IndicatorSmart Baby MonitorFinal Results
The software is not susceptible to crashes.
  • The baby monitor Android app was put through fuzz testing using an AFL (American Fuzzy Lop) based approach, using seed file sources gathered from many fuzzing projects undertaken by external actors (e.g. Cisco seed file repository), and tests written with broad code coverage in mind. After running the tests for multiple days, there was no evidence of reproducibility in crashing. However, it is possible that the fuzz testing did not cover enough of the codebase, and that more and/or differently targeted testing could uncover instability that was not revealed through our testing.
see details to the left and methodology for more info
If the program is forced to unexpectedly terminate, it shuts down in a safe and responsible fashion.
  • The baby monitor Android app was put through fuzz testing for multiple days, and while a small number of crashes did occur, there was no evidence of reproducible crashing, or any indication that the system state was left vulnerable as a result of those seemingly random crashes. It is, of course, possible that differently crafted fuzzing tests, or more iterations, could uncover issues not found in this testing.
see details to the left and methodology for more info
The software is not vulnerable to algorithmic complexity attacks.
  • The baby monitor Android app was put through fuzz testing, and fuzz tests written to test for complexity attacks. The app did not crash as a result of these inputs. However, it is possible that the fuzzing tests did not cover enough of the possible features that allow input, and that refined fuzzing tests could uncover an issue.
see details to the left and methodology for more info