Testing concolic execution through consistency checks

Symbolic execution is a well-known software testing technique that evaluates how a program runs when considering a symbolic input, i.e., an input that can initially assume any concrete value admissible for its data type. The dynamic twist of this technique is dubbed concolic execution and has been demonstrated to be a practical technique for testing even complex real-world programs. Unfortunately, developing concolic engines is hard. Indeed, an engine has to correctly instrument the program to build accurate symbolic expressions, which represent the program computation. Furthermore, to reason over such expressions, it has to interact with an SMT solver. Hence, several implementation bugs may emerge within the different layers of an engine. In this article, we consider the problem of testing concolic engines. In particular, we propose several testing strategies whose main intuition is to exploit the concrete state kept by the executor to identify inconsistencies within the symbolic state. We integrated our strategies into three state-of-the-art concolic executors (SymCC, SymQEMU, and Fuzzolic, respectively) and then performed several experiments to show that our ideas can find bugs in these frameworks. Overall, our approach was able to discover more than 12 bugs across these engines

SENinja: A symbolic execution plugin for Binary Ninja

Symbolic execution is a program analysis technique that aims to automatically identify interesting inputs for an application, using them to generate program executions covering different parts of the code. It is widely used in the context of vulnerability discovery and reverse engineering. In this paper we present SENINJA, a symbolic execution plugin for the BINARYNINJA disassembler. The tool allows the user to perform symbolic execution analyses directly within the user interface of the disassembler, and can be used to support a variety of reverse engineering tasks

WEIZZ: Automatic grey-box fuzzing for structured binary formats

Fuzzing technologies have evolved at a fast pace in recent years, revealing bugs in programs with ever increasing depth and speed. Applications working with complex formats are however more difficult to take on, as inputs need to meet certain format-specific characteristics to get through the initial parsing stage and reach deeper behaviors of the program. Unlike prior proposals based on manually written format specifications, we propose a technique to automatically generate and mutate inputs for unknown chunk-based binary formats. We identify dependencies between input bytes and comparison instructions, and use them to assign tags that characterize the processing logic of the program. Tags become the building block for structure-aware mutations involving chunks and fields of the input. Our technique can perform comparably to structure-aware fuzzing proposals that require human assistance. Our prototype implementation WEIZZ revealed 16 unknown bugs in widely used programs

Seasonality of Marriages and Ecological Contexts in Rural Communities of Central-Southern Italy (Abruzzo), 1500–1871

The seasonality of 27,705 marriages celebrated in a four century span in the Province of Teramo (Abruzzo, Italy) was analyzed to identify the presence of a long-term pattern related to the prevailing subsistence activity and the main factors affecting it. The results show general agreement in all centuries with the agricultural patterns of other lowland or south-central Italian groups (Piedmont, Veneto, Liguria, Emilia Romagna, Tuscany, Latium, Campania, Apulia) and Mediterranean regions (Spain, France), although with some differences. Religious factors strongly affected the timing of marriage only during Lent. Of interest is the progressive increase through the centuries of marriages in the summer-autumn months, associated with a decrease in January and February. This suggests the passage from a summer migration system to a rural sedentary system with occasional seasonal work

Temperature increase during composites polymerisation using two LED curing lights

The aim of curing light technology has been the development of lights that would result in faster curing of resin composites and less heat generation (Aravamudhan et al., Dent Mater 2006). The purpose of this in vitro study was to evaluate thermal changes on the tooth structures during the exposure of two different light emitting diode curing units (LED)

Sorveglianza sismica a Stromboli: Settembre 1986

In the tex

Preliminary Analysis of the Estimation of Tissue Thermal Parameters for Tumor Laser Ablation with Minimally Invasive Techniques

The optimization of tumor laser ablation requires the evaluation of the temperature distribution in the tumor volume, but minimally invasive sensors can only provide information in one dimension, and often with consistent errors. Therefore, a suitable prediction algorithm, combined with accurate measurements, are required to reconstruct the temperature map in the tumor mass. This work provides preliminary results on the temperature mapping in an agar-gel phantom, using a quasi-distributed temperature sensor made of a fiber Bragg grating array with improved accuracy, and an algorithm of estimation of the temperature spatial distribution based on the thermal Green's function. Details on the fabrication and packaging of the sensor are provided along with an experimental evaluation of the thermal diffusivity in the phantom. Furthermore, it is shown how the accuracy on the evaluation of diffusivity is influenced by the synchronization error, which is the delay between the firing of the laser and the temperature acquisition