BBemu - A BaseBand Emulation Framework

A huge body of security research has been focused on studying what runs on our smartphones’ Application Processors (APs). APs run the software most people are familiar with: Android, iOS, Windows Phone, BlackBerry OS, Symbian, webOS, etc.

Comparatively little is published on the Real Time Operating Systems (RTOSs) running phones’ Baseband Processor (BP), a.k.a. Cellular/Communications Processor (CP), yet these RTOSs present significant attack surface and are frequently very privileged components in modern smartphones.

There are a number of reasons for this dichotomy that stem from the practicality and comparative ease of studying baseband hardware and software. Among other challenges, commercial basebands seldom offer a convenient means for users to debug their software. The ability to debug software (at least to some degree) and collect crash logs is essential for any vulnerability research effort.

BBemu is the culmination of this work, capable of emulating a popular baseband.

Contact Us