BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Date iCal//NONSGML kigkonsult.se iCalcreator 2.20.2// METHOD:PUBLISH X-WR-CALNAME;VALUE=TEXT:Eventi DIAG BEGIN:VTIMEZONE TZID:Europe/Paris BEGIN:STANDARD DTSTART:20241027T030000 TZOFFSETFROM:+0200 TZOFFSETTO:+0100 TZNAME:CET END:STANDARD BEGIN:DAYLIGHT DTSTART:20240331T020000 TZOFFSETFROM:+0100 TZOFFSETTO:+0200 TZNAME:CEST END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT UID:calendar.28352.field_data.0@www.diag.uniroma1.it DTSTAMP:20260404T125820Z CREATED:20240716T100033Z DESCRIPTION:Abstract: Ever-increasing attention has been given to dynamic s oftware testing in the past decade. Fuzzing and Symbolic Execution\, two m ajor successful techniques\, have emerged as standard methods from numerou s academic papers. However\, the community tends to develop tools that are often hard to use\, inflexible\, and very specialized. On the one hand\, much effort is wasted in re-inventing the wheel in many academic tools. On the other hand\, newly implemented techniques improving the state of the art are often hardly exploitable in practice because of their prototypal n ature. To address these challenges\, more generic frameworks like LibAFL h ave received a lot of attention and engineering efforts\, allowing researc hers to focus on developing new fuzzing techniques without re-implementing other components. Not only does this simplify future implementation effor ts\, but it also makes comparing techniques much easier. However\, a signi ficant issue remains: these tools primarily target userland applications\, lacking a common ground for testing more esoteric targets like kernels\, hypervisors\, or firmware. In this talk\, we will introduce modern softwar e security techniques like fuzzing and symbolic execution\, present proble matics related to embedded targets\, and explain how LibAFL QEMU\, a cross -architecture and flexible tool unifying user process and system-wide fuzz ing\, serves as a potential first step towards solving these issues. More importantly\, we will discuss the main challenges that lie ahead. Speaker Bio: Romain Malmain is a PhD student at EURECOM under the supervision of A urélien Francillon and Davide Balzarotti. His main areas of research are f uzzing and symbolic execution\, with a focus on embedded systems. The talk will also be streamed online at https://uniroma1.zoom.us/j/85700827574?pw d=4n9S6gluP3YaBejxZlbQrjVExoYw25.1 DTSTART;TZID=Europe/Paris:20240723T143000 DTEND;TZID=Europe/Paris:20240723T143000 LAST-MODIFIED:20240716T101703Z LOCATION:Aula A5 SUMMARY:Finding Bugs in the Large: Towards A Unified Solution for Cross-Arc hitecture Userland and System-Wide Testing - Romain Malmain\, EURECOM URL;TYPE=URI:https://www.diag.uniroma1.it/node/28352 END:VEVENT END:VCALENDAR