Careers > GNAT DAS: CHERI On-target Fuzz Testing
Last modified 10/7/2024 10:43:40 AM

GNAT DAS: CHERI On-target Fuzz Testing

Internship
AdaCore
Bristol, UK

AdaCore: Helping Developers Build Software that Matters

Everything we do at AdaCore is centered around helping developers build safe, secure and reliable software.

For 30 years, we've partnered with global leaders in aerospace & defense, air traffic management, space, railway and financial services. We've developed tools and services simplifying high-integrity software development through a subscription-based model. As demand for secure applications grows in industries like automotive, medical, energy, and IoT, we're adapting our proven technologies to assist a new generation of developers.

Our 150 global experts based in the US, France, Germany, the UK, and Estonia, collectively develop cutting-edge technologies to address the challenges of high-grade software development.

Joining AdaCore is about joining a culture of innovation, openness, collaboration and dependability, which defines how we work together, with our customers and partners.

Context

Developed at AdaCore, the GNAT DAS tool suite (https://www.adacore.com/dynamic-analysis) includes GNATfuzz (https://www.adacore.com/dynamic-analysis/gnatfuzz), an advanced fuzz testing solution for Ada applications. GNATfuzz was designed to utilize multiple backend fuzz testing solutions, including AFL++, and includes advanced branch-solving algorithms like RedQueen and Symbolic Execution. GNATfuzz targets and finds bugs in Ada applications and linked C and C++ libraries. Currently, GNATfuzz executes on POSIX-based OSs (Linux) on X86 64-bit architectures, and AdaCore is keen to explore options for on-target fuzzing on advanced anomaly detection hardware like CHERI-compliant microprocessors. Furthermore, we would like to understand if the capability would require an OS to provide features like file IO or if bare-metal solutions are also feasible. In addition, an in order to utilize the smart grey box (coverage aware) fuzz testing aspects of AFL++, we would need to migrate the compiler plugin responsible for performing the instrumentation (using either the GCC or LLVM version), as well as the main afl-fuzz tool responsible for performing mutations and test execution. Alternative solutions would be to look at the LibFuzzer tool within the LLVM standard library. AdaCore is actively working on CHERI compilers for Morello through our GNAT Pro for CHERI initiative (https://www.adacore.com/papers/elevate-security-confidence-with-memory-safe-hardware-and-software) and Fuzz testing Ada and C applications on CHERI is a highly desirable goal.

Goals

The internship's general goal is to work towards a complete fuzz testing solution on CHERI. There are multiple directions that can be taken:

  • Port an existing AFL++ compiler to a CHERI target. For example, afl-llvm-fast on CheriBSD on Morello or RISC-V.

  • Port afl-fuzz to a CHERI target. For example, afl-llvm-fast on CheriBSD on Morello or RISC-V.

  • Port LibFuzzer to a CHERI target. For example, LibFuzzer on CheriBSD on Morello or RISC-V.

 

Skills required/nice to have:

  • Experience/interest in fuzz testing or other forms of dynamic analysis and/or compilation (GCC or LLVM)

  • Experience in the CHERI Instruction Set Architecture

 

Timeframe & Location

During 2025 - 3 to 9 months - Bristol office

 

Beyond the job

We're a global organization driven by diverse backgrounds, fostering innovation through an open exchange of ideas. We welcome applicants of all backgrounds, celebrating diversity in ethnicity, nationality, gender, age, religion, abilities, sexual orientation, veteran or marital status. 

Our commitment is to help our teammates, wherever they are based, feel comfortable and satisfied, by encouraging flexibility to ensure them a healthy work-life balance. Additionally, we prioritize individual development by offering continuous training from day one with a personalized onboarding plan.

 

Powered by Hello Talent