Ryan Torvik
Ryan Torvik is the founder and CEO of Tulip Tree Technology. He has over 20 years experience in offensive cyber security. As a defense contractor, he developed the world’s first large scale distributed testing framework specifically designed for identifying high value software vulnerabilities, capable of running millions of unique test cases an hour. Tulip Tree Technology is dedicated to leveraging this experience to make more trustworthy embedded systems.
Wipe Out the Wolves You Don’t See: Fuzzing to Improve System Robustness
Status: Coming up in April 2026!Most embedded verification strategies rely on deterministic methods: unit tests, integration checks, static analysis. These approaches are necessary, but they only validate anticipated behavior. They follow expected paths with known inputs. Those methods cannot prepare us for the moment unexpected data arrives. Entire classes of bugs sit just outside their reach, quietly waiting for the real world to trigger them.
Fuzzing closes that gap. It introduces malformed, random, or invalid inputs, forcing the system to react to scenarios no one thought to test. This method prepares an embedded system to face what it will do in the field. Faulty physical layers, unstable sensors, corrupted wireless packets, or even intentional attacks all feed real-world chaos into devices. Traditional test methods struggle to recreate that kind of noise at scale.
Despite its proven value in other domains, fuzzing remains uncommon in embedded workflows. Most teams either haven’t considered it, or have avoided it altogether afraid that costs outweigh the benefits. Applied correctly, fuzzing becomes a powerful extension of existing test strategies, especially in areas like protocol parsing, hardware interfaces, and edge behavior in state machines. The approach can work without reinventing infrastructure or placing an onerous burden on a development team.
In this talk, we’ll discuss different fuzzing approaches and how they can help you build more trustworthy devices.