Automobile control area network security issues involving fuzzing

Abstract

The scope of this research is experimenting with the use of the software testing method of fuzzing for attacking the CAN bus protocol based network used in automobiles. The security of this automobile network is of increasing importance as the CAN protocol designed in the 1980’s with few security measures in mind is increasingly being used to network electronic devices essential to the safety of the automobile and its passengers. This project aims to implement a method of fuzzing the CAN network with a device that could be implanted into an automobile and controlled remotely via a web interface accessible from a WiFi hotspot the device broadcasts. In order to test this device another device is used which implements a basic emulation of the dashboard of an automobile which alters its behavior based on received CAN Messages. The implemented devices functioned well but the effectiveness of the designed fuzzing system was less than expected.