Research Article
Determining the Image Base of Smart Device Firmware for Security Analysis
Table 1
Experimental results of the DBJT algorithm.
| Device | Firmware | Jump table | Correct | Base | Time (ms) | Validated |
| ABB NETA-21 | uImage | 261 | 108 | 0xC0008000 | 250 | Yes | Advantech 4570-CE | 57791ec9.bin | 222 | 38 | 0x7F000000 | 172 | Yes | Advantech 2748FI Switch | 3551.bin | 279 | 272 | 0x00400000 | 93 | Yes | Emerson ES-03001 | es-03001-1.ffd | 0 | 0 | N/A | 31 | N/A | Phoenix 400 PND-4TX-IB | 2985563_321.fw | 448 | 437 | 0x20800F28 | 546 | Yes | Phoenix OT 4 M Terminal | v1.23.nb0 | 0 | 0 | N/A | 15 | N/A | Rockwell DriveLogix 5730 | pn-82672.bin | 0 | 0 | N/A | 47 | N/A | Schneider 140CRA31200 | cra31200.bin | 318 | 153 | 0x00001000 | 156 | Yes | Schneider 140CRA31200 | 140cra31200.bin | 217 | 111 | 0x02001000 | 109 | Yes | Schneider M241 PLC | vxBoot.bin | 43 | 20 | 0x00801FC0 | 93 | Yes |
|
|