Firmware Health Check: ML & LLM Diagnostics

Connected devices such as routers, cameras, sensors and industrial controllers run embedded software (firmware) that is often overlooked but can create major risks across software supply chains. Studying firmware involves extracting and analysing this software to find vulnerabilities that could be exploited.

This talk gives a brief, non‑technical overview of what firmware is and why studying it matters, then focuses on how data science and AI can reduce manual effort and improve accuracy in the firmware‑analysis workflow. Concrete examples include a small neural network for processor‑architecture identification and data‑driven methods to improve software‑component and version detection. In addition to classical machine‑learning models, we leverage LLMs for component detection in cases where traditional techniques fall short. This hybrid approach improves recall and reduces manual review effort in production pipelines.

I also introduce an AI‑assisted compliance wizard that parses documentation, ingests analysis outputs, maps findings to common compliance items, and generates reports. Attendees will leave with practical patterns for applying ML and LLMs to accelerate security analysis and compliance assessments in embedded environments.