The automotive industry presented significant advances in the sector in the last decade, to catch up with the technological advances of the world. Lack of proper regulations and security standards meant that automotive companies had to develop custom solutions most of the time, which resulted in a lot of security issues. Security testing also fell behind, as there was no significant need till now to test and research those devices, but with more and more connected components the risks are increasing rapidly.

In this paper, we discuss security testing and more specifically fuzzing, of the diagnostics protocol in automotive devices, which can give access to some of their most critical functions. We will make a brief introduction to the different fuzzing methodologies that can be applied in the UDS protocol till now, and we will present a new fuzzing methodology. This paper explains how this methodology helped us get complete access to some of the most critical components of Tier 1 automotive suppliers and how we ended up developing our own tool to automate fuzzing and exploitation of those issues.

A paper analyzing all the different used UDS fuzzing techniques, as well as our own fuzzing technique for UDS security access algorithms and a demo of our own tooling developed for it.

Presentation Video