P-RIOT

01

📚

Introduction

1. Static analysis

2. Binary lifting

3. From lifting to execution

4. Examples, P-Code, Intro to TCG

5. Hands-on: Kunai, disasm and lift

6. Hands-on: Kunai, IR analysis

7. TCG Internals

8. Hands-on: tracking code through the TCG −

• registers

• jumps

• Code coverage

02

⚙️

Basic QEMU Emulation & Machine Creation

1. Overview of QEMU components and their interactions

2. Understanding QEMU machine types and hardware emulation

3. Introduction to firmware versioning and implications for emulation

4. Hands-on: Building and customizing a QEMU machine type for the ST Nucleo L452RE board with base firmware

5. Hands-on: Implementing a dummy device as an introduction to peripheral integration

6. Hands-on: Implementing and configuring the RCC (Reset and Clock Control) for clock management in QEMU

03

🔧

Intermediate Device Emulation with Enhanced Firmware

1. Discussing complex device interactions and DMA implementations using existing peripherals

2. Step-by-step guide on adding complex devices to firmware version 2, focusing on USARTs and UARTs for DMA demonstrations

3. Hands-on: Developing and integrating a new peripheral device in QEMU

4. Implementing and troubleshooting DMA for USARTs

5. Hands-on: Modifying and testing firmware version 2 in the emulated environment

6. Exploring potential implementations for missing devices like the SPI controller

04

🚀

P-RIOT

⚡ P-RIOT

Introduction

1. Static analysis

2. Binary lifting

3. From lifting to execution

4. Examples, P-Code, Intro to TCG

5. Hands-on: Kunai, disasm and lift

6. Hands-on: Kunai, IR analysis

7. TCG Internals

8. Hands-on: tracking code through the TCG −

Basic QEMU Emulation & Machine Creation

1. Overview of QEMU components and their interactions

2. Understanding QEMU machine types and hardware emulation

3. Introduction to firmware versioning and implications for emulation

4. Hands-on: Building and customizing a QEMU machine type for the ST Nucleo L452RE board with base firmware

5. Hands-on: Implementing a dummy device as an introduction to peripheral integration

6. Hands-on: Implementing and configuring the RCC (Reset and Clock Control) for clock management in QEMU

Intermediate Device Emulation with Enhanced Firmware

1. Discussing complex device interactions and DMA implementations using existing peripherals

2. Step-by-step guide on adding complex devices to firmware version 2, focusing on USARTs and UARTs for DMA demonstrations

3. Hands-on: Developing and integrating a new peripheral device in QEMU

4. Implementing and troubleshooting DMA for USARTs

5. Hands-on: Modifying and testing firmware version 2 in the emulated environment

6. Exploring potential implementations for missing devices like the SPI controller

Advanced Emulation and Fuzzing Techniques

1. Deep dive into advanced device-specific functionalities based on enhanced firmware version 3

2. Hands-on: Creating a new machine type from scratch for complex firmware incorporating multiple new devices

3. Hands-on: Advanced emulation techniques, including implementing missing devices such as the Timer Controller (TIMER)

4. Hands-on: Developing custom tools for emulation and debugging

5. Introduction to fuzzing as a technique to find vulnerabilities in emulated environments

6. Hands-on: Fuzzing the custom QEMU setup to identify potential security issues