10Automating File Fuzzing over USB for Automotive Systems
MORE (AUTOMATION) IS LESS (MANUAL)
This chapter presents a method to perform automated file format fuzzing over USB by building a fuzz testing environment using emulated file systems. As described in Section 7.2, a fuzz testing environment contains three parts: fuzz engine, injector, and monitor. A brief introduction explaining these three parts, especially for file format fuzz testing, is given in Section 9.3.4.4. Figure 10.1 illustrates an example fuzz testing setup over USB which serves as the basis for this chapter. This chapter does a deep‐dive on the injector part but will also briefly discuss the monitor part. Specifically, for the injector part a customized solution that allows for automated fuzz testing over USB is presented.
Figure 10.1 Overview of fuzz testing environment for testing over USB.
The SUT (system under test) considered in this chapter is similar to the SUT presented in Chapter 9, namely, an embedded device running a rich OS (operating system) such as Linux or Android. For example, there are Linux and Android‐based systems specifically developed for the automotive industry such as AGL (Automotive Grade Linux) [1], GENIVI [2], and Android Automotive OS [3]. An example SUT is an in‐vehicle infotainment system which is a typical automotive system that has a USB interface to allow for reading of ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month, and much more.
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
