In-Vehicle Systems
AutoCrypt Security Fuzzer
Smart fuzz testing for in-vehicle software bugs
Quick and efficient fuzz testing
for in-vehicle software.
Fuzz testing, or fuzzing, is an automated software testing technique that helps find hidden coding errors and implementation bugs by injecting random/semi-random data inputs into a targeted program.
A random input generator repeatedly generates and delivers invalid and unexpected test cases into the selected program in an attempt to make it crash or expose its vulnerabilities. The developer can then correct any errors and bugs based on the resulting outputs/behaviours.
AutoCrypt® Security Fuzzer is a smart fuzz testing tool that consumes minimal time for maximal results, making it a crucial preventative cybersecurity measure implemented at the pre-production and production stages of a vehicle model.
How It Works
AutoCrypt Security Fuzzer
1. Target Selection
The user selects a targeted piece of software as the fuzzing target and configures the environment to begin fuzzing.
2. Test Case Generation
Security Fuzzer generates random/semi-random inputs based on previous test cases and results.
3. Test Case Delivery
Security Fuzzer feeds the test case into the selected fuzzing target.
4. Results and Feedback
Security Fuzzer records the outputs/behaviours from the fuzzing target, then uses these results for the next round of test case generation (2), repeating (2) to (4) again.
Highlights
Stateful Fuzzing
Security Fuzzer automatically generates test cases based on the learned characteristics of the fuzzing target, accelerating the testing process. With stateful fuzzing, it starts by injecting an invalid message, then resets the connection to deliver a proper message at a specific state, before retransmitting another invalid message.
AI-Based Smart Fuzzing
Unlike conventional fuzz tests that use completely random inputs, AutoCrypt Security Fuzzer generates semi-random messages using AI-based algorithms, greatly reducing fuzzing time while increasing the likelihood of bug detection.
Crash Replication
If Security Fuzzer causes a crash, it reproduces the same series of inputs based on the delivery history. Reproducing the test case allows for the replication of the test scenario, helping developers identify problems more accurately.
Fuzzing in the Background
AutoCrypt Security Fuzzer runs independently in the background. In case the fuzzing process continues for an extended period of time, users can keep it running behind the scenes.
