Side Channel Monitoring for Fuzz Testing of Future Mobility Systems

Fuxen, Philipp; Hachani, Murad; Schmidt, Jonas; Zaumseil, Philipp; Hackenberg, Rudolf

Home // CLOUD COMPUTING 2023, The Fourteenth International Conference on Cloud Computing, GRIDs, and Virtualization // View article

Side Channel Monitoring for Fuzz Testing of Future Mobility Systems

Authors:
Philipp Fuxen
Murad Hachani
Jonas Schmidt
Philipp Zaumseil
Rudolf Hackenberg

Keywords: Fuzzing, Fuzz Testing, Automotive, Cybersecurity, Side Channel Information, Measurement System

Abstract:
The current transformation in the automotive industry is leading to new technologies with a higher software content, a higher degree of networking, and connections to cloud services. This development leads to an increase in the attack surface and the potential extent of damage. ISO/SAE 21434 and UNECE WP.29/R155 were published to address this development. The ISO/SAE 21434 proposes fuzz testing as a measure. In fuzzing, so-called fuzz data is generated and transmitted to a device under test to identify previously unknown and known vulnerabilities. This approach is already being used very successfully in other industries. But in the automotive sector, some challenges arise when testing hardware-related electronic control units. These include the fact that the internal system structures are often poorly known or not known, as well as the severely restricted access and hardware limitations for monitoring. One way to solve these challenges is to use side-channel information to monitor the device under test. Such information includes power consumption, temperature, and noise levels, for example. In this paper, we present a fuzz testing experiment to determine anomalies, data, and requirements for analyzing various side channels. Basic procedures were used to generate the fuzz data. Monitoring of the device under test was performed manually at the beginning. In addition, a side-channel measurement system with various measurement devices and a test setup are presented. Based on the identified fuzz messages, the behavior of the respective side channels during the abnormal behavior is analyzed and described.

Pages: 15 to 20

Copyright: Copyright (c) IARIA, 2023

Publication date: June 26, 2023

Published in: conference

ISSN: 2308-4294

ISBN: 978-1-68558-044-5

Location: Nice, France

Dates: from June 26, 2023 to June 30, 2023