MORE (AUTOMATION) IS LESS (MANUAL)

This chapter presents a method to perform automated file format fuzzing over USB by building a fuzz testing environment using emulated file systems. As described in Section 7.2, a fuzz testing environment contains three parts: fuzz engine, injector, and monitor. A brief introduction explaining these three parts, especially for file format fuzz testing, is given in Section 9.3.4.4. Figure 10.1 illustrates an example fuzz testing setup over USB which serves as the basis for this chapter. This chapter does a deep‐dive on the injector part but will also briefly discuss the monitor part. Specifically, for the injector part a customized solution that allows for automated fuzz testing over USB is presented.

The SUT (system under test) considered in this chapter is similar to the SUT presented in Chapter 9, namely, an embedded device running a rich OS (operating system) such as Linux or Android. For example, there are Linux and Android‐based systems specifically developed for the automotive industry such as AGL (Automotive Grade Linux) [1], GENIVI [2], and Android Automotive OS [3]. An example SUT is an in‐vehicle infotainment system which is a typical automotive system that has a USB interface to allow for reading of ...