Unmanned information systems (unmanned systems) leverage automation and remote control to collect, process, and transmit information with minimal human involvement. To support diverse functions, they rely on complex and highly configurable hardware and software components. However, this configurability also enlarges the attack surface, posing significant security risks such as system failures, data breaches, and identity theft. To address the security vulnerabilities associated with configuration in autonomous driving systems, we employ static analysis techniques to construct mapping of configuration options, integrated with black-box fuzz testing approaches to systematically identify configuration-related defects. Specifically, a fuzz testing methodology employing a high-fidelity simulator is employed to detect potential configuration defects in unmanned systems. This simulator dynamically generates and modifies driving scenarios as well as configuration options, incorporating real-world traffic regulations to improve simulation realism and applicability. Experimental results reveal the identification of five configurations and scenarios that may induce system anomalies, demonstrating the effectiveness of the approach in enhancing the safety and reliability of unmanned systems.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enhancing Configuration Security in Unmanned Systems via Static Analysis and Fuzz Testing

  • Zhiguo Zhang,
  • Junyong Wang,
  • Chongzhen Zhang,
  • Jiao Dai,
  • Chong Liu,
  • Fuqiang Hu,
  • Dantong Yan,
  • Hongquan Tian

摘要

Unmanned information systems (unmanned systems) leverage automation and remote control to collect, process, and transmit information with minimal human involvement. To support diverse functions, they rely on complex and highly configurable hardware and software components. However, this configurability also enlarges the attack surface, posing significant security risks such as system failures, data breaches, and identity theft. To address the security vulnerabilities associated with configuration in autonomous driving systems, we employ static analysis techniques to construct mapping of configuration options, integrated with black-box fuzz testing approaches to systematically identify configuration-related defects. Specifically, a fuzz testing methodology employing a high-fidelity simulator is employed to detect potential configuration defects in unmanned systems. This simulator dynamically generates and modifies driving scenarios as well as configuration options, incorporating real-world traffic regulations to improve simulation realism and applicability. Experimental results reveal the identification of five configurations and scenarios that may induce system anomalies, demonstrating the effectiveness of the approach in enhancing the safety and reliability of unmanned systems.