Fuzz Testing Virtual ECUs as Part of the Continuous Security Testing Process

Journal Article
11-02-02-0014
ISSN: 2572-1046, e-ISSN: 2572-1054
Published August 18, 2020 by SAE International in United States
Fuzz Testing Virtual ECUs as Part of the Continuous Security Testing Process
Sector:
Citation: Oka, D., "Fuzz Testing Virtual ECUs as Part of the Continuous Security Testing Process," SAE Int. J. Transp. Cyber. & Privacy 2(2):159-168, 2019, https://doi.org/10.4271/11-02-02-0014.
Language: English

References

  1. NHTSA , “Cybersecurity Best Practices for Modern Vehicles,” 2016.
  2. VDA , “Automotive Security,” 2017.
  3. SAE International , “SAE J3061-Cybersecurity Guidebook for Cyber-Physical Vehicle Systems,” 2016.
  4. International Organization for Standardization, SAE International , “ISO/SAE DIS 21434-Road Vehicles-Cybersecurity Engineering,” 2020.
  5. UNECE WP.29 GRVA , “Task Force on Cyber Security and (OTA) Software Updates (CS/OTA),” 2019.
  6. Ponemon Institute-SAE International and Synopsys , “Securing the Modern Vehicle: A Study of Automotive Industry Cybersecurity Practices,” 2019.
  7. Miller, C. and Valasek, C. , “Remote Exploitation of an Unaltered Passenger Vehicle,” in Black Hat USA, Las Vegas, NV, 2015.
  8. Nie, S. , Liu, L. , and Du, Y. , “Free-fall: Hacking Tesla from Wireless to CAN Bus,” in Black Hat USA, Las Vegas, NV, 2016.
  9. Oka, D.K. , Fujikura, T. , and Kurachi, R. , “Shift Left: Fuzzing Earlier in the Automotive,” in escar Europe, Brussels, Belgium, 2018.
  10. Tesla , “Support-Software Updates,” https://www.tesla.com/support/software-updates, accessed Mar. 9, 2020.
  11. AUTOSAR , “Specification of Diagnostic Communication Manager,” AUTOSAR, 2017.
  12. dSPACE , “Use Case: Virtual Diagnostics,” https://www.dspace.com/en/pub/home/products/systems/virtual_validation/viva_usecases/virtualdiagnostics.cfm, accessed Mar. 9, 2020.
  13. ISO/IEC , “ISO/IEC 14229-1-Road Vehicles-Unified Diagnostic Services (UDS)-Part 1: Specification and Requirements,” 2013.
  14. Bounimova, E. , Godefroid, P. , and Molnar, D. , “Billions and Billions of Constraints: Whitebox Fuzz Testing in Production,” in 35th International Conference on Software Engineering (ICSE), San Francisco, CA, 2013.

Cited By