Fuzz testing is an effective technique for finding software vulnerabilities. Fuzzing works by feeding quasi-random, auto-generated input sequences to a target program and searching for failures. When used to test physical devices, fuzzing is found to occasionally brick the devices, leading to significant testing expenses. Also, while existing kernel fuzzing is effective in finding kernel-interface vulnerabilities, it is not as efficient in finding deeply-hidden vulnerabilities.
This disclosure presents an architecture for continuously running fuzz tests at scale on physical devices, including on kernel and hardware abstraction layer (HAL) modules. Multiple fuzzers run parallel tests and collaborate in a decentralized manner. Fuzzers share control flow paths and corresponding code coverages as they are discovered. Fuzzers share syscall sequences that brick devices as they are discovered, and arrive at an efficient set of sequences that maximize test coverage.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Yim, Keun Soo and Shin, Ji Won, "Fuzz testing of smartphones and IoT devices", Technical Disclosure Commons, (April 08, 2019)