Fuzz testing for connected and autonomous vehicles

The previous blog post in this series presented an introduction to secure software development for modern vehicles. In this blog post, we will do a deep dive on connected and autonomous vehicles (AVs) and focus on fuzz testing.
Identifying high-risk interfaces and determining the level of fuzzing
There are two important topics to consider when doing fuzz testing. First, the tester needs to identify high-risk interfaces to target. Second, they have to determine the level of fuzzing to perform. Threat analysis and risk assessment (TARA) is one approach that can be used to identify the high-risk interfaces, as defined in Clause 15 of ISO/SAE 21434. Additionally, cybersecurity assurance levels (CALs), as described in Annex E of ISO/SAE 21434, can be used to help determine the level of fuzzing required to achieve a certain level of cybersecurity assurance.

*** This is a Security Bloggers Network syndicated blog from Application Security Blog authored by Dr. Dennis Kengo Oka. Read the original post at: https://www.synopsys.com/blogs/software-security/fuzz-testing-for-connected-and-autonomous-vehicles/