BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.riscv-europe.org//eu-summit-2026//speaker//YSWUEA
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-eu-summit-2026-FFPCHP@cfp.riscv-europe.org
DTSTART;TZID=CET:20260610T155000
DTEND;TZID=CET:20260610T160000
DESCRIPTION:Verification remains a key bottleneck in the design of modern R
 ISC-V processors\, particularly for deep corner cases that are difficult t
 o reach with conventional verification techniques. Coverage-guided hardwar
 e fuzzing provides fast exploration\, but often relies on coarse-grained c
 overage feedback and blind mutation\, leading to shallow exploration. Symb
 olic and concolic methods offer control path reasoning\, but their practic
 ality is limited by path explosion and high solver cost on realistic RTL p
 rocessor designs.\nWe present a concolic execution guided hybrid whitebox 
 fuzzing framework for RISC-V processors with FPGA acceleration. The framew
 ork combines RTL static analysis\, concolic solving\, and high-throughput 
 fuzzing to balance exploration of hard-to-trigger deep processor behaviors
  with fuzzing efficiency. It extracts the processor control-flow graph fro
 m RTL\, instruments synthesizable control path monitoring\, and uses the c
 ollected path conditions to steer test generation toward high-value unexpl
 ored paths. We further map the DUT and fuzzer on FPGA programmable logic\,
  while running concolic engine and SMT solver on the on-board ARM processo
 r to accelerate the hybrid whitebox fuzzing process through an end-to-end 
 heterogeneous architecture.\nWe evaluate the approach on open-source RISC-
 V processors\, including CVA6\, Ibex\, and PicoRV32. Results show that our
  approach can achieve 1.33x higher coverage than SOTA fuzzers and explore 
 deep corner coverage points that are difficult to trigger with existing ap
 proaches.
DTSTAMP:20260522T162446Z
LOCATION:Poster Island A
SUMMARY:Concolic Execution Guided Hybrid Whitebox Fuzzing for RISC-V Proces
 sors - Zijian Jiang
URL:https://cfp.riscv-europe.org/eu-summit-2026/talk/FFPCHP/
END:VEVENT
END:VCALENDAR