Dániel Lakatos
ROBERT BOSCH (HU)

Biography

Dániel studies for his Computer Engineering MSc at the Budapest University of Technology and Economics in the fields of Critical Systems and IT Security. He started working at Robert Bosch Kft. in early 2019 through a university partnership program to establish the development of an Ethernet-based fuzzing toolkit as part of his BSc studies.

About the presentation

Presentation: Security Testing

 

We provide a brief introduction to the topic of security testing with focus on automotive products, followed by some specific security topics with the corresponding test methods that can be used to prevent them. We also discuss security testing over the lifecycle of a product, with the implications of these non-functional security requirements on the project as a whole. We put SW security in the wider context, including side channel attacks, HW vulnerabilities and social engineering. Specific examples will be used as illustration.

As a detailed example, we talk about fuzzing, which is considered as one of the most powerful automated software testing methods when we talk about black-box testing. Despite the fact that plenty of toolkits are available in the industry, it is very hard to adapt them to unique needs, for example to Automotive Electronic Control Unit testing. In our project we created a protocol and target device independent fuzzing toolkit, with which comprehensive test services can be provided in a reusable manner.