BSDCan2016 - v1.1.24a
BSDCan 2016
The Technical BSD Conference
| Speakers | |
|---|---|
|
Kirk Russell |
| Schedule | |
|---|---|
| Day | Talks #2 - 11 June - 2016-06-11 |
| Room | DMS 1110 |
| Start time | 10:00 |
| Duration | 01:00 |
| Info | |
| ID | 655 |
| Event type | Lecture |
| Track | Hacking |
| Language used for presentation | English |
Using competitive analysis to increase the effectiveness of operating system fuzz testing
How to reproduce a kernel crash in 10 seconds or less
Fuzz testing has been used to evaluate the robustness of operating system distributions for over twenty years. Eventually, a fuzz test suite will suffer from reduced effectiveness.
The first obstacle is the pesticide paradox: as you fix the easy defects, it gets difficult to find the remaining obscure defects. Also, the test execution time and the debug/fix cycle tends to be manual work that can take hours or even days of effort. During the presentation, a structured framework for creating new fuzz tests will be introduced, along with a competitive analysis approach used to minimize defect reproduction complexity.