Implementation and testing of a blackbox and a whitebox fuzzer for file compression routines

Tobkin, Toby

01 May 2013

Fuzz testing is a software testing technique that has risen to prominence over the past two decades. The unifying feature of all fuzz testers (fuzzers) is their ability to somehow automatically produce random test cases for software. Fuzzers can generally be placed in one of two classes: black-box or white-box. Blackbox fuzzers do not derive information from a program's source or binary in order to restrict the domain of their generated input while white-box fuzzers do. A tradeoff involved in the choice between blackbox and whitebox fuzzing is the rate at which inputs can be produced; since blackbox fuzzers need not do any "thinking" about the software under test to generate inputs, blackbox fuzzers can generate more inputs per unit time if all other factors are equal. The question of how blackbox and whitebox fuzzing should be used together for ideal economy of software testing has been posed and even speculated about, however, to my knowledge, no publically available study with the intent of characterizing an answer exists. The purpose of this thesis is to provide an initial exploration of the bug-finding characteristics of blackbox and whitebox fuzzers. A blackbox fuzzer is implemented and extended with a concolic execution program to make it whitebox. Both versions of the fuzzer are then used to run tests on some small programs and some parts of a file compression library.

Electrical and Computer Engineering

Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs

Huang, Jin

07 June 2018

No description available.

Computer Science

abstract syntax tree

symbolic execution engine

PHP

programming

Look-ahead instruction scheduling for dynamic execution in pipelined computers

Reddy Anam, Vijay K.

January 1990

No description available.

Look-Ahead Instruction Scheduling

Dynamic Execution

Pipelined Computers

Construction and Validation of an Instrument to Measure Problem-Solving Skills of Suburban High School Physical Science Students

Herak, Patrick James

17 December 2010

No description available.

Education

problem

solving

skills

definition

planning

execution

evaluation

Defending Real-Time Systems through Timing-Aware Designs

Mishra, Tanmaya

04 May 2022

Real-time computing systems are those that are designed to achieve computing goals by certain deadlines. Real-time computing systems are present in everything from cars to airplanes, pacemakers to industrial-control systems, and other pieces of critical infrastructure. With the increasing interconnectivity of these systems, system security issues and the constant threat of manipulation by malicious external attackers that have plagued general computing systems, now threaten the integrity and safety of real-time systems. This dissertation discusses three different defense techniques that focuses on the role that real-time scheduling theory can play to reduce runtime cost, and guarantee correctness when applying these defense strategies to real-time systems. The first work introduces a novel timing aware defense strategy for the CAN bus that utilizes TrustZone on state-of-the-art ARMv8-M microcontrollers. The second reduces the runtime cost of control-flow integrity (CFI), a popular system security defense technique, by correctly modeling when a real-time system performs I/O, and exploiting the model to schedule CFI procedures efficiently. Finally, the third studies and provides a lightweight mitigation strategy for a recently discovered vulnerability within mixed criticality real-time systems. / Doctor of Philosophy / Real-time computing systems are those that are designed to achieve computing goals within certain timing constraints. Real-time computing systems are present in everything from cars to airplanes, pacemakers to industrial-control systems, and other pieces of critical infrastructure. With the increasing interconnectivity of these systems, system security issues and the constant threat of manipulation by malicious external attackers that have plagued general computing systems, now threaten the integrity and safety of real-time systems. This dissertation discusses three different defense techniques that focuses on the role that real-time scheduling theory can play to reduce runtime cost, and guarantee correctness when applying these defense strategies to real-time systems. The first work introduces a novel timing aware defense strategy for the Controller Area Network (CAN). CAN is a popular communication system that is at the heart of every modern passenger vehicle and is indispensable for the safe operation of various components such as the engine and transmission systems, and due to its simplicity, may be vulnerable to a variety of attacks. We leverage security advancements in modern processor design to provide a lightweight and predictable (in terms of time taken to perform the operation) defense technique for some of these vulnerabilities. The second work applies a technique called Control-Flow Integrity (CFI) to real-time systems. CFI is a general-purpose defense technique to prevent attackers from modifying software execution, and applying such techniques to real-time systems, particularly those with limited hardware capabilities, may be infeasible. By applying real-time scheduling theory, we propose a strategy to apply CFI to such systems, while reducing its overhead, or cost, without compromising the security guarantees CFI inherently provides. Finally, safety-critical systems may consist of a mix of operations, each having a different level of importance (criticality) with respect to the safe operation of the system. However, due to the complexity of modeling such systems, the models themselves may be vulnerable to attacks. Through simulations we study one such vulnerability and propose a modification to mitigate it.

Real-time systems

Security

Trusted Execution

CAN

CFI

Mixed Criticality

Partitioning Strategies to Enhance Symbolic Execution

Marcellino, Brendan Adrian

11 August 2015

Software testing is a fundamental part of the software development process. However, testing is still costly and consumes about half of the development cost. The path explosion problem often necessitates one to consider an extremely large number of paths in order to reach a specific target. Symbolic execution can reduce this cost by using symbolic values and heuristic exploration strategies. Although various exploration strategies have been proposed in the past, the number of Satisfiability Modulo Theories (SMT) solver calls for reaching a target is still large, resulting in longer execution times for programs containing many paths. In this paper, we present two partitioning strategies in order to mitigate this problem, consequently reducing unnecessary SMT solver calls as well. In sequential partitioning, code sections are analyzed sequentially to take advantage of infeasible paths discovered in earlier sections. On the other hand, using dynamic partitioning on SSA-applied code, the code sections are analyzed in a non-consecutive order guided by data dependency metrics within the sections. Experimental results show that both strategies can achieve significant speedup in reducing the number of unnecessary solver calls in large programs. More than 1000x speedup can be achieved in large programs over conflict-driven learning. / Master of Science

Symbolic Execution

Software Testing

Static Analysis

Partitioning Strategies

Power-Performance-Predictability: Managing the Three Cornerstones of Resource Constrained Real-Time System Design

Mukherjee, Anway

08 November 2019

This dissertation explores several challenges that plague the hardware-software co-design of popular resource constrained real-time embedded systems. We specifically tackle existing real-world problems, and address them through our design solutions which are highly scalable, and have practical feasibility as verified through our solution implementation on real-world hardware. We address the problem of poor battery life in mobile embedded devices caused due to side-by-side execution of multiple applications in split-screen mode. Existing industry solutions either restricts the number of applications that can run simultaneously, limit their functionality, and/or increase the hardware capacity of the battery associated with the system. We exploit the gap in research on performance and power trade-off in smartphones to propose an integrated energy management solution, that judiciously minimizes the system-wide energy consumption with negligible effect on its quality of service (QoS). Another important real-world requirement in today's interconnected world is the need for security. In the domain of real-time computing, it is not only necessary to secure the system but also maintain its timeliness. Some example security mechanisms that may be used in a hard real-time system include, but are not limited to, security keys, protection of intellectual property (IP) of firmware and application software, one time password (OTP) for software certification on-the-fly, and authenticated computational off-loading. Existing design solutions require expensive, custom-built hardware with long time-to-market or time-to-deployment cycle. A readily available alternative is the use of trusted execution environment (TEE) on commercial off-the-shelf (COTS) embedded processors. However, utilizing TEE creates multiple challenges from a real-time perspective, which includes additional time overhead resulting in possible deadline misses. Second, trusted execution may adversely affect the deterministic execution of the system, as tasks running inside a TEE may need to communicate with other tasks that are executing on the native real-time operating system. We propose three different solutions to address the need for a new task model that can capture the complex relationship between performance and predictability for real-time tasks that require secure execution inside TEE. We also present novel task assignment and scheduling frameworks for real-time trusted execution on COTS processors to improve task set schedulability. We extensively assess the pros and cons of our proposed approaches in comparison to the state-of-the-art techniques in custom-built real-world hardware for feasibility, and simulated environments to test our solutions' scalability. / Doctor of Philosophy / Today's real-world problems demand real-time solutions. These solutions need to be practically feasible, and scale well with increasing end user demands. They also need to maintain a balance between system performance and predictability, while achieving minimum energy consumption. A recent example of technological design problem involves ways to improve the battery lifetime of mobile embedded devices, for example, smartphones, while still achieving the required performance objectives. For instance, smartphones that run Android OS has the capability to run multiple applications concurrently using a newly introduced split-screen mode of execution, where applications can run side-by-side at the same time on screen while using the same shared resources (e.g., CPU, memory bandwidth, peripheral devices etc.). While this can improve the overall performance of the system, it can also lead to increased energy consumption, thereby directly affecting the battery life. Another technological design problem involves ways to protect confidential proprietary information from being siphoned out of devices by external attackers. Let us consider a surveillance unmanned aerial vehicle (UAV) as an example. The UAV must perform sensitive tasks, such as obtaining coordinates of interest for surveillance, within a given time duration, also known as task deadline. However, an attacker may learn how the UAV communicates with ground control, and take control of the UAV, along with the sensitive information it carries. Therefore, it is crucial to protect such sensitive information from access by an unauthorized party, while maintaining the system's task deadlines. In this dissertation, we explore these two real-world design problems in depth, observe the challenges associated with them, while presenting several solutions to tackle the issues. We extensively assess the pros and cons of our proposed approaches in comparison to the state-of- the-art techniques in custom-built real-world hardware, and simulated environments to test our solutions' scalability.

Real-Time Systems

Trusted Execution

Voltage-Frequency Scaling

Android

Secure Communication Networks for Connected Vehicles

Mahadevegowda, Spandan

17 January 2023

With the advent of electric vehicles (EVs) and the proliferation of vehicle technologies like drive-by-wire and autonomous driving, advanced communication protocols to connect vehicles and the infrastructure have been proposed. However, practical large-scale deployments have been hindered due to caveats such as hardware, and infrastructure demands — including the security of vehicles, given their ubiquitous nature and direct correlation to human safety. As part of this thesis, we look at deploying a practical solution to adopt a secure large-scale vehicle-to-everything (V2X) communication architecture. Then, we also try to analyze and detect vulnerabilities in vehicle-to-grid communication for electric vehicles. In the first work, we analyze, build a proof of concept and evaluate the use of commercial off-the-shelf (COTS) smartphones as secure cellular-vehicle-to-everything (CV2X) radios. Here, we study the various possible network topologies considering the long-term evolution (LTE) technology with necessary latency requirements considering security and the associated overhead. We further simulate the proposed method by considering real-world scalability for practical deployment. In the second work, we analyze the ISO15118 standard for EV-to-electric grid communication involving high levels of energy exchange. We develop a grammatical fuzzing architecture to assess and evaluate the implementation of the standard on a road-deployed vehicle to detect security vulnerabilities and shortcomings. / Master of Science / The technology around vehicles and the transportation infrastructure has immensely advanced in the last few decades. Today we have advanced technologies like driver assistance, automated driving, and access to multimedia within our vehicles. And deploying such technologies has only been possible due to advancements in the electronics embedded in the vehicles and surrounding infrastructure. Opportunely, we can further improve the technologies to include numerous safety features by connecting vehicles and infrastructure via communication networks. However, this poses immense challenges regarding the scaling of communication infrastructure for the timely exchange of data and its security. But, given the proliferation of cellular technology, the ubiquitous nature of smartphones, and their capabilities, we propose and evaluate the idea of using commercial off-the-shelf (COTS) smartphones to connect vehicles and the infrastructure to exchange data securely. The first work of this thesis details the analysis and evaluation of the system and the network for a secure COTS-based cellular-vehicle-to-everything architecture, including a proof of concept hardware implementation and additional simulations. Additionally, in light of climate policies and cleaner transportation alternatives, we are moving from gasoline-based internal combustion engines to electric vehicles, requiring the transfer of extended amounts of electric energy from the electric grid to the batteries in the vehicles. In light of the same, ISO 15118 standard was developed to reduce repetitive efforts and standardize the communication and exchange of this energy. But as with any new technology, especially involving communication, new attack vectors for malicious entities open up. Therefore, we study this new standard and develop a novel fuzzing architecture to test the implementation of the standard on deployed real-world vehicles for security vulnerabilities and robustness. Again, as this is a nascent technology and standard, a fuzzing approach would accelerate the detection of edge cases and threats before these are exploited to cause harm to human life and property.

CV2X

V2G

Connected Vehicles

Secure Networks

Trusted Execution

Hell's Gate: The Anglo-Saxon execution cemetery at Walkington Wold

Buckberry, Jo, Hadley, D.M.

January 2010

No

Anglo-Saxon Execution

Cemetery Analysis

Walkington Wold

Yorkshire

Off with their heads: The Anglo-Saxon execution cemetery at Walkington Wold, East Yorkshire.

Buckberry, Jo

January 2008

No

Execution cemetery

Walkington Wold

Yorkshire

Atypical burials

Skeletal remains