论文信息 - Work-in-Progress: DOVE: Pinpointing firmware security vulnerabilities via symbolic control flow assertion mining

Work-in-Progress: DOVE: Pinpointing firmware security vulnerabilities via symbolic control flow assertion mining

In the past decade, the number of reported security attacks exploiting unchecked input firmware values has been on the rise. To address this concerning trend, this work proposes a novel detection framework, called DOVE, capable of identifying unlikely firmware execution flows, specifically those that may reveal a security vulnerability. The DOVE framework operates by leveraging a symbolic simulation of the firmware's execution, paired with a probability computation that can identify unlikely execution flows and provide to the user corresponding formal assertions.

Graziano Pravadelli | Valeria Bertacco | Alessandro Danese

[1] Benjamin Müller,et al. The SCIP Optimization Suite 3.2 , 2016 .

[2] James C. King,et al. Symbolic execution and program testing , 1976, CACM.

[3] Dawson R. Engler,et al. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.

[4] Xeno Kovah,et al. How Many Million BIOSes Would you Like to Infect? , 2015 .

[5] Olivier Coudert,et al. Verification of Synchronous Sequential Machines Based on Symbolic Execution , 1989, Automatic Verification Methods for Finite State Systems.