A LoRaWAN gateway is a device that allows e.g., low-power device to connect to it over LoRaWAN, and the gateway then subsequently connects to and forwards the traffic over a high-bandwidth network such as WiFi, Ethernet, or cellular. The aim of this project is to reverse engineer a LoRaWAN gateway and, among other things, understand the inner working of its firmware and its update process. E.g., open up the device and analyze it from a hardware security point of view: set up a person in the middle (PitM) device to intercept firmware update traffic, capture the firmware, modify it, and have the LoRaWAN device accept the modified firmware. If the PitM approach does not work, other avenues to access the firmware and the update process will have to be explored, such as the possiblity of accessing the device through a serial debugging port, reading the firmware directly from the Flash chip, or other similar approaches.
Contact: Mike Gilhespy (M.D.Gilhespy@hhs.nl)