REAFFIRM (Reverse Engineer, Analyze and Fuzz Firmware) is a platform for firmware analysis, component identification and extraction, and testing. REAFFIRM facilitates cyber security assessments for cyber-physical systems used in the military (weapons controls, navigation systems), critical infrastructure (industrial-control systems) and everyday applications (automotive controls, medical devices).
To help analysts achieve a deep understanding of firmware, REAFFIRM's analyses identify meaningful components, present them, and rank them by relevance. This enhanced understanding facilitates both cyber security assessments and evaluations of the firmware for reuse in new settings.
Cyber security testers can use REAFFIRM to extract key components for testing. Because our system identifies, isolates, and virtualizes the hardware-coupled portions of firmware components, testing can proceed in a virtualized environment, without the expense and risk of damage associated with using real hardware.
Through its use of data science tools such as Jupyter notebooks, REAFFIRM supports reproducibility and gradual automation of reverse-engineering and testing workflows.
This material is based upon work supported by the Air Force, DARPA, the Navy and the Office of Naval Research under Contract(s) No. FA8750-20-C-1005, FA8650-16-M-1724, FA8650-18-C-1663, FA8750-18-C-0141, N00014-16-P-2041 and N68335-17-C-0454. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Air Force, DARPA, the Navy or the Office of Naval Research.