FANDEMIC: Firmware Attack Construction and Deployment on Power Management Integrated Circuit and Impacts on IoT Applications

—Supply chains have become a pillar of our economic world, and they have brought tremendous advantages to both enterprises and users. These networks consist of companies and suppliers with the goal of reducing costs and production time by offloading various stages of the production process to third party foundries. Although globalized supply chains offer many advantages, they are also vulnerable to attacks at many different points along the pipeline. For Internet-of-Things (IoT) devices, this problem is exacerbated by firmware vulnerabilities, which influence the low-level control of the system hardware. Moreover, according to the National Vulnerability Database (NVD) the number of firmware vulnerabilities within IoT devices is rapidly increasing every year, making such firmware vulnerabilities a cause for growing concern and magnifying the need to address emerging firmware vulnerabilities. In this paper we attempt to define and expand upon a class of firmware vulnerability that is characterized by the malicious configuration of power management integrated circuits (PMIC). We propose a firmware attack construction and deployment on power management IC (FANDEMIC) that involves reverse engineering bare-metal IoT firmware binaries and identifying the functions that interact with its PMIC. We demonstrate the possibility of directly altering the binary to deliberately misconfigure the PMIC such that supply line voltages are altered, which could result in a variety of problems with the device. We propose a workflow to reverse engineer the binary, using Ghidra and Python scripting, and provide two simple, but novel function matching algorithms. Furthermore, we highlight and discuss the potential