Mera Abbassi
ROBERT BOSCH (HU)

Biography

Mera has an MSc in Computer Science from the Eötvös Loránd University. She first started her journey in automotive during the writing of her thesis her task was to build a tool to do SOME/IP protocol sequence analysis and visual representation for security testing. In 2018 Mera started working at Robert Bosch kft. where she works on conformance testing for automotive Ethernet and security testing, including black-box fuzzing and penetration testing of vehicle electronics.

About the presentation

Presentation: Security Testing

 

We provide a brief introduction to the topic of security testing with focus on automotive products, followed by some specific security topics with the corresponding test methods that can be used to prevent them. We also discuss security testing over the lifecycle of a product, with the implications of these non-functional security requirements on the project as a whole. We put SW security in the wider context, including side channel attacks, HW vulnerabilities and social engineering. Specific examples will be used as illustration.

As a detailed example, we talk about fuzzing, which is considered as one of the most powerful automated software testing methods when we talk about black-box testing. Despite the fact that plenty of toolkits are available in the industry, it is very hard to adapt them to unique needs, for example to Automotive Electronic Control Unit testing. In our project we created a protocol and target device independent fuzzing toolkit, with which comprehensive test services can be provided in a reusable manner.