Επέκταση λογισμικού unit testing για τη διεξαγωγή fuzz testing δοκιμών σε ενσωματωμένο λογισμικό
Extension of unit testing software for the fuzz testing on an embedded unit software
View/
Keywords
Ενσωματωμένα συστήματα ; Fuzzing ; Αυτοματοποιημένη δοκιμή ; Ασφάλεια λογισμικού ; Sanitizers ; Ευπάθειες ; Firmware ; ARM ; x86 ; Unit testing ; Κυβερνοασφάλεια ; Automated testing ; Software security ; Vulnerabilities ; CybersecurityAbstract
Embedded systems are often designed using serial protocols controlled by complex state machines, but these
critical mechanisms often remain insufficiently tested. This paper proposes a systematic methodology for
enhancing and validating the functionality of such protocols using stub-based unit testing and coverage-guided
fuzzing techniques.
Conducting a fuzzing campaign on an embedded system is a particularly complex process, as it requires
modifying the fuzzer implementation (e.g., fuzzing harness) for each piece of software under test. In addition,
fuzzing campaigns often need to be run in a simulation environment or under constraints imposed by the
hardware and peripherals. In this work, we aim to automatically generate the appropriate software and data so
that embedded system projects can immediately reap the benefits of fuzz testing, with checks at the software
module/object file level that can be efficiently executed on third-party systems (even those with a different
architecture from that of the embedded system).
For the experimental testing of the methodology, firmware was developed for the STM32 microcontroller that
drives a servo motor where the peripherals are replaced with stubs, allowing the isolation and verification of
the authentication, menu navigation, checksum verification, and command cancellation. Using CMocka, test
units are developed that reveal logical malfunctions and inconsistencies in the state machine prior to firmware
integration. Subsequently, LibFuzzer, in combination with AddressSanitizer and UBSanitizer, feeds millions of
malformed byte packets and edge bytes to the UART protocol analyzer, revealing configuration memory issues
and failures in the protocol.
All verification steps are orchestrated within a version-controlled workflow on GitHub and encapsulated in
Docker containers, ensuring reproducible builds and test environments. Our combined methodology yields
significant coverage gains across both protocol parsing and servo-control state transitions, exposing subtle
vulnerabilities such as checksum bypasses, improper state resets, and cancellation race conditions. By
embedding stub-driven unit testing and fuzzing into a Docker-enabled GitHub pipeline, we present a
reproducible framework for elevating reliability in resource-constrained embedded devices.
Postgraduate Studies Programme
Κυβερνοασφάλεια και Επιστήμη ΔεδομένωνDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
158Language
GreekCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού 3.0 Ελλάδα
Αναφορά Δημιουργού 3.0 Ελλάδα