The very first step for analyzing the security of an embedded device, without prior knowledge of the device’s construction, is analyzing the printed circuit board (PCB) of the device, in order to understand its electrical implementation. This analysis is called PCB reverse engineering and its results are a list of components, technical documentation related to those components, and a schematic reconstruction, that illustrates basic connections between the PCB’s components.
Motivated by the lack of inexpensive methods for efficiently performing PCB reverse engineering, we propose a novel framework that formalizes and automates most of the tasks required for PCB reverse engineering. The framework is capable of automatically detecting components using machine vision, gathering technical documentation from the internet and analyzing technical documents to extract security-relevant information. We implement the concept and evaluate the gain of efficiency and analysis coverage. Our results show that automating almost all steps of PCB reverse engineering is possible. Furthermore, we highlight novel use cases that are enabled by our approach.