A Practical Guide to Fuzz Testing Embedded Software in a CI Pipeline - Dennis Kengo Oka - Ekoparty 2021: Hardware Hacking Space
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore a practical guide to implementing fuzz testing for embedded software in continuous integration pipelines through this 30-minute conference talk from Ekoparty 2021's Hardware Hacking Space. Learn how to identify target communication protocols, define effective fuzz testing strategies, and execute continuous fuzz testing using the Zephyr Project RTOS as an example. Gain insights into automotive cybersecurity trends, the importance of fuzz testing in detecting unknown vulnerabilities, and step-by-step instructions for integrating fuzz testing into CI pipelines. Discover techniques for prioritizing test targets, managing test results, preparing fuzz test environments, and configuring Jenkins pipelines. Presented by Dr. Dennis Kengo Oka, an automotive cybersecurity expert with over 15 years of industry experience, this talk provides valuable knowledge for enhancing cybersecurity practices in automotive software development.
Syllabus
Introduction
Agenda
Automotive trends
Cyber security
fuzzed messages
fuzz testing in a CI pipeline
strategies for fuzz testing
when to test
how to test
practical steps
zephyr
ci pipeline
ci pipeline example
target system
prioritize test targets
fuzz testing strategies
Detecting exceptions
Managing test results
Fuzz testing environment
Preparing the fuzz test environment
Preparing the native Posix networking environment
Configuring the file testing tool
Configuring the Jenkins pipeline
Call to Action
Taught by
Ekoparty Security Conference
Related Courses
Online Jamming and Concert TechnologyStanford University via Kadenze Comprendre la 4G
Institut Mines-Télécom via France Université Numerique Desarrollo de Aplicaciones Web: Conceptos Básicos
University of New Mexico via Coursera Introduction to TCP/IP
Yonsei University via Coursera IT Support: Networking Essentials
Microsoft via edX