The authors present a methodology for extracting and validating firmware from three consumer drone models (Holy Stone HS175D, HS720, HS360S) using low-cost, commercially available tools. They evaluate four acquisition methods—SPI flash reading, SWD/JTAG debug access, UART boot capture, and clip-based contact—and develop a three-tier validation framework using Shannon entropy profiling and structural-signature analysis to distinguish real firmware from junk data. Static analysis reveals aging library stacks with known CVEs and no binary-hardening mechanisms.
Main takeaways:
- Four firmware acquisition methods were tested for success rate, image completeness, and practicality without requiring chip desoldering
- Validation uses sliding-window Shannon entropy and binwalk structural analysis to confirm images contain meaningful firmware, not just tool-level success indicators
- Extracted firmware shows identifiable OS components, old libraries with known CVE exposure, and zero binary-hardening protections
- Provides a reproducible baseline for firmware analysis, vulnerability assessment, and embedded-systems education in consumer UAVs