firmware

Low-level software that runs on embedded devices and microcontrollers; working with firmware involves writing C/assembly, cross-compiling, implementing bootloaders and device drivers, flashing via tools like OpenOCD/JTAG/dfu-util, and managing RTOS/flash memory and hardware interfaces.

firmware

12-Month Skill Trend

Momentum and market value over time
Trending
Score
+20 in 12 mo
96
12 mo agoNow
Career
Value
+$12K in 12 mo
$42K/year
12 mo agoNow

Recommended Survey Paper

Quick overview of the field
View more

Must-Read Papers

Most classic and influential ideas
View more

This study systematically evaluates whether Rust can compete with C in performance and resource efficiency for microcontroller firmware development and assesses its industrial viability. Two teams independently implemented identical industrial IoT firmwareβ€”one in Rust and the other in Cβ€”and key metrics including development effort, memory footprint, and execution speed were compared on real hardware. This work presents the first systematic comparison of the two languages in a genuine industrial context and introduces Ariel OS, a lightweight Rust-based runtime. Empirical results demonstrate that Rust matches or exceeds C in both resource utilization and execution performance, while Ariel OS exhibits a smaller binary footprint, collectively establishing Rust as a reliable and competitive choice for microcontroller firmware development.

CEmbedded SystemsFirmware

Automated Code Generation and Validation for Software Components of Microcontrollers

Feb 26, 2025
SH
Sebastian Haug
πŸ›οΈ Munich University of Applied Sciences | AGSOTEC GmbH

To address the low efficiency and error-proneness of manual development and integration of software components in embedded systems, this paper proposes an Abstract Syntax Tree (AST)-driven Retrieval-Augmented Generation (RAG) method for fully automated, zero-intervention generation and formal verification of microcontroller Hardware Abstraction Layer (HAL) code. Focusing on the STM32F407 GPIO module, the approach integrates AST-based semantic analysis, RAG-enabled dynamic knowledge retrieval, static code verification, and HAL framework adaptation to ensure syntactic correctness, semantic consistency, and platform compatibility. Experimental evaluation demonstrates that the generated HAL code is functionally complete, directly compilable and flashable, and passes comprehensive functional testing on real hardware across all operational scenarios, achieving 98.7% accuracy. This work establishes the first end-to-end pipeline for automated HAL code generation coupled with formal verification in embedded systems.

Automated code generation for microcontrollersAutonomous code completion using AST and RAGSeamless integration into existing implementations

FlexEmu: Towards Flexible MCU Peripheral Emulation (Extended Version)

Sep 09, 2025
CL
Chongqing Lei
πŸ›οΈ Southeast University

Dynamic security analysis of MCU firmware faces significant challenges in constructing scalable, high-fidelity emulation environments due to the extreme heterogeneity of peripheral hardware. Method: This paper proposes FlexEmu, a novel framework that abstracts MCU peripheral hardware implementations into a set of finite structural primitives and establishes a unified semantic model to capture functional equivalence across peripheral classes, enabling automated peripheral modeling and emulator generation. FlexEmu achieves high-fidelity emulation through structural primitive extraction, semantic-driven configuration parsing, and behavior-aware simulation. Results: Evaluated across 12 peripheral types, 15 MCU platforms, and 90 firmware samples, FlexEmu achieves a unit test pass rate of 98.48%. Integrated with fuzz testing, it discovers 10 previously unknown vulnerabilities across three mainstream RTOSes. FlexEmu substantially enhances both the practicality and scalability of dynamic firmware analysis.

Automating peripheral emulator generation to reduce manual effortEmulating diverse MCU peripherals for dynamic security analysisEnabling firmware execution in resource-constrained emulation environments

This work addresses the growing firmware bloat in multimodal robotic vehicles and the limitations of existing debloating techniques, which suffer from coarse granularity and irreversibility. To overcome these challenges, the authors propose a runtime-adaptive, function-level dynamic debloating approach built on LLVM that integrates static and dynamic analysis to selectively prune non-essential code at runtime based on the active operational mode. This method achieves, for the first time, fine-grained, reversible, and mode-aware firmware reduction for multimodal embedded systems. Evaluation across six real-world and simulated robotic platforms demonstrates that, on average, 85% of functions can be safely removed in a given mode, reducing the call graph size by 45% while maintaining 100% task success rates, with only a 3.9% performance overhead and approximately 0.25 MB of memory overhead.

attack surface reductionembedded firmwarefirmware debloating

Embedded IoT system development faces significant challenges, including high cross-domain expertise barriers, heavy manual effort, low efficiency, and error-proneness. To address these, this paper proposes the first end-to-end automated embedded IoT software development framework, integrating large language models (LLMs) with domain-specific embedded knowledge to enable fully autonomous hardware-in-the-loop development. Our key contributions are: (1) a component-aware library parsing method; (2) a domain-knowledge-injected library knowledge generation mechanism; and (3) an automatic programming paradigm ensuring reliable deployment. We evaluate the framework across 71 modules, four hardware platforms, and over 350 tasks. Results show a code accuracy of 95.7% and an end-to-end task success rate of 86.5%, outperforming human experts by up to 53.4% in task completion.

Automates software development for generic embedded IoT systemsLeverages LLMs to handle hardware dependencies and ensure deployment successReduces labor-intensive, time-consuming, and error-prone manual coding

Latest Papers

What's happening recently
View more

Debugging embedded programs is notoriously challenging due to tight software-hardware coupling, and existing tools often rely on external hardware probes or serial logging, resulting in low efficiency. This work proposes Inline, a novel programming tool that, for the first time, enables real-time inline visualization of hardware logs directly within source code. It introduces a domain-specific expression language to support programmable manipulation of logs, allowing developers to intuitively trace execution flow and precisely localize faults. Seamlessly integrated into standard embedded development environments, Inline significantly lowers the barrier to effective debugging. A user study with twelve participants demonstrates marked improvements in both debugging efficiency and accuracy when using the tool.

embedded debugginghardware loginline visualization

This work addresses the challenge of deploying runtime systems that support expressive formal specification languages on resource-constrained microcontrollers, a limitation that undermines the verifiability of AI-generated safety-critical firmware. To bridge this gap, the authors propose Encore!, a bare-metal CPS virtual machine that models firmware cores as pure state-transition functions and executes Scheme code extracted from Rocq. By decoupling a constant-size, unverified host layer from a formally verified core, the approach ensures that verification effort remains independent of overall system complexity. Furthermore, it integrates large language models to assist in policy synthesis, replacing manual inspection with automatically generated theorem statements. This methodology enables, for the first time, the execution of fully formally verified, AI-generated firmware directly on microcontrollers, achieving both rigorous safety guarantees and practical deployability.

AI-generated codeformally verified firmwareinvariants

This work addresses the challenge of deploying modern, updatable application logic on resource-constrained microcontrollers, which typically lack the capabilities required for advanced networked device functionality. To bridge this gap, the authors propose and implement treVM, a lightweight, secure, and remotely updatable WebAssembly (WASM) virtual machine framework built in Rust and designed to run atop the Ariel OS. treVM is the first such framework to demonstrate a universal WASM execution environment across heterogeneous 32-bit microcontroller architectures, including Arm Cortex-M, RISC-V, and Xtensa. Empirical evaluation on multiple mainstream development boards confirms its feasibility, with benchmark results showing that treVM enables efficient, secure deployment and dynamic updating of applications on low-resource embedded systems, effectively narrowing the divide between power-efficient hardware and sophisticated application logic.

embedded systemsfirmware updatemicrocontrollers

This work addresses the limitations of traditional fuzzing in embedded systems, where inadequate modeling of real peripheral behavior often leads to false positives or insufficient coverage. It presents the first deep integration of the coverage-guided AFL++ fuzzer with a full-system virtual prototype based on SystemC-TLM that supports stateful peripheral emulation. By directly injecting fuzz inputs into peripheral models, the approach accurately triggers hardware-level effects such as interrupts and FIFO updates, thereby preserving high test fidelity. The method effectively eliminates false positives while achieving code coverage and execution performance on par with state-of-the-art tools, successfully balancing realism and scalability in embedded system testing.

coverage-guided fuzzingembedded fuzzingperipheral accuracy

This work addresses the lack of reliable, real-world vulnerability-based benchmarks for evaluating firmware fuzzers, which hinders objective assessment of code coverage and crash effectiveness. To this end, we propose FirmBench, an end-to-end evaluation framework that introduces a novel oracle mechanism requiring no modification to target binaries. The approach leverages C-syntax specifications to describe vulnerability statesβ€”unreached, reached, triggered, and detectedβ€”and integrates seed replay with a vulnerability state interpreter to enable automated, reproducible fuzzer performance analysis. Using a diverse benchmark suite comprising 313 real-world vulnerability oracles and extensive experiments totaling 10 CPU-years, FirmBench successfully evaluates nine state-of-the-art monolithic firmware fuzzers, demonstrating its effectiveness and practical utility.

benchmarkbug oraclefirmware fuzzing

Hot Scholars

PM

Prabhat Mishra

Professor, Univ. of Florida, IEEE Fellow, AAAS Fellow, ACM Distinguished Member
Hardware VerificationEmbedded SystemsHardware SecurityQuantum Computing
RL

Riccardo Lazzeretti

Sapienza University of Rome
Security & PrivacySignal Processing in the Encrypted Domain
AA

Amani Altarawneh

Tennessee Tech University
CyberSecurityBlockchainConsensusDistributed Systems
MC

Marco Carvalho

Professor of Computer Science, Florida Institute of Technology
CybersecurityDistributed SystemsMachine Learning