VF2017: Fuzzing and dynamic code analysis

Conference: Verification Futures 2017 (click here to see full programme)
Speaker: Richard Storer (Senior Security Consultant), MathEmbedded Ltd
Presentation Title: Finding Security Vulnerabilities by Fuzzing and Dynamic Code Analysis
Abstract: Fuzzing, stressing a program with random input, has been a useful black-box testing technique since 1989.
More recent fuzzers use white-box code coverage or symbolic execution techniques to discover how random changes in input affect the program’s control flow. When combined with dynamic code analysis, this approach is particularly good at finding the memory access errors; buffer overflow, null pointer dereference, etc. that are frequent causes of security vulnerabilities.
In this talk we examine why this approach is so powerful and provide some tips for using it effectively.

  • Fuzzing tools can discover test data that hit all paths through your code.
  • Running instrumented code with fuzzed test data pinpoints memory access errors to source code lines.
  • To enable complete coverage by fuzzers, some validation code may need to be disabled.
Speaker Bio: Richard Storer has been developing and managing embedded software projects for over 20 years. He now specialises in security analysis of embedded systems and security training for software engineers and architects for MathEmbedded Ltd, a leading consultancy in embedded software security. Recent customers include consumer electronics, automotive, white goods and silicon manufacturers. Richard has a PhD in Electronic Engineering from Bristol University.
Slides