KIT | KIT-Bibliothek | Impressum

Testing Security of Embedded Software through Virtual Processor Instrumentation

Lauber, Aandreas; Sax, Eric

More and more functionality that demands remote access on a vehicle is in-tegrated into modern cars. Fleet management, infotainment, updates-over-the-air and the upcoming functionality for autonomous driving need gate-ways that enable a car-2-x communication. Misuse is a threat. Consequently, security mechanisms play an increasing important role. But how can we show and prove the effectiveness of these security functions? Therefore, in this paper we will show an approach to test security aspects, based on virtual instrumentation. The approach is to use a framework that executes the application under development on a virtual model of the target micro controller. An interception library generates scenarios systematically, whereas the effects on registers and memory are monitored. We are inter-cepting the running software at vulnerable functions and variables to detect potential malfunctions. This will detect security vulnerabilities of all internal failure even if no malicious behavior at the interfaces occur.

Zugehörige Institution(en) am KIT Institut für Technik der Informationsverarbeitung (ITIV)
Publikationstyp Proceedingsbeitrag
Jahr 2018
Sprache Englisch
Identifikator ISBN: 978-3-319-64351-9
KITopen ID: 1000078738
Erschienen in Online Engineering & Internet of Things : Proceedings of the 14th International Conference on Remote Engineering and Virtual Instrumentation REV 2017, held 15-17 March 2017, Columbia University, New York, USA. Ed.: M. E. Auer
Verlag Springer, Cham
Seiten 996-1005
Vorab online veröffentlicht am 13.09.2017
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft KITopen Landing Page