Abstract: Firmware of embedded terminal can be directly connected to the underlying hardware, in company with other characteristics determine the severity of its vulnerability. In order to improve the safety level of embedded terminal firmware in power grid, this paper analyzes the organization structure of the embedded terminal firmware, compares the common methods of firmware vulnerability mining, then takes the electric power industrial control system as the research object, the key technologies of industrial control firmware vulnerability mining are studied, including firmware decompression technology and in-depth analysis technology. Next, this paper designs and implements a set of firmware vulnerability mining framework for embedded terminals in electric power industrial control system, and verifies the effectiveness of the framework through actual firmware.