An Empirical Study of Regression Bug Chains in Linux

Abstract: This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.

“…Although the secure boot loader requires functionalities such as the management of TEE, secure networking, secure storage, and self-update, they are easily enabled by the small Linux. Linux is also well maintained [1,51,99,105], offers a kernel self protection mechanism [32,33,54], and can be small in size [57,61,65,80]. From the view of Trusted Computing Base (TCB), these features are perhaps more important than the size of code.…”

“…Most IoTs run a few domain-specific applications, mostly on Linux, due to the availability of many development tools on Linux. Although the Linux kernel itself is well maintained, and bugs are often fixed quickly [1,51,99,105] (e.g., for Meltdown [66,67] and Spectre [58,59]), most Linux IoT devices are not updated accordingly, and become an easy target of attacks. Notable example attacks include: Mirai [9,60], Linux.Darlloz [19,108], BASHLITE [70], and Hajime [34].…”

Reboot-Oriented IoT: Life Cycle Management in Trusted Execution Environment for Disposable IoT devices

“…Although the secure boot loader requires functionalities such as the management of TEE, secure networking, secure storage, and self-update, they are easily enabled by the small Linux. Linux is also well maintained [1,51,99,105], offers a kernel self protection mechanism [32,33,54], and can be small in size [57,61,65,80]. From the view of Trusted Computing Base (TCB), these features are perhaps more important than the size of code.…”

“…Most IoTs run a few domain-specific applications, mostly on Linux, due to the availability of many development tools on Linux. Although the Linux kernel itself is well maintained, and bugs are often fixed quickly [1,51,99,105] (e.g., for Meltdown [66,67] and Spectre [58,59]), most Linux IoT devices are not updated accordingly, and become an easy target of attacks. Notable example attacks include: Mirai [9,60], Linux.Darlloz [19,108], BASHLITE [70], and Hajime [34].…”

Reboot-Oriented IoT: Life Cycle Management in Trusted Execution Environment for Disposable IoT devices

“…To better understand the characteristics of faults, researchers in recent years have tried to explore the characteristics of faults from real systems [22,[24][25][26][27]. Generally, software faults can classified by the following three dimensions: root cause, impact, and software component.…”

Using Algebra Graph Representation to Detect Pairwise-Constraint Software Faults

Towards understanding bugs in Python interpreters