Andreea-Ina Radu

Centre for Cyber Security and Privacy at the University of Birmingham (UK)
TRACK 4: Security Testing
29 October | 16:30 – 17:15

Grey-box Analysis and Testing of Automotive Electronic Components

Electronic Control Units (ECUs) are embedded systems which control the functionality of a modern vehicle. The growing number of ECUs in a vehicle, together with their increasing complexity, prompts the need for automated tools to test their security.

However, the analysis of embedded devices, such as ECUs, still poses many challenges, due to the limited IO and computing power.To this end, we present EffCAN, a tool for ECU firmware fuzzing via CAN (Controller Area Network). EffCAN operates on the Control Flow Graph (CFG), which we extract from the firmware.

The CFG is a platform independent representation, which allows us to abstract from the often obscure underlying architecture. The CFG is annotated with information about static data comparisons that affect the control flow of the firmware. This information is used to create initial seeds for the fuzzer. It is also used to adapt the input messages in order to cover hard to reach execution paths. We have evaluated EffCAN on three ECUs, from different manufacturers. The fuzzer was able to crash two of the ECUs. To our knowledge, this is the first approach that uses static analysis to guide the fuzzing of automotive ECUs.

Andreea-Ina Radu received her M.Sc. degree in Computer Science from the University of Birmingham, United Kingdom. After completing her studies, she further pursued a PhD and is currently working as a researcher, as part of the Centre for Cyber Security and Privacy at the University of Birmingham. Her research interests include automotive security, embedded devices security, lightweight cryptography and distance bounding protocols.