Combinatorial Testing Methods for Reverse Engineering Undocumented CAN Bus Functionality

Combinatorial Testing Methods for Reverse Engineering Undocumented CAN Bus Functionality

연구 분야: Analysis

학회: ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security

Modern vehicles such as cars, ships, and planes are increasingly managed using Electronic Control Units (ECUs) that communicate over a Controller Area Network (CAN) bus. While this approach offers enhanced functionality, efficiency, and robustness, it may also be used for unforeseen or malicious purposes ranging from aftermarket modifications to full-fledged attacks threatening passengers’ safety. The ability to conduct in-depth tests is thus vital to protect against these issues. However, much of the functionality of ECUs is proprietary or undocumented. To alleviate this obstacle, this work presents a reverse engineering approach using high-coverage test sets produced using Combinatorial Testing (CT) methods. Our results indicate that this technique is promising for exciting unknown functionality, although challenges regarding the presence of hidden state and high-accuracy oracles are yet to be overcome.