Firmware code audit for a connected power outlet
Our customer is a first-string French telecommunication corporation that provides mobile, landline, internet and IPTV services evolving the popular and very promising Internet of Things-concept, the Customer has developed a connected power outlet, allowing his clients to have a remote access to the devices connected to the outlet, to receive warnings in the case of an incident and to control the energy consumption. Some random issues were found in the performance of the second outlet version, so the Customer decided to conduct a full audit in order to fix them and entrusted us with the code audit.
The performance issues were caused by a glitch in the μcontroller work: after an arbitrary period of time it failed performing a normal writing operation on the internal flash memory. We conducted a full code audit that revealed more than 30 types of issues that could have potentially caused the error.
Even the general code analysis showed several quality and performance weak points (irrelevant comments, copy-pasted code abuse; unused, complicated and strange code). Then the audit proceeded to a detailed code investigation that exposed other vulnerabilities. The works resulted in the existing code issues description and suggestions which could help to fix the performance issue at least in 3 different ways.
- IAR Embedded Workbench for 8051
- Low level firmware
- SENIOR DEVELOPER