Site Search
Semiconductor business menu
Semiconductor business
HOME
Macnica 's
Products & Services
Technical Information
event·
seminar
Handling Manufacturer
Support
In-Vehicle Cyber Security Fuzzing Software CycurFUZZ

What is CycurFUZZ

UNECE WP.29 states that "both OEMs and certification bodies (or technical services) must conduct security tests" in relation to cybersecurity measures, and this requirement is required not only for OEMs but also for OEMs to request suppliers, making security tests very important and mandatory. In addition, ISO 21434 requires OEMs/suppliers to conduct security tests to minimize unidentified weaknesses and vulnerabilities of components.

Among the various security tests, fuzzing testing is recommended, which is a method of inputting a large number of uncommon or invalid inputs to a target in order to induce unexpected behavior or anomalies that may lead to cyber attacks on the system. Every year, communication (connectivity) in in-vehicle systems becomes more complex, and in recent years, it is expected that almost 70% of new small cars and trucks released worldwide will be equipped with connectivity. Various communications such as USB connections, connected entertainment, navigation systems, and wireless systems increase user convenience, but the attack surface of the vehicle also increases proportionally, and the possibility of hackers taking over the system and violating the safety of the passengers increases. Therefore, cybersecurity testing of in-vehicle systems is very important, and ESCRYPT CycurFUZZ is a powerful testing method to check the robustness of software and systems, and software for fuzz testing.

ESCRYPT CycurFUZZ is a testing tool originally used for fuzz testing within ETAS, but we are currently preparing to make it available to customers in 2023.

Product Summary

Features

  • Conforms to GM CG4975 (fuzzing specification)
  • High performance and efficiency
  • Supports unlimited parallel CAN testing
  • Automatic reconnection with ECU and power cycle
  • Flexible licensing model (consultation required)
  • Automatic report creation
  • Fuzzing in virtual environments
  • AI fuzzing (improving efficiency through machine learning)
  • Simultaneous fuzzing for multiple ECUs

Unique strength of ETAS (1) Enhancement of fuzzing by artificial intelligence (AI)

CycurFUZZ enables instant learning of previously discovered vulnerabilities and the creation and execution of AI test cases using learning-based generative adversarial networks (GANs).

By doing so, we can optimize the fuzzing result and reduce the execution time.

ETAS unique strength ② Simultaneous fusing of multiple ECUs

CycurFUZZ enables fuzzing at the vehicle level by testing multiple vehicle components (system level) simultaneously on one communication bus.

It can reduce man-hours and fuzz test execution time. This innovative technology has been granted a US patent.

Fuzzing service

ETAS also provides a fuzzing service using CycurFUZZ, the above-mentioned in-house software. We have participated in numerous corporate projects and have contributed to the discovery of vulnerabilities and implementation errors. As a security testing expert, ETAS is well versed in embedded system fuzzing.

Fuzzing service introduction material

Inquiry

If you have any questions regarding this product, please contact us using the form below.

Contact Us

ETAS manufacturer information TOP

If you want to return to ETAS Manufacturer Information Top, please click below.

Back to manufacturer information TOP