Evaluation of security of firmware
US10984110B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 20, 2018 |
| Grant date | Apr 20, 2021 |
| Priority date | — |
| Expiry date | Dec 21, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Provided are methods and systems for evaluating security of firmware. An example method may include acquiring a firmware image of firmware associated with at least one computing device. The method may include extracting at least one component of the firmware image. The method may include analyzing the component to detect at least one vulnerability of the firmware. The method may also include estimating, based on the at least one vulnerability, a security risk level of the firmware. The method may further include providing a report regarding the security risk level and the at least one vulnerability of the firmware. The analysis may include determining that the component matches a specific file or contains a specific string or a specific pattern. The analysis may include detection of a cryptographic key or password hash in the component and determining a level of weakness of the password hash.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.