{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,31]],"date-time":"2025-08-31T10:32:58Z","timestamp":1756636378793,"version":"3.37.3"},"publisher-location":"Cham","reference-count":44,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319893624"},{"type":"electronic","value":"9783319893631"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-89363-1_16","type":"book-chapter","created":{"date-parts":[[2018,4,3]],"date-time":"2018-04-03T09:04:43Z","timestamp":1522746283000},"page":"281-298","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["CRETE: A Versatile Binary-Level Concolic Testing Framework"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6354-2294","authenticated-orcid":false,"given":"Bo","family":"Chen","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8259-0272","authenticated-orcid":false,"given":"Christopher","family":"Havlicek","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7567-2870","authenticated-orcid":false,"given":"Zhenkun","family":"Yang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3983-1963","authenticated-orcid":false,"given":"Kai","family":"Cong","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0043-9430","authenticated-orcid":false,"given":"Raghudeep","family":"Kannavara","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7324-3287","authenticated-orcid":false,"given":"Fei","family":"Xie","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,4,4]]},"reference":[{"key":"16_CR1","doi-asserted-by":"crossref","first-page":"385","DOI":"10.1145\/360248.360252","volume":"19","author":"JC King","year":"1976","unstructured":"King, J.C.: Symbolic execution and program testing. Commun. ACM 19, 385\u2013394 (1976)","journal-title":"Commun. ACM"},{"key":"16_CR2","doi-asserted-by":"crossref","unstructured":"Sen, K., Marinov, D., Agha, G.: Cute: a concolic unit testing engine for C. In: Proceedings of the 10th European Software Engineering Conference (2005)","DOI":"10.1145\/1081706.1081750"},{"key":"16_CR3","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Klarlund, N., Sen, K.: Dart: directed automated random testing. In: Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2005) (2005)","DOI":"10.1145\/1065010.1065036"},{"key":"16_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume-title":"Information Systems Security","author":"D Song","year":"2008","unstructured":"Song, D., et al.: BitBlaze: a new approach to computer security via binary analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 1\u201325. Springer, Heidelberg (2008). \nhttps:\/\/doi.org\/10.1007\/978-3-540-89862-7_1"},{"key":"16_CR5","unstructured":"Cadar, C., Dunbar, D., Engler, D.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation (OSDI 2008) (2008)"},{"key":"16_CR6","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2110356.2110358","volume":"30","author":"V Chipounov","year":"2012","unstructured":"Chipounov, V., Kuznetsov, V., Candea, G.: The s2e platform: design, implementation, and applications. ACM Trans. Comput. Syst. 30, 1\u201349 (2012)","journal-title":"ACM Trans. Comput. Syst."},{"key":"16_CR7","first-page":"1","volume":"10","author":"P Godefroid","year":"2012","unstructured":"Godefroid, P., Levin, M.Y., Molnar, D.: Sage: whitebox fuzzing for security testing. Commun. ACM 10, 1\u201320 (2012)","journal-title":"Commun. ACM"},{"key":"16_CR8","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing Mayhem on binary code. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy (2012)","DOI":"10.1109\/SP.2012.31"},{"key":"16_CR9","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1145\/2408776.2408795","volume":"56","author":"C Cadar","year":"2013","unstructured":"Cadar, C., Sen, K.: Symbolic execution for software testing: three decades later. Commun. ACM 56, 82\u201390 (2013)","journal-title":"Commun. ACM"},{"key":"16_CR10","doi-asserted-by":"crossref","unstructured":"Kuznetsov, V., Kinder, J., Bucur, S., Candea, G.: Efficient state merging in symbolic execution. In: PLDI 2012 (2012)","DOI":"10.1145\/2254064.2254088"},{"key":"16_CR11","doi-asserted-by":"crossref","unstructured":"Marinescu, P.D., Cadar, C.: Make test-zesti: a symbolic execution solution for improving regression testing. In: Proceedings of the 34th International Conference on Software Engineering (ICSE 2012) (2012)","DOI":"10.1109\/ICSE.2012.6227146"},{"key":"16_CR12","doi-asserted-by":"crossref","unstructured":"Avgerinos, T., Rebert, A., Cha, S.K., Brumley, D.: Enhancing symbolic execution with veritesting. In: ICSE 2014 (2014)","DOI":"10.1145\/2568225.2568293"},{"key":"16_CR13","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1145\/2560217.2560219","volume":"57","author":"T Avgerinos","year":"2014","unstructured":"Avgerinos, T., Cha, S.K., Rebert, A., Schwartz, E.J., Woo, M., Brumley, D.: Automatic exploit generation. Commun. ACM 57, 74\u201384 (2014)","journal-title":"Commun. ACM"},{"key":"16_CR14","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., Salls, C., Stephens, N., Polino, M., Dutcher, A., et al.: SOK: (state of) the art of war: offensive techniques in binary analysis. In: IEEE Symposium on Security and Privacy (2016)","DOI":"10.1109\/SP.2016.17"},{"key":"16_CR15","doi-asserted-by":"crossref","unstructured":"Stephens, N., Grosen, J., Salls, C., et al.: Driller: augmenting fuzzing through selective symbolic execution. In: Proceedings of the Network and Distributed System Security Symposium (2016)","DOI":"10.14722\/ndss.2016.23368"},{"key":"16_CR16","unstructured":"Redini, N., Machiry, A., Das, D., Fratantonio, Y., Bianchi, A., Gustafson, E., Shoshitaishvili, Y., Kruegel, C., Vigna, G.: Bootstomp: on the security of bootloaders in mobile devices. In: 26th USENIX Security Symposium (2017)"},{"key":"16_CR17","doi-asserted-by":"crossref","unstructured":"Palikareva, H., Kuchta, T., Cadar, C.: Shadow of a doubt: testing for divergences between software versions. In: ICSE 2016 (2016)","DOI":"10.1145\/2884781.2884845"},{"key":"16_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/978-3-642-39799-8_3","volume-title":"Computer Aided Verification","author":"H Palikareva","year":"2013","unstructured":"Palikareva, H., Cadar, C.: Multi-solver support in symbolic execution. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 53\u201368. Springer, Heidelberg (2013). \nhttps:\/\/doi.org\/10.1007\/978-3-642-39799-8_3"},{"key":"16_CR19","doi-asserted-by":"crossref","unstructured":"Bucur, S., Kinder, J., Candea, G.: Prototyping symbolic execution engines for interpreted languages. In: Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems (2014)","DOI":"10.1145\/2541940.2541977"},{"key":"16_CR20","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2734118","volume":"37","author":"B Kasikci","year":"2015","unstructured":"Kasikci, B., Zamfir, C., Candea, G.: Automated classification of data races under both strong and weak memory models. ACM Trans. Program. Lang. Syst. 37, 1\u201344 (2015)","journal-title":"ACM Trans. Program. Lang. Syst."},{"key":"16_CR21","unstructured":"Ramos, D.A., Engler, D.: Under-constrained symbolic execution: correctness checking for real code. In: Proceedings of the 24th USENIX Conference on Security Symposium (2015)"},{"key":"16_CR22","unstructured":"Zheng, H., Li, D., Liang, B., Zeng, X., Zheng, W., Deng, Y., Lam, W., Yang, W., Xie, T.: Automated test input generation for android: towards getting there in an industrial case. In: Proceedings of the 39th International Conference on Software Engineering: Software Engineering in Practice Track (2017)"},{"key":"16_CR23","unstructured":"Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference (2005)"},{"key":"16_CR24","unstructured":"Kasolik, M.: 8051 emulator. \nhttp:\/\/emu51.sourceforge.net\/"},{"key":"16_CR25","doi-asserted-by":"crossref","unstructured":"Lattner, C., Adve, V.: LLVM: a compilation framework for lifelong program analysis & transformation. In: Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization (2004)","DOI":"10.1109\/CGO.2004.1281665"},{"key":"16_CR26","doi-asserted-by":"crossref","unstructured":"Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. In: PLDI 2007 (2007)","DOI":"10.1145\/1250734.1250746"},{"key":"16_CR27","doi-asserted-by":"crossref","unstructured":"Godefroid, P.: Random testing for security: blackbox vs. whitebox fuzzing. In: Proceedings of the 2nd International Workshop on Random Testing (2007)","DOI":"10.1145\/1292414.1292416"},{"key":"16_CR28","unstructured":"AFL: American fuzzy lop. \nhttp:\/\/lcamtuf.coredump.cx\/afl\/"},{"key":"16_CR29","doi-asserted-by":"crossref","unstructured":"Luk, C.K., Cohn, R., Muth, R., et al.: Pin: building customized program analysis tools with dynamic instrumentation. In: PLDI 2005 (2005)","DOI":"10.1145\/1065010.1065034"},{"key":"16_CR30","doi-asserted-by":"crossref","unstructured":"Bruening, D., Zhao, Q., Amarasinghe, S.: Transparent dynamic instrumentation. In: Proceedings of the 8th ACM SIGPLAN\/SIGOPS Conference on Virtual Execution Environments (2012)","DOI":"10.1145\/2151024.2151043"},{"key":"16_CR31","unstructured":"Lattner, C., Adve, V.: LLVM language reference manual (2006). \nhttp:\/\/llvm.org\/docs\/LangRef.html"},{"key":"16_CR32","unstructured":"Lattner, C.: LLVM and Clang: next generation compiler technology. In: The BSD Conference (2008)"},{"key":"16_CR33","doi-asserted-by":"crossref","unstructured":"Dhurjati, D., Kowshik, S., Adve, V.: Safecode: enforcing alias analysis for weakly typed languages. In: PLDI 2006 (2006)","DOI":"10.1145\/1133981.1133999"},{"key":"16_CR34","doi-asserted-by":"crossref","unstructured":"Geoffray, N., Thomas, G., Lawall, J., Muller, G., Folliot, B.: VMKit: a substrate for managed runtime environments. In: Proceedings of the 6th ACM International Conference on Virtual Execution Environments (2010)","DOI":"10.1145\/1735997.1736006"},{"key":"16_CR35","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1142\/S0129626412500107","volume":"22","author":"T Grosser","year":"2012","unstructured":"Grosser, T., Gr\u00f6\u00dflinger, A., Lengauer, C.: Polly-performing polyhedral optimizations on a low-level intermediate representation. Parall. Process. Lett. 22, 1\u201328 (2012)","journal-title":"Parall. Process. Lett."},{"key":"16_CR36","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: Proceedings of the IEEE Symposium on Security and Privacy (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"16_CR37","unstructured":"Chipounov, V., Candea, G.: Dynamically translating x86 to LLVM using QEMU. Technical report EPFL-TR-149975 (2010)"},{"key":"16_CR38","unstructured":"GNU: GNU coreutils - core utilities. \nhttps:\/\/www.gnu.org\/s\/coreutils"},{"key":"16_CR39","unstructured":"Tianocore: Tianocore. \nhttp:\/\/www.tianocore.org\/"},{"key":"16_CR40","unstructured":"Oberparleiter, P.: A graphical front-end for gcc\u2019s coverage testing tool gcov. \nhttp:\/\/ltp.sourceforge.net\/coverage\/lcov.php"},{"key":"16_CR41","doi-asserted-by":"crossref","unstructured":"Wong, E., Zhang, L., Wang, S., Liu, T., Tan, L.: Dase: document-assisted symbolic execution for improving automated software testing. In: ICSE 2015 (2015)","DOI":"10.1109\/ICSE.2015.78"},{"key":"16_CR42","unstructured":"Tianocore: EDK II. \nhttps:\/\/github.com\/tianocore\/edk2"},{"key":"16_CR43","unstructured":"Foote, J.: The \u2018exploitable\u2019 gdb plugin. \nhttps:\/\/github.com\/jfoote\/exploitable"},{"key":"16_CR44","unstructured":"AFL-Utils: Utilities for automated crash sample processing\/analysis. \nhttps:\/\/github.com\/rc0r\/afl-utils"}],"container-title":["Lecture Notes in Computer Science","Fundamental Approaches to Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-89363-1_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,4,3]],"date-time":"2018-04-03T09:15:11Z","timestamp":1522746911000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-89363-1_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319893624","9783319893631"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-89363-1_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]}}}