Researchers at ETH Zurich have created a unique fuzzer to identify vulnerabilities in RISC-V processors, and they have already identified over thirty.
Fuzzing is a technique where one feeds hardware or software random input and observes how it reacts. In the security sector, it’s often utilised for detecting architectural defects or coding issues.
However, the shortcomings of the CPU fuzzers available today reduce their effectiveness. For instance, they might not adequately manage control flow or cover the complete instruction set architecture (ISA), which leads to the missing of defects. Thus, a novel strategy is being tested.