Comparing the Use of EMBA for IoT Firmware Security Analysis on Cloud Services and Standalone Servers

This paper presents an experimental comparison of the EMBA firmware security analysis framework deployed in cloud-based and standalone environments. Unlike prior studies that primarily focus on EMBA’s analytical capabilities, this work examines how deployment choices influence performance and execution time during IoT firmware analysis. Using identical EMBA configurations and analysis modules, firmware images of varying sizes were analyzed on a standalone personal computer and a Microsoft Azure cloud-based virtual machine. Execution time, detected vulnerabilities, and resource utilization were systematically recorded to evaluate the impact of the deployment environment. The results indicate that scan duration is affected by both firmware size and execution context. For example, using EMBA v1.5.0, a 25.5 MB firmware image required approximately 14 h on a standalone system and over 25 h in the cloud. In contrast, a 30.2 MB image was completed in approximately 18 h locally and 17 h in the cloud. Despite these differences in execution time, the type and number of identified vulnerabilities were largely consistent across both environments, suggesting comparable analytical coverage. Overall, this deployment-focused evaluation provides empirical insight into performance-related trade-offs relevant to practitioners selecting local or cloud-based environments for firmware security analysis.