Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a 13-minute conference presentation from USENIX Security '25 that introduces NÜWA, a groundbreaking static analysis technique for detecting vulnerabilities in embedded systems through constraint semantic inconsistencies. Learn how researchers from the Chinese Academy of Sciences discovered that over 86% of embedded system vulnerabilities stem from semantic inconsistencies in constraints used to validate user inputs across different system components. Understand the limitations of existing static analysis tools in systematically identifying these inconsistencies and their high false positive rates. Discover how NÜWA addresses these challenges by accurately extracting constraint semantics across diverse implementations, enabling scalable and precise vulnerability discovery. Examine the comprehensive evaluation results showing NÜWA's superior performance compared to five state-of-the-art tools, identifying significantly more vulnerabilities in known datasets from 13 vendors. Review the practical impact of this research, including the discovery of 152 previously unknown vulnerabilities confirmed by developers, with 88 assigned CVE IDs, demonstrating the technique's effectiveness in real-world embedded systems security assessment.
