{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,2]],"date-time":"2026-05-02T15:37:13Z","timestamp":1777736233542,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,7,10]],"date-time":"2023-07-10T00:00:00Z","timestamp":1688947200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3579856.3582840","type":"proceedings-article","created":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T14:52:13Z","timestamp":1688568733000},"page":"401-414","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["Ember-IO: Effective Firmware Fuzzing with Model-Free Memory Mapped IO"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9118-0737","authenticated-orcid":false,"given":"Guy","family":"Farrelly","sequence":"first","affiliation":[{"name":"The University of Adelaide, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5884-8237","authenticated-orcid":false,"given":"Michael","family":"Chesser","sequence":"additional","affiliation":[{"name":"The University of Adelaide, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2008-9255","authenticated-orcid":false,"given":"Damith C.","family":"Ranasinghe","sequence":"additional","affiliation":[{"name":"The University of Adelaide, Australia"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2015. grbl_stm32f4 usart.c. https:\/\/github.com\/deadsy\/grbl_stm32f4\/blob\/master\/board\/usart.c.  2015. grbl_stm32f4 usart.c. https:\/\/github.com\/deadsy\/grbl_stm32f4\/blob\/master\/board\/usart.c."},{"key":"e_1_3_2_1_2_1","unstructured":"2017. eYSIP-2017 Control and Algorithms development for Quadcopter stm32f1xx_hal_i2c.c. https:\/\/github.com\/heethesh\/eYSIP-2017_Control_and_Algorithms_development_for_Quadcopter\/blob\/master\/firmware\/Drivers\/STM32F1xx_HAL_Driver\/Src\/stm32f1xx_hal_i2c.c.  2017. eYSIP-2017 Control and Algorithms development for Quadcopter stm32f1xx_hal_i2c.c. https:\/\/github.com\/heethesh\/eYSIP-2017_Control_and_Algorithms_development_for_Quadcopter\/blob\/master\/firmware\/Drivers\/STM32F1xx_HAL_Driver\/Src\/stm32f1xx_hal_i2c.c."},{"key":"e_1_3_2_1_3_1","unstructured":"2020. Arm Cortex-M4 Processor Technical Reference Manual. https:\/\/developer.arm.com\/documentation\/100166\/0001\/.  2020. Arm Cortex-M4 Processor Technical Reference Manual. https:\/\/developer.arm.com\/documentation\/100166\/0001\/."},{"key":"e_1_3_2_1_4_1","unstructured":"2020. Zephyr - shell: Fix case when too many arguments are provided. https:\/\/github.com\/zephyrproject-rtos\/zephyr\/commit\/770f232a670b2f4bc359886dc3dc03f53ca2bd62.  2020. Zephyr - shell: Fix case when too many arguments are provided. https:\/\/github.com\/zephyrproject-rtos\/zephyr\/commit\/770f232a670b2f4bc359886dc3dc03f53ca2bd62."},{"key":"e_1_3_2_1_5_1","unstructured":"2022. Fuzzware Experiments - Crash Analysis 31. https:\/\/github.com\/fuzzware-fuzzer\/fuzzware-experiments\/blob\/main\/04-crash-analysis\/31\/README.md.  2022. Fuzzware Experiments - Crash Analysis 31. https:\/\/github.com\/fuzzware-fuzzer\/fuzzware-experiments\/blob\/main\/04-crash-analysis\/31\/README.md."},{"key":"e_1_3_2_1_6_1","volume-title":"IEEE Symposium on Security and Privacy (S&P).","author":"Aschermann Cornelius","year":"2020","unstructured":"Cornelius Aschermann , Sergej Schumilo , Ali Abbasi , and Thorsten Holz . 2020 . IJON: Exploring Deep State Spaces via Fuzzing . In IEEE Symposium on Security and Privacy (S&P). Cornelius Aschermann, Sergej Schumilo, Ali Abbasi, and Thorsten Holz. 2020. IJON: Exploring Deep State Spaces via Fuzzing. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_7_1","volume-title":"REDQUEEN: Fuzzing with Input-to-State Correspondence. In Symposium on Network and Distributed System Security (NDSS).","author":"Aschermann Cornelius","year":"2019","unstructured":"Cornelius Aschermann , Sergej Schumilo , Tim Blazytko , Robert Gawlik , and Thorsten Holz . 2019 . REDQUEEN: Fuzzing with Input-to-State Correspondence. In Symposium on Network and Distributed System Security (NDSS). Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, and Thorsten Holz. 2019. REDQUEEN: Fuzzing with Input-to-State Correspondence. In Symposium on Network and Distributed System Security (NDSS)."},{"key":"e_1_3_2_1_8_1","volume-title":"USENIX Annual Technical Conference (ATEC).","author":"Bellard Fabrice","year":"2005","unstructured":"Fabrice Bellard . 2005 . QEMU, a Fast and Portable Dynamic Translator . In USENIX Annual Technical Conference (ATEC). Fabrice Bellard. 2005. QEMU, a Fast and Portable Dynamic Translator. In USENIX Annual Technical Conference (ATEC)."},{"key":"e_1_3_2_1_9_1","volume-title":"Boosting Fuzzer Efficiency: An Information Theoretic Perspective. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE).","author":"B\u00f6hme Marcel","year":"2020","unstructured":"Marcel B\u00f6hme , Valentin J.\u00a0M. Man\u00e8s , and Sang\u00a0Kil Cha . 2020 . Boosting Fuzzer Efficiency: An Information Theoretic Perspective. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE). Marcel B\u00f6hme, Valentin J.\u00a0M. Man\u00e8s, and Sang\u00a0Kil Cha. 2020. Boosting Fuzzer Efficiency: An Information Theoretic Perspective. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE)."},{"key":"e_1_3_2_1_10_1","volume-title":"ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"B\u00f6hme Marcel","year":"2016","unstructured":"Marcel B\u00f6hme , Van-Thuan Pham , and Abhik Roychoudhury . 2016 . Coverage-Based Greybox Fuzzing as Markov Chain . In ACM SIGSAC Conference on Computer and Communications Security (CCS). Marcel B\u00f6hme, Van-Thuan Pham, and Abhik Roychoudhury. 2016. Coverage-Based Greybox Fuzzing as Markov Chain. In ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_11_1","unstructured":"Adam Boone. 2018. Why is traditional IT security failing to protect the IoT?https:\/\/timesys.com\/security\/traditional-it-security-failing-to-protect-iot\/.  Adam Boone. 2018. Why is traditional IT security failing to protect the IoT?https:\/\/timesys.com\/security\/traditional-it-security-failing-to-protect-iot\/."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427280"},{"key":"e_1_3_2_1_13_1","volume-title":"Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. In Network and Distributed System Security Symposium (NDSS).","author":"Chen Daming","year":"2016","unstructured":"Daming Chen , Manuel Egele , Maverick Woo , and David Brumley . 2016 . Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. In Network and Distributed System Security Symposium (NDSS). Daming Chen, Manuel Egele, Maverick Woo, and David Brumley. 2016. Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_14_1","volume-title":"ICICLE: A Re-Designed Emulator for Grey-Box Firmware Fuzzing. In ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA).","author":"Chesser Michael","year":"2023","unstructured":"Michael Chesser , Surya Nepal , and Damith\u00a0 C Ranasinghe . 2023 . ICICLE: A Re-Designed Emulator for Grey-Box Firmware Fuzzing. In ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA). Michael Chesser, Surya Nepal, and Damith\u00a0C Ranasinghe. 2023. ICICLE: A Re-Designed Emulator for Grey-Box Firmware Fuzzing. In ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA)."},{"key":"e_1_3_2_1_15_1","volume-title":"HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation. In 29th USENIX Security Symposium (USENIX Security).","author":"Clements A","year":"2020","unstructured":"Abraham\u00a0 A Clements , Eric Gustafson , Tobias Scharnowski , Paul Grosen , David Fritz , Christopher Kruegel , Giovanni Vigna , Saurabh Bagchi , and Mathias Payer . 2020 . HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation. In 29th USENIX Security Symposium (USENIX Security). Abraham\u00a0A Clements, Eric Gustafson, Tobias Scharnowski, Paul Grosen, David Fritz, Christopher Kruegel, Giovanni Vigna, Saurabh Bagchi, and Mathias Payer. 2020. HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation. In 29th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_16_1","volume-title":"Inception: System-Wide Security Testing of Real-World Embedded Systems Software. In 27th USENIX Security Symposium (USENIX Security).","author":"Corteggiani Nassim","year":"2018","unstructured":"Nassim Corteggiani , Giovanni Camurati , and Aur\u00e9lien Francillon . 2018 . Inception: System-Wide Security Testing of Real-World Embedded Systems Software. In 27th USENIX Security Symposium (USENIX Security). Nassim Corteggiani, Giovanni Camurati, and Aur\u00e9lien Francillon. 2018. Inception: System-Wide Security Testing of Real-World Embedded Systems Software. In 27th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_17_1","volume-title":"FIE on Firmware: Finding Vulnerabilities in Embedded Systems Using Symbolic Execution. In 22nd USENIX Security Symposium (USENIX Security).","author":"Davidson Drew","year":"2013","unstructured":"Drew Davidson , Benjamin Moench , Thomas Ristenpart , and Somesh Jha . 2013 . FIE on Firmware: Finding Vulnerabilities in Embedded Systems Using Symbolic Execution. In 22nd USENIX Security Symposium (USENIX Security). Drew Davidson, Benjamin Moench, Thomas Ristenpart, and Somesh Jha. 2013. FIE on Firmware: Finding Vulnerabilities in Embedded Systems Using Symbolic Execution. In 22nd USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_18_1","volume-title":"29th USENIX Security Symposium (USENIX Security).","author":"Feng Bo","year":"2020","unstructured":"Bo Feng , Alejandro Mera , and Long Lu . 2020 . P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling . In 29th USENIX Security Symposium (USENIX Security). Bo Feng, Alejandro Mera, and Long Lu. 2020. P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling. In 29th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_19_1","volume-title":"14th USENIX Workshop on Offensive Technologies (WOOT).","author":"Fioraldi Andrea","year":"2020","unstructured":"Andrea Fioraldi , Dominik Maier , Heiko Ei\u00dffeldt , and Marc Heuse . 2020 . AFL++: Combining Incremental Steps of Fuzzing Research . In 14th USENIX Workshop on Offensive Technologies (WOOT). Andrea Fioraldi, Dominik Maier, Heiko Ei\u00dffeldt, and Marc Heuse. 2020. AFL++: Combining Incremental Steps of Fuzzing Research. In 14th USENIX Workshop on Offensive Technologies (WOOT)."},{"key":"e_1_3_2_1_20_1","volume-title":"GREYONE: Data Flow Sensitive Fuzzing. In 29th USENIX Security Symposium (USENIX Security).","author":"Gan Shuitao","year":"2020","unstructured":"Shuitao Gan , Chao Zhang , Peng Chen , Bodong Zhao , Xiaojun Qin , Dong Wu , and Zuoning Chen . 2020 . GREYONE: Data Flow Sensitive Fuzzing. In 29th USENIX Security Symposium (USENIX Security). Shuitao Gan, Chao Zhang, Peng Chen, Bodong Zhao, Xiaojun Qin, Dong Wu, and Zuoning Chen. 2020. GREYONE: Data Flow Sensitive Fuzzing. In 29th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_21_1","volume-title":"CollAFL: Path Sensitive Fuzzing. In IEEE Symposium on Security and Privacy (S&P).","author":"Gan Shuitao","year":"2018","unstructured":"Shuitao Gan , Chao Zhang , Xiaojun Qin , Xuwen Tu , Kang Li , Zhongyu Pei , and Zuoning Chen . 2018 . CollAFL: Path Sensitive Fuzzing. In IEEE Symposium on Security and Privacy (S&P). Shuitao Gan, Chao Zhang, Xiaojun Qin, Xuwen Tu, Kang Li, Zhongyu Pei, and Zuoning Chen. 2018. CollAFL: Path Sensitive Fuzzing. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_22_1","volume-title":"International Symposium on Recent Advances in Intrusion Detection (RAID).","author":"Gustafson Eric","year":"2019","unstructured":"Eric Gustafson , Marius Muench , Chad Spensky , Nilo Redini , Aravind Machiry , Yanick Fratantonio , Davide Balzarotti , Aur\u00e9lien Francillon , Yung\u00a0Ryn Choe , Christopher Kr\u00fcgel , and Giovanni Vigna . 2019 . Toward the Analysis of Embedded Firmware through Automated Re-hosting . In International Symposium on Recent Advances in Intrusion Detection (RAID). Eric Gustafson, Marius Muench, Chad Spensky, Nilo Redini, Aravind Machiry, Yanick Fratantonio, Davide Balzarotti, Aur\u00e9lien Francillon, Yung\u00a0Ryn Choe, Christopher Kr\u00fcgel, and Giovanni Vigna. 2019. Toward the Analysis of Embedded Firmware through Automated Re-hosting. In International Symposium on Recent Advances in Intrusion Detection (RAID)."},{"key":"e_1_3_2_1_23_1","volume-title":"29th USENIX Security Symposium (USENIX Security).","author":"Jiang Zu-Ming","year":"2020","unstructured":"Zu-Ming Jiang , Jia-Ju Bai , Kangjie Lu , and Shi-Min Hu . 2020 . Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection . In 29th USENIX Security Symposium (USENIX Security). Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, and Shi-Min Hu. 2020. Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection. In 29th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_24_1","volume-title":"Jetset: Targeted Firmware Rehosting for Embedded Systems. In 30th USENIX Security Symposium (USENIX Security).","author":"Johnson Evan","year":"2021","unstructured":"Evan Johnson , Maxwell Bland , YiFei Zhu , Joshua Mason , Stephen Checkoway , Stefan Savage , and Kirill Levchenko . 2021 . Jetset: Targeted Firmware Rehosting for Embedded Systems. In 30th USENIX Security Symposium (USENIX Security). Evan Johnson, Maxwell Bland, YiFei Zhu, Joshua Mason, Stephen Checkoway, Stefan Savage, and Kirill Levchenko. 2021. Jetset: Targeted Firmware Rehosting for Embedded Systems. In 30th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_25_1","volume-title":"10th International Conference on Emerging Security Information, Systems and Technologies (SECUWARE).","author":"Kammerstetter Markus","year":"2016","unstructured":"Markus Kammerstetter , Daniel Burian , and Wolfgang Kastner . 2016 . Embedded security testing with peripheral device caching and runtime program state approximation . In 10th International Conference on Emerging Security Information, Systems and Technologies (SECUWARE). Markus Kammerstetter, Daniel Burian, and Wolfgang Kastner. 2016. Embedded security testing with peripheral device caching and runtime program state approximation. In 10th International Conference on Emerging Security Information, Systems and Technologies (SECUWARE)."},{"key":"e_1_3_2_1_26_1","volume-title":"FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis. In Annual Computer Security Applications Conference (ACSAC).","author":"Kim Mingeun","year":"2020","unstructured":"Mingeun Kim , Dongkwan Kim , Eunsoo Kim , Suryeon Kim , Yeongjin Jang , and Yongdae Kim . 2020 . FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis. In Annual Computer Security Applications Conference (ACSAC). Mingeun Kim, Dongkwan Kim, Eunsoo Kim, Suryeon Kim, Yeongjin Jang, and Yongdae Kim. 2020. FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis. In Annual Computer Security Applications Conference (ACSAC)."},{"key":"e_1_3_2_1_27_1","volume-title":"Network and Distributed System Security Symposium (NDSS).","author":"Li Wenqiang","year":"2021","unstructured":"Wenqiang Li , Le Guan , Jingqiang Lin , Jiameng Shi , and Fengjun Li . 2021 . From Library Portability to Para-rehosting: Natively Executing Microcontroller Software on Commodity Hardware . In Network and Distributed System Security Symposium (NDSS). Wenqiang Li, Le Guan, Jingqiang Lin, Jiameng Shi, and Fengjun Li. 2021. From Library Portability to Para-rehosting: Natively Executing Microcontroller Software on Commodity Hardware. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_28_1","volume-title":"36th IEEE\/ACM International Conference on Automated Software Engineering (ASE).","author":"Liu Peiyu","year":"2021","unstructured":"Peiyu Liu , Shouling Ji , Xuhong Zhang , Qinming Dai , Kangjie Lu , Lirong Fu , Wenzhi Chen , Peng Cheng , Wenhai Wang , and Raheem Beyah . 2021 . IFIZZ: Deep-State and Efficient Fault-Scenario Generation to Test IoT Firmware . In 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE). Peiyu Liu, Shouling Ji, Xuhong Zhang, Qinming Dai, Kangjie Lu, Lirong Fu, Wenzhi Chen, Peng Cheng, Wenhai Wang, and Raheem Beyah. 2021. IFIZZ: Deep-State and Efficient Fault-Scenario Generation to Test IoT Firmware. In 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE)."},{"key":"e_1_3_2_1_29_1","volume-title":"Mousse: A System for Selective Symbolic Execution of Programs with Untamed Environments. In 15th European Conference on Computer Systems (EuroSys).","author":"Liu Yingtong","year":"2020","unstructured":"Yingtong Liu , Hsin-Wei Hung , and Ardalan\u00a0Amiri Sani . 2020 . Mousse: A System for Selective Symbolic Execution of Programs with Untamed Environments. In 15th European Conference on Computer Systems (EuroSys). Yingtong Liu, Hsin-Wei Hung, and Ardalan\u00a0Amiri Sani. 2020. Mousse: A System for Selective Symbolic Execution of Programs with Untamed Environments. In 15th European Conference on Computer Systems (EuroSys)."},{"key":"e_1_3_2_1_30_1","volume-title":"MOPT: Optimized Mutation Scheduling for Fuzzers. In 28th USENIX Security Symposium (USENIX Security).","author":"Lyu Chenyang","year":"2019","unstructured":"Chenyang Lyu , Shouling Ji , Chao Zhang , Yuwei Li , Wei-Han Lee , Yu Song , and Raheem Beyah . 2019 . MOPT: Optimized Mutation Scheduling for Fuzzers. In 28th USENIX Security Symposium (USENIX Security). Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song, and Raheem Beyah. 2019. MOPT: Optimized Mutation Scheduling for Fuzzers. In 28th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_31_1","volume-title":"Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing. In 13th USENIX Workshop on Offensive Technologies (WOOT).","author":"Maier Dominik","year":"2019","unstructured":"Dominik Maier , Benedikt Radtke , and Bastian Harren . 2019 . Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing. In 13th USENIX Workshop on Offensive Technologies (WOOT). Dominik Maier, Benedikt Radtke, and Bastian Harren. 2019. Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing. In 13th USENIX Workshop on Offensive Technologies (WOOT)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3395351.3399360"},{"key":"e_1_3_2_1_33_1","volume-title":"DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis. In 42nd IEEE Symposium on Security and Privacy (S&P).","author":"Mera Alejandro","year":"2021","unstructured":"Alejandro Mera , Bo Feng , Long Lu , and Engin Kirda . 2021 . DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis. In 42nd IEEE Symposium on Security and Privacy (S&P). Alejandro Mera, Bo Feng, Long Lu, and Engin Kirda. 2021. DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis. In 42nd IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.14722\/bar.2018.23017"},{"key":"e_1_3_2_1_35_1","volume-title":"What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices. In Network and Distributed System Security Symposium (NDSS).","author":"Muench Marius","year":"2018","unstructured":"Marius Muench , Jan Stijohann , Frank Kargl , Aurelien Francillon , and Davide Balzarotti . 2018 . What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices. In Network and Distributed System Security Symposium (NDSS). Marius Muench, Jan Stijohann, Frank Kargl, Aurelien Francillon, and Davide Balzarotti. 2018. What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_36_1","volume-title":"IEEE Symposium on Security and Privacy (S&P).","author":"Nagy Stefan","year":"2019","unstructured":"Stefan Nagy and Matthew Hicks . 2019 . Full-speed fuzzing: Reducing fuzzing overhead through coverage-guided tracing . In IEEE Symposium on Security and Privacy (S&P). Stefan Nagy and Matthew Hicks. 2019. Full-speed fuzzing: Reducing fuzzing overhead through coverage-guided tracing. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_37_1","volume-title":"Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing. In 30th USENIX Security Symposium (USENIX Security).","author":"Nagy Stefan","year":"2021","unstructured":"Stefan Nagy , Anh Nguyen-Tuong , Jason\u00a0 D. Hiser , Jack\u00a0 W. Davidson , and Matthew Hicks . 2021 . Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing. In 30th USENIX Security Symposium (USENIX Security). Stefan Nagy, Anh Nguyen-Tuong, Jason\u00a0D. Hiser, Jack\u00a0W. Davidson, and Matthew Hicks. 2021. Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing. In 30th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_38_1","volume-title":"Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing. In 31st USENIX Security Symposium (USENIX Security).","author":"Scharnowski Tobias","year":"2022","unstructured":"Tobias Scharnowski , Nils Bars , Moritz Schloegel , Eric Gustafson , Marius Muench , Giovanni Vigna , Christopher Kruegel , Thorsten Holz , and Ali Abbasi . 2022 . Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing. In 31st USENIX Security Symposium (USENIX Security). Tobias Scharnowski, Nils Bars, Moritz Schloegel, Eric Gustafson, Marius Muench, Giovanni Vigna, Christopher Kruegel, Thorsten Holz, and Ali Abbasi. 2022. Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing. In 31st USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_39_1","volume-title":"Conware: Automated Modeling of Hardware Peripherals. In ACM Asia Conference on Computer and Communications Security (ASIA CCS).","author":"Spensky Chad","year":"2021","unstructured":"Chad Spensky , Aravind Machiry , Nilo Redini , Colin Unger , Graham Foster , Evan Blasband , Hamed Okhravi , Christopher Kruegel , and Giovanni Vigna . 2021 . Conware: Automated Modeling of Hardware Peripherals. In ACM Asia Conference on Computer and Communications Security (ASIA CCS). Chad Spensky, Aravind Machiry, Nilo Redini, Colin Unger, Graham Foster, Evan Blasband, Hamed Okhravi, Christopher Kruegel, and Giovanni Vigna. 2021. Conware: Automated Modeling of Hardware Peripherals. In ACM Asia Conference on Computer and Communications Security (ASIA CCS)."},{"key":"e_1_3_2_1_40_1","volume-title":"FirmFuzz: Automated IoT Firmware Introspection and Analysis. In 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things (IoT S&P).","author":"Srivastava Prashast","year":"2019","unstructured":"Prashast Srivastava , Hui Peng , Jiahao Li , Hamed Okhravi , Howard Shrobe , and Mathias Payer . 2019 . FirmFuzz: Automated IoT Firmware Introspection and Analysis. In 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things (IoT S&P). Prashast Srivastava, Hui Peng, Jiahao Li, Hamed Okhravi, Howard Shrobe, and Mathias Payer. 2019. FirmFuzz: Automated IoT Firmware Introspection and Analysis. In 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things (IoT S&P)."},{"key":"e_1_3_2_1_41_1","unstructured":"STMicroelectronics. [n. d.]. Reference Manual RM008. https:\/\/www.st.com\/resource\/en\/reference_manual\/cd00171190-stm32f101xx-stm32f102xx-stm32f103xx-stm32f105xx-and-stm32f107xx-advanced-arm-based-32-bit-mcus-stmicroelectronics.pdf.  STMicroelectronics. [n. d.]. Reference Manual RM008. https:\/\/www.st.com\/resource\/en\/reference_manual\/cd00171190-stm32f101xx-stm32f102xx-stm32f103xx-stm32f105xx-and-stm32f107xx-advanced-arm-based-32-bit-mcus-stmicroelectronics.pdf."},{"key":"e_1_3_2_1_42_1","volume-title":"22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID).","author":"Wang Jinghan","year":"2019","unstructured":"Jinghan Wang , Yue Duan , Wei Song , Heng Yin , and Chengyu Song . 2019 . Be sensitive and collaborative: Analyzing impact of coverage metrics in greybox fuzzing . In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID). Jinghan Wang, Yue Duan, Wei Song, Heng Yin, and Chengyu Song. 2019. Be sensitive and collaborative: Analyzing impact of coverage metrics in greybox fuzzing. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID)."},{"key":"e_1_3_2_1_43_1","volume-title":"Network and Distributed System Security Symposium (NDSS).","author":"Wang Yanhao","year":"2020","unstructured":"Yanhao Wang , Xiangkun Jia , Yuwei Liu , Kyle Zeng , Tiffany Bao , Dinghao Wu , and Purui Su . 2020 . Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization . In Network and Distributed System Security Symposium (NDSS). Yanhao Wang, Xiangkun Jia, Yuwei Liu, Kyle Zeng, Tiffany Bao, Dinghao Wu, and Purui Su. 2020. Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_44_1","volume-title":"FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware. In ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Wen Haohuang","year":"2020","unstructured":"Haohuang Wen , Zhiqiang Lin , and Yinqian Zhang . 2020 . FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware. In ACM SIGSAC Conference on Computer and Communications Security (CCS). Haohuang Wen, Zhiqiang Lin, and Yinqian Zhang. 2020. FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware. In ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_45_1","volume-title":"LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security).","author":"Wu Jianliang","year":"2021","unstructured":"Jianliang Wu , Ruoyu Wu , Daniele Antonioli , Mathias Payer , Nils\u00a0Ole Tippenhauer , Dongyan Xu , Dave\u00a0(Jing) Tian, and Antonio Bianchi . 2021 . LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security). Jianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils\u00a0Ole Tippenhauer, Dongyan Xu, Dave\u00a0(Jing) Tian, and Antonio Bianchi. 2021. LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_46_1","volume-title":"Firmwares. In Network and Distributed System Security Symposium (NDSS).","author":"Zaddach Jonas","year":"2014","unstructured":"Jonas Zaddach , Luca Bruno , Davide Balzarotti , and Aurelien Francillon . 2014 . Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems\u2019 Firmwares. In Network and Distributed System Security Symposium (NDSS). Jonas Zaddach, Luca Bruno, Davide Balzarotti, and Aurelien Francillon. 2014. Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems\u2019 Firmwares. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_47_1","unstructured":"Michal Zalewski. 2010. American Fuzzy Lop: a security-oriented fuzzer. https:\/\/github.com\/google\/AFL. https:\/\/lcamtuf.coredump.cx\/afl\/  Michal Zalewski. 2010. American Fuzzy Lop: a security-oriented fuzzer. https:\/\/github.com\/google\/AFL. https:\/\/lcamtuf.coredump.cx\/afl\/"},{"key":"e_1_3_2_1_48_1","volume-title":"28th USENIX Security Symposium (USENIX Security).","author":"Zheng Yaowen","year":"2019","unstructured":"Yaowen Zheng , Ali Davanian , Heng Yin , Chengyu Song , Hongsong Zhu , and Limin Sun . 2019 . FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation . In 28th USENIX Security Symposium (USENIX Security). Yaowen Zheng, Ali Davanian, Heng Yin, Chengyu Song, Hongsong Zhu, and Limin Sun. 2019. FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation. In 28th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534414"},{"key":"e_1_3_2_1_50_1","volume-title":"30th USENIX Security Symposium (USENIX Security).","author":"Zhou Wei","year":"2021","unstructured":"Wei Zhou , Le Guan , Peng Liu , and Yuqing Zhang . 2021 . Automatic Firmware Emulation through Invalidity-guided Knowledge Inference . In 30th USENIX Security Symposium (USENIX Security). Wei Zhou, Le Guan, Peng Liu, and Yuqing Zhang. 2021. Automatic Firmware Emulation through Invalidity-guided Knowledge Inference. In 30th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_51_1","volume-title":"What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation. In ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Zhou Wei","year":"2022","unstructured":"Wei Zhou , Lan Zhang , Le Guan , Peng Liu , and Yuqing Zhang . 2022 . What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation. In ACM SIGSAC Conference on Computer and Communications Security (CCS). Wei Zhou, Lan Zhang, Le Guan, Peng Liu, and Yuqing Zhang. 2022. What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation. In ACM SIGSAC Conference on Computer and Communications Security (CCS)."}],"event":{"name":"ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security","location":"Melbourne VIC Australia","acronym":"ASIA CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3582840","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:51:28Z","timestamp":1750182688000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3582840"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":51,"alternative-id":["10.1145\/3579856.3582840","10.1145\/3579856"],"URL":"https:\/\/doi.org\/10.1145\/3579856.3582840","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}