In my previous blog about the Ghostwrite vulnerability in the Alibaba T-Head C910 RISC-V-based processor, I noted that the authors of the paper had found more than just that one bug. The additional bugs are worth their own write-up, as they offer some more examples of what looks to be poor testing.
Continue reading “More Ghostwrite Bugginess with RISCVuzz”Tag: fuzzing
Ghostwrite – Now This is Weird
In August, a strange security vulnerability dubbed “Ghostwrite” was making the rounds in the press. Basically, a vector store instruction on an Alibaba T-Head C910 RISC-V-based processor would just write to a physical address without doing a virtual-to-physical translation or checking any kind of access rights. That is just totally weird. Just how could that be implemented and slip through testing???
Continue reading “Ghostwrite – Now This is Weird”Embedded Conference Scandinavia 2024
The Embedded Conference Scandinavia took place at Kistamässan in Kista, Sweden, on April 10 and 11 2024. This was a reboot of a show that used to run as a small tradeshow/exhibition plus technical talks until the pandemic hit. There was no Embedded Show anymore, just the Embedded Conference and its speaker program. The ECS was instead co-located with Elektronikmässan, the long-running and apparently thriving gathering for “electronics” companies in Sweden.
Continue reading “Embedded Conference Scandinavia 2024”DVCon Europe 2023 – 10th Anniversary Edition
The 2023 DVCon (Design and Verification) Europe conference took place on November 14 and 15, in the traditional location of the Holiday Inn Munich City Center. This was the 10th time the conference took place, serving as an excuse for a great anniversary dinner. Also new was the addition of a research track to provide academics publishing at the conference with the academic credit their work deserves. This year had a large number of papers related to virtual platforms, so writing this report has taken me longer than usual. There was just so much to cover.
Continue reading “DVCon Europe 2023 – 10th Anniversary Edition”The ESA Schiaparelli Crash & Simulation
Back in 2016, the European Space Agency (ESA) lost the Schiaparelli Mars lander during its descent to the surface on Mars. From a software engineering and testing perspective, the story of why the landing failed (see for example the ESA final analysis, Space News, or the BBC) is instructive. It comes down to how software is written and tested to deal with unexpected inputs in unexpected circumstances. I published a blog post about this right after the event and before the final analysis was available. Thankfully, that has since been retired from its original location-it was a bit too full of speculation that turned out to be incorrect… So here is a mostly rewritten version of the post, quoting the final analysis and with new insights.
Continue reading “The ESA Schiaparelli Crash & Simulation”Intel Blog Post: Simics in the DARPA Cyber Grand Challenge
The US Defense Advanced Projects Agency (DARPA) ran a “Cyber Grand Challenge” in 2016, where automated cyber-attack and cyber-defense systems were pitted against each other to drive progress in autonomous cyber-security. The competition was run on physical computers (obviously), but Simics was used in a parallel flow to check that competitors’ programs were not trying to undermine the infrastructure of the competition rather than compete fairly inside the rules of the competition.
Continue reading “Intel Blog Post: Simics in the DARPA Cyber Grand Challenge”Intel Blog: Finding BIOS Vulnerabilities with Symbolic Execution and Virtual Platforms
I have just published a piece about the Intel Excite project on my Software Evangelist blog at the Intel Developer Zone. The Excite project is using a combination of of symbolic execution, fuzzing, and concrete testing to find vulnerabilities in UEFI code, in particular in SMM. By combining symbolic and concrete techniques plus fuzzing, Excite achieves better performance and effect than using either technique alone.
Intel Blog: The Right Mindset and Toolset for Testing
I have a two-part series (one, two) on testing posted on my Software Evangelist blog on the Intel Developer Zone. This is a long piece where I get back to the interesting question of how you test things and the fact that testing is not just the same as development. I call the posts Mindset and Toolset
Continue reading “Intel Blog: The Right Mindset and Toolset for Testing”