How Continental leveraged fuzz testing and ASPICE for cybersecurity to comply with ISO 21434
Eckart Heyne, Product Cybersecurity and Privacy Officer, Continental
Michael Von Wenckstern, Product Cybersecurity Governance, Risk and Compliance Specialist, Continental
Sergej Dechand, CEO / Co-Founder, Code Intelligence | LinkedIn
Continental integrated instrumented fuzz testing into the development process and reached compliance with ISO/SAE 21434, Regulation (EU) 2019/2144, UN R155, and ASPICE for cybersecurity.
Join the session to learn how Continental built an automated security testing process as part of scalable CI/CD infrastructure by applying fuzzing at the Software-in-the-Loop level (SiL).
Key topics and takeaways:
- Learn how to automate ISO compliance reporting with fuzz testing
- Discover how Continental complies with ASPICE for cybersecurity and gets faster feedback cycles using Software-in-the-Loop
- Gain insights into leveraging design documentation for testing security-critical components
- Explore practical examples of fuzz testing’s efficacy and pitfalls in:
- Application Software (App-SW) running on ClassicAutoSAR
- Hardware Security Module (HSM) Firmware
- Flash Bootloader Software (FBL-SW)
CLICK here to see how Code Intelligence’s instrumented fuzz testing, which is used by Continental UX, works.