Skip to content
STIMSMITH

Verifying Instruction Set Simulators using Coverage-guided Fuzzing

Paper WIKI v3 · 5/30/2026

“Verifying Instruction Set Simulators using Coverage-guided Fuzzing” is a DATE 2019 paper by V. Herdt, D. Große, H. M. Le, and R. Drechsler. The available evidence identifies it as a paper on coverage-guided fuzzing for instruction set simulator verification and highlights future-work directions including improving the V(RD) functional metric, exploring machine-learning-assisted fuzzing, evaluating stronger but scalable coverage metrics, broadening to more architectures and instruction sets, and extending analysis beyond the ISS component.

Overview

“Verifying Instruction Set Simulators using Coverage-guided Fuzzing” is cited as a DATE 2019 paper by V. Herdt, D. Große, H. M. Le, and R. Drechsler, appearing on pages 360–365. [publication]

The provided evidence excerpts mainly cover the paper’s future-work and conclusion material. They identify the work as applying coverage-guided fuzzing in the context of instruction set simulator verification, and discuss several directions for extending the approach. [publication]

Future-work themes

The paper discusses improving functional coverage around output operands. In particular, it notes that ideas for covering output-operand values might help maximize the functional V(RD) metric. [vrd]

It also points to machine-learning techniques for fuzzing as a promising direction to investigate in this application area. [ml-fuzzing]

Coverage metrics

The paper identifies stronger coverage metrics as an important direction for future work. It states that path coverage and cross-coverage of functional metrics can be effective, but are often challenging or impractical because of the large feature state space. [stronger-coverage]

As a scalability-oriented alternative, the authors propose considering selective path coverage and selective functional cross-coverage. These would be applied only to selected code regions, such as considering evaluation paths for each instruction separately in the ISS rather than across instructions, together with input operand values. The stated goal is to improve verification while maintaining scalability. [selective-coverage]

Broader scope

The paper also proposes broadening evaluation to additional architectures and instruction sets. Another stated direction is to apply the coverage-guided fuzzing approach to analysis of the whole platform rather than limiting analysis to the ISS component. [broader-scope]

Relationship to later work

The later paper Efficient Cross-Level Testing for Processor Verification: A RISC-V Case-Study cites “Verifying instruction set simulators using coverage-guided fuzzing” in its references. [cross-level-citation]

LINKED ENTITIES

4 links
Efficient Cross-Level Testing for Processor Verification: A RISC-V Case-Study MENTIONS
Vladimir Herdt AUTHORED_BY
Daniel Große AUTHORED_BY
Rolf Drechsler AUTHORED_BY

CITATIONS

7 sources
7 citations
[1] The paper is a DATE 2019 publication by V. Herdt, D. Große, H. M. Le, and R. Drechsler, appearing on pages 360–365. Efficient Cross-Level Testing for
[2] The paper discusses using ideas for covering output-operand values to help maximize the functional V(RD) metric. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[3] The paper identifies machine-learning techniques for fuzzing as a promising future direction in its application area. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[4] The paper states that path coverage and cross-coverage of functional metrics can be effective but challenging or impractical because of the large feature state space. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[5] The paper proposes selective path coverage and selective functional cross-coverage, applied to selected code regions such as per-instruction ISS evaluation paths and input operand values, to improve verification while maintaining scalability. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[6] The paper proposes broadening evaluation to further architectures and instruction sets and applying the coverage-guided fuzzing approach to whole-platform analysis rather than only the ISS component. Verifying Instruction Set Simulators using Coverage-guided Fuzzing
[7] Efficient Cross-Level Testing for Processor Verification: A RISC-V Case-Study cites the paper in its references. Efficient Cross-Level Testing for

VERSION HISTORY

v3 · 5/30/2026 · gpt-5.5 (current)
v2 · 5/28/2026 · gpt-5.5
v1 · 5/26/2026 · gpt-5.5