Update on Overleaf.

Chapters/Conclusions.tex

@@ -12,9 +12,9 @@
 
 % reverse engineered the estk.me update mechanism
 
-% SIMs and eSIMs are an established standard
 
-% future work
-% support of proactive commands to test esim like estk.me and 9esim v2
-% support for IoT specific features like remote push provisioning featured in the iot spec SGP.31 aswell as SGP.21 v3.1
-% 
+This thesis presented a systematic security analysis of commercial eSIM-on-SIM card implementations through the application of differential testing. Given the opaque and proprietary nature of most \gls{euicc} firmware, black-box testing approaches remain one of the few viable options for assessing correctness and security in deployed systems. By designing and implementing a custom framework, this work established a reproducible methodology for identifying behavioral inconsistencies across vendor-specific \gls{esim} implementations.
+
+The developed framework integrates trace recording, scenario-driven testing, and property-based structured fuzzing, allowing the systematic mutation and replay of \gls{apdu} traces. The combination of syntactically valid \gls{asn1}-based input generation with deterministic mutation provides a strong fuzzing implementation. Through this approach, several notable implementation discrepancies were identified, including a critical certificate validation bypass in one vendor’s \gls{euicc} side provisioning logic. 
+
+These findings underscore the importance of independent verification and validation of \gls{esim} implementations, particularly in consumer devices, where assumptions of trust in embedded components are prevalent. The observed deviations from \gls{gsma} specifications suggest that even well-established standards do not guarantee uniform security guarantees across vendors. Differential testing, as demonstrated, offers a scalable and automation-friendly approach to detect such inconsistencies without requiring access to proprietary source code.