TL;DR
This paper presents a lightweight emulator for Qualcomm trusted applications that enables effective fuzzing testing to identify security vulnerabilities within Trusted Execution Environments, enhancing hardware security analysis.
Contribution
It introduces the first implementation and source code for a Qualcomm TAs emulator integrated with fuzzing, offering a practical and efficient security testing tool.
Findings
Successfully emulated Qualcomm TAs behavior
Detected real-world vulnerabilities through fuzzing
Provided open-source emulator for future research
Abstract
In recent years, the increasing awareness of cybersecurity has led to a heightened focus on information security within hardware devices and products. Incorporating Trusted Execution Environments (TEEs) into product designs has become a standard practice for safeguarding sensitive user information. However, vulnerabilities within these components present significant risks, if exploited by attackers, these vulnerabilities could lead to the leakage of sensitive data, thereby compromising user privacy and security. This research centers on trusted applications (TAs) within the Qualcomm TEE and introduces a novel emulator specifically designed for these applications. Through reverse engineering techniques, we thoroughly analyze Qualcomm TAs and develop a partial emulation environment that accurately emulates their behavior. Additionally, we integrate fuzzing testing techniques into the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
