Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Combinatorial Methods for Trust and Assurance

Physical Unclonable Function (PUF) Vulnerabilities

Physical Unclonable Function (PUF) Vulnerabilities

Combination frequency differencing (CFD) can be used to analyze the susceptibility of physical unclonable functions (PUFs) to machine learning attacks. Preliminary results suggest that the method may be useful for identifying bit combinations that have a disproportionately strong influence on PUF response bit values.

Kuhn, D. R., Raunak, M. S., Prado, C., Patil, V. C., & Kacker, R. N. (2022, April). "Combination Frequency Differencing for Identifying Design Weaknesses in Physical Unclonable Functions". In 2022 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW) (pp. 110-117). 

Most vulnerable PUF:

Weak PUF

Least vulnerable PUF:

Strong PUF


Embedded System Faults and Vulnerabilities

Weiss, A., Gautham, S., Jayakumar, A. V., Elks, C. R., Kuhn, D. R., Kacker, R. N., & Preusser, T. B. (2021). Understanding and fixing complex faults in embedded cyberphysical systems. Computer, 54(1), 49-60.

Jayakumar, A. V., Gautham, S., Kuhn, R., Simons, B., Collins, A., Dirsch, T., ... & Elks, C. (2020, October). Systematic software testing of critical embedded digital devices in nuclear power applications. In 2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) (pp. 85-90). IEEE.

Elks, C., Jayakumar, A., Collins, A., Hite, R., Karles, T., Deloglos, C., ... & Gautham, S. (2019). Preliminary results of a bounded exhaustive testing study for software in embedded digital devices in nuclear power applications. Idaho National Laboratory US Department of Energy Office of Nuclear Energy report INL/EXT-19-55606.

Jayakumar, A., Kuhn, D. R., Simons, B., Collins, A., Gautham, S., Hite, R., ... & Elks, C. (2021). A Pseudo Exhaustive Software Testing Framework for Embedded Digital Devices in Nuclear Power. National Institute of Standards and Technology, Gaithersburg.

Embedded System Testing



Rick Kuhn

Raghu Kacker

M S Raunak


Security and Privacy: assurance, modeling, testing & validation

Technologies: software & firmware

Created May 24, 2016, Updated June 13, 2024