Mohsen Salehi and Karthik Pattabiraman. To appear in the Proceedings of the USENIX Symposium on Vehicle Security and Privacy (VehicleSec), 2026. (Acceptance Rate: TBD). [ PDF | Talk ] (Code) Artifacts Available
Abstract: Embedded firmware is becoming increasingly larger, thereby expanding its attack surface. Despite the increase in firmware size, many embedded devices, such as robotic vehicles (RVs), operate in distinct modes, each requiring only a small subset of the firmware code at runtime. Debloating is an approach to reduce attack surfaces by removing or restricting unneeded code. Unfortunately, existing techniques suffer from significant limitations, such as coarse granularity and irreversible code removal, limiting their applicability. We propose RVDebloater, a novel adaptive debloating technique for mode-based embedded devices such as RVs that automatically identifies unneeded firmware code for each mode using either static or dynamic analysis, and dynamically debloats the firmware for each mode at the function level at runtime. RVDebloater uses a software-based enforcement approach to ensure that only the required functionalities are accessible from each mode and supports diverse mode-based embedded devices. We implemented RVDebloater using the LLVM compiler and evaluated its efficiency and effectiveness on six different RVs, including both simulated and real ones, with different real-world missions. We find that device requirements change throughout its lifetime for each mode, and that many critical firmware functions can be restricted in other modes, with an average of 85% of functions not being required. The results showed that none of the missions failed after debloating with RVDebloater, indicating that it neither incurred false positives nor false negatives. Further, RVDebloater prunes the firmware call graph by an average of 45% across different firmware. Finally, RVDebloater incurred an average performance overhead of 3.9% and memory overhead of 4% (approximately 0.25 MB) on real RVs, and also prevented three real attacks.
-
Recent Papers
- The Statistical Assessment of Bayes-“sub”optimal Binary Machine Learning Classifier Risk
- RVDebloater: Mode-based Adaptive Firmware Debloating for Robotic Vehicles
- Requalizer: A Co-designed Information Flow Control and Quality of Service Management Framework
- ReSect: A Tool for Automated Analysis of Reentrancy Exploit Transactions on Blockchains
- Thinking Inside the Box: Injecting Realistic Radiation Faults in ML Accelerators
- ARMOR: Attack-Resilient Reinforcement Learning Control for UAVs
- Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices
- Feed-Forward Controller-Based Recovery for Robotic Vehicles from Physical Attacks
- Turnstile: Hybrid Information Flow Control Framework for Managing Privacy in Internet-of-Things Applications
- DLAFI: Software-Based Fault Injection for Permanent Faults in Deep Learning Accelerators
Pages
- About us
- Achievements
- Papers
- People
- Photos
- Projects
- Autonomous Systems and IoT Security
- Building Robust ML Systems against Training Data Faults
- Decentralized Finance (DeFi) and Blockchain Oracle Security
- Error Resilient ML Applications
- Membership Inference Attacks in Machine Learning Models
- Middleware for Edge Computing Applications
- Resilience Assessment of ML Models under Hardware Faults
- Smart Contract’s Security
- Software