In this project, we investigate systematic and automated testing of (IIoT) Wireless Protocols. Our initial work on over-the-air fuzzing has uncovered critical security vulnerabilities in popular wireless devices (currently undisclosed for confidentiality). Three CVEs has been assigned so far for the discovered vulnerabilities: CVE-2019-12586, CVE-2019-12587 and CVE-2019-12588 . We have also been assigned a bug bounty of 2.2K USD for finding a vulnerability that allow hijacking IoT devices to connect to enterprise network. Finally, our work has been succesfully deployed and tested on a real car (Toyota Altis 2016 version) to discover security vulnerabilities. We are massively expanding our work to provide a holistic and systematic framework for arbitrary wireless IoT device validation and testing. Our current work will soon be available in public as a technical report and tool. This work is also related to cyber-physical systems that support wireless access. Previously, we worked on memory-safety for cyber-physical systems that can be found in the following publications: ESSoS2018, Arxiv2018-CIMA.
Acknowledgement: We are grateful to Keysight Technologies for generously supporting this project.