Security Testing Tools

AutoCrypt Security Fuzzer

Smart and efficient fuzz testing tool based on automotive protocols,
available for physical and HIL simulation environments
security fuzzer featured image

Assess and address vehicular software risks through fuzz testing.

Fuzz testing, or fuzzing, is a software testing technique that reveals hidden coding flaws and implementation bugs by injecting unexpected data inputs into a targeted program. The program’s responses and outputs (e.g. error messages) are then analyzed for potential vulnerabilities.

AutoCrypt® Security Fuzzer is the world’s first smart fuzz testing tool designed for the automotive system environment, making it a highly effective and efficient solution for vehicle testing as required by UN R155 and ISO/SAE 21434. Its proprietary fuzzing algorithms and test cases are built based on the structures of Unified Diagnostics Services (UDS), with extended support for a variety of protocols including CAN, Wi-Fi, Bluetooth LE, and Ethernet.

AutoCrypt® Security Fuzzer for HIL enables execution in hardware-in-a-loop (HIL) simulations, enabling fuzz testing at an early stage of vehicle development.

Regulatory Compliance for Vehicle Type Approval

AutoCrypt Security Fuzzer provides effective testing with extensive coverage as required by UNECE Regulation 155 and ISO/SAE 21434, making it essential for acquiring vehicle type approvals.

Recommended for
  • OEMs
  • Tier-1 suppliers
  • Software providers
Technical standards
  • Diagnostic services based on ISO 14229
  • NRC testing based on ISO 14229
  • CAN-TP support based on ISO 15765
UN R155
ISO/SAE 21434

How It Works

AutoCrypt Security Fuzzer

target selection icon

1. Target Selection

The user selects a (group of) software program(s) as the fuzzing target and configures the environment to begin fuzzing.

test case generation

2. Test Case Generation

Security Fuzzer generates logic-based semi-random inputs based on the protocol and specifications of the target.

test case delivery icon

3. Test Case Delivery

Security Fuzzer feeds the test case into the selected fuzzing target.

results and feedback icon

4. Results and Feedback

Security Fuzzer records the outputs from the fuzzing target, then uses these results for the next round of test case generation (2), repeating (2) to (4) again. 

Feature Highlights

smart icon

Smart fuzzing

AutoCrypt Security Fuzzer uses a logical test case modeler to generate test cases based on the protocol and specifications of the test target. This ensures that only relevant test cases that may cause an impact on the targets are generated.

Moreover, it uses advanced judgment logic to perform diagnostic services, determining whether a test has passed or failed with high accuracy.

Benefits
can bus icon

Automated and uninterrupted fuzzing

Once a test target is selected, the user no longer needs to be present until fuzzing is complete. When an abnormal response occurs during the process, AutoCrypt Security Fuzzer performs automatic (ECU) status recovery by inputting “ECU reset” or “DTC clear” to reset the ECU to its original status, allowing for uninterrupted fuzzing.

This also allows for continuous fuzzing for multiple ECUs connected to the same channel, enabling uninterrupted fuzzing at the project level.

Benefits

Related Resources