Visible to the public Biblio

Filters: Author is Wooderson, Paul  [Clear All Filters]
2020-07-20
Fowler, Daniel S., Bryans, Jeremy, Cheah, Madeline, Wooderson, Paul, Shaikh, Siraj A..  2019.  A Method for Constructing Automotive Cybersecurity Tests, a CAN Fuzz Testing Example. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :1–8.
There is a need for new tools and techniques to aid automotive engineers performing cybersecurity testing on connected car systems. This is in order to support the principle of secure-by-design. Our research has produced a method to construct useful automotive security tooling and tests. It has been used to implement Controller Area Network (CAN) fuzz testing (a dynamic security test) via a prototype CAN fuzzer. The black-box fuzz testing of a laboratory vehicle's display ECU demonstrates the value of a fuzzer in the automotive field, revealing bugs in the ECU software, and weaknesses in the vehicle's systems design.