NDSS 2025 – Mens Sana In Corpore Sano: Sound Firmware Corpora For Vulnerability Research

Firmware security research depends on high‑quality datasets, yet assembling such corpora remains a complex puzzle. Researchers must navigate legal restrictions, encrypted binaries, and opaque vendor formats, which often result in ad‑hoc sample collections. Without standardized acquisition and thorough documentation, studies cannot be reliably reproduced, limiting confidence in reported vulnerabilities and mitigation strategies.

The NDSS paper tackles these challenges by distilling concrete binary‑analysis obstacles and proposing a reproducibility framework. By auditing 44 leading publications, the authors demonstrate that most lack consistent sampling criteria, deduplication procedures, or transparent metadata. Their guideline checklist—covering provenance, licensing, unpacking verification, and ground‑truth labeling—offers a pragmatic path for scholars to construct corpora that meet scientific rigor while respecting intellectual‑property constraints.

The practical payoff is illustrated through LFwC, a newly released Linux firmware corpus built under the proposed standards. LFwC includes exhaustive metadata, verified unpacking pipelines, and de‑duplication, enabling researchers to conduct large‑scale vulnerability scans with confidence. As more teams adopt these practices, the security community can expect faster discovery of firmware flaws, more robust defensive tooling, and a clearer benchmark for comparing detection techniques, ultimately strengthening the ecosystem against firmware‑level attacks.