FEAL: Firmware Extraction and Analysis through Laser Voltage Probing
FEAL: Firmware Extraction and Analysis through Laser Voltage Probing
Wednesday, October 7, 2026: 4:20 PM
Summary:
Firmware extraction and verification are crucial for various industry and government sectors that utilize microelectronics and integrated circuits (ICs) to protect against vulnerabilities that malicious actors could exploit. Existing firmware extraction techniques can be destructive and time-consuming, as they are often hindered by encryption and proprietary designs, particularly on modern chips. We propose leveraging laser voltage probing techniques to observe firmware instructions at runtime and reconstruct firmware functionality from optically captured waveforms. We demonstrate this technique against commercial microcontrollers of varying complexity, including a Texas Instruments MSP430 and an STMicroelectronics ARM Cortex-M4, by locating physical structures associated with instruction data and collecting data via optically probed waveforms.
Firmware extraction and verification are crucial for various industry and government sectors that utilize microelectronics and integrated circuits (ICs) to protect against vulnerabilities that malicious actors could exploit. Existing firmware extraction techniques can be destructive and time-consuming, as they are often hindered by encryption and proprietary designs, particularly on modern chips. We propose leveraging laser voltage probing techniques to observe firmware instructions at runtime and reconstruct firmware functionality from optically captured waveforms. We demonstrate this technique against commercial microcontrollers of varying complexity, including a Texas Instruments MSP430 and an STMicroelectronics ARM Cortex-M4, by locating physical structures associated with instruction data and collecting data via optically probed waveforms.