Integrating Fuzz Testing into the Cybersecurity Validation Strategy 2021-01-0139
Automotive systems have become increasingly more complex, interconnected and prone to cyberattacks in recent years. With larger software bases and multiple external communication interfaces , the risks for new vulnerabilities and attack vectors on vehicles also increase. Therefore, modern cybersecurity validation is highly stressed for finding security vulnerabilities and robustness issues early and systematically at every stage of the product development process. The integration of a sophisticated fuzz testing program within the overall cybersecurity validation strategy allows for accommodating towards these challenging demands.
In this paper, we review a general automotive cybersecurity engineering process containing functional testing, vulnerability scanning and penetration testing, and highlight which of its shortcomings can be complemented by fuzz testing. We present how fuzz testing is not only beneficial to improve product security directly by detecting weaknesses, but also indirectly by providing input for enhancing all other testing activities. Finally, we provide a suggestion for an updated cybersecurity engineering process, which gives guidance when fuzz testing should be performed and how other tests should be interfaced.
Our approach is compliant to the ISO/SAE 21434 cybersecurity engineering process. The approach uses Threat Analysis and Risk Assessment (TARA) together with Cybersecurity Assurance Levels (CAL) for the systematic identification of high-priority attack vectors and assignment of testing priorities. With this knowledge, it is possible to decide where, when and how often fuzz testing shall be applied for both finding unknown vulnerabilities and regressions in an automatized manner. This approach identifies issues earlier and with greater coverage than functional testing, vulnerability scanning and pentesting could achieve on their own. As a result, by following this approach, the overall cybersecurity engineering process is more comprehensive, security remediation costs are lower and resources for manual activities such as pentesting are used more efficiently.