{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T05:13:55Z","timestamp":1742966035559,"version":"3.40.3"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030839055"},{"type":"electronic","value":"9783030839062"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-83906-2_8","type":"book-chapter","created":{"date-parts":[[2021,8,24]],"date-time":"2021-08-24T23:05:04Z","timestamp":1629846304000},"page":"105-116","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Testing for IT Security: A Guided Search Pattern for Exploitable Vulnerability Classes"],"prefix":"10.1007","author":[{"given":"Andreas","family":"Neubaum","sequence":"first","affiliation":[]},{"given":"Loui","family":"Al Sardy","sequence":"additional","affiliation":[]},{"given":"Marc","family":"Spisl\u00e4nder","sequence":"additional","affiliation":[]},{"given":"Francesca","family":"Saglietti","sequence":"additional","affiliation":[]},{"given":"Yves","family":"Biener","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,8,25]]},"reference":[{"key":"8_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1007\/978-3-030-26250-1_4","volume-title":"Computer Safety, Reliability, and Security","author":"L Al Sardy","year":"2019","unstructured":"Al Sardy, L., Neubaum, A., Saglietti, F., Rudrich, D.: Comparative evaluation of security fuzzing approaches. In: Romanovsky, A., Troubitsyna, E., Gashi, I., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2019. LNCS, vol. 11699, pp. 49\u201361. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26250-1_4"},{"key":"8_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1007\/978-3-319-99229-7_10","volume-title":"Computer Safety, Reliability, and Security","author":"L Al Sardy","year":"2018","unstructured":"Al Sardy, L., Saglietti, F., Tang, T., Sonnenberg, H.: Constraint-based testing for buffer overflows. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11094, pp. 99\u2013111. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-99229-7_10"},{"issue":"3","key":"8_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3182657","volume":"51","author":"R Baldoni","year":"2018","unstructured":"Baldoni, R., Coppa, E., D\u2019Elia, D., Demetrescu, C., Finocchi, I.: A survey of symbolic execution techniques. ACM Comput. Surv. 51(3), 1\u201339 (2018)","journal-title":"ACM Comput. Surv."},{"doi-asserted-by":"crossref","unstructured":"Blanc, N., Kroening, D.: Race analysis for SystemC using model checking. In: IEEE\/ACM International Conference on Computer-Aided Design, pp. 356\u2013363 (2008)","key":"8_CR4","DOI":"10.1109\/ICCAD.2008.4681598"},{"unstructured":"Cadar, C., Dunbar, D., Engler, D.: KLEE: unassisted and automatic generation of high-coverage tests for complex system programs. In: USENIX Symposium on Operating Systems Design and Implementation, pp. 209\u2013224, USENIX Association (2008)","key":"8_CR5"},{"unstructured":"Carnegie Mellon University (SEI): CERT C++ Coding Standard, Concurrency (2016)","key":"8_CR6"},{"unstructured":"Common Attack Pattern Enumeration and Classification Community: Overflow Buffers. CAPEC-100 (2020)","key":"8_CR7"},{"unstructured":"Cisco: Most Common CWE Vulnerabilities. Annual Cybersecurity Report (2018)","key":"8_CR8"},{"key":"8_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1007\/978-3-540-78800-3_24","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"L de Moura","year":"2008","unstructured":"de Moura, L., Bj\u00f8rner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337\u2013340. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78800-3_24"},{"key":"8_CR10","volume-title":"Buffer Overflow Attacks: Detect, Exploit Prevent","author":"JC Foster","year":"2005","unstructured":"Foster, J.C., Osipov, V., Bhalla, N., Heinen, N.: Buffer Overflow Attacks: Detect, Exploit Prevent. Syngress, Rockland (2005)"},{"key":"8_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1007\/978-3-540-73368-3_52","volume-title":"Computer Aided Verification","author":"V Ganesh","year":"2007","unstructured":"Ganesh, V., Dill, D.L.: A decision procedure for bit-vectors and arrays. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 519\u2013531. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-73368-3_52"},{"key":"8_CR12","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1023\/A:1022602019183","volume":"3","author":"DE Goldberg","year":"1988","unstructured":"Goldberg, D.E., Holland, J.H.: Genetic algorithms and machine learning. Mach. Learn. 3, 95\u201399 (1988)","journal-title":"Mach. Learn."},{"key":"8_CR13","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1109\/MC.2006.212","volume":"39","author":"G Holzmann","year":"2006","unstructured":"Holzmann, G.: The power of 10: rules for developing safety-critical code. IEEE Comput. 39, 95\u201397 (2006)","journal-title":"IEEE Comput."},{"unstructured":"MITRE Corporation: Common Weakness Enumeration (CWE), Top 25 Most Dangerous Software Weaknesses (2020)","key":"8_CR14"},{"unstructured":"MITRE Corporation: Common Vulnerabilities and Exposures (CVE). CVE-2019-3568, CVE-2020-1839, CVE-2021-21006, CVE-2021-21148, CVE-2021-3156","key":"8_CR15"},{"doi-asserted-by":"crossref","unstructured":"Musuvathi, M.: Systematic concurrency testing using CHESS. In: Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging. ACM (2008)","key":"8_CR16","DOI":"10.1145\/1390841.1390851"},{"unstructured":"Nowotka, D., Traub, J.: MEMICS \u2013 Memory Interval Constraint Solving of (concurrent) Machine Code. Automotive \u2013 Safety & Security, LNI 210, pp. 69\u201383, Springer (2012)","key":"8_CR17"},{"unstructured":"Oulu University (Secure Programming Group): Radamsa (2010)","key":"8_CR18"},{"key":"8_CR19","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1145\/996893.996845","volume":"39","author":"S Qadeer","year":"2004","unstructured":"Qadeer, S., Wu, D.: KISS: keep it simple and sequential. SIGPLAN Not. 39, 14\u201324 (2004)","journal-title":"SIGPLAN Not."},{"unstructured":"Schneider Electric Software Security Response Center: Remote Code Execution Vulnerability. Security Bulletin LFSEC00000125 (2018)","key":"8_CR20"},{"unstructured":"Tracey, N., Clark, J., Mander, K., McDermid, J.: An automated framework for structural test-data generation. In: Conference on Automated Software Engineering, pp. 285\u2013288. IEEE (1998)","key":"8_CR21"},{"unstructured":"Wegener, J., Buhr, K., Pohlheim, H.: Automatic test data generation for structural testing of embedded software systems by evolutionary testing. In: Conference on Genetic and Evolutionary Computation, pp. 1233\u20131240. Morgan Kaufmann (2002)","key":"8_CR22"},{"unstructured":"Yun, I., Lee, S., Xu, M., Jang, Y., Kim, T.: QSYM: a practical concolic execution engine tailored for hybrid fuzzing. In: USENIX Security Symposium, pp. 745\u2013761. USENIX (2018)","key":"8_CR23"},{"unstructured":"Zalewski, M.: American Fuzzy Lop (2017)","key":"8_CR24"}],"container-title":["Lecture Notes in Computer Science","Computer Safety, Reliability, and Security. SAFECOMP 2021 Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-83906-2_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T17:40:41Z","timestamp":1710265241000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-83906-2_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030839055","9783030839062"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-83906-2_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"25 August 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SAFECOMP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Computer Safety, Reliability, and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"York","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"United Kingdom","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 September 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 September 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"40","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"safecomp2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/safecomp2021.hosted.york.ac.uk\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"76","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"17","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"From the workshops 26 full and 4 short papers were accepted for publication.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}