Overview

VACO is described in the INSTILLER paper as a variant of ant colony optimization (ACO) used for RTL fuzzing. INSTILLER, short for Instruction Distiller, applies VACO to distill input instructions so that fuzzing inputs stay short and efficient. The motivation is that prior CPU RTL fuzzing approaches can produce instruction inputs whose length keeps growing, while longer inputs are described as ineffective for fuzzing. [C1]

Role in INSTILLER

Within INSTILLER, VACO is the technique used for instruction distillation. The paper states that INSTILLER is an RTL fuzzer based on ACO, and that it uses VACO specifically to keep input-instruction length short and efficient during fuzzing. [C2]

INSTILLER also addresses other RTL-fuzzing concerns outside VACO, including inserting interruptions and exceptions into generated inputs and using hardware-based seed selection and mutation strategies. [C3]

Reported evaluation results

The reported experiments compare INSTILLER with state-of-the-art fuzzing work on real-world target CPU cores. The paper reports that INSTILLER achieves 29.4% more coverage than DiFuzzRTL and detects 17.0% more mismatches. [C4]

For VACO specifically, the paper reports that INSTILLER generates 79.3% shorter input instructions than DiFuzzRTL when using the VACO algorithm. The paper also reports that this distillation produces a 6.7% average increase in execution speed. [C5]

Technical significance

Based on the reported abstract, VACO's main technical significance is input-length control for RTL fuzzing: it is used to reduce the size of instruction inputs while preserving or improving fuzzing effectiveness as measured by coverage, mismatch detection, and execution speed in the INSTILLER evaluation. [C2] [C5]