awesome-mcu

Tools

• OpenOCD provides on-chip programming and debugging support, include breakpoints/watchpoints and flash chip drivers.
• renode can simulate physical hardware systems - including both the CPU, peripherals, sensors, environment and wired or wireless medium between nodes.
• qemu supports the simulation of some common devices in the hw module for guest linux.
• qemu-arm-xpack is a binary distribution of qemu arm, better support for bare metal Cortex-M based boards.
• Keil is a software development solution for Arm®-based mcu, which can develop, debug and simulate the mcu.
• rainbow provide interesting demo of unicorn-based mcu emulator framework and some side-channel attack examples.
• Ghidra support analysis intel hex format.
  • Reverse Engineering Firmware with Ghidra
  • Learn the basics of GHIDRA and analyze the firmware
• ARM-X is a firmware emulation framework.
  • Slide: ARM-X: The ARM IoT Firmware Emulation Framework
  • Youtube: Introducing ARM-X: The ARM IoT Firmware Emulation Framework - Saumil Shah
• project_generator allows you to define a project in text using YAML files and generate IDE project files based on the rules defined in records

Projects

• ArduPilot is the most advanced, full-featured and reliable open source autopilot software available.
• RIOT is a real-time multi-threading operating system that supports a range of devices that are typically found in the IoT.
• Contiki is an open source operating system that runs on tiny low-power microcontrollers.
• Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices.
• IronOS Open Source Soldering Iron firmware for Miniware and Pinecil.
• rusEFI GPL internal combustion engine control unit
• EmuFlight is flight controller software (firmware) used to fly multi-rotor craft.
• BetaFlight Open Source Flight Controller Firmware (bug notes)
• FreeRTOS Real-time operating system for microcontrollers. (bug notes)
  • AWS bug report: https://aws.amazon.com/cn/freertos/security-updates/
• RaceFlight Race prepared version of the cleanflight flight-controller
• Watch X Open source smart watch, high quality and smooth (60FPS+) animation effects.

Papers

• P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling
• Jetset: Targeted Firmware Rehosting for Embedded Systems
• DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis
• PASAN: Detecting Peripheral Access Concurrency Bugs within Bare-Metal Embedded Applications
• FirmGuide: Boosting the Capability of Rehosting Embedded Linux Kernels through Model-Guided Kernel Execution
• Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets

Slides

• Backdooring hardware devices by injecting malicious payloads on microcontrollers
• Firmware Slap - Automating discovery of exploitable vulnerabilities in firmware
• The Art & Craft of writing ARM shellcode
• Beyond Root Custom Firmware For Embedded Mobile Chip sets
• PicoDMA: DMA Attacks at Your Fingertips
• Broken Memory Allocators Led to Millions of Vulnerable IoT and Embedded Devices - FreeRTOS malloc
• Raiden Glitching Framework