{"id":"https://openalex.org/W4389428758","doi":"https://doi.org/10.1109/tifs.2023.3340615","title":"Sizzler: Sequential Fuzzing in Ladder Diagrams for Vulnerability Detection and Discovery in Programmable Logic Controllers","display_name":"Sizzler: Sequential Fuzzing in Ladder Diagrams for Vulnerability Detection and Discovery in Programmable Logic Controllers","publication_year":2023,"publication_date":"2023-12-07","ids":{"openalex":"https://openalex.org/W4389428758","doi":"https://doi.org/10.1109/tifs.2023.3340615"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2023.3340615","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3340615","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.1109/TIFS.2023.3340615","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093437390","display_name":"Kai Feng","orcid":"https://orcid.org/0009-0000-9574-9812"},"institutions":[{"id":"https://openalex.org/I7882870","display_name":"University of Glasgow","ror":"https://ror.org/00vtgdb53","country_code":"GB","type":"education","lineage":["https://openalex.org/I7882870"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Kai Feng","raw_affiliation_strings":["School of Computing Science, University of Glasgow, Glasgow, Scotland, U.K"],"raw_orcid":"https://orcid.org/0009-0000-9574-9812","affiliations":[{"raw_affiliation_string":"School of Computing Science, University of Glasgow, Glasgow, Scotland, U.K","institution_ids":["https://openalex.org/I7882870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091479151","display_name":"Marco M. Cook","orcid":"https://orcid.org/0000-0002-5232-2381"},"institutions":[{"id":"https://openalex.org/I7882870","display_name":"University of Glasgow","ror":"https://ror.org/00vtgdb53","country_code":"GB","type":"education","lineage":["https://openalex.org/I7882870"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Marco M. Cook","raw_affiliation_strings":["School of Computing Science, University of Glasgow, Glasgow, Scotland, U.K"],"raw_orcid":"https://orcid.org/0000-0002-5232-2381","affiliations":[{"raw_affiliation_string":"School of Computing Science, University of Glasgow, Glasgow, Scotland, U.K","institution_ids":["https://openalex.org/I7882870"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021412159","display_name":"Angelos K. Marnerides","orcid":null},"institutions":[{"id":"https://openalex.org/I34771391","display_name":"University of Cyprus","ror":"https://ror.org/02qjrjx09","country_code":"CY","type":"education","lineage":["https://openalex.org/I34771391"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Angelos K. Marnerides","raw_affiliation_strings":["Department of Electrical and Computer Engineering, KIOS Research and Innovation Centre of Excellence, University of Cyprus, Nicosia, Cyprus"],"raw_orcid":"https://orcid.org/0000-0002-7996-6216","affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, KIOS Research and Innovation Centre of Excellence, University of Cyprus, Nicosia, Cyprus","institution_ids":["https://openalex.org/I34771391"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5093437390"],"corresponding_institution_ids":["https://openalex.org/I7882870"],"apc_list":null,"apc_paid":null,"fwci":1.8747,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.87050003,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"19","issue":null,"first_page":"1660","last_page":"1671"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9743245840072632},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7952125668525696},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.488032728433609},{"id":"https://openalex.org/keywords/sequential-logic","display_name":"Sequential logic","score":0.4680221974849701},{"id":"https://openalex.org/keywords/logic-synthesis","display_name":"Logic synthesis","score":0.41127341985702515},{"id":"https://openalex.org/keywords/logic-gate","display_name":"Logic gate","score":0.3968766927719116},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3013504147529602},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2858524024486542},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.15529465675354004},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.14532548189163208}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9743245840072632},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7952125668525696},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.488032728433609},{"id":"https://openalex.org/C187075797","wikidata":"https://www.wikidata.org/wiki/Q173245","display_name":"Sequential logic","level":3,"score":0.4680221974849701},{"id":"https://openalex.org/C157922185","wikidata":"https://www.wikidata.org/wiki/Q173198","display_name":"Logic synthesis","level":3,"score":0.41127341985702515},{"id":"https://openalex.org/C131017901","wikidata":"https://www.wikidata.org/wiki/Q170451","display_name":"Logic gate","level":2,"score":0.3968766927719116},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3013504147529602},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2858524024486542},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.15529465675354004},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.14532548189163208}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tifs.2023.3340615","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3340615","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:zenodo.org:14220552","is_oa":true,"landing_page_url":"https://doi.org/10.1109/TIFS.2023.3340615","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"IEEE Transactions on Information Forensics and Security, 19, 1660-1671, (2023-12-07)","raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:eprints.gla.ac.uk:310034","is_oa":true,"landing_page_url":"https://eprints.gla.ac.uk/310034/","pdf_url":"https://eprints.gla.ac.uk/310034/2/310034.pdf","source":{"id":"https://openalex.org/S4210235606","display_name":"ENLIGHTEN (Jurnal Bimbingan dan Konseling Islam)","issn_l":"2622-8912","issn":["2622-8912","2622-8920"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"},{"id":"pmh:oai:eprints.gla.ac.uk:311305","is_oa":true,"landing_page_url":"https://eprints.gla.ac.uk/311305/","pdf_url":null,"source":{"id":"https://openalex.org/S4210235606","display_name":"ENLIGHTEN (Jurnal Bimbingan dan Konseling Islam)","issn_l":"2622-8912","issn":["2622-8912","2622-8920"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Articles"}],"best_oa_location":{"id":"pmh:oai:zenodo.org:14220552","is_oa":true,"landing_page_url":"https://doi.org/10.1109/TIFS.2023.3340615","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"IEEE Transactions on Information Forensics and Security, 19, 1660-1671, (2023-12-07)","raw_type":"info:eu-repo/semantics/article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1450056408","display_name":null,"funder_award_id":"101120221","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G2428888754","display_name":null,"funder_award_id":"739551","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5319973186","display_name":null,"funder_award_id":"739551","funder_id":"https://openalex.org/F4320334322","funder_display_name":"HORIZON EUROPE Framework Programme"},{"id":"https://openalex.org/G6760930786","display_name":null,"funder_award_id":"101120221","funder_id":"https://openalex.org/F4320338448","funder_display_name":"HORIZON EUROPE European Innovation Council"},{"id":"https://openalex.org/G8966590385","display_name":null,"funder_award_id":"101120221","funder_id":"https://openalex.org/F4320334322","funder_display_name":"HORIZON EUROPE Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320332084","display_name":"Deputy Ministry of Research, Innovation and Digital Policy","ror":null},{"id":"https://openalex.org/F4320334322","display_name":"HORIZON EUROPE Framework Programme","ror":null},{"id":"https://openalex.org/F4320338448","display_name":"HORIZON EUROPE European Innovation Council","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W2077699686","https://openalex.org/W2515236103","https://openalex.org/W2594635183","https://openalex.org/W2740486794","https://openalex.org/W2765811365","https://openalex.org/W2767634461","https://openalex.org/W2883395840","https://openalex.org/W2884769489","https://openalex.org/W2930135659","https://openalex.org/W2945937333","https://openalex.org/W2963674831","https://openalex.org/W2963846926","https://openalex.org/W2964097210","https://openalex.org/W2964241064","https://openalex.org/W2964268978","https://openalex.org/W3083422267","https://openalex.org/W3154093559","https://openalex.org/W3173451821","https://openalex.org/W3214091108","https://openalex.org/W4210698279","https://openalex.org/W4281652590","https://openalex.org/W4284694822","https://openalex.org/W4289542157","https://openalex.org/W6631155369","https://openalex.org/W6745908518","https://openalex.org/W6754420069","https://openalex.org/W6766204418","https://openalex.org/W6776032291","https://openalex.org/W6781817248","https://openalex.org/W6782130387","https://openalex.org/W6784534981","https://openalex.org/W6785963248","https://openalex.org/W6794636854","https://openalex.org/W6795070034","https://openalex.org/W6921300763"],"related_works":["https://openalex.org/W2746929098","https://openalex.org/W2386022279","https://openalex.org/W2113700423","https://openalex.org/W4296473373","https://openalex.org/W2108229542","https://openalex.org/W3148292035","https://openalex.org/W2542280163","https://openalex.org/W2362510906","https://openalex.org/W2059422871","https://openalex.org/W1966764473"],"abstract_inverted_index":{"Programmable":[0],"Logic":[1],"Controllers":[2],"(PLCs)":[3],"constitute":[4],"the":[5,50,60,98,102,106,133,142,209],"basis":[6],"of":[7,40,62,101,109,122,202],"Industrial":[8],"Control":[9],"Systems":[10],"(ICSs)":[11],"underpinning":[12],"sectors":[13],"ranging":[14],"from":[15,159],"nuclear,":[16],"up":[17],"to":[18,34,86,147],"energy":[19],"and":[20,141,149,161,194,213,224],"manufacturing.":[21],"Currently,":[22],"PLC":[23,46,52,87,128,154],"vulnerability":[24,64,82],"assessment":[25],"practices":[26],"employed":[27],"by":[28,45,104],"ICS":[29],"operators":[30],"are":[31],"limited":[32],"due":[33],"their":[35],"reliance":[36],"on":[37,55,126,190,221],"empirical":[38],"observations":[39],"visible":[41],"code":[42],"crashes":[43],"prompted":[44],"compilers.":[47],"In":[48,73],"parallel,":[49],"prevalent":[51,205],"firmware":[53],"dependency":[54],"proprietary":[56,192],"vendor":[57,124],"routines":[58],"restricts":[59],"composition":[61],"generic":[63],"detection":[65],"or":[66],"discovery":[67,83],"schemes":[68],"for":[69],"zero-day":[70],"threat":[71],"vectors.":[72],"this":[74],"work,":[75],"we":[76,130,216],"propose":[77],"Sizzler:":[78],"a":[79,110,184,196,200],"novel":[80],"vendor-independent":[81],"framework":[84],"specific":[85],"applications":[88],"operating":[89],"with":[90,204],"logic":[91],"realised":[92],"through":[93,199],"ladder":[94,155,181],"diagrams.":[95],"Sizzler":[96,151,175,203],"extends":[97],"current":[99],"state":[100],"art":[103],"proposing":[105],"optimal":[107],"synergy":[108],"mutation-based":[111],"fuzzing":[112,206],"strategy":[113],"using":[114],"Sequential":[115],"Generative":[116],"Adversarial":[117],"Network":[118],"(SeqGAN).":[119],"By":[120],"virtue":[121],"critical":[123],"restrictions":[125],"emulating":[127],"firmware,":[129],"also":[131],"refine":[132],"Quick":[134],"Emulator":[135],"(QEMU)\u2019s":[136],"General":[137],"Purpose":[138],"I/O":[139],"(GPIO)":[140],"Inter-Integrated":[143],"Circuit":[144],"(I2C)":[145],"protocols":[146],"evaluate":[148],"compare":[150],"across":[152],"30":[153],"diagram":[156],"programs":[157],"compiled":[158],"LDmicro":[160],"OpenPLC":[162],"projects":[163],"over":[164,208],"five":[165],"widely":[166],"used":[167,211],"Micro-Controller":[168],"Units":[169],"(MCUs).":[170],"It":[171],"is":[172],"noteworthy":[173],"that":[174],"has":[176],"successfully":[177],"identified":[178],"vulnerabilities":[179],"in":[180],"diagrams":[182],"within":[183],"relatively":[185],"short":[186],"time":[187],"frame":[188],"based":[189],"our":[191],"dataset":[193],"secured":[195],"CVE-ID.":[197],"Moreover,":[198],"comparison":[201],"techniques":[207],"commonly":[210],"Magma":[212],"LAVA-M":[214],"datasets":[215],"exhibit":[217],"its":[218,226],"wider":[219],"applicability":[220],"embedded":[222],"systems":[223],"identify":[225],"limitations.":[227]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":2}],"updated_date":"2026-05-21T09:19:25.381259","created_date":"2025-10-10T00:00:00"}