Effectiveness of Hardware Fuzzing In Detecting Memory Vulnerabilities


A new technical paper titled "Fuzzerfly Effect: Hardware Fuzzing for Memory Safety" was published by researchers at Technical University of Darmstadt, Texas A&M University and Delft University of Technology. Abstract: "Hardware-level memory vulnerabilities severely threaten computing systems. However, hardware patching is inefficient or difficult post-fabrication. We investigate the eff... » read more

Overview Of Security Verification Methodologies for SoC Designs Pre-Silicon (U. of Florida)


A technical paper titled "A Survey on SoC Security Verification Methods at the Pre-silicon Stage" was recently published by researchers at University of Florida. Abstract "This paper presents a survey of the state-of-the-art pre-silicon security verification techniques for System-on-Chip (SoC) designs, focusing on ensuring that designs, implemented in hardware description languages (HDLs) a... » read more

A Generic Approach For Fuzzing Arbitrary Hypervisors


A technical paper titled “HYPERPILL: Fuzzing for Hypervisor-bugs by Leveraging the Hardware Virtualization Interface” was presented at the August 2024 USENIX Security Symposium by researchers at EPFL, Boston University, and Zhejiang University. Abstract: "The security guarantees of cloud computing depend on the isolation guarantees of the underlying hypervisors. Prior works have presented... » read more

Hybrid Hardware Fuzzer, Combining Capabilities of Formal Verification Methods And Fuzzing Tools


A new technical paper titled "HyPFuzz: Formal-Assisted Processor Fuzzing" was published by researchers at Texas A&M University and Technische Universität Darmstadt. Abstract: "Recent research has shown that hardware fuzzers can effectively detect security vulnerabilities in modern processors. However, existing hardware fuzzers do not fuzz well the hard-to-reach design spaces. Consequently,... » read more

New Processor Fuzzing Mechanism


Researchers from Boston University and University of Washington published a technical paper titled "ProcessorFuzz: Guiding Processor Fuzzing using Control and Status Registers." Abstract "As the complexity of modern processors has increased over the years, developing effective verification strategies to identify bugs prior to manufacturing has become critical. Undiscovered micro-architectur... » read more

Week In Review: Auto, Security, Pervasive Computing


The great EV ramp EV-related developments are everywhere. California’s move to ban sales of new internal-combustion vehicles by 2035, and the U.S. government’s sweeping embrace of clean-energy, are in lockstep with recent moves by the auto industry and related supply chains, as well as cutting-edge research. One of the big breakthroughs is the ability to charge an EV in 10 minutes witho... » read more

Fuzz, Penetration, and AI Testing for SoC Security Verification: Challenges and Solutions


Abstract "The ever-increasing usage and application of system-on-chips (SoCs) has resulted in the tremendous modernization of these architectures. For a modern SoC design, with the inclusion of numerous complex and heterogeneous intellectual properties (IPs),and its privacy-preserving declaration, there exists a wide variety of highly sensitive assets. These assets must be protected from any u... » read more

Securing 5G And IoT With Fuzzing


5G will revolutionize many industries, with up to 100 times the speed, 100 times the capacity, and one-tenth the latency compared to 4G LTE. But in addition to providing superior performance, 5G expands the attack surface of apps and IoT devices that rely on this next-gen network. In addition to known security exploits, we’re bound to see unknown, novelty attacks. Fuzz testing (or fuzzing)... » read more

The Week In Review: IoT


Connectivity M1 Limited of Singapore worked with Nokia to launch a nationwide narrowband Internet of Things network, targeting such applications as asset tracking, environmental monitoring, fleet management, and smart energy management for buildings. M1 hopes to boost the IoT ecosystem in Singapore with the new NB-IoT network. M&A DuPont has agreed to acquire Granular, a provider of digita... » read more

What Is Fuzzing?


Fuzzing is an excellent technique for locating vulnerabilities in software. The basic premise is to deliver intentionally malformed input to target software and detect failure. A complete fuzzer has three components. A poet creates the malformed inputs or test cases.A courier delivers test cases to the target software. Finally, an oracle detects target failures. Different fuzzing techniques ... » read more