D. Kovar
URSA Inc., New Hampshire, United States
Keywords: Autonomous systems, UAVs, cybersecurity, reverse engineering
Today’s approaches to binary patching are largely human-driven and rely on long iterations of human effort to understand functionality in a system. Devices like commercial small unmanned systems (sUAS) are complicated, and functional flows often require coordination (messages transmitted and received) between multiple processors. It is usually simple to explain a functional requirement in human terms, e.g., “Disable the tracking/telemetry beacon”, but this might practically amount to finding a single message flow within hundreds of thousands of message flows. Recent advances suggest a disciplined approach advancing modern techniques to identify and explore the input surface (e.g., message parsing from an RF channel) to sinks where control algorithms exist. We are leveraging this work to semi-autonomously identify and patch around unwanted capabilities in firmware. This approach has direct applications to DoD systems and other critical infrastructure systems. This will enable minimal patching on COTS devices for military use, while enabling this to be done at scale without linearly scaling experienced engineering and RE resources.