Firmware upgrade without replacing hardware

Your IoT vendor no longer ships firmware updates. Known vulnerabilities, outdated crypto, no secure boot. The alternative — replacing hardware — costs €50k–€200k. Our approach: rebuild the firmware on your existing hardware.

Step 1: extract the firmware

Common extraction paths:

• JTAG / SWD debug: read flash directly (J-Link, OpenOCD) if read protection isn’t fully locked down.
• UART bootloader: ROM bootloaders on many STM32/ESP32/nRF devices.
• Direct flash access: dump external SPI flash (e.g. W25Q64) via SOIC clip even when MCU debug is locked.
• Intercept OTA: capture an update image and use it as a baseline (when transport/crypto is weak).

Step 2: static analysis

Analyze the binary (IDA Pro / Ghidra) to map network services, input handling, crypto, and update flows.

Step 3: rebuild the firmware (securely)

We don’t clone the old firmware 1:1. We re‑implement the function with a modern security baseline:

• secure boot (signed images + rollback protection)
• modern crypto (e.g. AES‑256‑GCM, TLS 1.3 where feasible)
• certificate-based auth instead of hardcoded passwords
• strict input validation
• OTA with staged rollout + rollback
• audit logging

Step 4: OTA rollout to field devices

A typical rollout:

1. 10% pilot: monitor 48h.
2. 30% wave: telemetry + automatic rollback on anomalies.
3. 100% rollout: < 90s per device, no technician visits.
4. Docs / compliance: CVE report, pentest results, NIS2 evidence.

Conclusion

In most cases, the hardware is fine. What’s outdated — and unsafe — is the software. And software can be replaced without touching the hardware.