Skip to main content
  • FAQ

SafeCyber Technical Guide and FAQs

Learn from our technical guide and FAQs for SafeCyber’s Maturity Path, Firmware Check and Field Monitoring solutions

A businesswoman using a tablet with information displayed over it.

What kind of files can I upload within a SafeCyber’s Firmware Check and Field Monitoring project?

You can upload a binary archive or a binary file.

What are the supported architectures, operating systems and software frameworks?

Supported architectures

  • ARM Cortex-M, -A, -R
  • Infineon TriCore
  • Intel x86/x64
  • MIPS
  • NVIDIA AGX Xavier
  • NXP
  • PowerPC, PowerPC VLE
  • Renesas RH850, V850, SuperH

Supported operating systems

  • Android
  • Automotive Grade Linux (AGL)
  • Containers (Docker save, /var/lib/docker)
  • FreeBSD
  • FreeRTOS
  • Fuchsia OS
  • NetBSD
  • OSEK OS
  • Proprietary RTOS
  • QNX
  • RIOT
  • Standard Linux distributions
  • VxWorks
  • Windows Mobile
  • Windows server and client OSes (XP, 2016, 2019)

Software framework

  • AUTOSAR
What are the supported compression and archive file formats?
  • 7-Zip (.7z)
  • AR archive
  • ARJ (.arj)
  • Base64
  • bzip2 (.bz2)
  • Compress (.Z)
  • cpio (.cpio)
  • DEFLATE
  • Electron archive (.asar)
  • Gzip (.gz)
  • lrzip
  • LZ4 (.lz4)
  • LZH (.lzh)
  • lzip
  • LZMA (.lz)
  • lzop
  • OTF
  • Pack200 (.jar)
  • PLF
  • RAR (.rar)
  • rzip
  • StuffIt
  • TAR (.tar)
  • UPX (.exe)
  • XAR (.xar)
  • xStandard (.zst)
  • XZ (.xz)
  • ZIP (.zip, .jar, .apk, others)
What are the supported firmware file formats?
  • Android OTA file
  • Dahua
  • DJI
  • eMMC dump
  • Intel HEX SREC (SRECORD, S19, S28, S37)
  • ODX
  • TPLink WR702n image
  • TRX UEFI firmware
  • U-Boot Ambarella (.a9s, .a9h, romfs) 
  • VBF
  • VxWorks ROS
  • Xerox DLM
What are the vulnerability sources?
  • Auto-ISAC
  • Bug trackers of packages
  • China National Vulnerability Database (CNVD)
  • China National Vulnerability Database of Information Security (CNNVD)
  • Exploit Database
  • ICS-CERT
  • Japan Vulnerability Notes (JVN)
  • JVN iPedia
  • Metasploit
  • MITRE
  • National Vulnerability Database (NVD)
  • Packet Storm
  • SecuriTeam
  • SecurityFocus
  • Zero Day Initiative
What are the supported policies, guidelines and standards for compliance analysis?

General security

  • 2020 CWE Top 25
  • Backdoor analysis
  • OWASP Top Ten 2017
  • SANS Top 25
  • Singapore CLS

Secure coding

  • BARR-C:2018
  • CERT C 2016 AUTOSAR C++14
  • High Integrity C++ (HIC ++)
  • IPA ESCR C 3.0
  • JSF AV C++
  • MISRA C:2012

Legal and privacy

  • GDPR

Consumer IoT

  • CA Senate Bill No. 327
  • ETSI TS 303 645
  • Oregon House Bill 2395
  • UL MCV 1376

Automotive standards

  • ISO/SAE 21434
  • UNECE WP.29
  • UNECE WP.29 Annex 5B

Automotive best practices

  • ENISA Automotive Security Practices

Medical devices guidance

  • FDA/Medical Devices (Draft/Oct 2018)

Industrial IoT

  • IEC 62443-3-3
  • IEC 62443-4-1
  • IEC 62443-4-2

Get in touch

Have questions, need specifics? Let's get this conversation started.

Help and support

How can we help?