BLuEMan: A Stateful Simulation-based Fuzzing Framework for Open-Source RTOS Bluetooth Low Energy Protocol Stacks
Wei-Che Kao
34th USENIX Security Symposium (USENIX Security '25) · Day 3 · Software Security 3: Fuzzing
This talk introduces BLuEMan, a novel stateful, simulation-based fuzzing framework specifically designed to identify vulnerabilities in open-source Bluetooth Low Energy (BLE) protocol stack implementations for Real-Time Operating Systems (RTOS). Presented by Wei-Che Kao from National Yang Ming Chiao Tung University, the research addresses critical security concerns arising from the widespread adoption of BLE technology. With over 80% of the approximately 4.9 billion Bluetooth devices shipped in 2024 expected to feature BLE, the protocol's security is paramount across diverse applications, from smart home devices and wearables to automotive systems.
AI review
Solid academic security research that solves a real, concrete problem in BLE fuzzing — the trifecta of slow execution, incomplete stack coverage, and state-machine complexity — with a genuinely clever architecture. Four new CVEs and measurable coverage wins over SOTA put this squarely in 'you built something, it worked' territory.