CARIAD has been building one unified software platform for all Volkswagen brands to provide them with reliable software and digital best practices. In recent years, CARIAD and the rest of the automotive software sector faced extensive industry regulation and an array of dangerous and costly vulnerabilities.

By introducing feedback-based fuzzing, an advanced white-box testing method that uses self-learning AI to uncover deeply hidden bugs and security vulnerabilities, CARIAD was able to find and fix potentially dangerous issues early in the development process.

In this talk, Andreas Weichslgartner, Senior Technical Security Engineer at CARIAD, will explain how CI Sense, Code intelligence’s testing platform for CI/CD integrated software testing, enabled CARIAD engineers to accurately weed out severe issues early in the development process, while enabling them to comply with industry regulation such as ISO 21434. CI Sense has already helped CARIAD find over 30 issues, including critical security vulnerabilities.

Topics include:

Implementing continuous fuzz testing in CI/CD
What to look out for when choosing a fuzz testing solution
How fuzz testing enabled CARIAD to maximize code coverage
How to test automotive software without false-positives