Abstract: Disclosed herein are an apparatus for analyzing non-informative firmware and a method using the apparatus. The method includes detecting a target instruction for firmware analysis in a memory map in non-informative firmware, generating an analysis list based on memory map information corresponding to the target instruction, and generating a visualized analysis result corresponding to the firmware by grouping the entries of the analysis list by preset reference bytes.

Abstract: Disclosed herein are a method for countering an asynchronous attack on a supply chain security protocol and an apparatus for the same. The method includes, in a supply chain security protocol performed by a terminal device into which a dielet is inserted and an authentication server, performing a self-generation mode in which a counter value within the dielet is registered in the authentication server, performing a read-out mode in which whether an asynchronous attack occurs is detected by comparing the counter values respectively stored in the dielet and the authentication server when a message for communication is sent, and replacing a message for the communication with a random value when an asynchronous attack is detected.

Abstract: Provided is a diversity antenna and an electronic device including the same. The diversity antenna according to various example embodiments includes a plurality of radiation elements having a tubular shape with apertured upper and lower portions, and a connection plate configured to connect the plurality of radiation elements to each other, the plurality of radiation elements is arranged in a vertical direction coaxially, and the connection plate includes an aperture configured to allow a power supply line to pass through.

Abstract: Disclosed herein are a dynamic memory management apparatus and method and a computer-readable storage medium for the same. The dynamic memory management method includes defining a shadow area mapped to a memory area, setting a coloring value in the shadow area, and permitting or denying access to the memory area based on the coloring value when accessing the memory area.

Abstract: Disclosed herein are an apparatus and method for detecting violation of control flow integrity. The apparatus includes memory for storing a program and a processor for executing the program, wherein the processor multiple branch identifier registers to which identifiers of branch targets are written, a set branch identifier instruction configured to command an identifier of a branch target to be written to a branch identifier register at a predetermined sequence number, among the multiple branch identifier registers, and a check branch identifier instruction configured to command a signal indicating detection of a control flow hijacking attack to be issued based on whether a value written to the branch identifier register at the predetermined sequence number is identical to a value of an identifier of a branch target at the predetermined sequence number, wherein the program detects whether a control flow is hijacked based on the multiple branch identifier registers.

Abstract: Disclosed herein are a dynamic memory management apparatus and method and a computer-readable storage medium for the same. The dynamic memory management method includes defining a shadow area mapped to a memory area, setting a coloring value in the shadow area, and permitting or denying access to the memory area based on the coloring value when accessing the memory area.

Abstract: Disclosed herein is a method for securing an indirect function call according to an embodiment of the present invention. The method may include searching for an instruction that indirectly calls a function in intermediate representation code, calculating the number of functions that have to be allowed to be indirectly called based on the found instruction, identifying the address of a function loaded at the N-th lowest address arbitrarily set in advance, among the functions, the number of which is calculated, identifying indexes for selecting callee functions to be indirectly called based on the found instruction, determining whether to allow the function to be called using the identified indexes, and determining, when the function is allowed to be called, whether to allow the function to be called using the address of a callee function, the memory address of which is N-th lowest, among the callee functions.

Abstract: Disclosed herein are an apparatus for analyzing non-informative firmware and a method using the apparatus. The method includes detecting a target instruction for firmware analysis in a memory map in non-informative firmware, generating an analysis list based on memory map information corresponding to the target instruction, and generating a visualized analysis result corresponding to the firmware by grouping the entries of the analysis list by preset reference bytes.

Abstract: An electronic device includes a peripheral device, a processor, an interrupt controller configured to manage interrupts generated by the peripheral device and the processor on the basis of a register, and a virtualizer, wherein the virtualizer may be configured to virtualize a portion of the processor and a portion of the at least one peripheral device to generate a first partition, generate first interrupt information corresponding to an interrupt usable in the first partition, generate first processor information corresponding to a portion of the processor usable in the first partition, check whether a configuration of the register is related to at least one of the first interrupt information and the first processor information when the register is configured by the first partition, and allow the configuration of the register when the configuration of the register is related to the at least one information.

Abstract: Disclosed herein are an apparatus and method for verifying the integrity of a hardware board. The apparatus includes one or more processors and execution memory for storing at least one program that is executed by the processors, wherein the program is configured to compare images of components arranged on a verification target board and a source board in a first image, obtained by photographing the verification target board, and in a second image prestored for the source board, as to whether images of the components are identical to each other, and compare first firmware extracted from the verification target board with second firmware of the source board, as to whether first firmware is identical to second firmware and verify integrity of the verification target board based on whether the images are identical to each other and on whether the pieces of firmware are identical to each other.

Abstract: Disclosed herein are an apparatus and method for extracting memory map information from firmware. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program retrieves memory-related data from firmware, sets a data structure by analyzing binary code based on the memory-related data, and retrieves a memory map structure from the firmware using the data structure.

Abstract: Disclosed herein are an in-vehicle network apparatus and method. The in-vehicle network apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program is configured to verify the integrity of software stored in advance in the executable memory, to generate a key table by sharing authentication information with a communication target, and to exchange an encrypted message with the communication target using the key table.

Abstract: Disclosed herein are a method for managing an access control list based on an automotive Ethernet and an apparatus for the same. The method includes analyzing a new access control rule that is input to a vehicle in which the automotive Ethernet is applied, searching for any one target unit to manage the new access control rule in consideration of at least one of a destination and an application target corresponding to the new access control rule, and storing the new access control rule by transmitting a storage request message corresponding to the new access control rule to the target unit.

Abstract: Disclosed herein are an apparatus and method for detecting violation of control flow integrity. The apparatus includes memory for storing a program and a processor for executing the program, wherein the processor multiple branch identifier registers to which identifiers of branch targets are written, a set branch identifier instruction configured to command an identifier of a branch target to be written to a branch identifier register at a predetermined sequence number, among the multiple branch identifier registers, and a check branch identifier instruction configured to command a signal indicating detection of a control flow hijacking attack to be issued based on whether a value written to the branch identifier register at the predetermined sequence number is identical to a value of an identifier of a branch target at the predetermined sequence number, wherein the program detects whether a control flow is hijacked based on the multiple branch identifier registers.

Abstract: Disclosed is a system for performing key management of an in-vehicle network. The key management system of the in-vehicle network includes a reception unit configured to receive a shared secret key of a central gateway and a domain gateway, a memory configured to store a program for performing key management of the in-vehicle network using the shared secret key, and a processor configured to execute the program. The processor generates a secret key to be stored in a node of the in-vehicle network using the shared secret key and a unique ID of the node.

Abstract: Disclosed are a method and an apparatus for expanding an instruction for an embedded device. According to the method, a first instruction group and a second instruction group are set and different regions of a memory for each of the first instruction group and the second instruction group using a preset register are allocated so that the first instruction group and the second instruction group access different regions of the memory.

Abstract: Disclosed herein are a lightweight intrusion detection method and apparatus for a vehicle network. The lightweight intrusion detection method may include collecting Ethernet packets from a domain gateway of a vehicle that provides a mirroring port, performing a primary intrusion detection check on the Ethernet packets using a rule-based intrusion detection technique, and performing a secondary intrusion detection check on the Ethernet packets using a machine learning-based intrusion detection technique when no intrusion attack is detected as a result of the primary intrusion detection check.

Abstract: Disclosed herein are a method for managing an access control list based on an automotive Ethernet and an apparatus for the same. The method includes analyzing a new access control rule that is input to a vehicle in which the automotive Ethernet is applied, searching for any one target unit to manage the new access control rule in consideration of at least one of a destination and an application target corresponding to the new access control rule, and storing the new access control rule by transmitting a storage request message corresponding to the new access control rule to the target unit.

Abstract: Disclosed herein are a method for replacing vehicle parts using an in-vehicle network based on an automotive Ethernet and a system for the same. The method is configured such that a vehicle diagnosis module included in a vehicle performs vehicle self-diagnosis, such that the vehicle and a vehicle manufacturer server perform an authentication process for a new part when a vehicle part is replaced based on a vehicle part replacement agreement procedure between the terminal of a vehicle owner and the maintenance terminal of a vehicle maintenance company, and such that the terminal of the vehicle owner checks whether replacement of the vehicle part is performed normally by requesting an integrity check result from each of the vehicle and the vehicle manufacturer server when the maintenance terminal transmits a part replacement completion message to the terminal of the vehicle owner after completion of the authentication process.

Abstract: An electronic device includes a peripheral device, a processor, an interrupt controller configured to manage interrupts generated by the peripheral device and the processor on the basis of a register, and a virtualizer, wherein the virtualizer may be configured to virtualize a portion of the processor and a portion of the at least one peripheral device to generate a first partition, generate first interrupt information corresponding to an interrupt usable in the first partition, generate first processor information corresponding to a portion of the processor usable in the first partition, check whether a configuration of the register is related to at least one of the first interrupt information and the first processor information when the register is configured by the first partition, and allow the configuration of the register when the configuration of the register is related to the at least one information.