Software model checking as well as runtime verification are verification techniques which
are widely used for checking temporal properties of software systems. Even though they are …

Testing-based methodologies like fuzzing are able to analyze complex software which is not
amenable to traditional formal approaches like verification, model checking, and abstract …

In recent years, coverage-based greybox fuzzing has become popular forvulnerability
detection due to its simplicity and efficiency. However, it is less powerful when applied …

Many protocol implementations are reactive systems, where the protocol process is in
continuous interaction with other processes and the environment. If a bug can be exposed …

We describe a largely automated and systematic analysis of TLS implementations by what
we call 'protocol state fuzzing': we use state machine learning to infer state machines from …

Software Model Checking (SMC) is a well-known automatic program verification technique
and frequently adopted for checking safety-critical software. Thus, the reliability of SMC tools …

Existing coverage-based fuzzers usually use the individual control flow graph (CFG) edge
coverage to guide the fuzzing process, which has shown great potential in finding …

A formally verified program is only as correct as its specifications (SPEC). But how to assure
that the SPEC is complete and free of loopholes? This paper presents Fast, short for Fuzzing …

Greybox fuzzing is one of the most effective approaches for detecting software
vulnerabilities. Various new techniques have been continuously emerging to enhance the …

Fuzzing is arguably the most practical approach for detecting security bugs in software, but a
non-trivial extent of efforts is required for its adoption. To be effective, high-quality fuzz …