Abstract
The USB Power Delivery protocol enables USB-connected devices to negotiate power delivery and exchange data over a single connection such as a USB Type-C cable. The protocol incorporates standard commands; however, it also enables vendors to add non-standard commands called vendor-defined messages. These messages are similar to the vendor-specific commands in the SCSI protocol, which enable vendors to specify undocumented commands to implement functionality that meets their needs. Such commands can be employed to enable firmware updates, memory dumps and even backdoors.
This chapter analyzes vendor-defined message support in devices that employ the USB Power Delivery protocol, the ultimate goal being to identify messages that could be leveraged in digital forensic investigations to acquire data stored in the devices.
Chapter PDF
Similar content being viewed by others
References
G. Alendal, G. Dyrkolbotn and S. Axelsson, Forensic acquisition – Analysis and circumvention of Samsung secure boot enforced common criteria mode, Digital Investigation, vol. 24(S), pp. S60–S67, 2018
G. Alendal, C. Kison and modg, Got HW Crypto? On the (In)Security of a Self-Encrypting Drive Series, Cryptology ePrint Archive, Report 2015/1002 (eprint.iacr.org/2015/1002), 2015
N. Artenstein, Exploiting Android S-Boot: Getting arbitrary code exec in the Samsung bootloader (1/2), Information Security Newspaper, March 3, 2017
Chindi.ap (commons.wikimedia.org/wiki/User:Chindi.ap), 2019
H. Reydarns, V. Lauwereys, D. Haeseldonckx, P. van Willigenburg, J. Woudstra and S. De Jonge, The development of a proof of concept for a smart DC/DC power plug based on USB Power Delivery, Proceedings of the Twenty-Second Conference on the Domestic Use of Energy, 2014
T10 Technical Committee of the International Committee on Information Technology Standards, SCSI Operation Codes (www.t10.org/lists/op-num.htm), 2015
USB Implementers Forum, Getting a Vendor ID, Beaverton, Oregon (www.usb.org/getting-vendor-id), 2019
USB Implementers Forum, USB Power Delivery, Beaverton, Oregon (www.usb.org/document-library/usb-power-delivery), 2019
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 IFIP International Federation for Information Processing
About this paper
Cite this paper
Alendal, G., Axelsson, S., Dyrkolbotn, G.O. (2019). Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics XV. DigitalForensics 2019. IFIP Advances in Information and Communication Technology, vol 569. Springer, Cham. https://doi.org/10.1007/978-3-030-28752-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-28752-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-28751-1
Online ISBN: 978-3-030-28752-8
eBook Packages: Computer ScienceComputer Science (R0)