Update on Overleaf.

Chapters/Conclusions.tex

@@ -5,4 +5,15 @@
 %************************************************
 \glsresetall % Resets all acronyms to not used
 
-\lipsum[7]
+% build a framework for esim security analysis
+% LPA in python
+
+% Found bug in esim on sim cards
+
+% reverse engineered the estk.me update mechanism
+
+% 
+
+% SIMs and eSIMs are an established standard
+% hard to analyze -> mostly blackbox fuzzing and analyzation with minimal error responses
+% 

Chapters/Introduction.tex

@@ -5,10 +5,42 @@
 %************************************************
 \glsresetall % Resets all acronyms to not used
 
+% todays society is connected
+% all devices i.e Smartphones, iot devices, vehicles are connected and often have an SIM -> connect to cellular networks
+% The first phones supporting esims released in 2016 with the iphone that supports esim being released in 2018
+% in recent years: esims became more and more popular in such applications
+% advantages: no need to switch out hardware when getting a new phone contract, easier to switch out the profile when going to a foreign country an getting a temporary phone contract (or something similar)
+% adoption of eSIM technology is increasing rapidly due to its flexibility, remote provisioning capability, and suitability for IoT and mobile devices
+% most newly released phone support esims -> new attack vector for adversaries
+% people with older hardware i.e no esim support by their phone are left out -> introduction of eSIM on SIM
+% esim.me marketed their esim on sim as "world’s first eSIM Card" with their launch in 2020
+% esim on sim enable old phones to use eSIM via sim slot or other applications
+
 \section{Motivation}
 
+% esim standard is developed by the GSMA, ETSI and 3GPP -> security was build into the design from the ground up
+% other researches have already looked at the specs in depth (cite papers here)
+% implementation of the esim firmware is still up to the manufacturs which develope their own versions -> possibility of vulnerabilities in their implementations
+
+% lack of formal security evaluation
+
+% security vulnerabilities can have a major impact -> persistence of exploits are high: malicouse profiles may persist accross reboots or even device resets; often low level and invisible -> particularly dangerous and hard to detect
+% sims have direct, priviledged, unfiltered access to the baseband
+
+% non standard implementations may introduce bugs or security flaws 
+
+% esim specs may have been interpretated differently by the different vendors
+
+% differential testing offers automated and scalable method to detect inconsistency in the different implementations -> comparing output of multiple esim on sim implementations against the same inputs
+
 \section{Contribution}
 
-\section{Outline}
+% implement framework for differential testing of esims (esims and esim on sim)
+% containing: fuzzing of structural input when communicating with the esim, fuzzing on transport level, tracing and replaying recordings from one esim to another; make it accessible via cli and as a library for scripting
+% using the tracing functionality we discover first implementation differences in the implementation
+% reverse engineer the update functionality of the estk.me esim
+% demonstrate the framworks ability in security research:
+% discover and evaluate bug in the profile provisioning process of one manufacturer -> evaluate the impact
 
-\lipsum[3]
+
+\section{Outline}