Mens Sana In Corpore Sano: Sound Firmware Corpora for Vulnerability Research
René Helmke
Network and Distributed System Security (NDSS) Symposium 2025 · Day 2 · Hard- & Firmware Security
René Helmke from Franova presented a critical analysis of the current state of firmware corpus creation in vulnerability research, advocating for a more "scientifically sound" approach. The talk, titled "Mens Sana In Corpore Sano: Sound Firmware Corpora for Vulnerability Research," addresses the pervasive challenges researchers face when building, sharing, and documenting evaluation datasets, particularly for identifying vulnerabilities in embedded systems. Helmke highlights that the lack of rigorous methodology in corpus creation undermines the transparency, comprehensibility, and verifiability of research results, hindering replication and progress in the field.
AI review
Legitimate methodological contribution to firmware research — someone finally sat down and audited how the field builds its corpora, found the mess everyone suspected, and released a reference dataset to fix it. Useful, honest work, but it's infrastructure plumbing rather than a novel attack or defense technique, and the ceiling on excitement is structurally limited.