The increasing complexity of modern vehicles puts security testing more and more into the focus. One of the more efficient approaches to this problem is analyzing communication protocols and test execution based on the gathered knowledge.

During fuzzing (for fuzz testing), one sends random and malformed input to the target system and checks for unexpected behavior, typically a software crash. In this case, the focus is on protocol fuzzing, sending messages that may violate the protocol rules. To make this method effective for complex protocols, we must exercise all protocol elements and all protocol states and state transitions in a balanced way. Therefore, the fuzzing engine must be aware of the system's internal state regarding all protocols and protocol elements.

The goal is to find the best approach to exercise the different protocol states to reach a high test coverage. During the test, the target ECU's internal state must be followed, and appropriate decisions have to be made based on the internal state to make the testing more effective.