ASE 2025
Sun 16 - Thu 20 November 2025 Seoul, South Korea

This program is tentative and subject to change.

Mon 17 Nov 2025 14:40 - 14:50 at Grand Hall 1 - Testing & Analysis 1

Binary firmware fuzzing has garnered attention in recent years. Compared to source-code-based approaches, binary approaches require less semantic information and are therefore more applicable. This is particularly relevant in firmware analysis, as most firmware vendors distribute only binaries, withholding source code due to proprietary concerns.

Pivoting away from the traditional hardware-in-the-loop (HiL) methodology, researchers are exploring more efficient ways to engage real hardware for fuzzing. However, existing approaches have inherent drawbacks, such as reliance on high-end hardware features, inability to recover complete coverage, and slow execution speeds. We propose DRIFT, a novel approach for on-device binary firmware testing that follows the semihosting methodology. DRIFT addresses all the aforementioned drawbacks. Instead of relying on high-end hardware tracing units or debug probes, DRIFT leverages the Debug Monitor—a CPU feature widely available in nearly all ARM Cortex-M chips. Additionally, DRIFT delivers compact and complete coverage feedback for fuzzing. DRIFT achieves this by employing lightweight static analysis of the firmware. The pre-knowledge gained from this analysis is directly embedded into the binary, enabling the firmware to trace itself. This self-tracing approach minimizes interference from the workstation, significantly boosting fuzzing performance.

We designed DRIFT to be highly flexible, accommodating a number of hardware resource limitations. When applied to new firmware, DRIFT discovered three previously unknown bugs that were not identified by existing binary fuzzing techniques. Furthermore, DRIFT outperforms all state-of-the-art binary firmware fuzzers in terms of speed and fidelity, trailing only SHiFT, an approach that requires source code.

This program is tentative and subject to change.

Mon 17 Nov

Displayed time zone: Seoul change

14:00 - 15:30
14:00
10m
Talk
Mokav: Execution-driven Differential Testing with LLMs
Journal-First Track
Khashayar Etemadi ETH Zurich, Bardia Mohammadi Sharif University of Technology, Zhendong Su ETH Zurich, Martin Monperrus KTH Royal Institute of Technology
14:10
10m
Talk
Validity-Preserving Delta Debugging via Generator Trace Reduction
Journal-First Track
Luyao Ren Peking University, Xing Zhang Peking University, Ziyue Hua Peking University, Yanyan Jiang Nanjing University, Xiao He Bytedance, Yingfei Xiong Peking University, Tao Xie Peking University
14:20
10m
Talk
Execution-Aware Program Reduction for WebAssembly via Record and Replay
Research Papers
Doehyun Baek University of Stuttgart, Daniel Lehmann Google, Germany, Ben L. Titzer Carnegie Mellon University, Sukyoung Ryu KAIST, Michael Pradel CISPA Helmholtz Center for Information Security
14:30
10m
Talk
DebCovDiff: Differential Testing of Coverage Measurement Tools on Real-World Projects
Research Papers
Wentao Zhang University of Illinois Urbana-Champaign, Jinghao Jia University of Illinois Urbana-Champaign, Erkai Yu University of Illinois Urbana-Champaign, Darko Marinov University of Illinois at Urbana-Champaign, Tianyin Xu University of Illinois at Urbana-Champaign
Media Attached
14:40
10m
Talk
DRIFT: Debug-based Trace Inference for Firmware Testing
Research Papers
Changming Liu Northeastern University, Alejandro Mera Northeastern University, Meng Xu University of Waterloo, Engin Kirda Northeastern University
14:50
10m
Talk
Enhancing Differential Testing With LLMs For Testing Deep Learning Libraries
Journal-First Track
Meiziniu LI The Hong Kong University of Science and Technology, Dongze Li The Hong Kong University of Science and Technology, Jianmeng Liu The Hong Kong University of Science and Technology, Jialun Cao Hong Kong University of Science and Technology, Yongqiang Tian Monash University, Shing-Chi Cheung Hong Kong University of Science and Technology
15:00
10m
Talk
Unit Test Update through LLM-Driven Context Collection and Error-Type-Aware Refinement
Research Papers
Yuanhe Zhang Zhejiang University, Zhiquan Yang Zhejiang University, Shengyi Pan Zhejiang University, Zhongxin Liu Zhejiang University
15:10
10m
Talk
Metamorphic Testing for Audio Content Moderation Software
Research Papers
Wenxuan Wang Hong Kong University of Science and Technology, Yongjiang Wu The Chinese University of Hong Kong, Junyuan Zhang The Chinese University of Hong Kong, Shuqing Li The Chinese University of Hong Kong, Yun Peng The Chinese University of Hong Kong, Wenting Chen City University of Hong Kong, Shuai Wang Hong Kong University of Science and Technology, Michael Lyu The Chinese University of Hong Kong
15:20
10m
Talk
Comprehend, Imitate, and then Update: Unleashing the Power of LLMs in Test Suite Evolution
Research Papers
Tangzhi Xu Nanjing University, Jianhan Liu Nanjing University, Yuan Yao Nanjing University, Cong Li ETH Zurich, Feng Xu Nanjing University, Xiaoxing Ma Nanjing University