Ori: A Greybox Fuzzer for SOME/IP Protocols in Automotive Ethernet

• Published in: 2020 27th Asia-Pacific Software Engineering Conference (APSEC) pp. 495 - 499
• Main Authors: Li, Yuekang, Chen, Hongxu, Zhang, Cen, Xiong, Siyang, Liu, Chaoyi, Wang, Yi
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.12.2020
• Subjects: automotive; Automotive engineering; Ethernet; Fuzzing; Protocols; Security; Software engineering; SOME/IP; Testing
• ISSN: 2640-0715
• DOI: 10.1109/APSEC51365.2020.00063

With the emergence of smart automotive devices, the data communication between these devices gains increasing importance. SOME/IP is a light-weight protocol to facilitate inter- process/device communication, which supports both procedural calls and event notifications. Because of its simplicity and capability, SOME/IP is getting adopted by more and more automotive devices. Subsequently, the security of SOME/IP applications becomes crucial. However, previous security testing techniques cannot fit the scenario of vulnerability detection SOME/IP applications due to miscellaneous challenges such as the difficulty of server-side testing programs in parallel, etc. By addressing these challenges, we propose Ori - a greybox fuzzer for SOME/IP applications, which features two key innovations: the attach fuzzing mode and structural mutation. The attach fuzzing mode enables Ori to test server programs efficiently, and the structural mutation allows Ori to generate valid SOME/IP packets to reach deep paths of the target program effectively. Our evaluation shows that Ori can detect vulnerabilities in SOME/IP applications effectively and efficiently.