Developing and maintaining secure firmware for tablets, cars, and IoT devices is hard. Often, the firmware is initially developed by a third party rather than in-house. And it can be tough as projects move from inception and prototyping to full-force engineering and finally to deployment and production.
Now, an engineer at self-driving car service Cruise is easing the pain with the release of FwAnalyzer, a tool he and his Cruise colleagues developed themselves. Collin Mulliner spent more than a decade scouring firmware found in phones and other devices before becoming Cruise’s principal security engineer. He helped write FWAnalyzer to provide continuous automated firmware analysis that could aid engineers at any phase of the code’s lifecycle.
“It's peace of mind that there's constant analysis,” Mulliner said of the tool, which he’ll be discussing at a panel on Wednesday at the Black Hat security conference in Las Vegas. “At any step in development… it runs checks.”