Binary Hardening in IoT Products


Detailed analysis on a 10-year dataset of IoT binaries and their security features. The Cyber ITL focussed on which compiler and toolchain hardenings the vendors use.

CITL identified a number of important takeaways from this study:

  • On average, updates were more likely to remove hardening features than add them.
  • Within our 15-year data set, there have been no positive trends from any one vendor.
  • MIPS is both the most common CPU architecture and the least hardened on average.
  • There are numerous duplicate binaries across multiple vendors, indicating a common build system or toolchain.