Write a Blog >>
Thu 13 Jul 2017 11:30 - 12:00 at ESB 2001 - Session 1 Chair(s): Alex Gyori

Object-Branch Coverage (OBC) is often used to measure effectiveness of test suites, when source code is unavailable. The traditional OBC definition can be made more resilient to variations in compilers and the structure of generated code by creating more robust definitions. However finding which instructions should be included in each new definition is laborious, error-prone, and architecture-dependent. We automate the discovery of instructions to be included for an improved OBC definition on the X86 and ARM architectures. We discover all possible valid instructions by symbolically executing instruction decoders for X86 and ARM instructions. For each discovered instruction, we translate it to Vine IR, and check if the Vine IR translation satisfies the OBC definition. We verify the correctness of our tool by comparing its output with the X86 and ARM architecture manuals. Our automated instruction classification facilitates development of more robust OBC definitions with better bug-finding ability and lesser sensitivity to compiler variations.

Thu 13 Jul

Displayed time zone: Tijuana, Baja California change

10:30 - 12:00
Session 1TECPS at ESB 2001
Chair(s): Alex Gyori University of Illinois at Urbana-Champaign, USA
10:30
30m
Talk
Invited Talk: Security by Compilation: An Automated Approach to Side-channel Resistance
TECPS
Chao Wang University of Southern California
11:00
30m
Talk
Invited Talk: Detecting Bugs in Robotic Systems
TECPS
John-Paul Ore University of Nebraska-Lincoln, USA
11:30
30m
Talk
Discovering Instructions for Robust Binary-Level Coverage Criteria
TECPS
Vaibhav Sharma University of Minnesota, Taejoon Byun University of Minnesota, Stephen McCamant University of Minnesota, Sanjai Rayadurgam University of Minnesota, Mats Heimdahl University of Minnesota