Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol
Journal article, Peer reviewed
Accepted version
Åpne
Permanent lenke
http://hdl.handle.net/11250/2632162Utgivelsesdato
2019Metadata
Vis full innførselSamlinger
Originalversjon
IFIP Advances in Information and Communication Technology. 2019, 569 101-118. 10.1007/978-3-030-28752-8_6Sammendrag
The USB Power Delivery protocol enables USB-connected devices to negotiate power delivery and exchange data over a single connection such as a USB Type-C cable. The protocol incorporates standard commands;however, it also enables vendors to add non-standard commands called
vendor-defined messages. These messages are similar to the vendorspecific commands in the SCSI protocol, which enable vendors to specify undocumented commands to implement functionality that meets their needs. Such commands can be employed to enable firmware updates, memory dumps and even backdoors. This chapter analyzes vendor-defined message support in devices that
employ the USB Power Delivery protocol, the ultimate goal being to identify messages that could be leveraged in digital forensic investigations to acquire data stored in the devices.