{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T14:57:06Z","timestamp":1776092226721,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,12,7]],"date-time":"2020-12-07T00:00:00Z","timestamp":1607299200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100012483","name":"University of Georgia Research Foundation","doi-asserted-by":"publisher","award":["JFSG"],"award-info":[{"award-number":["JFSG"]}],"id":[{"id":"10.13039\/100012483","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["W911NF-13-1-0421 (MURI)"],"award-info":[{"award-number":["W911NF-13-1-0421 (MURI)"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004801","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1850434 CNS-1814679 CNS-2019340"],"award-info":[{"award-number":["CNS-1850434 CNS-1814679 CNS-2019340"]}],"id":[{"id":"10.13039\/501100004801","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,12,7]]},"DOI":"10.1145\/3427228.3427280","type":"proceedings-article","created":{"date-parts":[[2020,12,9]],"date-time":"2020-12-09T22:20:18Z","timestamp":1607552418000},"page":"746-759","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":47,"title":["Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation"],"prefix":"10.1145","author":[{"given":"Chen","family":"Cao","sequence":"first","affiliation":[{"name":"The Pennsylvania State University"}]},{"given":"Le","family":"Guan","sequence":"additional","affiliation":[{"name":"University of Georgia, United States of America"}]},{"given":"Jiang","family":"Ming","sequence":"additional","affiliation":[{"name":"University of Texas at Arlington, United States of America"}]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[{"name":"The Pennsylvania State University"}]}],"member":"320","published-online":{"date-parts":[[2020,12,8]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Amazon Web Services. 2018. The FreeRTO Kernel. https:\/\/www.freertos.org\/.  Amazon Web Services. 2018. The FreeRTO Kernel. https:\/\/www.freertos.org\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Arm Holdings. 2015. ARM Cortex\u2011M3 Processor Technical Reference Manual. https:\/\/developer.arm.com\/docs\/100165\/0201.  Arm Holdings. 2015. ARM Cortex\u2011M3 Processor Technical Reference Manual. https:\/\/developer.arm.com\/docs\/100165\/0201."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"crossref","volume-title":"Satisfiability Modulo Theories","author":"Barrett Clark","DOI":"10.1007\/978-3-319-10575-8_11"},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the 2005 USENIX Annual Technical Conference (ATC\u201905)","author":"Bellard Fabrice","year":"2005"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"Ella Bounimova Patrice Godefroid and David Molnar. 2013. Billions and Billions of Constraints: Whitebox Fuzz Testing in Production. In ICSE\u201913.  Ella Bounimova Patrice Godefroid and David Molnar. 2013. Billions and Billions of Constraints: Whitebox Fuzz Testing in Production. In ICSE\u201913.","DOI":"10.1109\/ICSE.2013.6606558"},{"key":"e_1_3_2_1_6_1","volume-title":"2017 International Symposium on Code Generation and Optimization Tutorial.","author":"Bruening Derek","year":"2017"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation (OSDI\u201908)","author":"Cadar Cristian","year":"2008"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180445"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23415"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755913.1755932"},{"key":"e_1_3_2_1_11_1","first-page":"4","article-title":"S2E","volume":"47","author":"Chipounov Vitaly","year":"2011","journal-title":"SIGPLAN Not."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950396"},{"key":"e_1_3_2_1_13_1","unstructured":"Clark James. 2018. Expat XML parser. https:\/\/libexpat.github.io\/.  Clark James. 2018. Expat XML parser. https:\/\/libexpat.github.io\/."},{"key":"e_1_3_2_1_14_1","volume-title":"HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Clements A.","year":"2020"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 27th USENIX Security Symposium (USENIX Security\u201918)","author":"Corteggiani Nassim","year":"2018"},{"key":"e_1_3_2_1_16_1","volume-title":"Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13). USENIX, Washington, D.C., 463\u2013478. https:\/\/www.usenix.org\/conference\/usenixsecurity13\/technical-sessions\/paper\/davidson","author":"Davidson Drew"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2843859.2843867"},{"key":"e_1_3_2_1_18_1","unstructured":"Federal Communications Commission. [n.d.]. FCC ID Search. https:\/\/www.fcc.gov\/oet\/ea\/fccid.  Federal Communications Commission. [n.d.]. FCC ID Search. https:\/\/www.fcc.gov\/oet\/ea\/fccid."},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of Usenix Security Symposium.","author":"Feng Bo","year":"2020"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/1770351.1770421"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065036"},{"key":"e_1_3_2_1_22_1","unstructured":"Patrice Godefroid Michael\u00a0Y. Levin and David Molnar. 2008. Automated Whitebox Fuzz Testing. In NDSS\u201908.  Patrice Godefroid Michael\u00a0Y. Levin and David Molnar. 2008. Automated Whitebox Fuzz Testing. In NDSS\u201908."},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID\u201919)","author":"Gustafson Eric","year":"2019"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134050"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590301"},{"key":"e_1_3_2_1_26_1","unstructured":"Ori Karliner. 2018. FreeRTOS TCP\/IP Stack Vulnerabilities \u2013 The Details. https:\/\/blog.zimperium.com\/freertos-tcpip-stack-vulnerabilities-details\/.  Ori Karliner. 2018. FreeRTOS TCP\/IP Stack Vulnerabilities \u2013 The Details. https:\/\/blog.zimperium.com\/freertos-tcpip-stack-vulnerabilities-details\/."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_3_2_1_28_1","volume-title":"SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems. In 9th USENIX Workshop on Offensive Technologies (WOOT\u201915)","author":"Koscher Karl","year":"2015"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855840.1855852"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2509136.2509553"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3342195.3387556"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/1792734.1792766"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.14722\/bar.2018.23017"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23166"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"e_1_3_2_1_37_1","unstructured":"Joshua Pereyda. 2016. boofuzz: Network Protocol Fuzzing for Humans. https:\/\/github.com\/jtpereyda\/boofuzz.  Joshua Pereyda. 2016. boofuzz: Network Protocol Fuzzing for Humans. https:\/\/github.com\/jtpereyda\/boofuzz."},{"key":"e_1_3_2_1_38_1","volume-title":"Unicorn: Next Generation CPU Emulator Framework. Black Hat USA.","author":"Quynh N\u00a0Anh","year":"2015"},{"key":"e_1_3_2_1_39_1","volume-title":"Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation (OSDI\u201912)","author":"Renzelmann J.","year":"2012"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081750"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635872"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.17"},{"key":"e_1_3_2_1_43_1","volume-title":"Virtual Machines: Versatile Platforms for Systems and Processes (The Morgan Kaufmann Series in Computer Architecture and Design)","author":"Smith Jim","year":"2005"},{"key":"e_1_3_2_1_44_1","volume-title":"Proceedings of the 27th USENIX Security Symposium (USENIX Security\u201918)","author":"Mohammadjavad\u00a0Seyed Talebi Seyed","year":"2018"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2017.2659751"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23229"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382756.2382792"},{"key":"e_1_3_2_1_48_1","volume-title":"Proceedings of the 28th USENIX Security Symposium (USENIX Security\u201919)","author":"Zheng Yaowen","year":"2019"}],"event":{"name":"ACSAC '20: Annual Computer Security Applications Conference","location":"Austin USA","acronym":"ACSAC '20"},"container-title":["Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427280","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3427228.3427280","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3427228.3427280","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:02:25Z","timestamp":1750197745000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427280"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,7]]},"references-count":48,"alternative-id":["10.1145\/3427228.3427280","10.1145\/3427228"],"URL":"https:\/\/doi.org\/10.1145\/3427228.3427280","relation":{},"subject":[],"published":{"date-parts":[[2020,12,7]]},"assertion":[{"value":"2020-12-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}