APPARATUS AND METHOD FOR ANALYZING EMBEDED SOFTWARE VULNERABILITY BASED ON BINARY CODE

摘要

The present invention relates to an apparatus and a method for analyzing vulnerability of binary code-based embedded software. The apparatus according to one embodiment of the present invention includes: a binary analysis unit for confirming whether a binary code can be converted into an intermediate representation format by extracting architecture information from the binary code; an intermediate representation conversion unit for converting the binary code into an intermediate representation code according to the confirmation resu an intermediate representation analysis unit for selecting a function to be analyzed for vulnerability by extracting a function call graph and a control flow graph from the intermediate representation code; a static vulnerability analysis unit for generating a static vulnerability detection list by determining whether the function to be analyzed for vulnerability has security vulnerability corresponding to a common weakness enumeration (CWE) vulnerability list; and a dynamic vulnerability analysis unit for performing symbolic execution by generating a test case for a function having vulnerability selected from the static vulnerability detection list. Therefore, the precision of vulnerability detection can be improved.