Abstract:
Learn to audit closed-source QNX and embedded IPC used in IoT, automotive and Industrial systems. This 2-hour hands-on workshop covers firmware emulation, reverse engineering, and custom fuzzing techniques for undocumented RTOS systems.

Description:
QNX and proprietary RTOS power automotive and OT units, yet zero public fuzzing documentation exists. This session provides a rare methodology to audit these closed systems. We focus on Inter-Process Communication (IPC)—the primary attack surface.
1. Reversing & Emulation: Map hidden IPC endpoints in QNX and rehost binaries using QEMU.
2. Custom Fuzzing: Write harnesses to fuzz proprietary IPC loops without source code.
3. Crash Triage: Analyze memory corruption in an RTOS environment. Gain a black-box testing approach. Requires a laptop to run the provided training VM.