IoT devices (routers, video surveillance systems, etc.) rely on binary code to operate. This code often incorporates thousands of pre-existing software components, mostly drawn from open-source libraries whose code is freely accessible online. This complexity opens the door to software supply chain attacks, notably through the insertion of backdoors or the exploitation of known vulnerabilities.

The SECUBIC project aims to enhance the detection of these vulnerabilities within IoT firmware. In this context, the candidate will contribute to deepening existing research work and will take part in the development of new fuzzing and static analysis techniques designed to prevent and detect such attacks.