• Classroom
  • Online, Self-Paced
Course Description

ARM processors are becoming ubiquitous in mobile devices today with RISC processors making a comeback for their applications in low power computing environments. With major operating systems choosing to run on these processors including the latest Windows RT, iOS and Android, understanding the low level operations of these processors can serve to better understand, optimize and debug software stacks running on them. This class builds on the Intro to x86 class and tries to provide parallels and differences between the two processor architectures wherever possible while focusing on the ARM instruction set, some of the ARM processor features, and how software works and runs on the ARM processor.

In order to demonstrate these features, labs are made available as part of a virtual environment with an ARM emulator run using QEMU. These labs include:

  • A simple Fibonacci sequence generator in assembly that demonstrates use of recursion with the use of control flow instructions such as bl, BEQ, the cmp instruction, arithmetic operations such as add, subs and finally stack operation using push and pop.
  • An ARM version of the CMU Bomb Lab from CMU's Introduction to Computer Systems class that demonstrates the use of the GNU Debugger for reverse engineering binaries on the ARM platform.
  • A simple Interrupts lab that demonstrates the implementation of an emulated IRQ interrupt handler in QEMU where we take keyboard input and add 1 to the character and then output it.
  • A control flow hijack lab where we perform the same hijack demonstrated by Itzhak Avraham at Blackhat in 2012 using Return-Oriented-Programming (ROP) in the ARM emulator
  • An Atomic instructions lab where we implement a sample mutex in conjunction with an application using threading to emulate atomic instructions that are included with the ARM instruction set.

Learning Objectives

  • Learn that assembly is not an arcane art, but rather an API which can be learned like any other.
  • Gain exposure to a core set of ARM architecture and assembly so as to be able to read and understand short programs in disassembled form.
  • Navigate in a hands-on embedded environment for Linux which Android is built on. 
  • Identify the techniques for analyzing binary programs with both disassemblers and debuggers.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.