CMEmu

CMEmu is a cycle-exact timing emulator of a Cortex-M3-based microcontroller—Texas Instruments CC2650—synthesized using solely in-code timing measurements and publicly available documentation.

Source code

The source: https://github.com/mimuw-distributed-systems-group/cmemu

Research paper

The research paper: https://doi.org/10.1109/MSWiM67937.2025.11308925

We invite you to read the accepted version of the article.

Citing:

@InProceedings{Matraszek:MSWiM:2025,
  author    = {Matraszek, Maciej and Banaszek, Mateusz and Ciszewski, Wojciech and Jamro, Artur and Kordalski, Wojciech and Gutowski, Daniel and Siwiński, Michał and Dalak, Bartłomiej and Iwanicki, Konrad},
  title     = {{CMEmu}: Synthesizing a Cycle-Exact Model of Program Execution on {ARM} {Cortex-M} from In-Code Timing Measurements},
  booktitle = {2025 International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems (MSWiM)},
  abstract  = {The last decade witnessed considerable interest in how microarchitectural aspects of processors can impact computer systems, with an increasing focus on dependable low-power embedded systems. Multiple hardening and verification techniques for such systems rely on emulators that faithfully model code execution timings of real microcontrollers. However, in contrast to older ultra-low-power processor families, for the prevalent ARM Cortex-M family, only models derived from hardware sources are able to provide exact timings.In this paper, we examine the feasibility of synthesizing a cycle-exact timing model of a Cortex-M3-based microcontroller using solely in-code timing measurements and publicly available documentation. The main artifact of our work is CMEmu, to the best of our knowledge the first emulator of this kind, which provides exact timings for gigabytes of diverse programs from our extensive evaluation suite. We present techniques that we devised to achieve such an accuracy, which involved elaborate research methods to capture the various intricacies of the device microarchitecture, allowing us to even report a previously unknown hardware bug in the processor.},
  keywords  = {ARM Cortex-M, cycle-exact, timing model, emulation, microcontroller simulator, modeling techniques},
  year      = {2025},
  month     = oct,
  series    = {MSWiM '25},
  location  = {Barcelona, Spain},
  publisher = {IEEE},
  pages     = {350--359},
  numpages  = {10},
  isbn      = {979-8-3315-6873-3},
  doi       = {10.1109/MSWiM67937.2025.11308925},
  url       = {https://ieeexplore.ieee.org/document/11308925}
}

The paper was presented on October 30, 2025, during the MSWiM 2025 conference. We invite you to view the presentation slides.

Acknowledgments

CMEmu was developed within the ngSim research project.