2.7b Assess Firmware Reverse Engineering Protections
Requirement Description:
Verify that the firmware includes security controls designed to hinder reverse engineering, such as:
Removal of debugging symbols
Use of binary obfuscation
Encryption of sensitive code or data sections
DUT Confirmation Details:
(To be filled based on vendor/OEM declaration of security controls present in the firmware.)
DUT Software Details:
(Mention OS type, version, and build info relevant to firmware analysis.)
Hash Checksum Verification for DUT’s Software Image:
(Provide SHA-256 or SHA-512 hash of the firmware image used for analysis.)
DUT Configuration:
(Mention if any configuration settings are required to enable/disable reverse engineering protection features.)
Pre-Conditions:
The vendor shall provide the following:
Documentation outlining the firmware reverse engineering protection mechanisms implemented.
List of techniques: stripping symbols, use of packers/obfuscators, encryption, integrity checks, etc.
To assess whether reverse engineering protections are active and effective in the firmware image.
Total Number of Test Cases:
1
Test-bed Diagram with Interfaces and IPs:
(Include the setup with workstation, analysis tools, DUT access, etc. if required.)
Last updated
