By Alejandro Mera, Bo Feng, Long Lu, Engin Kirda, William Robertson
[…]We present DICE, a drop-in solution for firmware analyzers to emulate DMA input channels and generate or manipulate DMA inputs. DICE is designed to be hardware-independent, and compatible with common MCU firmware and embedded architectures. DICE identifies DMA input channels as the firmware writes the source and destination DMA transfer pointers into the DMA controller. Then DICE manipulates the input transferred through DMA on behalf of the firmware analyzer. […]All our source code and dataset are publicly available.
https://arxiv.org/abs/2007.01502
PS: If someone can find the source code, leave the URL in a Comment, please.
Firmware Security 