Search Results

In the past few years, automotive electronic control units (ECUs) have been the focus of many studies regarding the ability to affect the deterministic operation of safety critical cyber-physical systems. Researchers have been able to successfully demonstrate flaws in security design that have considerable, dramatic impacts on the functional safety of a target vehicle. With the rapid increase in data connectivity within a modern automobile, the attack surface has been greatly broadened to allow adversaries remote access to vehicle control system software and networks. This has serious implications, as a vast number of vulnerability disclosures released by security researchers point directly to common programming bugs and software quality issues as the root cause of successful exploits which can compromise the vehicle as a whole. In this paper, we aim to bring to light the most prominent categories of bugs found during the software development life cycle of an automotive ECU.