Cybersecurity testing of automotive systems has become a practical necessity,
with the wide adoption of advanced driving assistance functions and vehicular
communications. These functionalities require the integration of information
and communication technologies that not only allow for a plethora of on-the-fly
configuration abilities, but also provide a huge surface for attacks. Theses
circumstances have also been recognized by standardization and regulation
bodies, making the need for not only proper cybersecurity engineering but also
proving the effectiveness of security measures by verification and validation
through testing also a formal necessity. In order to keep pace with the rapidly
growing demand of neutral-party security testing of vehicular systems, novel
approaches are needed. This paper therefore presents a methodology to create
and execute cybersecurity test cases on the fly in a black box setting by using
pattern matching-based binary analysis and translation mechanisms to formal
attack descriptions as well as model-checking techniques. The approach is
intended to generate meaningful attack vectors on a system with next-to-zero a
priori knowledge.

By admin