A Study on The Weakness Analysis for Binary Code in Embedded Environments
Today's software is developed by collaborating with various levels of people rather than being developed by
superior individuals. Also, recent software development is increasingly being developed using open source and third party
libraries. On the other hand, Research shows that when using third party libraries, security analysis and testing are less than
50% in the development process. For those reasons, Security incidents caused by the use of such third-party libraries are
continuously increasing, such as Heart Bleed, Shell Shock, POODLE, and DROWN, but security of binary libraries is very
difficult to verify. In this paper, we analyze major security weaknesses based on the major CVEs generated in the embedded
SW environment and use them for security weakness analyzer and intermediate language design for effective security
weakness analysis of binary code in the future.
Index Terms- Binary Code, Binary exploitation, Embedded Environments, Weakness Analysis, Vulnerability Analysis.