Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Fuzzing the MCU of Connected Vehicles for Security and Safety

Hack In The Box Security Conference via YouTube

Overview

Explore the world of connected vehicle security in this HITB2022SIN conference talk on fuzzing MCUs. Dive into the evolving landscape of Smart Connected Vehicles and the persistent focus on Vehicle Control Units (VCUs) as prime targets for hackers. Learn about the limitations of traditional MCU software testing methods and discover how fuzzing can enhance security testing for vehicle MCUs. Gain insights into the innovative approach of combining WINAFL and Trace32 with Lauterbach PowerDebug to achieve code coverage-guided fuzzing for ARM Cortex-M based MCUs. Understand how this method can be applied to both information security vulnerability mining and functional safety software testing, improving overall system robustness. Follow along as the speaker demonstrates the practical application of this fuzzing technique on CAN services and SOA services, revealing critical security vulnerabilities and system stability issues.

Syllabus

Intro
Overview
BackGround - The usual attack vector
BackGround - Security vs Safety(software)
BackGround -Current MCU software Test
McuFuzz - What we have & need
McuFuzz - Introduction to ARM Trace
McuFuzz - ETM on-chip trace
McuFuzz - ETM's features Summary
McuFuzz- Use Trace32 to trace
McuFuzz - Trace32: Enable ETM
McuFuzz - ETM trace filter
McuFuzz - The coverage result
McuFuzz- The mcu fuzzing framework
McuFuzz - The advantages
Demo - Can service Fuzzing

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Fuzzing the MCU of Connected Vehicles for Security and Safety

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.