Personalized Fuzzing: A Case Study with the FANDANGO Fuzzer on a GNSS Module (FUZZING 2025)

Who

Stephan Neuhaus, José Antonio Zamudio Amaya, Andreas Zeller

Track

FUZZING 2025

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Sat 28 Jun 2025 10:00 - 10:10 at Cosmos 3C - Morning 1

Abstract

Fuzzing is a widely used technique for uncovering vulnerabilities in software systems, but traditional fuzzers often struggle with generating valid and meaningful test cases for complex input formats. Grammar-based fuzzers address this issue by ensuring syntactic correctness, but they frequently lack fine-grained control over generated inputs to trigger specific behaviors. In this paper, we demonstrate the flexibility and effectiveness of FANDANGO, a state-of-the-art grammar-based fuzzer that incorporates constraint solving to produce 100% valid inputs while also guiding the generation process toward desired edge cases. Using a GNSS (Global Navigation Satellite System) module as a case study, we showcase how FANDANGO enables the specification of constraints to explore the module’s behavior. Our experiments highlight FANDANGO’s ability to generate targeted test cases that expose potential weaknesses. This study reinforces the practical applicability of constraint-guided grammar fuzzing in security testing and reliability analysis.

Stephan Neuhaus

ZHAW School of Engineering

José Antonio Zamudio Amaya

CISPA Helmholtz Center for Information Security

Spain

Andreas Zeller

CISPA Helmholtz Center for Information Security

Germany

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Sat 28 Jun
Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

09:00 - 10:30	Morning 1FUZZING at Cosmos 3C

09:00 10m Day opening		Welcome FUZZING
09:10 50m Keynote		Keynote: Constraining Fuzzing without Paying Too Much FUZZING Miryung Kim UCLA and Amazon Web Services
10:00 10m Talk		Personalized Fuzzing: A Case Study with the FANDANGO Fuzzer on a GNSS Module FUZZING Stephan Neuhaus ZHAW School of Engineering, José Antonio Zamudio Amaya CISPA Helmholtz Center for Information Security, Andreas Zeller CISPA Helmholtz Center for Information Security
10:10 10m Talk		Hybrid Fuzzing of Infrastructure as Code Programs FUZZING Emilio Coppa LUISS University, Daniel Sokolowski University of St. Gallen, Guido Salvaneschi University of St. Gallen
10:20 10m Talk		Towards Fuzzing Zero-Knowledge Proof Circuits FUZZING Stefanos Chaliasos Imperial College London, Imam Al-Fath ZKSecurity, Alastair F. Donaldson Imperial College London

Information for Participants

Sat 28 Jun 2025 09:00 - 10:30 at Cosmos 3C - Morning 1

Info for room Cosmos 3C:

Cosmos 3C is the third room in the Cosmos 3 wing.

When facing the main Cosmos Hall, access to the Cosmos 3 wing is on the left, close to the stairs. The area is accessed through a large door with the number “3”, which will stay open during the event.