Quarterly journal published in SPbPU
and edited by prof. Peter Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
IDENTIFICATION OF VULNERABILITIES IN SOFTWARE FOR ARM PROCESSORS USING SYMBOLOGICAL EXECUTION

R. A. Abitov, E. Yu. Pavlenko
Peter the Great Saint Petersburg Polytechnic University

Annotation: This paper discusses the prospects for using symbolic execution as a basis for identifying vulnerabilities in ARM processors software. An analysis of the shortcomings of the existing methods of binary analysis in comparison with the considered method is given. A method for identifying potentially vulnerable functions or procedures in software for ARM processors is proposed. A method is proposed for checking the reachability of the found potential vulnerabilities, taking into account a large number of conditional jumps, logical branches and input data streams embedded in the software. A method for checking the exploitation of found vulnerabilities based on the analysis of registers and their contents is proposed.
Keywords: Software Cybersecurity, Binary Analysis, Symbolic Execution, Symbolic Modeling, Symbolic Computation, Vulnerability Search Methods.
Pages 9-15