Sign up to save your podcasts
Or
Share Fuzzing and Dynamic Analysis for High-Integrity Software with Paul Butcher
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Fuzzing and Dynamic Analysis for High-Integrity Software with Paul Butcher
Fuzzing and Dynamic Analysis for High-Integrity Software with Paul Butcher
We sit down with Paul Butcher, Unit Director of Dynamic Analysis at AdaCore, to explore verification techniques beyond basic compliance in safety-critical software. Paul shares his experience from Eurofighter to automated trains, explaining how dynamic analysis—from unit testing to coverage analysis to fuzzing—helps find bugs that traditional testing misses.
The conversation dives deep into fuzzing: how it works, why it's so effective at finding corner-case bugs (even in well-tested systems), and the challenges of applying it to embedded systems with timing constraints. Paul introduces an intriguing approach that combines static analysis with targeted fuzzing to automatically triage false positives and generate reproducers. We also touch on formal verification, the role of LLMs in verification workflows, and why the simplest software is often the safest. Whether you're working in aerospace, medical devices, or any safety-critical domain, this episode offers practical insights into building more robust systems.
Key Topics
Notable Quotes
"Software testing is typically about, is it functionally correct? Fuzzing is like a negative testing technique. It's the inverse of that. It fires random inputs into your system with the intent of finding anomalies." — Paul Butcher
"Every time I speak to someone who's tried fuzzing, even if it's a system that's considered high integrity with a high level of assurance, they always find something. It's really good at eking out those weird corner case scenarios." — Paul Butcher
"With testing you would like to prove the absence of bugs, but unfortunately you can't. So you have to settle for a very distant second place of proving the presence of bugs." — Luca Ingianni
Resources Mentioned
You can find Jeff at https://jeffgable.com.
You can find Luca at https://luca.engineer.
Want to join the agile Embedded Slack? Click here
Are you looking for embedded-focused trainings? Head to https://agileembedded.academy/
Ryan Torvik and Luca have started the Embedded AI podcast, check it out at https://embeddedaipodcast.com/
View all episodes
By Luca Ingianni, Jeff Gable
4.9
1111 ratings
Fuzzing and Dynamic Analysis for High-Integrity Software with Paul Butcher
We sit down with Paul Butcher, Unit Director of Dynamic Analysis at AdaCore, to explore verification techniques beyond basic compliance in safety-critical software. Paul shares his experience from Eurofighter to automated trains, explaining how dynamic analysis—from unit testing to coverage analysis to fuzzing—helps find bugs that traditional testing misses.
The conversation dives deep into fuzzing: how it works, why it's so effective at finding corner-case bugs (even in well-tested systems), and the challenges of applying it to embedded systems with timing constraints. Paul introduces an intriguing approach that combines static analysis with targeted fuzzing to automatically triage false positives and generate reproducers. We also touch on formal verification, the role of LLMs in verification workflows, and why the simplest software is often the safest. Whether you're working in aerospace, medical devices, or any safety-critical domain, this episode offers practical insights into building more robust systems.
Key Topics
Notable Quotes
"Software testing is typically about, is it functionally correct? Fuzzing is like a negative testing technique. It's the inverse of that. It fires random inputs into your system with the intent of finding anomalies." — Paul Butcher
"Every time I speak to someone who's tried fuzzing, even if it's a system that's considered high integrity with a high level of assurance, they always find something. It's really good at eking out those weird corner case scenarios." — Paul Butcher
"With testing you would like to prove the absence of bugs, but unfortunately you can't. So you have to settle for a very distant second place of proving the presence of bugs." — Luca Ingianni
Resources Mentioned
You can find Jeff at https://jeffgable.com.
You can find Luca at https://luca.engineer.
Want to join the agile Embedded Slack? Click here
Are you looking for embedded-focused trainings? Head to https://agileembedded.academy/
Ryan Torvik and Luca have started the Embedded AI podcast, check it out at https://embeddedaipodcast.com/
More shows like The Agile Embedded Podcast
View all
The Amp Hour Electronics Podcast
229 Listeners
Embedded
191 Listeners