Autosar simulator boosts security testing
Code Intelligence in Germany has launched an Autosar simulator to boost the security of automotive software via fuzz testing.
The Classic Autosar Simulator developed by Code Intelligence enables developers to test applications in a software-in-the-loop manner, uncovering critical vulnerabilities earlier in the testing process without the need for hardware.
The Autosar simulator allows automotive companies to perform thorough security testing on complete systems such as electronic stability control (ESC), steering, electric parking brakes, park distance control, exterior lights, infotainment, anti-theft systems, remote keyless entry, and more.
This allows developer to identify security vulnerabilities accessible via external channels, such as Bluetooth or other public-facing interfaces, which could be exploited by attackers.
Fuzz testing finds GhostWrite RISC-V vulnerability
The simulator supports whitebox fuzz testing as security testing and standard testing techniques, including unit, integration, and end-to-end tests, entirely in software. Testing systems in a software-in-the-loop manner is cheaper, quicker, more scalable, and can be more easily integrated into continuous integration workflows than hardware-in-the-loop testing.
“Code Intelligence’s Autosar Simulator allows us to execute and fuzz code in a software-in-the-loop manner. It automates finding bugs as early as possible and ensures that all delivered components from Tier-2 suppliers don’t contain critical vulnerabilities as buffer overflows,” said Michael von Wenckstern, Product Cybersecurity Governance, Risk and Compliance Specialist at Tier One supplier Continental.
“In an era where connected vehicles, efficient and effective security testing is more critical than ever. Traditional hardware-in-the-loop testing methods are often time-consuming and lack scalability. To address these challenges, we developed our classic Autosar simulator, enabling system-level testing for Autosar applications entirely in software. This not only overcomes the limitations of traditional testing but also unlocks powerful automated testing approaches, such as whitebox fuzz testing,” said said Khaled Yakdan, Co-Founder and Chief Product Officer, Code Intelligence.
“The value it brings to our automotive customers is significant: faster development cycles, enhanced security assurance, and the ability to ensure the reliability of complete automotive systems well before they hit the road,”
Details of the Classic Autosar simulator by Code Intelligence and its architecture are here.