In the automotive industry today, software-defined vehicles (SDVs), electric vehicles (EVs), and connected and autonomous vehicles are becoming increasingly popular. As the development of vehicles with improved safety features, better operation, and enhanced user experience progresses, it is important to recognize that all of these advancements require more-advanced and complex software. And that increases the …

Blog Article: Secure software development for modern vehicles Read More »

The deployment of AVs will continue rapidly, ranging from shuttles, buses, trucks, as well as passenger vehicles. As more advanced technologies and more software are used in AVs, safety and security become paramount.

While connected and autonomous vehicles provide several benefits such as improved comfort and user experience, they also introduce several cybersecurity risks. In this presentation, we will review some examples of such cybersecurity risks and discuss appropriate solutions to help organizations reduce the risks by finding and fixing vulnerabilities earlier in the software development lifecycle.

One common challenge with fuzz testing of advanced automotive systems, such as infotainment systems, connectivity units, and digital cockpits, is to be able to properly monitor the target system for exceptions, which can then be further analyzed to identify vulnerabilities. Often in-band instrumentation is used to monitor the target system, i.e., the same protocol being …

PenTest Magazine Automotive Security Edition Article: Detecting “Undetectable” Vulnerabilities When Fuzz Testing Advanced Automotive Systems Read More »

Cybersecurity is becoming an integral part of the automotive industry. To this end, automotive organizations are performing various cybersecurity activities in the development process. One such activity that can help detect unknown vulnerabilities in the product is fuzz testing. Performing fuzz testing as an automated step allows for more effectively detecting potential vulnerabilities earlier in …

EkoParty 2021: Practical steps for fuzz testing embedded software in a CI pipeline Read More »

To transform urban mobility in Singapore, the Land Transport Authority (LTA) has outlined a roadmap for the deployment of autonomous vehicles (AVs) in the country, which are an integral part of a smart nation. There are three phases defined in the AV deployment roadmap. The first phase involves trials in controlled environments such as training …

Back End News Article: Safe and secure deployment of AVs Read More »

Cybersecurity is a crucial component for organizations in the automotive industry. Thus, it becomes paramount to perform various cybersecurity testing activities in the development process. For example, fuzz testing can help detect unknown vulnerabilities in the product. Further, automating fuzz testing facilitates detecting vulnerabilities more effectively earlier in the development process. In this free webinar, …

Automotive World 2021: A practical guide to fuzz testing embedded software in a CI pipeline Read More »

Overview of the upcoming ISO/SAE 21434 Cybersecurity Engineering standard Practical examples on how to fulfill certain requirements for different steps in the product development process Introduction of relevant cybersecurity activities and solutions for secure software development Highlight what is required for automotive organizations from a resources and tools perspective to create a secure automotive software …

International Software Defined Vehicles Summit 2021: Secure Automotive Software Development Process based on ISO/SAE 21434 Read More »

自動車業界では、ソフトウェアで構築されたより高度な自動車の開発による「ソフトウェア・ファースト」のアプローチが急速に進んでいます。これらの自動車は、コネクティビティの向上とともにユーザーエクスペリエンスも向上させますが、コネクテッド・カーのエコシステムは、新たなセキュリティリスクをもたらします。本講演では、そのようなリスクのいくつかの例を紹介し、ソフトウェアにフォーカスした自動車会社の組織レベルでの課題についても説明します。最後に、ISO/SAE 21434とWP.29の関連トピックを紹介と自動車会社が課題に対処し、セキュリティリスクを軽減するためのガイダンスを示します。特に、ツールの導入や自動化など、セキュアなソフトウェア開発プロセスを確立するための技術的なソリューションに焦点を当てます。

Software, including open-source software, is transforming the automotive industry. The Zephyr Project RTOS aims to be the first open-source real time operating system to achieve functional safety certifications making it applicable for use in automotive embedded systems. In terms of connectivity, Zephyr supports among others Bluetooth, Wi-Fi, IP, Ethernet and CAN. With the recent developments …

FISITA World Congress 2021: A Practical Guide to Fuzz Testing Embedded Software in a CI Pipeline Read More »