The growing connectivity of automotive systems exposes connected vehicles to cybersecurity risks that must be mitigated to ensure the development of safe and secure vehicles. One component of effective, comprehensive security testing is fuzzing, a test automation method that injects invalid, malformed, or unexpected inputs into a device to reveal defects and vulnerabilities.
Keysight Technologies and ETAS are partnering to provide automakers and automotive suppliers with a comprehensive automotive cybersecurity solution to ensure vehicles are protected when they hit the road.
The partnership will see the ESCRYPT CycurFUZZ smart automotive fuzzer tool from ETAS integrated into Keysight’s Automotive Cybersecurity Test Platform. The combination will enable automakers to rapidly fuzz test targets via controller area network (CAN) interfaces. Fully integrated into the Keysight solution, the CycurFUZZ tool provides smart software to do CAN bus fuzzing at the module or system level. This offers an effective way to automatically scan the device under test’s automotive CAN bus for unknown vulnerabilities and uncover software weaknesses. The integration of ESCRYPT CycurFUZZ ensures that the cybersecurity risks associated with the CAN bus are effectively mitigated.
Thomas Goetzl, vice president and general manager of Keysight's automotive and energy solutions, said: “Future-proof testing is vital to mitigating the risks of evolving automotive cyberattacks. Working with ETAS to incorporate this fast-fuzzing test into our automotive cybersecurity solution will help end-users meet industry standards while growing their threats database knowledge.”
The Keysight automotive cybersecurity solution enables automated testing of all layers of the open systems intercommunication (OSI) stack for in-vehicle interfaces including Wi-Fi, cellular, Bluetooth, CAN, and automotive Ethernet to validate the robustness of electronic control unit (ECU) and telematic control unit (TCU) subcomponents, or the entire vehicle. In addition, the solution enables automakers and suppliers to comply with international cybersecurity regulations, such as UN R-155 and ISO / SAE 21434.