Fuzz testing of network subsystem in PikeOS
Thesis title in Czech: | Fuzz testování síťového subsystému v PikeOS |
---|---|
Thesis title in English: | Fuzz testing of network subsystem in PikeOS |
Key words: | Fuzz testování|Dlouhodobé testování|RTOS|Síťový stack|PikeOS |
English key words: | Fuzzing|Long run testing|RTOS|Network stack|PikeOS |
Academic year of topic announcement: | 2022/2023 |
Thesis type: | Bachelor's thesis |
Thesis language: | angličtina |
Department: | Department of Distributed and Dependable Systems (32-KDSS) |
Supervisor: | doc. RNDr. Pavel Parízek, Ph.D. |
Author: | hidden - assigned and confirmed by the Study Dept. |
Date of registration: | 19.09.2022 |
Date of assignment: | 19.09.2022 |
Confirmed by Study dept. on: | 11.10.2022 |
Date and time of defence: | 05.02.2024 09:00 |
Date of electronic submission: | 09.01.2024 |
Date of submission of printed version: | 09.01.2024 |
Date of proceeded defence: | 05.02.2024 |
Opponents: | RNDr. Jakub Yaghob, Ph.D. |
Guidelines |
Network subsystems in operating systems have specific requirements on security and reliability, since they need to process inputs from possibly unsafe environment (including network packets and configuration). The goal of this project is to design and implement a long-running test for the network subsystem of the real-time operating system PikeOS, developed by the company SYSGO. A key component of the test will be a fuzzer that should exercise behavior of the network subsystem in PikeOS under many different inputs, workloads, and configurations. The test should cover all the common network traffic scenarios and functionality supported by the network subsystem, and it should run multiple concurrent processes in order to stress possible race conditions. In addition, test should also exercise the following: large packets, incomplete packets, blocking and non-blocking mode of sending and receiving packets, traffic intensity, and packets with specific content. The fuzzer component has to be highly configurable and parameterized, specifically in order to support also testing of system behavior under possibly invalid inputs and configurations. |
References |
1. PikeOS, https://www.sysgo.com/pikeos
2. CIP: Certifiable IP Stack, https://www.sysgo.com/cip 3. The Fuzzing Book, https://www.fuzzingbook.org/ 4. Fuzzing: Hack, Art, and Science. Communications of the ACM, Volume 63, Number 2, pages 70-76, February 2020 5. Marcel Böhme, Cristian Cadar, Abhik Roychoudhury. Fuzzing: Challenges and Reflections. IEEE Software, 2021 |