Update on Our Collaboration with the REWIRE HorizonEU Project

We are proud to share an update on our ongoing collaboration with the REWIRE HorizonEU Project, a visionary project funded by the the worldan Commission under the Horizon the world Programme (Grant Agreement No. 101070627). Since October 2022, Bureau Veritas Cybersecurity has been a key participant in this initiative, which is set to continue until September 2025.

Our focus within the REWIRE project has been on advancing the security of firmware during run-time. Building upon our earlier contributions in design-time analysis, detailed in a previous blog post, we are now exploring innovative approaches to firmware security.

Static binary instrumentation

A significant aspect of our research involves the use of static binary instrumentation to modify the bytecode of firmware. This technique allows us to embed monitoring points within the firmware code, which serve as critical checkpoints to observe and report the control flow of programs. This level of detail in monitoring is invaluable for a comprehensive understanding and protection of vital firmware functions.

However, monitoring alone is not sufficient. It must be supported by a strong infrastructure that can effectively process and make use of the gathered data. This is where attestation agents and the concept of a Secure Enclave, based on the Keystone enclave, become integral. These agents, operating within a trusted environment, analyze the collected data to verify if a program is functioning as intended, thereby preventing misuse by malicious actors.

The incorporation of secure enclaves is a game-changer, creating isolated environments that shield critical operations and data from external threats. By situating the attestation agent within such an enclave, we significantly enhance the security of the analysis process, making it more challenging for attackers to interfere with or access sensitive data.

Security Framework

Together, firmware monitoring, attestation agents, and secure enclaves form a comprehensive security framework. This not only allows for real-time monitoring of firmware but also strengthens it against unauthorized changes and cyber threats. This proactive approach is crucial for organizations to detect, analyze, and respond to potential security incidents in embedded systems effectively.

Nevertheless, this technology presents its own set of challenges, including the overhead caused by instrumentation and the complexity of integrating these methods into existing firmware architectures. To conclude, while the combination of static binary instrumentation with attestation agents in a secure enclave significantly enhances firmware security, it also demands continued development and refinement.

More Information

For more information and regular updates, we invite you to follow the project on LinkedIn and X.