Toward Automated and Black-box Vehicle Cybersecurity Testing

Current automotive cybersecurity testing methods are often performed manually, and not automated, to find security vulnerabilities. The downside is that it is difficult, time-consuming, and expensive to find security risks. Therefore, it is necessary and beneficial to conduct automated and black-box security testing during the cycle of car development, pre-production testing and manufacturing. In this talk, the authors introduce the first automated automotive cybersecurity testing toolkit so OEMs can quickly and easily identify security vulnerabilities in their vehicles. The tool has successfully detected many serious security vulnerabilities in a number of vehicles, and has helped OEMs identify and correct ECU firmware security vulnerabilities by re-flashing new-version firmware.

Speaker: Wei Yah, Visual Threat