CISPA
Browse

Debugger-driven Embedded Fuzzing

Download (361.27 kB)
conference contribution
posted on 2023-11-29, 18:26 authored by Max EiseleMax Eisele
Embedded Systems – the hidden computers in our lives – are deployed in the billionths and are already in the focus of attackers. They pose security risks when not tested and maintained thoroughly. In recent years, fuzzing has become a promising technique for automated security testing of programs, which can generate tons of test inputs for a program. Fuzzing is hardly applied to embedded systems, because of their high diversity and closed character. During my research I want tackle that gap in fuzzing embedded systems – short: “Embedded Fuzzing”. My goal is to obtain insights of the embedded system during execution, by using common debugging interfaces and hardware breakpoints to enable guided fuzzing in a generic and widely applicable way. Debugging interfaces and hardware breakpoints are available for most common microcontrollers, generating a potential industry impact. Preliminary results show that the approach covers basic blocks faster than blackbox fuzzing. Additionally, it is source code agnostic and leaves the embedded firmware unaltered.

History

Preferred Citation

Max Eisele. Debugger-driven Embedded Fuzzing. In: International Conference on Software Testing, Verification and Validation (ICST). 2022.

Primary Research Area

  • Secure Connected and Mobile Systems

Name of Conference

International Conference on Software Testing, Verification and Validation (ICST)

Legacy Posted Date

2023-07-07

Open Access Type

  • Unknown

BibTeX

@inproceedings{cispa_all_3982, title = "Debugger-driven Embedded Fuzzing", author = "Eisele, Max", booktitle="{International Conference on Software Testing, Verification and Validation (ICST)}", year="2022", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC