and Next Generation Networks and Systems"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"9804","DOI":"10.1109\/JIOT.2022.3152173","article-title":"Modelling and Experimental Validation for Battery Lifetime Estimation in NB-IoT and LTE-M","volume":"9","author":"Wang","year":"2022","journal-title":"IEEE Internet Things J."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Kuzminykh, I., Yevdokymenko, M., and Sokolov, V. (2023, November 29). Encryption Algorithms in IoT: Security vs. Lifetime. Available online: https:\/\/ssrn.com\/abstract=4636161.","DOI":"10.2139\/ssrn.4636161"},{"key":"ref_16","unstructured":"Gupta, A., and Guzman, A. (2017). IoT Penetration Testing Cookbook: Identify Vulnerabilities and Secure Your Smart Devices, Packt Publishing."},{"key":"ref_17","first-page":"355","article-title":"A comprehensive IoT attacks survey based on a building-blocked reference model","volume":"9","author":"Konstantas","year":"2018","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"423","DOI":"10.1007\/s11235-017-0345-9","article-title":"Security in Internet of Things: Issues, challenges, taxonomy, and architecture","volume":"67","author":"Adat","year":"2018","journal-title":"Telecommun. Syst."},{"key":"ref_19","first-page":"8","article-title":"Internet of Things: A survey on the security of IoT frameworks","volume":"38","author":"Ammar","year":"2018","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1007\/978-3-030-30859-9_2","article-title":"Investigation of the IoT Device Lifetime with Secure Data Transmission","volume":"Volume 11660","author":"Galinina","year":"2019","journal-title":"Internet of Things, Smart Spaces, and Next Generation Networks and Systems (NEW2AN\/ruSMART 2019)"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MC.2017.201","article-title":"DDoS in the IoT: Mirai and other botnets","volume":"50","author":"Kolias","year":"2017","journal-title":"Computer"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Ling, Z., Liu, K., Xu, Y., Jin, Y., and Fu, X. (2017, January 4\u20138). An End-to-End View of IoT Security and Privacy. Proceedings of the GLOBECOM 2017\u20142017 IEEE Global Communications Conference, Singapore.","DOI":"10.1109\/GLOCOM.2017.8254011"},{"key":"ref_23","unstructured":"Microsoft (2023, November 29). Security Signals March 2021. Available online: https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWPStZ."},{"key":"ref_24","unstructured":"Rothman, M., and Zimmer, V. (2023, October 15). Understanding UEFI Firmware Update and Its Vital Role in Keeping Computing Systems Secure. Available online: https:\/\/embeddedcomputing.com\/technology\/security\/software-security\/understanding-uefi-firmware-update-and-its-vital-role-in-keeping-computing-systems-secure."},{"key":"ref_25","unstructured":"Vasile, S., Oswald, D., and Chothia, T. (2019). Smart Card Research and Advanced Applications, Springer."},{"key":"ref_26","unstructured":"(2023, November 29). Quantum IoT Protect Firmwar\u2014Security Risk Assessment. Available online: https:\/\/pages.checkpoint.com\/iot-firmware-risk-assessment.html."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1109\/TMSCS.2015.2498605","article-title":"Privacy and security in internet of things and wearable devices","volume":"1","author":"Arias","year":"2015","journal-title":"IEEE Trans. Multi-Scale Comput. Syst."},{"key":"ref_28","unstructured":"Costin, A., and Zaddach, J. (2018, January 4\u20139). IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies. Proceedings of the Black Hat USA 2018, Las Vegas, NV, USA. Available online: http:\/\/firmware.re\/malw\/bh18us_costin.pdf."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Yu, M., Zhuge, J., Cao, M., Shi, Z., and Jiang, L. (2020). A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices. Future Internet, 12.","DOI":"10.3390\/fi12020027"},{"key":"ref_30","unstructured":"Mohanty, A., Obaidat, I., Yilmaz, F., and Sridhar, M. (2020, January 17\u201320). Control-hijacking vulnerabilities in IoT firmware: A brief survey. Proceedings of the 1st International Workshop on Security and Privacy for the Internet-of-Things, Orlando, FL, USA."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Xie, W., Jiang, Y., Tang, Y., Ding, N., and Gao, Y. (2017, January 15\u201317). Vulnerability Detection in IoT Firmware: A Survey. Proceedings of the 2017 IEEE 23rd International Conference on Parallel and Distributed Systems (ICPADS), Shenzhen, China.","DOI":"10.1109\/ICPADS.2017.00104"},{"key":"ref_32","first-page":"5","article-title":"Challenges in Firmware Re-Hosting, Emulation, and Analysis","volume":"54","author":"Wright","year":"2021","journal-title":"ACM Comput. Surv."},{"key":"ref_33","unstructured":"Costin, A., Zarras, A., and Francillon, A. (June, January 30). Automated dynamic firmware analysis at scale: A case study on embedded web interfaces. Proceedings of the 11th ACM Asia Conference on Computer and Communications Security (ASIA CCS), Xi\u2019an, China."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Gupta, A. (2019). The IoT Hacker\u2019s Handbook\u2014A Practical Guide to Hacking the Internet of Things, Apress.","DOI":"10.1007\/978-1-4842-4300-8"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"687","DOI":"10.3390\/signals4040038","article-title":"Exploitation Techniques of IoST Vulnerabilities in Air-Gapped Networks and Security Measures\u2014A Systematic Review","volume":"4","author":"Hamada","year":"2023","journal-title":"Signals"},{"key":"ref_36","unstructured":"Hicken, A. (2023, December 01). How Does Static Analysis Prevent Defects & Accelerate Delivery?. Available online: https:\/\/www.parasoft.com\/blog\/how-does-static-analysis-prevent-defects-and-accelerate-delivery\/."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1145\/1217196.1217198","article-title":"Firmware\/hardware support for operating systems","volume":"6","author":"Sockut","year":"1975","journal-title":"ACM SIGMICRO Newsl."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Mera, A., Feng, B., Lu, L., and Kirda, E. (2021, January 24\u201327). DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis. Proceedings of the 2021 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP40001.2021.00018"},{"key":"ref_39","unstructured":"(2023, December 01). gdb(1)\u2014Linux Man Page. Available online: https:\/\/linux.die.net\/man\/1\/gdb."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Xu, X., Liu, C., Feng, Q., Yin, H., Song, L., and Song, D. (November, January 30). Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, TX, USA.","DOI":"10.1145\/3133956.3134018"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"14171","DOI":"10.1109\/ACCESS.2019.2893733","article-title":"Staged Method of Code Similarity Analysis for Firmware Vulnerability Detection","volume":"7","author":"Wang","year":"2019","journal-title":"IEEE Access"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Hristozov, S., Heyszl, J., Wagner, S., and Sigl, G. (2018, January 18). Practical Runtime Attestation for Tiny IoT Devices. Proceedings of the NDSS Workshop on Decentralized IoT Security and Standards (DISS), San Diego, CA, USA.","DOI":"10.14722\/diss.2018.23011"},{"key":"ref_43","unstructured":"(2023, October 15). Kaspersky Unveils an Overview of IoT-Related Threats in 2023. Available online: https:\/\/www.kaspersky.com\/about\/press-releases\/2023_kaspersky-unveils-an-overview-of-iot-related-threats-in-2023."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"6","DOI":"10.1145\/2089125.2089126","article-title":"A survey on automated dynamic malware-analysis techniques and tools","volume":"44","author":"Egele","year":"2012","journal-title":"ACM Comput. Surv."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1007\/978-3-319-60876-1_13","article-title":"HumIDIFy: A Tool for Hidden Functionality Detection in Firmware","volume":"Volume 10327","author":"Polychronakis","year":"2017","journal-title":"Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2017)"},{"key":"ref_46","unstructured":"Barcena, M., and Wueest, C. (2023, December 01). Insecurity in the Internet of Things, Symantec Report. Available online: https:\/\/docs.broadcom.com\/doc\/insecurity-in-the-internet-of-things-en."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1016\/j.compind.2018.09.004","article-title":"Cybersecurity for Industry 4.0 in the current literature: A reference framework","volume":"103","author":"Lezzi","year":"2018","journal-title":"Comput. Ind."},{"key":"ref_48","unstructured":"Cadar, C., Dunbar, D., and Engler, D. (2008, January 8\u201310). KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation (OSDI), San Diego, CA, USA."},{"key":"ref_49","unstructured":"(2023, December 01). FAT: Firmware Analysis Toolkit. Available online: https:\/\/github.com\/attify\/firmware-analysis-toolkit."},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Zheng, M., Sun, M., and Lui, J.C.S. (2014, January 4\u20136). DroidRay: A security evaluation system for customized android firmwares. Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIA CCS), Kyoto, Japan.","DOI":"10.1145\/2590296.2590313"},{"key":"ref_51","unstructured":"Zheng, Y., Davanian, A., Yin, H., Song, C., Zhu, H., and Sun, L. (2019, January 14\u201316). FIRM-AFL: High-throughput greybox fuzzing of IoT firmware via augmented process emulation. Proceedings of the 28th USENIX Conference on Security Symposium, Santa Clara, CA, USA."},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Cheng, K., Li, Q., Wang, L., Chen, Q., Zheng, Y., Sun, L., and Liang, Z. (2018, January 25\u201328). DTaint: Detecting the Taint-Style Vulnerability in Embedded Device Firmware. Proceedings of the 2018 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), Luxembourg.","DOI":"10.1109\/DSN.2018.00052"},{"key":"ref_53","unstructured":"Celik, Z.B., Babun, L., Sikder, A.K., Aksu, H., Tan, G., McDaniel, P., and Uluagac, A.S. (2018, January 15\u201317). Sensitive Information Tracking in Commodity IoT. Proceedings of the 27th USENIX Conference on Security Symposium, Baltimore, MD, USA."},{"key":"ref_54","unstructured":"IoT Inspector (2023, December 01). Security Analysis for IoT Devices. Completely Automated. Available online: https:\/\/level5tech.com\/iot-inspector\/."},{"key":"ref_55","unstructured":"FIRMALYZER (2023, December 01). Discover IoT\/Connected Devices, Their CVEs and Their Firmware Risks. Available online: https:\/\/firmalyzer.com\/."},{"key":"ref_56","unstructured":"Smith, C. (2023, December 01). Firmwalker: Script for Searching the Extracted Firmware File System for Goodies!. Available online: https:\/\/github.com\/craigz28\/firmwalker."},{"key":"ref_57","doi-asserted-by":"crossref","unstructured":"Boudguiga, A., Bouzerna, N., Granboulan, L., Olivereau, A., Quesnel, A., Roger, A., and Sirdey, R. (2017, January 26\u201328). Towards Better Availability and Accountability for IoT Updates by Means of a Blockchain. Proceedings of the 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Paris, France.","DOI":"10.1109\/EuroSPW.2017.50"},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"37518","DOI":"10.1109\/ACCESS.2020.2975920","article-title":"Blockchain-Based Distributed Firmware Update Architecture for IoT Devices","volume":"8","author":"Choi","year":"2020","journal-title":"IEEE Access"},{"key":"ref_59","doi-asserted-by":"crossref","unstructured":"Fukuda, T., and Omote, K. (February, January 30). Efficient Blockchain-based IoT Firmware Update Considering Distribution Incentives. Proceedings of the 2021 IEEE Conference on Dependable and Secure Computing (DSC), Aizuwakamatsu, Japan.","DOI":"10.1109\/DSC49826.2021.9346265"},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Imran, M.A., Cao, B., Zhang, L., and Peng, M. (2021). Wireless Blockchain: Principles, Technologies and Applications, John Wiley & Sons, Ltd.","DOI":"10.1002\/9781119790839"},{"key":"ref_61","unstructured":"Ream, J., Chu, Y., and Schatsky, D. (2016). Upgrading Blockchains: Smart Contract Use Cases in Industry, Deloitte University Press. Available online: https:\/\/www2.deloitte.com\/us\/en\/insights\/focus\/signals-for-strategists\/using-blockchain-for-smart-contracts.html."},{"key":"ref_62","doi-asserted-by":"crossref","unstructured":"Witanto, E.N., Oktian, Y.E., Lee, S.-G., and Lee, J.-H. (2020). A Blockchain-Based OCF Firmware Update for IoT Devices. Appl. Sci., 10.","DOI":"10.3390\/app10196744"},{"key":"ref_63","doi-asserted-by":"crossref","unstructured":"Yohan, A., and Lo, N.-W. (2018, January 10\u201313). An Over-the-Blockchain Firmware Update Framework for IoT Devices. Proceedings of the 2018 IEEE Conference on Dependable and Secure Computing (DSC), Kaohsiung, Taiwan.","DOI":"10.1109\/DESEC.2018.8625164"},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"257","DOI":"10.1007\/s10207-019-00467-6","article-title":"FOTB: A secure blockchain-based firmware update framework for IoT environment","volume":"19","author":"Yohan","year":"2020","journal-title":"Int. J. Inf. Secur."},{"key":"ref_65","doi-asserted-by":"crossref","first-page":"221","DOI":"10.1016\/j.cose.2005.11.002","article-title":"An empirical examination of the reverse engineering process for binary files","volume":"25","author":"Sutherland","year":"2006","journal-title":"Comput. Secur."},{"key":"ref_66","doi-asserted-by":"crossref","first-page":"76","DOI":"10.1109\/MSP.2004.111","article-title":"Static analysis for security","volume":"2","author":"Chess","year":"2004","journal-title":"IEEE Secur. Priv."},{"key":"ref_67","unstructured":"Chen, H., Dean, D., and Wagner, D. (2004, January 5). Model Checking One Million Lines of C Code. Proceedings of the NDSS Symposium 2004, San Diego, CA, USA."},{"key":"ref_68","unstructured":"Fagbuyiro, D. (2023, December 01). Benefits of Using Static Code Analysis Tools for Software Testing. Available online: https:\/\/www.stickyminds.com\/article\/benefits-using-static-code-analysis-tools-software-testing."},{"key":"ref_69","doi-asserted-by":"crossref","unstructured":"Cojocar, L., Zaddach, J., Verdult, R., Bos, H., Francillon, A., and Balzarotti, D. (2015, January 7\u201311). PIE: Parser Identification in Embedded Systems. Proceedings of the 31st Annual Computer Security Applications Conference, New York, NY, USA.","DOI":"10.1145\/2818000.2818035"},{"key":"ref_70","doi-asserted-by":"crossref","unstructured":"Miettinen, M., Marchal, S., Hafeez, I., Frassetto, T., Asokan, N., Sadeghi, A.-R., and Tarkoma, S. (2017, January 5\u20138). IoT Sentinel Demo: Automated Device-Type Identification for Security Enforcement in IoT. Proceedings of the 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), Atlanta, GA, USA.","DOI":"10.1109\/ICDCS.2017.284"},{"key":"ref_71","doi-asserted-by":"crossref","first-page":"233","DOI":"10.1007\/978-3-319-58469-0_16","article-title":"Towards Automated Classification of Firmware Images and Identification of Embedded Devices","volume":"Volume 502","author":"Martinelli","year":"2017","journal-title":"ICT Systems Security and Privacy Protection (SEC 2017)"},{"key":"ref_72","doi-asserted-by":"crossref","unstructured":"Lee, S., Paik, J.-Y., Jin, R., and Cho, E.-S. (2019, January 15\u201319). Toward Machine Learning Based Analyses on Compressed Firmware. Proceedings of the 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Milwaukee, WI, USA.","DOI":"10.1109\/COMPSAC.2019.10271"},{"key":"ref_73","doi-asserted-by":"crossref","first-page":"130","DOI":"10.1145\/3291047","article-title":"Demystifying Arm TrustZone: A Comprehensive Survey","volume":"51","author":"Pinto","year":"2019","journal-title":"ACM Comput. Surv."},{"key":"ref_74","doi-asserted-by":"crossref","unstructured":"Koutroumpouchos, N., Ntantogian, C., and Xenakis, C. (2021). Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone. Sensors, 21.","DOI":"10.3390\/s21020520"},{"key":"ref_75","doi-asserted-by":"crossref","unstructured":"Koeberl, P., Schulz, S., Sadeghi, A.-R., and Varadharajan, V. (2014, January 14\u201316). TrustLite: A security architecture for tiny embedded devices. Proceedings of the 9th European Conference on Computer Systems, Amsterdam, The Netherlands.","DOI":"10.1145\/2592798.2592824"},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Dushku, E., \u00d8stergaard, J.H., and Dragoni, N. (2022). Memory Offloading for Remote Attestation of Multi-Service IoT Devices. Sensors, 22.","DOI":"10.3390\/s22124340"},{"key":"ref_77","doi-asserted-by":"crossref","unstructured":"Brasser, F., Rasmussen, K.B., Sadeghi, A.-R., and Tsudik, G. (2016, January 5\u20139). Remote attestation for low-end embedded devices: The prover\u2019s perspective. Proceedings of the 53rd Annual Design Automation Conference, Austin, TX, USA.","DOI":"10.1145\/2897937.2898083"},{"key":"ref_78","doi-asserted-by":"crossref","unstructured":"Conti, M., Dushku, E., Mancini, L.V., Rabbani, M., and Ranise, S. (2019, January 22\u201325). Remote Attestation as a Service for IoT. Proceedings of the 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), Granada, Spain.","DOI":"10.1109\/IOTSMS48152.2019.8939224"},{"key":"ref_79","unstructured":"Eldefrawy, K., Tsudik, G., Francillon, A., and Perito, D. (2019, January 24\u201327). SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust. Proceedings of the NDSS Symposium 2019, San Diego, CA, USA."},{"key":"ref_80","doi-asserted-by":"crossref","unstructured":"Costin, A. (2016, January 28). Security of CCTV and Video Surveillance Systems: Threats, Vulnerabilities, Attacks, and Mitigations. Proceedings of the 6th International Workshop on Trustworthy Embedded Devices, Vienna, Austria.","DOI":"10.1145\/2995289.2995290"},{"key":"ref_81","unstructured":"Costin, A., Zaddach, J., Francillon, A., and Balzarotti, D. (2014, January 20\u201322). Large Scale Security Analysis of Embedded Devices\u2019 Firmware. Proceedings of the 23rd USENIX Conference on Security Symposium, San Diego, CA, USA."},{"key":"ref_82","doi-asserted-by":"crossref","first-page":"392","DOI":"10.1145\/3296957.3177157","article-title":"FirmUp: Precise Static Detection of Common Vulnerabilities in Firmware","volume":"53","author":"David","year":"2018","journal-title":"ACM SIGPLAN Not."},{"key":"ref_83","doi-asserted-by":"crossref","unstructured":"Chen, D.D., Woo, M., Brumley, D., and Egele, M. (2016, January 21\u201324). Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. Proceedings of the NDSS Symposium 2016, San Diego, CA, USA.","DOI":"10.14722\/ndss.2016.23415"},{"key":"ref_84","doi-asserted-by":"crossref","first-page":"29826","DOI":"10.1109\/ACCESS.2020.2973043","article-title":"FIRMCORN: Vulnerability-Oriented Fuzzing of IoT Firmware via Optimized Virtual Execution","volume":"8","author":"Gui","year":"2020","journal-title":"IEEE Access"},{"key":"ref_85","doi-asserted-by":"crossref","unstructured":"Zaddach, J., Bruno, L., Francillon, A., and Balzarotti, D. (2014, January 23\u201324). AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems\u2019 Firmwares. Proceedings of the NDSS Symposium 2014, San Diego, CA, USA.","DOI":"10.14722\/ndss.2014.23229"},{"key":"ref_86","unstructured":"Feng, B., Mera, A., and Lu, L. (2020, January 12\u201314). P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling. Proceedings of the 29th USENIX Conference on Security Symposium, Boston, MA, USA."},{"key":"ref_87","unstructured":"Clements, A.A., Gustafson, E., Scharnowski, T., Grosen, P., Fritz, D., Kruegel, C., Vigna, G., Bagchi, S., and Payer, M. (2020, January 12\u201314). HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation. Proceedings of the 29th USENIX Conference on Security Symposium, Boston, MA, USA."},{"key":"ref_88","unstructured":"Gustafson, E., Muench, M., Spensky, C., Redini, N., Machiry, A., Fratantonio, Y., Balzarotti, D., Francillon, A., Choe, Y.R., and Kruegel, C. (2019, January 23\u201325). Toward the Analysis of Embedded Firmware through Automated Re-hosting. Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Beijing, China."},{"key":"ref_89","doi-asserted-by":"crossref","first-page":"390","DOI":"10.1016\/j.future.2019.12.032","article-title":"HFuzz: Towards automatic fuzzing testing of NB-IoT core network protocols implementations","volume":"108","author":"Liu","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_90","unstructured":"Maier, D., Radtke, B., and Harren, B. (2019, January 12\u201313). Unicorefuzz: On the viability of emulation for kernel space fuzzing. Proceedings of the 13th USENIX Workshop on Offensive Technologies, Santa Clara, CA, USA."},{"key":"ref_91","doi-asserted-by":"crossref","first-page":"5076324","DOI":"10.1155\/2019\/5076324","article-title":"Discovering Vulnerabilities in COTS IoT Devices through Blackbox Fuzzing Web Management Interface","volume":"2019","author":"Wang","year":"2019","journal-title":"Secur. Commun. Netw."},{"key":"ref_92","unstructured":"Davidson, D., Moench, B., Jha, S., and Ristenpart, T. (2013, January 14\u201316). FIE on firmware: Finding vulnerabilities in embedded systems using symbolic execution. Proceedings of the 22nd USENIX Conference on Security Symposium, Washington, DC, USA."},{"key":"ref_93","doi-asserted-by":"crossref","first-page":"638","DOI":"10.1007\/978-3-030-29959-0_31","article-title":"Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic Execution","volume":"Volume 11735","author":"Sako","year":"2019","journal-title":"Computer Security\u2014ESORICS 2019"},{"key":"ref_94","doi-asserted-by":"crossref","first-page":"4965","DOI":"10.1109\/JIOT.2018.2875240","article-title":"Reverse Engineering IoT Devices: Effective Techniques and Methods","volume":"5","author":"Shwartz","year":"2018","journal-title":"IEEE Internet Things J."},{"key":"ref_95","unstructured":"Zaddach, J., and Costin, A. (August, January 31). Embedded Devices Security and Firmware Reverse Engineering. Proceedings of the Black Hat USA 2013, Las Vegas, NV, USA."},{"key":"ref_96","doi-asserted-by":"crossref","first-page":"2702","DOI":"10.1109\/COMST.2019.2910750","article-title":"Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations","volume":"21","author":"Neshenko","year":"2019","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_97","doi-asserted-by":"crossref","first-page":"1636","DOI":"10.1109\/COMST.2018.2874978","article-title":"Anatomy of Threats to the Internet of Things","volume":"21","author":"Makhdoom","year":"2019","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_98","doi-asserted-by":"crossref","unstructured":"Cao, C., Guan, L., Ming, J., and Liu, P. (2020, January 7\u201311). Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation. Proceedings of the 36th Annual Computer Security Applications Conference, Austin, TX, USA.","DOI":"10.1145\/3427228.3427280"},{"key":"ref_99","doi-asserted-by":"crossref","unstructured":"Palavicini, G., Bryan, J., Sheets, E., Kline, M., and San Miguel, J. (2017, January 24\u201326). Towards Firmware Analysis of Industrial Internet of Things (IIoT)\u2013Applying Symbolic Analysis to IIoT Firmware Vetting. Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security (IoTBDS 2017), Porto, Portugal.","DOI":"10.5220\/0006393704700477"},{"key":"ref_100","doi-asserted-by":"crossref","unstructured":"Wang, Z., Zhang, Y., Tian, Z., Ruan, Q., Liu, T., Wang, H., Liu, Z., Lin, J., Fang, B., and Shi, W. (2019). Automated Vulnerability Discovery and Exploitation in the Internet of Things. Sensors, 19.","DOI":"10.3390\/s19153362"},{"key":"ref_101","doi-asserted-by":"crossref","first-page":"1152","DOI":"10.1007\/s11227-016-1870-0","article-title":"Blockchain-based secure firmware update for embedded devices in an Internet of Things environment","volume":"73","author":"Lee","year":"2017","journal-title":"J. Supercomput."},{"key":"ref_102","doi-asserted-by":"crossref","first-page":"52","DOI":"10.1007\/978-3-319-60717-7_6","article-title":"Firmware Verification of Embedded Devices Based on a Blockchain","volume":"Volume 199","author":"Lee","year":"2017","journal-title":"Quality, Reliability, Security and Robustness in Heterogeneous Networks"},{"key":"ref_103","doi-asserted-by":"crossref","unstructured":"Yohan, A., Lo, N.-W., and Santoso, L.P. (2019, January 5\u201318). Secure and Lightweight Firmware Update Framework for IoT Environment. Proceedings of the 2019 IEEE 8th Global Conference on Consumer Electronics (GCCE), Osaka, Japan.","DOI":"10.1109\/GCCE46687.2019.9015316"},{"key":"ref_104","doi-asserted-by":"crossref","first-page":"7981","DOI":"10.1109\/ACCESS.2020.2964646","article-title":"Large-Scale IoT Devices Firmware Identification Based on Weak Password","volume":"8","author":"Yu","year":"2020","journal-title":"IEEE Access"},{"key":"ref_105","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1109\/LES.2018.2829777","article-title":"Anatomy of Memory Corruption Attacks and Mitigations in Embedded Systems","volume":"10","author":"Tsoutsos","year":"2018","journal-title":"IEEE Embed. Syst. Lett."},{"key":"ref_106","doi-asserted-by":"crossref","first-page":"344","DOI":"10.1007\/978-3-642-16161-2_20","article-title":"Efficient Isolation of Trusted Subsystems in Embedded Systems","volume":"Volume 50","author":"Jajodia","year":"2010","journal-title":"Security and Privacy in Communication Networks"},{"key":"ref_107","doi-asserted-by":"crossref","unstructured":"Abera, T., Asokan, N., Davi, L., Koushanfar, F., Paverd, A., Sadeghi, A.-R., and Tsudik, G. (2016, January 5\u20139). Invited: Things, trouble, trust: On building trust in IoT systems. Proceedings of the 53rd Annual Design Automation Conference, Austin, TX, USA.","DOI":"10.1145\/2897937.2905020"},{"key":"ref_108","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., Hauser, C., Kruegel, C., and Vigna, G. (2015, January 8\u201311). Firmalice\u2013Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware. Proceedings of the NDSS Symposium 2015, San Diego, CA, USA.","DOI":"10.14722\/ndss.2015.23294"},{"key":"ref_109","unstructured":"Greenberg, A. (2023, December 04). The Reaper IoT Botnet Has Already Infected a Million Networks. Available online: https:\/\/www.wired.com\/story\/reaper-iot-botnet-infected-million-networks\/."},{"key":"ref_110","unstructured":"Mandal, A., Ferrara, P., Khlyebnikov, Y., Cortesi, A., and Spoto, F. (April, January 30). Cross-program taint analysis for IoT systems. Proceedings of the 35th Annual ACM Symposium on Applied Computing, Brno, Czech Republic."},{"key":"ref_111","doi-asserted-by":"crossref","first-page":"76","DOI":"10.1109\/MC.2017.62","article-title":"Botnets and Internet of Things Security","volume":"50","author":"Bertino","year":"2017","journal-title":"Computer"},{"key":"ref_112","doi-asserted-by":"crossref","unstructured":"Wazzan, M., Algazzawi, D., Bamasaq, O., Albeshri, A., and Cheng, L. (2021). Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research. Appl. Sci., 11.","DOI":"10.3390\/app11125713"},{"key":"ref_113","unstructured":"(2023, December 04). IoT Alliance Australia. Available online: https:\/\/iot.org.au\/."},{"key":"ref_114","doi-asserted-by":"crossref","unstructured":"Fagan, M., Megas, K., Scarfone, K., and Smith, M. (2020). Foundational Cybersecurity Activities for IoT Device Manufacturers (Standard No. NIST IR 8259).","DOI":"10.6028\/NIST.IR.8259"},{"key":"ref_115","doi-asserted-by":"crossref","unstructured":"Regenscheid, A. (2018). Platform Firmware Resiliency Guidelines (Standard No. NIST SP 800-193).","DOI":"10.6028\/NIST.SP.800-193"},{"key":"ref_116","unstructured":"(2023, December 04). Binwalk: Firmware Analysis Tool. Available online: https:\/\/github.com\/ReFirmLabs\/binwalk."},{"key":"ref_117","unstructured":"Hemel, A. (2023, December 04). binaryanalysis-ng: Binary Analysis Next Generation (BANG). Available online: https:\/\/github.com\/armijnhemel\/binaryanalysis-ng."},{"key":"ref_118","unstructured":"(2023, December 04). FMK: Firmware Mod Kit. Available online: https:\/\/github.com\/rampageX\/firmware-mod-kit\/."},{"key":"ref_119","unstructured":"(2023, December 04). The Firmware Analysis and Comparison Tool (FACT). Available online: https:\/\/github.com\/fkie-cad\/FACT_core."},{"key":"ref_120","unstructured":"(2023, December 04). Angr: Platform-Agnostic Binary Analysis Framework. Available online: https:\/\/github.com\/angr\/angr."},{"key":"ref_121","unstructured":"(2023, December 04). Vector 35, Binary Ninja. Available online: https:\/\/binary.ninja\/features\/."},{"key":"ref_122","unstructured":"(2023, December 04). Radare2: Libre Reversing Framework for Unix Geeks. Available online: https:\/\/github.com\/radareorg\/radare2."},{"key":"ref_123","unstructured":"(2023, December 04). Ghidra Firmware Utilities. Available online: https:\/\/github.com\/al3xtjames\/ghidra-firmware-utils."},{"key":"ref_124","unstructured":"(2023, December 04). IDA Pro: A Powerful Disassembler and a Versatile Debugger. Available online: https:\/\/hex-rays.com\/ida-pro\/."},{"key":"ref_125","unstructured":"Bellard, F. (2005, January 10\u201315). QEMU, a Fast and Portable Dynamic Translator. Proceedings of the USENIX Annual Technical Conference, Anaheim, CA, USA."},{"key":"ref_126","unstructured":"Zalewski, M. (2023, December 04). AFL: American Fuzzy Lop. Available online: https:\/\/github.com\/google\/AFL."},{"key":"ref_127","unstructured":"Manske, A. (2019). Conducting a Vulnerability Assessment of an IP Camera. [Master\u2019s Thesis, KTH Royal Institute of Technology]."},{"key":"ref_128","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1016\/S1353-4858(16)30096-4","article-title":"Ransomware: Taking businesses hostage","volume":"2016","year":"2016","journal-title":"Netw. Secur."},{"key":"ref_129","doi-asserted-by":"crossref","unstructured":"Chen, J., Diao, W., Zhao, Q., Zuo, C., Lin, Z., Wang, X.F., Lau, W.C., Sun, M., Yang, R., and Zhang, K. (2018, January 18\u201321). IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing. Proceedings of the NDSS Symposium 2018, San Diego, CA, USA.","DOI":"10.14722\/ndss.2018.23159"},{"key":"ref_130","first-page":"233","article-title":"Binary Code Disassembly for Reverse Engineering","volume":"IV","author":"Popa","year":"2012","journal-title":"J. Mob. Embed. Distrib. Syst."},{"key":"ref_131","unstructured":"Serrano, M. (2013). Lecture Notes on Decompilation, Carnegie Mellon School of Computer Science. Lecture 20."},{"key":"ref_132","doi-asserted-by":"crossref","first-page":"71907","DOI":"10.1109\/ACCESS.2019.2919760","article-title":"Secure Firmware Updates for Constrained IoT Devices Using Open Standards: A Reality Check","volume":"7","author":"Zandberg","year":"2019","journal-title":"IEEE Access"},{"key":"ref_133","first-page":"1","article-title":"Lint, a C Program Checker","volume":"65","author":"Johnson","year":"1978","journal-title":"Comp Sci Tech. Rep."},{"key":"ref_134","doi-asserted-by":"crossref","first-page":"513","DOI":"10.1007\/978-3-319-66399-9_28","article-title":"Stringer: Measuring the Importance of Static Data Comparisons to Detect Backdoors and Undocumented Functionality","volume":"Volume 10493","author":"Foley","year":"2017","journal-title":"Computer Security\u2014ESORICS 2017"},{"key":"ref_135","unstructured":"Grace, M., Zhou, Y., Wang, Z., Jiang, X., and Drive, O. (2012, January 5\u20138). Systematic Detection of Capability Leaks in Stock Android Smartphones. Proceedings of the NDSS Symposium 2012, San Diego, CA, USA."},{"key":"ref_136","doi-asserted-by":"crossref","unstructured":"Feng, Q., Zhou, R., Xu, C., Cheng, Y., Testa, B., and Yin, H. (2016, January 24\u201328). Scalable graph-based bug search for firmware images. Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria.","DOI":"10.1145\/2976749.2978370"},{"key":"ref_137","doi-asserted-by":"crossref","unstructured":"Tien, C.W., Tsai, T.T., Chen, I.Y., and Kuo, S.Y. (2018, January 15\u201318). UFO\u2013Hidden Backdoor Discovery and Security Verification in IoT Device Firmware. Proceedings of the 2018 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), Memphis, TN, USA.","DOI":"10.1109\/ISSREW.2018.00-37"},{"key":"ref_138","unstructured":"(2023). Software Cybersecurity for Network-Connectable Products, Part 1: General Requirements (Standard No. UL 2900-1). Available online: https:\/\/standardscatalog.ul.com\/standards\/en\/standard_2900-1_1."},{"key":"ref_139","unstructured":"(2020). CYBER; Cyber Security for Consumer Internet of Things: Baseline Requirements (Standard No. ETSI EN 303 645 V2.1.1)."},{"key":"ref_140","unstructured":"Zhou, W., Guan, L., Liu, P., and Zhang, Y. (2021, January 11\u201313). Automatic Firmware Emulation through Invalidity-guided Knowledge Inference. Proceedings of the 30th USENIX Conference on Security Symposium, Virtual."},{"key":"ref_141","unstructured":"(2023, December 04). Firmadyne: Platform for Emulation and Dynamic Analysis of Linux-Based Firmware. Available online: https:\/\/github.com\/firmadyne\/firmadyne."},{"key":"ref_142","doi-asserted-by":"crossref","unstructured":"Zhu, L., Fu, X., Yao, Y., Zhang, Y., and Wang, H. (2019, January 5\u20138). FIoT: Detecting the Memory Corruption in Lightweight IoT Device Firmware. Proceedings of the 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\/13th IEEE International Conference on Big Data Science and Engineering (TrustCom\/BigDataSE), Rotorua, New Zealand.","DOI":"10.1109\/TrustCom\/BigDataSE.2019.00041"},{"key":"ref_143","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1109\/MSP.2018.1870858","article-title":"Mechanical Phish: Resilient Autonomous Hacking","volume":"16","author":"Shoshitaishvili","year":"2018","journal-title":"IEEE Secur. Priv."},{"key":"ref_144","doi-asserted-by":"crossref","first-page":"88","DOI":"10.1007\/978-3-030-04372-8_8","article-title":"Towards a Framework for Testing the Security of IoT Devices Consistently","volume":"Volume 11263","author":"Saracino","year":"2018","journal-title":"Emerging Technologies for Authorization and Authentication (ETAA 2018)"},{"key":"ref_145","first-page":"14","article-title":"An Instruction Set Architecture for Secure, Low-Power, Dynamic IoT Communication","volume":"Volume 561","author":"Bombieri","year":"2018","journal-title":"VLSI-SoC: Design and Engineering of Electronics Systems Based on New Computing Paradigms (VLSI-SoC 2018)"},{"key":"ref_146","unstructured":"UEFI (2023, December 05). Getting a Handle on Firmware Security. Available online: https:\/\/uefi.org\/sites\/default\/files\/resources\/Getting%20a%20Handle%20on%20Firmware%20Security%2011.11.17%20Final.pdf."},{"key":"ref_147","unstructured":"Wilkins, D. (2023, December 05). Firmware Security for IoT Devices. Available online: https:\/\/www.embedded-computing.com\/articles\/firmware-security-for-iot-devices."},{"key":"ref_148","doi-asserted-by":"crossref","first-page":"1759","DOI":"10.1109\/COMST.2021.3090430","article-title":"Federated Learning for Internet of Things: Recent Advances, Taxonomy, and Open Challenges","volume":"23","author":"Khan","year":"2012","journal-title":"IEEE Comm. Surv. Tut."},{"key":"ref_149","doi-asserted-by":"crossref","unstructured":"Sun, P., Garcia, L., Salles-Loustau, G., and Zonouz, S. (July, January 29). Hybrid Firmware Analysis for Known Mobile and IoT Security Vulnerabilities. Proceedings of the 2020 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), Valencia, Spain.","DOI":"10.1109\/DSN48063.2020.00053"},{"key":"ref_150","unstructured":"Chua, Z.L., Shen, S., Saxena, P., and Liang, Z. (2017, January 16\u201318). Neural Nets Can Learn Function Type Signatures from Binaries. Proceedings of the 26th USENIX Conference on Security Symposium, Vancouver, BC, Canada."},{"key":"ref_151","unstructured":"Krau, M., and Wei, D. (2023, December 05). Clarifying the Ten Most Common Misconceptions about UEFI, UEFI Forum White Paper. Available online: https:\/\/uefi.org\/sites\/default\/files\/resources\/UEFI_Clarifying_Common_Misconceptions_White_Paper_April%202014_Final.pdf."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/2\/708\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T13:47:24Z","timestamp":1760104044000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/2\/708"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,1,22]]},"references-count":151,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2024,1]]}},"alternative-id":["s24020708"],"URL":"https:\/\/doi.org\/10.3390\/s24020708","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,1,22]]}}}