Fuzzing in Renode simulation: discovering bugs in communication protocol implementations

Modern communication protocols are complicated, with countless methods of implementation — this is especially visible in such a diverse ecosystem as the Internet of Things. Fuzzing is an automated testing technique aimed at detecting problems like crashes or memory leaks in software by feeding it with invalid, often random input. Using a simulation framework such as Renode adds the capability to perform fuzzing that is software-agnostic, on layers closer to hardware.

This thesis project demonstrated an application of a fuzzing technique for searching for bugs and divergences in popular implementations of communication protocols used in modern IoT devices. It was carried out on the example of the Bluetooth HCI protocol in the open source Zephyr RTOS, using Renode as well as the american fuzzy lop (AFL) tool and its successor AFL++ to provide a comprehensive testing environment for advanced fuzzing scenarios. The bugs identified with this technique were reported to the upstream maintainers of Zephyr and fixed.