DirectFuzz: Automated Test Generation for RTL Designs using Directed Graybox Fuzzing

A critical challenge in RTL verification is to generate effective test inputs. Recently, RFUZZ proposed to use an automated software testing technique, namely Graybox Fuzzing, to effectively generate test inputs to maximize the coverage of the whole hardware design. For a scenario where a tiny fraction of a large hardware design needs to be tested, the RFUZZ approach is extremely time consuming. In this work, we present DirectFuzz, a directed test generation mechanism. DirectFuzz uses Directed Graybox Fuzzing to generate test inputs targeted towards a module instance, which enables targeted testing. Our experimental results show that DirectFuzz covers the target sites up to 17.5 × faster (2.23 × on average) than RFUZZ on a variety of RTL designs.

[1]  Abhik Roychoudhury,et al.  Directed Greybox Fuzzing , 2017, CCS.

[2]  Prabhat Mishra,et al.  QUEBS: Qualifying Event Based Search in Concolic Testing for Validation of RTL Models , 2017, 2017 IEEE International Conference on Computer Design (ICCD).

[3]  Heng Yin,et al.  Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing , 2019, NDSS.

[4]  Prabhat Mishra,et al.  Directed test generation using concolic testing on RTL models , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[5]  Donggyu Kim,et al.  Reusability is FIRRTL ground: Hardware construction languages, compiler frameworks, and transformations , 2017, 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[6]  Todd M. Austin,et al.  StressTest: an automatic approach to test generation via activity monitors , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[7]  Giovanni Squillero,et al.  MicroGP—An Evolutionary Assembly Program Generator , 2005, Genetic Programming and Evolvable Machines.

[8]  Mingsong Chen,et al.  System-Level Validation: High-Level Modeling and Directed Test Generation Techniques , 2012 .

[9]  Daniel Kroening,et al.  Hardware Verification Using Software Analyzers , 2015, 2015 IEEE Computer Society Annual Symposium on VLSI.

[10]  Kerstin Eder,et al.  Coverage-Directed Test Generation Automated by Machine Learning -- A Review , 2012, ACM Trans. Design Autom. Electr. Syst..

[11]  Prabhat Mishra,et al.  Automated Activation of Multiple Targets in RTL Models using Concolic Testing , 2019, 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[12]  Avi Ziv,et al.  Coverage directed test generation for functional verification using Bayesian networks , 2003, Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451).

[13]  Christopher Krügel,et al.  Driller: Augmenting Fuzzing Through Selective Symbolic Execution , 2016, NDSS.

[14]  Koushik Sen,et al.  RFUZZ: Coverage-Directed Fuzz Testing of RTL on FPGAs , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[15]  Fei Xie,et al.  Challenges and opportunities with concolic testing , 2015, 2015 National Aerospace and Electronics Conference (NAECON).

[16]  Jeyavijayan Rajendran,et al.  HardFails: Insights into Software-Exploitable Hardware Bugs , 2019, USENIX Security Symposium.

[17]  Mingsong Chen,et al.  Property Learning Techniques for Efficient Generation of Directed Tests , 2011, IEEE Transactions on Computers.