A Novel Concolic Execution Approach On Embedded Device

With the widely use of embeded device, its security issues cause high attention. As one of the popular program testing techniques, symbolic execution tests a program by treating the program's input as symbols and interpreting the program over these inputs. Due to the complex environment and lackage of computing resources, there is no efficient symbolic execution approach in analyzing firmware running on device. In this paper, we present a novel concolic execution approach for firmware programs. The approach adopts Dynamic Test Generation scheme to perform concrete execution on multiple architectures Unix-like physical device and symbolic execution on the debugging host. In order to gain the complex environment info, the concrete execution performs by gdb debugging method collects program trace and runtime information. And to overcome the lackage of computing resources, the symbolic execution extracts relevant constraints and solves the collected constraints to generate new test cases on a high perfomance host. We implement the approach in various architectures, including x86-64, arm and ppc. The availability and effectiveness of our approach can be verified by evaluating some binutil programs in our approach's framework.