Grey-box analysis and fuzzing of automotive electronic components via control-flow graph extraction

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Colleges, School and Institutes

Abstract

Electronic Control Units are embedded systems which control the functionality of a modern vehicle. The growing number of Electronic Control Units in a vehicle, together with their increasing complexity, prompts the need for automated tools to test their security. To this end, we present EffCAN, a tool for ECU firmware fuzzing via Controller Area Network. EffCAN operates on the Control Flow Graph, which we extract from the firmware. The Control Flow Graph is a platform independent representation, which allows us to abstract from the often obscure underlying architecture. The Control Flow Graph is annotated with information about static data comparisons that affect the control flow of the firmware. This information is used to create initial seeds for the fuzzer. It is also used to adapt the input messages in order to cover hard to reach execution paths. We have evaluated EffCAN on three Electronic Control Units, from different manufacturers. The fuzzer was able to crash two of the units. To our knowledge, this is the first approach that uses static analysis to guide the fuzzing of automotive Electronic Control Units.

Details

Original languageEnglish
Title of host publicationProceedings - CSCS 2020
Subtitle of host publicationACM Computer Science in Cars Symposium
EditorsStephen N. Spencer
Publication statusPublished - 2 Dec 2020
Event2020 ACM Computer Science in Cars Symposium, CSCS 2020 - Feldkirchen, Germany
Duration: 2 Dec 2020 → …

Publication series

NameProceedings - CSCS: Computer Science in Cars
PublisherACM

Conference

Conference2020 ACM Computer Science in Cars Symposium, CSCS 2020
Country/TerritoryGermany
CityFeldkirchen
Period2/12/20 → …

Keywords

  • automotive, electronic control unit, fuzzing