Range specification bug detection in flight control systems through fuzzing

Publication Type

Journal Article

Publication Date

3-2024

Abstract

Developers and manufacturers provide configurable control parameters for flight control programs to support various environments and missions, along with suggested ranges for these parameters to ensure flight safety. However, this flexible mechanism can also introduce a vulnerability known as range specification bugs. The vulnerability originates from the evidence that certain combinations of parameter values may affect the drone's physical stability even though its parameters are within the suggested range. The paper introduces a novel system called icsearcher, designed to identify incorrect configurations or unreasonable combinations of parameters and suggest more reasonable ranges for these parameters. icsearcher applies a metaheuristic search algorithm to find configurations with a high probability of driving the drone into unstable states. In particular, icsearcher adopts a machine learning-based predictor to assist the searcher in evaluating the fitness of configuration. Finally, leveraging searched incorrect configurations, icsearcher can summarize the feasible ranges through multi-objective optimization. icsearcher applies a predictor to guide the search, which eliminates the need for realistic/simulation executions when evaluating configurations and further promotes search efficiency. We have carried out experimental evaluations of icsearcher in different control programs. The evaluation results show that the system successfully reports potentially incorrect configurations, of which over 94%94% leads to unstable states.

Keywords

Drones, Aerospace Control, Trajectory, Computer Bugs, Fuzzing, Actuators, Codes, Drone Security, Configuration Test, Range Specification Bug, Deep Learning Approximation, Flight Control, Flight Control System, Control Programs, Control Parameters

Discipline

Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

IEEE Transactions on Software Engineering

Volume

50

Issue

3

First Page

461

Last Page

473

ISSN

0098-5589

Identifier

10.1109/TSE.2024.3354739

Publisher

Institute of Electrical and Electronics Engineers

Additional URL

https://doi.org/10.1109/TSE.2024.3354739

This document is currently not available here.

Share

COinS