How CARIAD Is Getting Ready for ISO 21434 and Improves Secure Software Development
CARIAD Implemented New Testing Approaches to Improve Volkswagen's Software Security
The Challenges of Testing Automotive Software
Evolving Industry Standards
"Continuous fuzzing with sanitizers is a must-have, especially, but not only, when it comes to memory-unsafe languages such as C/C++."
Security Professional, CARIAD
Why Volkswagen Evaluated Automated Fuzzing Approaches
CARIAD, Volkswagen Group’s new software house, is building one unified software platform for all Volkswagen brands to provide them with reliable software and digital best practice. Developers at CARIAD ran an extensive campaign to improve the security and reliability of their code, including their operating system (VW.OS).
For this purpose, they explored several fuzz testing methodologies, because fuzz testing proved to be particularly effective for detecting bugs in automotive software. Internally, CARIAD will even make fuzz testing mandatory for particularly critical projects, starting in 2022. The project team was now specifically searching for a fuzzing solution that allowed them to automatically conduct continuous fuzz testing throughout their entire CI/CD.
Redefining Automated Security Testing
Effortless Debugging Without False Positives
Code Coverage Reporting
Continuous Fuzzing With the CI Fuzz Testing Platform
CARIAD implemented the CI Fuzz testing platform in their CI/CD to redefine the security and quality testing of their software. Developers at CARIAD are now able to fix business-critical bugs fast and without false positives, which leaves them more time for other tasks.
The testing platform automates tedious manual tasks, such as maintaining test corpora. This greatly improves CARIAD's development speed and enables their developers to apply advanced and usable security tests themselves.