Firmware analysis involves multiple tedious, repetitive and time consuming tasks that can be automated. FACT combines these automations into an easy to use, accessible tool. The analysis results are presented in a comprehensible fashion. Thus the analysis is usable by beginners, senior analysts, and executive level personal.
This workshop gives an introduction to FACT by live demonstrating its analysis capabilities. We explain the typical workflow in a couple of case studies. After this introduction, we host a small CTF-like Easter egg hunt. This will allow attendees to use FACT for hands-on firmware analysis. During these exercises, additional in-depth information regarding the different analysis options will be provided as necessary.
Johannes vom Dorp is researcher at Fraunhofer FKIE and part of the applied system security group. He works on security analysis focusing on firmware and hardware security. Since 2015 he is core developer of FACT as well.
Peter Weidenbach is a computer security researcher and currently head of the applied system security group of Fraunhofer FKIE. He graduated in Computer Science at the University of Bonn in 2013. Since then, he works for Fraunhofer FKIE as security researcher. In 2015 he created FACT and has since been core developer.