Saved in:
Bibliographic Details
Main Authors: Werquin, Timothy, Hubrechtsen, Roos, Thangarajan, Ashok, Piessens, Frank, Muehlberg, Jan Tobias
Format: Preprint
Published: 2021
Subjects:
Online Access:https://arxiv.org/abs/2102.12345
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866915280482992128
author Werquin, Timothy
Hubrechtsen, Roos
Thangarajan, Ashok
Piessens, Frank
Muehlberg, Jan Tobias
author_facet Werquin, Timothy
Hubrechtsen, Roos
Thangarajan, Ashok
Piessens, Frank
Muehlberg, Jan Tobias
contents Modern vehicles are governed by a network of Electronic Control Units (ECUs), which are programmed to sense inputs from the driver and the environment, to process these inputs, and to control actuators that, e.g., regulate the engine or even control the steering system. ECUs within a vehicle communicate via automotive bus systems such as the Controller Area Network (CAN), and beyond the vehicles boundaries through upcoming vehicle-to-vehicle and vehicle-to-infrastructure channels. Approaches to manipulate the communication between ECUs for the purpose of security testing and reverse-engineering of vehicular functions have been presented in the past, all of which struggle with automating the detection of system change in response to message injection. In this paper we present our findings with fuzzing CAN networks, in particular while observing individual ECUs with a sensor harness. The harness detects physical responses, which we then use in a oracle functions to inform the fuzzing process. We systematically define fuzzers, fuzzing configurations and oracle functions for testing ECUs. We evaluate our approach based on case studies of commercial instrument clusters and with an experimental framework for CAN authentication. Our results show that the approach is capable of identifying interesting ECU states with a high level of automation. Our approach is applicable in distributed cyber-physical systems beyond automotive computing.
format Preprint
id arxiv_https___arxiv_org_abs_2102_12345
institution arXiv
publishDate 2021
record_format arxiv
spellingShingle Automated Fuzzing of Automotive Control Units
Werquin, Timothy
Hubrechtsen, Roos
Thangarajan, Ashok
Piessens, Frank
Muehlberg, Jan Tobias
Cryptography and Security
Systems and Control
Modern vehicles are governed by a network of Electronic Control Units (ECUs), which are programmed to sense inputs from the driver and the environment, to process these inputs, and to control actuators that, e.g., regulate the engine or even control the steering system. ECUs within a vehicle communicate via automotive bus systems such as the Controller Area Network (CAN), and beyond the vehicles boundaries through upcoming vehicle-to-vehicle and vehicle-to-infrastructure channels. Approaches to manipulate the communication between ECUs for the purpose of security testing and reverse-engineering of vehicular functions have been presented in the past, all of which struggle with automating the detection of system change in response to message injection. In this paper we present our findings with fuzzing CAN networks, in particular while observing individual ECUs with a sensor harness. The harness detects physical responses, which we then use in a oracle functions to inform the fuzzing process. We systematically define fuzzers, fuzzing configurations and oracle functions for testing ECUs. We evaluate our approach based on case studies of commercial instrument clusters and with an experimental framework for CAN authentication. Our results show that the approach is capable of identifying interesting ECU states with a high level of automation. Our approach is applicable in distributed cyber-physical systems beyond automotive computing.
title Automated Fuzzing of Automotive Control Units
topic Cryptography and Security
Systems and Control
url https://arxiv.org/abs/2102.12345