{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,17]],"date-time":"2025-09-17T06:11:04Z","timestamp":1758089464874,"version":"3.44.0"},"reference-count":25,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T00:00:00Z","timestamp":1750550400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T00:00:00Z","timestamp":1750550400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100012226","name":"Fundamental Research Funds for the Central Universities","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100012226","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,6,22]]},"DOI":"10.1109\/dac63849.2025.11133085","type":"proceedings-article","created":{"date-parts":[[2025,9,15]],"date-time":"2025-09-15T17:35:41Z","timestamp":1757957741000},"page":"1-7","source":"Crossref","is-referenced-by-count":0,"title":["BPUFuzzer: Effective Fuzz Testing for Branching Transient Execution Vulnerabilities of RISC-V CPU"],"prefix":"10.1109","author":[{"given":"Rihui","family":"Sun","sequence":"first","affiliation":[{"name":"Harbin Institute of Technology,Harbin,Heilongjiang,China"}]},{"given":"Jin","family":"Wu","sequence":"additional","affiliation":[{"name":"Harbin Institute of Technology,Harbin,Heilongjiang,China"}]},{"given":"Hanyin","family":"Liu","sequence":"additional","affiliation":[{"name":"Harbin Institute of Technology,Harbin,Heilongjiang,China"}]},{"given":"Zikang","family":"Tao","sequence":"additional","affiliation":[{"name":"Harbin Institute of Technology,Harbin,Heilongjiang,China"}]},{"given":"Gang","family":"Qu","sequence":"additional","affiliation":[{"name":"University of Maryland,College Park,MD,US"}]},{"given":"Dongsheng","family":"Wang","sequence":"additional","affiliation":[{"name":"Tsinghua University,Beijing,China"}]},{"given":"Yongqiang","family":"Lyu","sequence":"additional","affiliation":[{"name":"Tsinghua University,Beijing,China"}]},{"given":"Jian","family":"Dong","sequence":"additional","affiliation":[{"name":"Harbin Institute of Technology,Harbin,Heilongjiang,China"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"ref2","first-page":"973","article-title":"Meltdown: Reading kernel memory from user space","volume-title":"27th USENIX Security Symposium (USENIX Security 18).","author":"Lipp"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/mdat.2024.3352537"},{"key":"ref4","first-page":"3825","article-title":"RETBLEED: arbitrary speculative code execution with return instructions","volume-title":"31st USENIX Security Symposium, USENIX Security 2022","author":"Wikner"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/3620666.3651382"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00087"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354252"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00089"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243761"},{"key":"ref10","first-page":"971","article-title":"Branch history injection: On the effectiveness of hardware mitigations against Cross-Privilege spectre-v2 attacks","volume-title":"31st USENIX Security Symposium (USENIX Security 22).","author":"Barberis"},{"key":"ref11","first-page":"1451","article-title":"Rage against the machine clear: A systematic analysis of machine clears and their implications for transient execution attacks","volume-title":"30th USENIX Security Symposium, USENIX Security 2021","author":"Ragab"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.5555\/3361338.3361356"},{"key":"ref13","first-page":"1427","article-title":"Medusa: Microarchitectural data leakage via automated attack synthesis","volume-title":"29th USENIX Security Symposium (USENIX Security 20).","author":"Moghimi"},{"key":"ref14","first-page":"1481","article-title":"SpecFuzz: Bringing spectre-type vulnerabilities to the surface","volume-title":"29th USENIX Security Symposium (USENIX Security 20).","author":"Oleksenko"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.23018"},{"key":"ref16","first-page":"1415","article-title":"Osiris: Automated discovery of microarchitectural side channels","volume-title":"30th USENIX Security Symposium (USENIX Security 21). USENIX Association","author":"Weber"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA52012.2021.00073"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560578"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00103"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.23919\/DATE56975.2023.10136966"},{"article-title":"Whisperfuzz: White-box fuzzing for detecting and locating timing vulnerabilities in processors","volume-title":"33rd USENIX Security Symposium, USENIX Security 2024","author":"Borkar","key":"ref21"},{"key":"ref22","article-title":"The risc-v instruction set manual, volume i: User-level isa, document version 20191214-draft","author":"Waterman","year":"2019","journal-title":"RISC-V Foundation"},{"article-title":"Sonicboom: The 3rd generation berkeley out-of-order machine","year":"2020","author":"Zhao","key":"ref23"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/MM.2020.2996616"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1142\/9789813272880_0183"}],"event":{"name":"2025 62nd ACM\/IEEE Design Automation Conference (DAC)","start":{"date-parts":[[2025,6,22]]},"location":"San Francisco, CA, USA","end":{"date-parts":[[2025,6,25]]}},"container-title":["2025 62nd ACM\/IEEE Design Automation Conference (DAC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11132383\/11132091\/11133085.pdf?arnumber=11133085","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,16]],"date-time":"2025-09-16T05:35:20Z","timestamp":1758000920000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11133085\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,22]]},"references-count":25,"URL":"https:\/\/doi.org\/10.1109\/dac63849.2025.11133085","relation":{},"subject":[],"published":{"date-parts":[[2025,6,22]]}}}