{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2017:D7CT36BN3CUKJRYA4WCYY6P4FA","short_pith_number":"pith:D7CT36BN","schema_version":"1.0","canonical_sha256":"1fc53df82dd8a8a4c700e5858c79fc282d726cee3b4deb846b0bcc6d4dcb2611","source":{"kind":"arxiv","id":"1708.09114","version":1},"attestation_state":"computed","paper":{"title":"FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Dave Tian, Farhaan Fowze, Grant Hernandez, Kevin R. B. Butler, Tuba Yavuz","submitted_at":"2017-08-30T04:47:56Z","abstract_excerpt":"The USB protocol has become ubiquitous, supporting devices from high-powered computing devices to small embedded devices and control systems. USB's greatest feature, its openness and expandability, is also its weakness, and attacks such as BadUSB exploit the unconstrained functionality afforded to these devices as a vector for compromise. Fundamentally, it is virtually impossible to know whether a USB device is benign or malicious. This work introduces FirmUSB, a USB-specific firmware analysis framework that uses domain knowledge of the USB protocol to examine firmware images and determine the"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1708.09114","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-08-30T04:47:56Z","cross_cats_sorted":[],"title_canon_sha256":"8195e59cd94f8ed2898ded541761d6ea9d692cfb07f4ae5d0dfb89fb5f94f082","abstract_canon_sha256":"8c6612b4cd35723b1ab81f44dc10492e06757ed06f6ff9af6a6a317b5d5baab3"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:07:56.371072Z","signature_b64":"aQko3R06B+6UfOeanbS/bxCJNivwveXKJ9CuP8tEtQH/iErJoc3p11/dlmRE9MXaljFQjuELw1YrRd1JnVO9Cg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"1fc53df82dd8a8a4c700e5858c79fc282d726cee3b4deb846b0bcc6d4dcb2611","last_reissued_at":"2026-05-18T00:07:56.370434Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:07:56.370434Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Dave Tian, Farhaan Fowze, Grant Hernandez, Kevin R. B. Butler, Tuba Yavuz","submitted_at":"2017-08-30T04:47:56Z","abstract_excerpt":"The USB protocol has become ubiquitous, supporting devices from high-powered computing devices to small embedded devices and control systems. USB's greatest feature, its openness and expandability, is also its weakness, and attacks such as BadUSB exploit the unconstrained functionality afforded to these devices as a vector for compromise. Fundamentally, it is virtually impossible to know whether a USB device is benign or malicious. This work introduces FirmUSB, a USB-specific firmware analysis framework that uses domain knowledge of the USB protocol to examine firmware images and determine the"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1708.09114","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1708.09114","created_at":"2026-05-18T00:07:56.370532+00:00"},{"alias_kind":"arxiv_version","alias_value":"1708.09114v1","created_at":"2026-05-18T00:07:56.370532+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1708.09114","created_at":"2026-05-18T00:07:56.370532+00:00"},{"alias_kind":"pith_short_12","alias_value":"D7CT36BN3CUK","created_at":"2026-05-18T12:31:10.602751+00:00"},{"alias_kind":"pith_short_16","alias_value":"D7CT36BN3CUKJRYA","created_at":"2026-05-18T12:31:10.602751+00:00"},{"alias_kind":"pith_short_8","alias_value":"D7CT36BN","created_at":"2026-05-18T12:31:10.602751+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA","json":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA.json","graph_json":"https://pith.science/api/pith-number/D7CT36BN3CUKJRYA4WCYY6P4FA/graph.json","events_json":"https://pith.science/api/pith-number/D7CT36BN3CUKJRYA4WCYY6P4FA/events.json","paper":"https://pith.science/paper/D7CT36BN"},"agent_actions":{"view_html":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA","download_json":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA.json","view_paper":"https://pith.science/paper/D7CT36BN","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1708.09114&json=true","fetch_graph":"https://pith.science/api/pith-number/D7CT36BN3CUKJRYA4WCYY6P4FA/graph.json","fetch_events":"https://pith.science/api/pith-number/D7CT36BN3CUKJRYA4WCYY6P4FA/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA/action/timestamp_anchor","attest_storage":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA/action/storage_attestation","attest_author":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA/action/author_attestation","sign_citation":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA/action/citation_signature","submit_replication":"https://pith.science/pith/D7CT36BN3CUKJRYA4WCYY6P4FA/action/replication_record"}},"created_at":"2026-05-18T00:07:56.370532+00:00","updated_at":"2026-05-18T00:07:56.370532+00:00"}