Detecting vulnerability on IoT device firmware: A survey
Internet of things (IoT) devices make up 30% of all network-connected endpoints,
introducing vulnerabilities and novel attacks that make many companies as primary targets …
introducing vulnerabilities and novel attacks that make many companies as primary targets …
{P2IM}: Scalable and hardware-independent firmware testing via automatic peripheral interface modeling
Dynamic testing or fuzzing of embedded firmware is severely limited by hardware-
dependence and poor scalability, partly contributing to the widespread vulnerable IoT …
dependence and poor scalability, partly contributing to the widespread vulnerable IoT …
S2E: A platform for in-vivo multi-path analysis of software systems
This paper presents S2E, a platform for analyzing the properties and behavior of software
systems. We demonstrate S2E's use in developing practical tools for comprehensive …
systems. We demonstrate S2E's use in developing practical tools for comprehensive …
[PDF][PDF] AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares.
To address the growing concerns about the security of embedded systems, it is important to
perform accurate analysis of firmware binaries, even when the source code or the hardware …
perform accurate analysis of firmware binaries, even when the source code or the hardware …
Krace: Data race fuzzing for kernel file systems
Data races occur when two threads fail to use proper synchronization when accessing
shared data. In kernel file systems, which are highly concurrent by design, data races are …
shared data. In kernel file systems, which are highly concurrent by design, data races are …
{FIE} on firmware: Finding vulnerabilities in embedded systems using symbolic execution
D Davidson, B Moench, T Ristenpart… - 22nd USENIX Security …, 2013 - usenix.org
Embedded systems increasingly use software-driven low-power microprocessors for
security-critical settings, surfacing a need for tools that can audit the security of the software …
security-critical settings, surfacing a need for tools that can audit the security of the software …
Automated software test generation: some challenges, solutions, and recent advances
G Candea, P Godefroid - Computing and Software Science: State of the …, 2019 - Springer
The automation of software testing promises to delegate to machines what is otherwise the
most labor-intensive and expensive part of software development. The past decade has …
most labor-intensive and expensive part of software development. The past decade has …
Jetset: Targeted firmware rehosting for embedded systems
The ability to execute code in an emulator is a fundamental part of modern vulnerability
testing. Unfortunately, this poses a challenge for many embedded systems, where firmware …
testing. Unfortunately, this poses a challenge for many embedded systems, where firmware …
{DR}.{CHECKER}: A soundy analysis for linux kernel drivers
While kernel drivers have long been know to poses huge security risks, due to their
privileged access and lower code quality, bug-finding tools for drivers are still greatly lacking …
privileged access and lower code quality, bug-finding tools for drivers are still greatly lacking …
DICE: Automatic emulation of DMA input channels for dynamic firmware analysis
Microcontroller-based embedded devices are at the core of Internet-of-Things (IoT) and
Cyber-Physical Systems (CPS). The security of these devices is of paramount importance …
Cyber-Physical Systems (CPS). The security of these devices is of paramount importance …