Verification of embedded binaries using coverage-guided fuzzing with system C-based virtual prototypes

Abstract

Extensive verification of embedded SW is very important to avoid errors and security vulnerabilities. Therefore, mainly simulation-based methods are employed that leverage Virtual Prototypes (VPs) for SW execution early in the design flow. VPs are essentially abstract models of the entire HW platform including peripherals. They are predominantly created in SystemC. However, a comprehensive simulation-based verification requires integration of sophisticated test generation techniques. In this paper we propose to leverage state-of-the-art Coverage-guided Fuzzing (CGF) methods in combination with SystemC-based VPs for verification of embedded SW binaries. Using VPs, our approach allows a fast and accurate binary-level SW analysis and enables checking of complex HW/SW interactions. To guide the fuzzing process we combine the coverage from the embedded SW with the coverage of the SystemC-based peripherals. Our experiments, using RISC-V embedded SW binaries as examples, demonstrate the effectiveness of our approach.