Skip to content
STIMSMITH

Verifying Instruction Set Simulators using Coverage-guided Fuzzing

Paper

“Verifying Instruction Set Simulators using Coverage-guided Fuzzing” is a DATE 2019 paper by V. Herdt, D. Große, H. M. Le, and R. Drechsler. The available evidence identifies it as a paper on coverage-guided fuzzing for instruction set simulator verification and highlights future-work directions including improving the V(RD) functional metric, exploring machine-learning-assisted fuzzing, evaluating stronger but scalable coverage metrics, broadening to more architectures and instruction sets, and extending analysis beyond the ISS component.

First seen 5/26/2026
Last seen 6/8/2026
Evidence 27 chunks
Wiki v3

WIKI

Overview

“Verifying Instruction Set Simulators using Coverage-guided Fuzzing” is cited as a DATE 2019 paper by V. Herdt, D. Große, H. M. Le, and R. Drechsler, appearing on pages 360–365. [publication]

The provided evidence excerpts mainly cover the paper’s future-work and conclusion material. They identify the work as applying coverage-guided fuzzing in the context of instruction set simulator verification, and discuss several directions for extending the approach. [publication]

READ FULL ARTICLE →

NEIGHBORHOOD

No graph connections found for this entity yet. It may appear in future ingestion runs.

explore full graph →

RELATIONSHIPS

42 connections
Code Coverage uses → 100% 6e
The paper uses code coverage as a guiding metric in the fuzzing approach.
spike evaluates → 100% 6e
The paper evaluates Spike as a reference ISS and finds an error in it.
Functional Coverage uses → 100% 6e
The paper integrates functional coverage as part of the fuzzing approach.
libFuzzer uses → 100% 6e
The paper implements its CGF approach on top of libFuzzer.
Vladimir Herdt authored by → 100% 5e
Vladimir Herdt is listed as an author of the paper.
ELF Binary uses → 100% 5e
The approach transforms bytestreams into ELF binaries for ISS execution.
Forvis evaluates → 100% 5e
The paper evaluates Forvis as a reference ISS.
Daniel Große authored by → 100% 5e
Daniel Große is listed as an author of the paper.
Rolf Drechsler authored by → 100% 5e
Rolf Drechsler is listed as an author of the paper.
RISC-V ISA Tests uses → 100% 4e
The paper integrates RISC-V ISA Tests for comparison in the evaluation.
Model-Based Test Generation compares with → 90% 4e
The paper discusses model-based test generation as related work and compares it with the proposed CGF approach.
Coverage-Guided Fuzzing introduces → 100% 4e
The paper proposes a novel coverage-guided fuzzing approach for ISS verification.
Branch Coverage uses → 100% 4e
The paper uses branch coverage as part of its coverage metrics.
RISC-V Virtual Prototype evaluates → 100% 4e
The paper evaluates the RISC-V Virtual Prototype as the ISS under test.
Hoang M. Le authored by → 100% 3e
Hoang M. Le is listed as an author of the paper.
Functional Coverage introduces → 90% 2e
The paper introduces a novel functional coverage metric tailored for ISS verification.
Coverage-Guided Fuzzing uses → 100% 2e
The paper proposes and uses coverage-guided fuzzing for ISS verification.
RISC-V Torture Test Generator uses → 100% 2e
The paper integrates RISC-V Torture Test Generator for comparison in the evaluation.
constrained random verification compares with → 85% 2e
The paper discusses constrained random verification as a complementary technique.
Bayesian Network Test Generation mentions → 85% 2e
The paper mentions bayesian network based coverage-guided test generation as a related approach.
Efficient Cross-Level Processor Verification using Coverage-guided Fuzzing ← mentions 90% 2e
The paper mentions this related work on coverage-guided fuzzing for ISS verification.
Processor Stimulus Generation uses → 85% 2e
The paper addresses processor stimulus generation as a key aspect of ISS verification.
Instruction Set Simulator evaluates → 100% 2e
The paper proposes and evaluates a method to verify instruction set simulators.
University of Bremen published by → 100% 2e
The paper is affiliated with University of Bremen.
DFKI GmbH published by → 100% 2e
The paper is affiliated with DFKI GmbH.
riscv-torture uses → 100% 2e
The paper integrates RISC-V Torture as a baseline comparison tool.
Dynamic Program Analysis mentions → 85% 2e
The paper mentions dynamic program analysis as a semi-formal method applicable to ISS verification.
Testcase Generation uses → 100% 2e
The paper focuses on improving the testcase generation process via fuzzing.
illegal instruction handling evaluates → 90% 2e
The paper evaluates how ISSs handle illegal instructions and found related errors.
RISC-V Torture Test Generator compares with → 100% 2e
The paper compares its CGF approach against the RISC-V Torture test generator.
RISC-V ISA Tests compares with → 100% 2e
The paper compares its CGF approach against the RISC-V ISA tests.
Efficient Cross-Level Testing for Processor Verification: A RISC-V Case-Study ← mentions 90% 1e
The paper cites work on coverage-guided fuzzing for ISS verification.
SMT Solver mentions → 85% 1e
The paper mentions SMT solvers used in model-based test generation approaches.
RV32IMA uses → 100% 1e
The paper applies its approach to the RV32IMA ISS.
CSP/SMT Solver mentions → 85% 1e
The paper mentions CSP/SMT solvers used in model-based test generation approaches.
differential testing uses → 95% 1e
The paper uses differential testing by comparing execution results across multiple ISSs.
Instruction Sequence uses → 90% 1e
The paper uses instruction sequences as part of the custom mutation procedure.
Constrained Random Verification mentions → 90% 1e
The paper mentions constrained random techniques as a complementary approach.
Machine Learning for Fuzzing mentions → 90% 1e
The paper mentions machine learning integration into fuzzing as a promising direction.
Dynamic Program Analysis mentions → 85% 1e
The paper mentions dynamic program analysis as a semi-formal method applicable to ISS verification.
Instruction Decoder evaluates → 90% 1e
The paper evaluates instruction decoder correctness, finding an error in Spike's decoder.
Machine Learning for Fuzzing mentions → 90% 1e
The paper mentions machine learning integration into fuzzing as a promising future direction.

LINKED ENTITIES

4 links
Efficient Cross-Level Testing for Processor Verification: A RISC-V Case-Study MENTIONS Extracted graph relationship
Vladimir Herdt AUTHORED_BY Extracted graph relationship
Daniel Große AUTHORED_BY Extracted graph relationship
Rolf Drechsler AUTHORED_BY Extracted graph relationship

CITATIONS

7 sources
7 citations — click to expand
[1] The paper is a DATE 2019 publication by V. Herdt, D. Große, H. M. Le, and R. Drechsler, appearing on pages 360–365. Efficient Cross-Level Testing for
[2] The paper discusses using ideas for covering output-operand values to help maximize the functional V(RD) metric. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[3] The paper identifies machine-learning techniques for fuzzing as a promising future direction in its application area. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[4] The paper states that path coverage and cross-coverage of functional metrics can be effective but challenging or impractical because of the large feature state space. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[5] The paper proposes selective path coverage and selective functional cross-coverage, applied to selected code regions such as per-instruction ISS evaluation paths and input operand values, to improve verification while maintaining scalability. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[6] The paper proposes broadening evaluation to further architectures and instruction sets and applying the coverage-guided fuzzing approach to whole-platform analysis rather than only the ISS component. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[7] Efficient Cross-Level Testing for Processor Verification: A RISC-V Case-Study cites the paper in its references. Efficient Cross-Level Testing for