Random testing with sanitizers to detect concurrency bugs in embedded avionics software

Johansson, Viktor, Vallén, Alexander

January 2018

Fuzz testing is a random testing technique that is effective at finding bugs in large software programs and protocols. We investigate if the technology can be used to find bugs in multi-threaded applications by fuzzing a real-time embedded avionics platform together with a tool specialized at finding data races between multiple threads. We choose to fuzz an API (available to applications executing on top) of the platform. This thesis evaluates aspects of integrating a fuzzing program, AFL and a sanitizer, ThreadSanitizer with an embedded system. We investigate the modifications needed to create a correct run-time environment for the system, including supplying test data in a safe manner and we discuss hardware dependencies. We present a setup where we show that the tools can be used to find planted data races, however slowdown introduced by the tools is significant and the fuzzer only managed to find very simple planted data races during the test runs. Our findings also indicate what appear to be conflicts in instrumentation between the fuzzer and the sanitizer.

fuzz testing

software testing

AFL

american fuzzy lop

embedded systems

santizer

threadsanitizer

Software Engineering

Programvaruteknik

Fuzz testing for design assurance levels

Gustafsson, Marcus, Holm, Oscar

January 2017

With safety critical software, it is important that the application is safe and stable. While this software can be quality tested with manual testing, automated testing has the potential to catch errors that manual testing will not. In addition there is also the possibility to save time and cost by automating the testing process. This matters when it comes to avionics components, as much time and cost is spent testing and ensuring the software does not crash or behave faulty. This research paper will focus on exploring the usefulness of automated testing when combining it with fuzz testing. It will also focus on how to fuzzy test applications classified into DAL-classifications.

fuzz testing

testing

AFL

american fuzzy lop

DAL

design assurance level

automated testing

Software Engineering

Programvaruteknik

Fuzzy States : State Discovery with AFL

Andersson, Jim, Jeppsson, Fredrik

January 2022

Fuzzing is a test method used to automatically generate test case inputs and to executea system under test (SUT) with those inputs. The method is traditionally used to discovercrash-inducing bugs in software. Fuzzing can generate thousands of inputs per secondand many implementations use smart techniques to reach deeply into the code. Fewfuzz testing implementations, however, have the ability to explore and retain informationof state in stateful applications. We develop an extension of the fuzzer American Fuzzy Lop (AFL), building on the workof the Ijon project, and utilize its fuzzing capabilities to discover states in SUT; inparticular, applications built as finite state machines. The extension successfullyharnesses AFL’s input generation to explore the SUT’s state space. We then implement functionality that allows for the SUT to return state information tothe fuzzer, including the state path and path length. Furthermore, functionality is addedthat allows the test operator to specify the expected number of states in the SUT, andGUI extensions that provide real-time information of state discovery during fuzzing. The state information retained after a completed fuzzing session is automaticallysummarized in a structured format. We further demonstrate that the summarizedinformation can be used to generate test cases for a test operator to verify the SUT.

American fuzzy lop

afl

fuzzing

finite state machine

fuzz test

ijon

Computer Sciences

Datavetenskap (datalogi)