Integrating Mayhem With Simulink: How to Test Simulink Model Using Mayhem

Mayhem Team
September 13, 2023
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

In this blog post, we'll explore how Mayhem can be seamlessly integrated with Matlab's Simulink. Mayhem can be used to test Simulink models and create more secure applications.

Here's a summary of the steps to test your Simulink model using Mayhem:

  1. Generate C Code.
  2. Install Mayhem and configure testing parameters.
  3. Compile the code using your compiler of choice.
  4. Map inputs for testing.
  5. Mayhem automatically generates a suite of tests to ensure the security of your model or application.

To demonstrate this Simulink integration, we've prepared an example repository that showcases the process. Let's dive right in.

Generating C Code

There are a few files that we’ll look at throughout this process, the first being 'run_mcode.sh.' This script automates the process of building your Simulink model over the command line. Alternatively, you can use the MATLAB GUI to do this.

The Simulink model used in this example is simple, consisting of just one transfer function block. 

If you want to generate C code on your own, you also have the option of using MATLAB's Embedded Coder app.

Installing Mayhem and Configuring Testing Parameters

Once you have your generated C code, the next step is to install Mayhem and configure Mayhem’s testing parameters using the 'Mayhemfile.yml.' This file allows us to specify various settings, such as the duration of testing (in this case, 90 seconds).

We're going to expose a couple of different things that we want to test, including exploitability factors, regression tests, behavior tests and coverage.

Generating and Compiling Code

With the configuration in place, we can start the testing process. Running the 'mcode.sh' script initiates the code generation and compilation. 

So there are two stages here. Once we have the generated code from MATLAB, we're going to compile it using our compiler of choice. In this case, GCC. And then we're going to take that compiled code and stick it into a Docker image, which will be uploaded to Mayhem’s servers and ultimately tested.

Mapping Inputs for Testing

To effectively test our Simulink model with Mayhem, we need to map Mayhem's inputs to what the model accepts. A critical piece of this mapping is the 'main' file located in the resources folder. 

This file acts as a test harness and performs two crucial functions:

  1. Reading data from a file generated by Mayhem as a test case and converting it into a signal compatible with Simulink.
  1. Reading the input values, converting them into a signal, and initializing the model.

Once the model's been initialized, we're going to send the values that are inside of the file one by one to simulate a signal coming in over the wire. And then finally, when we're done, we're going to terminate the model. 

Viewing the Simulink Test Results

Once the testing is complete, Mayhem provides detailed results that can be accessed by clicking on the generated URL. These results include information about the test cases generated and the code paths explored during the testing process.

In this example, the application that we tested didn’t happen to have any vulnerabilities. But we can see what happened in the test results dashboard, including the test cases that were generated over time. Even though it was just a simple transfer function block, there's a lot of unique code paths that we were testing.

Test Your Simulink Models With Mayhem

Integrating Mayhem with MATLAB's Simulink can greatly enhance the security of your applications. By automating security testing and providing a comprehensive suite of tests, Mayhem simplifies the process of identifying vulnerabilities and ensuring the integrity of your Simulink models.

{{code-cta}}

Share this post

How about some Mayhem in your inbox?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Add Mayhem to Your DevSecOps for Free.

Get a full-featured 30 day free trial.

Complete API Security in 5 Minutes

Get started with Mayhem today for fast, comprehensive, API security. 

Get Mayhem

Maximize Code Coverage in Minutes

Mayhem is an award-winning AI that autonomously finds new exploitable bugs and improves your test suites.

Get Mayhem