CN110377002A - A kind of adaptive interior CAN bus method of controlling security and system - Google Patents

A kind of adaptive interior CAN bus method of controlling security and system Download PDF

Info

Publication number
CN110377002A
CN110377002A CN201910493594.7A CN201910493594A CN110377002A CN 110377002 A CN110377002 A CN 110377002A CN 201910493594 A CN201910493594 A CN 201910493594A CN 110377002 A CN110377002 A CN 110377002A
Authority
CN
China
Prior art keywords
ecu
message
key
strategy
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910493594.7A
Other languages
Chinese (zh)
Other versions
CN110377002B (en
Inventor
李兴华
陈颖
钟成
张会林
姜奇
翁健
马建峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinan University
Xian University of Electronic Science and Technology
Original Assignee
Jinan University
Xian University of Electronic Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinan University, Xian University of Electronic Science and Technology filed Critical Jinan University
Priority to CN201910493594.7A priority Critical patent/CN110377002B/en
Publication of CN110377002A publication Critical patent/CN110377002A/en
Application granted granted Critical
Publication of CN110377002B publication Critical patent/CN110377002B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B23/00Testing or monitoring of control systems or parts thereof
    • G05B23/02Electric testing or monitoring
    • G05B23/0205Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
    • G05B23/0218Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults
    • G05B23/0243Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults model based detection method, e.g. first-principles knowledge model
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/24Pc safety
    • G05B2219/24065Real time diagnostics

Abstract

The invention belongs to net connection automobile information processing technology field, disclose a kind of interior CAN bus method of controlling security and system adaptively, pass through the analysis to message feature and in-vehicle network environment, select several influence factors, carry out adaptive selection security strategy, while the demand for security for meeting message, security strategy is adjusted according to dynamic in-vehicle network environment self-adaption;The communication frequency of interior ECU node is abstracted as non-directed graph, side right weight using communication frequency as figure, the domain structure of stratification is divided into according to communication frequency between ECU using the method for Markov clustering, and key management is carried out to node using tree-like domain key structure, in combination with adaptive security strategy choosing method, the security strategy and corresponding communication protocol for carrying out differentiation are chosen.Expense needed for the present invention is limited, the CAN bus network of the ECU node and high real-time demand that are limited suitable for computing capability.

Description

A kind of adaptive interior CAN bus method of controlling security and system
Technical field
The invention belongs to net connection automobile information processing technology field, more particularly to a kind of adaptive interior CAN bus peace Full control method and system.
Background technique
Currently, the immediate prior art:
Net connection automobile is while pushing the development of the important technologies such as intelligent transportation, smart city, existing safety problem It becomes increasingly conspicuous.As the core bus network of net connection automobile, CAN bus is mainly responsible for the biography of sensor information and control instruction It is defeated, research emphasis is become to its security protection.
With the rapid development of mobile Internet and industrial intelligent, automobile industry constantly turns to intelligent and net connectionization Become, gradually marches toward the car networking epoch.Especially the 5G communication technology and unmanned technology is increasingly mature, so that unmanned will Gradually replace traditional driver driving and becomes following development trend.Unmanned technology is to traffic system and urban life band While completely newly to change, demand for security is even more important and urgent.Intelligent network connection automotive attack event takes place frequently in recent years, net connection Automobile, it is especially unmanned in Exploration on Train Operation Safety have received widespread attention.
As the core bus network of intelligent network connection automobile, controller zone network (Controller Area Network, CAN) bus is responsible for the transmission of sensor information and control instruction, electronic control unit (Electronic Control Unit, ECU) it is completed corresponding dynamic as interior basic control unit according to the message information in CAN bus It instructs.But with the raising of intelligent network connection automobile and external network interconnection degree, attacker can pass through onboard diagnostics unit OBD (On-Board Diagnostics), bluetooth, cellular network etc. invade interior CAN bus network, eavesdrop bus message, lead to The reverse Engineering Technologies such as fuzz testing analysis message practical significance is crossed, and then is reset, counterfeit message, important ECU node, prestige are controlled Coerce traffic safety.Therefore, how to realize that the safe transmission of message in CAN bus becomes critical issue urgently to be resolved.
Current CAN bus safety approach can be divided into the abnormality detection of bus and two class of authenticated encryption of bus message.CAN There are rate of false alarms for the abnormality detection scheme of bus, and belong to Passive Defence;And the CAN bus message authentication encryption based on cryptography Scheme can provide protection before attack occurs, and belong to Initiative Defense.But there are still following two problems:
(1) security mechanism single in existing scheme is difficult to compromise between security and network performance, since the safety of message needs Ask changeable with otherness and in-vehicle network environment dynamic, according to fixed security mechanism, it will occupy a large amount of bus moneys Source increases unnecessary calculating storage overhead and communication delay, reduces network performance.Here the otherness of message demand for security is Refer to that the possibility of this kind of message of sensor parameters information is ravesdropping and reveals traffic safety relevant information, therefore its confidentiality demand is more It is high;And interior control instruction is to prevent attacker from forging modification, certification demand is higher.And dynamic network environment refers to and works as vehicle Internal bus loads in larger situation, should be as far as possible using the safety approach for not increasing bus load to guarantee that communication is stablized;And work as vehicle Safety higher scheme should be then selected when interior intruding detection system notes abnormalities, to improve security level.
(2) since interior ECU node calculates, storage capacity is limited, and traditional key managing project is difficult to directly apply to vehicle Interior network, and existing program needs to consume a large amount of calculating time and storage overhead, and not applicable high real-time CAN bus at present The ECU node being limited with storage capacity.
In conclusion problem of the existing technology is:
(1) existing scheme does not consider the otherness of message demand for security and the dynamic of in-vehicle network environment, it is difficult to Compromise between security and network performance;
(2) lack efficient key Managed Solution in existing CAN bus Authenticated Encryption Schemes, be not particularly suited for calculating storage The limited ECU node of ability.
Solve the difficulty of above-mentioned technical problem:
(1) since the data frame maximum load of CAN bus only has 8 bytes, sufficient length MAC can not be provided
(2) real-time demand of the particularity of in-vehicle network environment, CAN bus is higher
(3) the calculating storage capacity of car ECU node is limited
Solve the meaning of above-mentioned technical problem:
With the fast development of mobile Internet and industrial intelligent, orthodox car industry is constantly to intelligent and net connectionization Transformation, gradually marches toward the intelligent car networking epoch.Net connection automobile is pushing the same of the important technologies such as intelligent transportation, smart city development When, existing security issues become increasingly urgent, and assault continues to bring out.Core bus net as intelligent network connection automobile Network, CAN bus are responsible for the transmission of interior sensor information and control instruction, become people to its security protection and study intelligence The emphasis of connection automobile can be netted.Therefore, the safe transmission for how realizing message in CAN bus becomes critical issue urgently to be resolved. In this context, this patent proposes a kind of adaptive lightweight CAN bus security mechanism, realizes the safety of CAN bus message Transmission.
Summary of the invention
In view of the problems of the existing technology, the present invention provides a kind of adaptive interior CAN bus security control sides Method and system.
The invention is realized in this way a kind of adaptive interior CAN bus method of controlling security, the adaptive vehicle Interior CAN bus method of controlling security includes:
By the analysis to message feature and in-vehicle network environment, several influence factors are selected, and utilize analytic hierarchy process (AHP) With the thought of fuzzy decision, adaptive selection security strategy, while the demand for security for meeting message, according to dynamic vehicle Adjust security strategy to interior network environment self-adaption;
The communication frequency of interior ECU node is abstracted as non-directed graph, the side right weight using communication frequency as figure, using Ma Er Can the method for husband's cluster the domain structure of stratification is divided into according to communication frequency between ECU, and use tree-like domain key knot Structure carries out key management to node and carries out the security strategy and phase of differentiation in combination with adaptive security strategy choosing method The communication protocol answered is chosen, and realizes interior CAN bus security control.
Further, the CAN bus security strategy choosing method based on fuzzy decision includes:
The determination of set of factors: step 1 is chosen and message demand for security and dynamic in-vehicle network environmental correclation and influence The factor that security strategy determines constructs set of factors U;Message factor and the value range of network environmental factors (0,1] it It is interior, message factor and network environmental factors are represented sequentially as u1,u2,...,u7, and be added in set of factors U, U={ u1, u2,...,u7};
Step 2, the determination of set of strategies:
Set of strategies P indicates the set of optional strategy, is expressed as P={ P1,P2,P3,P4,P5,P6, wherein P1Indicate wide in plain text Broadcast transmission, P2Indicate ciphertext transmission, P3Indicate plaintext transmission and using the HMAC of truncation certification, P4It indicates plaintext transmission and uses The HMAC of 64bits is authenticated, P5Indicate that ciphertext is transmitted and uses the HMAC certification of truncation, P6Indicate that ciphertext is transmitted and uses 64bits HMAC certification;
Step 3, based on fuzzy decision differentiation security strategy choose: first using analytic hierarchy process (AHP) determine influence because Then the weight of element determines security strategy to the subordinating degree function of Comment gathers and constructs fuzzy matrix for assessment, carry out mould to strategy Overall merit is pasted, is finally choosing relatively reasonable security strategy output.
Further, the influence factor that step 1 is chosen further comprises:
(1) confidentiality demandDue to oil temperature relevant to traffic safety, if this kind of message of vehicle speed sensor parameter by Attacker eavesdrops and cracks, the information such as important information or privacy of user of exposure traffic safety;It is graded by expert, by confidentiality Demand is divided into four grades from high to low, ifIndicate message msgiConfidentiality demand, enableWhenWhen, illustrate the confidentiality demand highest of message;
(2) demand is authenticatedRecognizeIndicate message msgiCertification demand, whereinBy expert or manufacture Quotient receives and dispatches ECU etc. and is analyzed, the certification demand of message is divided into four grades from high to low to message content;It enablesWhen, illustrate the certification demand highest of message;
(3) real-time demandIfIndicate message msgiReal-time demand, whereinAccording to Real-time demand rank is arranged in message ID, and message ID is the hexadecimal number of 11bits, if its start bit is y, thenValue such as formula (1);WhenIndicate the real-time demand highest of message;
(4) length scale of messageIndicate message msgiLength scale;Message length is l bits, Value such as formula (2), whereinIndicate message length grade highest;
(5) bus load ratio Bt: gateway ECU monitors the total inorganic nitrogen in certain period T, and counts total in the period Linear load rate is greater than 50% time span t1The ratio for accounting for (t ≠ 0) total duration t, with bus load ratio BtIt indicates, Bt=t1/t, Bt∈ (0,1], for the value closer to 1, then the bus load ratio in the period is higher;
(6) channel busy ratio CBRt: define channel busy ratio CBRtFor in monitoring time T, detection channel is busy state Ratio shared by time,CBRt∈ (0,1], n is Channel Detection number, kiIn channel busy It is 1, is 0 when channel idle;Work as CBRtValue it is bigger when, illustrate that channel is busier;
(7) current network security Status Level St: set StFor the vehicle of intruding detection system feedback interior in current slot T Interior network security level;Current network security state is fed back to gateway ECU by IDS, wherein St=s | s=(n-k)/n, k=0, 1,2,3, n=4 } four grades of current network state from high to low are successively indicated;Work as StWhen=1, current network security is indicated Status Level highest.
Further, step 3 further comprises:
1) weight of each influence factor of set of factors is determined based on AHP method:
The hierarchical model of CAN bus security mechanism is established, wherein set of factors U={ U1,U2, U1Indicate message set of factors, U2 For network environmental factors collection;
Compared two-by-two by the factor to same layer, different degree assessment is carried out by expert or manufacturer, determines that it is opposite Significance level;From top to bottom establish comparison matrix Mu=(mij)n×n,mij> 0;Wherein, mijExpression factor uiWith factor ujIt is opposite Significance level, n are factor number, such as formula (3):
MuFor Consistent Matrix, meet: mji=1/mijAndAfter determining comparison matrix, Factor weight is determined;If rule layer weightSub- rule layer is to factor U1,U2Weight be respectively W1And W2, then According to weighting method, the weight of final all factors is α=[W1·α1,W2·α2];
2) it determines subordinating degree function, constructs fuzzy matrix for assessment R:
By expert or manufacturer by analyzing influence of each factor to security strategy, a strategy is constructed to each factor Grading system matrix G=(gij)6×4, wherein gijIndicate the strategy P when factor takes different values respectivelyiScore;It is rightConstruction Policy scores matrix G1, wherein gijIt indicatesWhen successively taking { 0.25,0.5,0.75,1 }, each strategy PiScoring event;
Security strategy is determined to the subordinating degree function of Comment gathers each element, if Comment gathers are the collection of all evaluation results composition It closes, with V={ v1,v2,...,vmIndicate, m is the sum of evaluation result;Selection V=it is poor, it is poor, preferably, good;Use degree of membership rijFor indicating tactful PiIn factor uiUnder the influence of for Comment gathers element vjBelong to degree, wherein rij∈[0,1];rijMore Close to 1, illustrate PiTo vjDegree of membership it is higher.The present invention choose lower semi-trapezoid be distributed subordinating degree function, wherein j=1,2,3, 4 } v is respectively indicatedjPossible four kinds of values { poor, poor, preferably, good }, then corresponding rijIt is followed successively by ri1,ri2,ri3,ri4, in formula a1< a2< a3< a4, gijIt indicates the score of the strategy, derives from policy scores matrix G;
Gateway ECU is after the parameter information of certain message of acquisition and the network environment parameters in the period, according to each Factor policy scores matrix G, successively acquisition strategy collection Pi(i=1,2 ... 6) corresponding score gij, and subordinating degree function is substituted into, The fuzzy matrix for assessment R of each security strategy is successively constituted, wherein
3) fuzzy overall evaluation is carried out to strategy:
According to formula (8), P is calculatediTo vjDegree of membership B=(b1,b2,...,bm), tactful PiFuzzy evaluation results vector; Wherein biIndicate PiTo vjDegree of membership, comprehensively consider the influence of each factor, determine PiFor Comment gathers vjDegree of membership;Successively Each security strategy is calculated to Comment gathers vjDegree of membership;
4) security strategy is chosen according to maximum membership grade principle:
Obtaining PiFuzzy evaluation vector Bi=(bi1,bi2,bi3,bi4) after, strategy is determined according to maximum membership grade principle PiEvaluation result, whenWhen, PiIt is under the jurisdiction of r grade on the whole;Successively determine Pi(i=1,2 ... 6);? The strategy in highest evaluation is chosen in all policies;If the strategy in highest evaluation has multiple, degree of membership is selected Output of the bigger strategy as fuzzy decision;Gateway ECU broadcasts the security strategy of the message of selection to bus, with the report The relevant ECU that sends and receives of text updates the message in the strategy of subsequent time period T.
Further, factor weight is determined method and includes: in step 1)
Input: comparison matrix Mu=(mij)n×n
Output: weight vectors;
I) by matrix MuBy row normalization, matrix M is obtainedu'=(m'ij)n×n, wherein
Ii) by matrix Mu' by row summation, obtain vectorWherein
Iii) to vectorNormalization, obtains characteristic vector W=[w1,w2,...,wn]T, wherein
Iv Maximum characteristic root value) is sought
V) consistency check compares random index RI, calculates coincident indicator CI and consistency ratio CR, wherein CI=(λmax- n)/(n-1), CR=CI/RI.As CR >=0.1, need to MuIn element assignment and constantly adjusted again It is whole, jump to step i);
Vi) vector W is normalized, obtains this layer of weight α=[α12,...,αn]T, wherein
Further,
ECU divides domain key management and security protocol choosing method includes: first for the communication overhead for reducing domain intermediate node, base In the thought of MCL cluster, according to the communication frequency of ECU to ECU node division domain;
Then it establishes the tree-like domain key structure of logic-based key tree and completes key distribution;
Last combining adaptive security strategy choosing method, designs the security strategy and its communication protocol of differentiation.
Further, the ECU points of domain based on MCL cluster includes:
Input: ECU communication frequency weighted-graph, n are node total number;
Output: ECU divides the result set in domain;
1) adjacency matrix C=(c is established by ECU node traffic diagram G (V, E)ij)n×n, wherein cijFor ECUiAnd ECUjBetween Communication frequency CFij
2) Matrix C diagonal entry adds 1, i.e., as i=j, cij=1;And will be normalized by column, communication is calculated Probability matrix C'=(the c' of frequencyij)n×n, wherein
3) Selecting All Parameters e multiplies Matrix C ' power, i.e. C'=(C')e
4) Selecting All Parameters r, to Matrix C ' in each element carry out r power and multiply, and be normalized by column, obtain matrix C "=(c "ij)n×n, wherein
5) the carry out step 3), step 4) of iteration, until Matrix C "=(c "ij)n×nConvergence;
6) the cluster result collection of ECU node is exported;
Above-mentioned steps are recycled, the input by the output of every wheel as next round is that is, poly- with the ECU node of the output of i-th Cluster result set constructs new figure Gi(Vi,Ei), each set is as the vertex in figure, ECU and remaining set entirely gathered Weight of the sum of the communication frequency of ECU node as side carries out MCL cluster, until ultimately forming a cluster, according to each again Cluster result collection establishes the tree-like logical construction in ECU node point domain.
Further, the domain key based on LKH, which is distributed with management method, includes:
Divide field result collection according to ECU, establishes and be based on the tree-like domain key structure of LKH, to unique 8 bit of ECU Mark, is expressed as ECUi;The tree-like domain key logical construction based on LKH is established, leaf node indicates that ECU, dummy node are represented The brotgher of node in domain, same father's node belongs to the same domain;Each ECU is saved from leaf node to root node on the path All keys;The cipher key number of representative domain, wherein i, sorts if j is respectively indicated by ECU ID, the start node and knot in domain Beam node ID, s indicate the layer number of key tree;
After establishing tree-like domain key logical construction, key distribution is carried out by gateway ECU;The ECU node and gateway of domain n ECU wildcardAnd the downloading of key is to pass through safe lane;Gateway ECU is stored all close as control node Key;Some ECU when progress is dispatched from the factory and replaced to the process for loading wildcard only in automobile;When vehicle launch, gateway ECU root According to the logical construction of tree-like domain key, distribute key by fixed sequence;ECUi∈Yn, wherein YnRepresentative domain n;
Specific step is as follows.
(1) gateway ECU selects two random number seedsFor generating YnDomain in session key EKnWith Authentication key AKn;Use YnThe encryption key of interior ECU and gateway ECU pre-shareEncrypted random number seed is simultaneously broadcasted, such as Formula (9) (10);
(2)YnNode receive and decrypted with corresponding key after message, obtainAnd calculate separately YnMeeting Talk about key EKnWith authentication key AKn, such as formula (11) (12);Wherein KDF () indicates the unilateral hash function for being used for key derivation;
It (3) is to verify whether successfully shared key EKnWith AKn, the EK of gateway ECU step (1) generationnWith AKnIt encrypts respectively CTRnAnd it broadcasts;Wherein, CTRnFor key distribution when gateway ECU save and YnRelevant counter such as formula (13) (14);
(4)YnInterior nodes receive the corresponding secret key decryption generated after message with step (2), the CTR that will be obtainednValue is protected with oneself The Counter Value CTR' depositednComparison, if equal, then it is assumed that successfully have shared corresponding key;Otherwise, ECU node need to be to gateway ECU sends erroneous frame, shows and failed shared key.
Gateway ECU successively distributes session key EK as unit of domainnWith authentication key AKn;Vehicle igniting when and one In fixed period of time T in a manner described, gateway ECU presses domain distribution key, more new session key and authentication key again.
Further, the choosing method of differentiation security protocol includes:
If set of strategies is P={ P1,P2,P3,P4,P5,P6, wherein P1Indicate broadcast transmission in plain text, P2Indicate ciphertext transmission, P3Indicate plaintext transmission and using the HMAC of truncation certification, P4It indicates plaintext transmission and is authenticated using the HMAC of 64bits, P5It indicates Ciphertext is transmitted and uses the HMAC certification of truncation, P6Indicate that ciphertext is transmitted and the HMAC of 64bits is used to authenticate.ECUiTo ECUjHair Deliver newspaper text, and ECUi,ECUj∈Yn
(1) strategy P1Broadcast transmission in plain text: former message is broadcasted in plain text, without any processing;
(2) strategy P2Ciphertext transmission: ECUiUpdate packet accouterAnd choose corresponding key EKnEncrypting plaintext M AndAfter obtain ciphertext C, be sent to bus, hereECUjPhase is determined according to message ID The security strategy answered, and corresponding key EK is chosen according to sender IDnAfter decryption plaintext M andIt willWith oneself The counter that oneself savesIt compares.IfThen updateIt is followed by receiving text, is otherwise abandoned;
(3) strategy P3Indicate the HMAC certification using truncation: ECUjIt needs to verify message whether to be modified to and whether true From ECUi, authenticated using HMAC;If former message length is l bits, tactful P3It chooses before generating HMAC (64-l) bits;If ECUi,ECUj∈Yn, ECUiRefresh counterUse authentication key AKnIt generates(64-l) bits before taking, with M andIt is sent to bus together;
ECUjDetermine corresponding security strategy and authentication key AKnAfterwards, it calculates It is compared with the HMAC received, if unanimously, comparingIt is saved with oneselfIfIt updatesIt is followed by receiving text, otherwise abandons the message;
(4) strategy P4It is authenticated using the HMAC of 64bits, the process and P of certification3Unanimously;The difference is that being that will generate here HMAC take preceding 64bits, CAN bus is sent to an individual message;
(5) strategy P5Ciphertext is transmitted and uses the HMAC certification of truncation: ECUiUpdate packet accouterChoose phase The key EK answerednMessage is encrypted, i.e.,And generate HMAC, i.e., If former message length is l bits, tactful P5Choose (64-l) bits before generating HMAC.And the HMAC by ciphertext C and after being truncated It is sent to bus together;
ECUjDetermining security strategy and corresponding key EKnAnd AKnAfterwards, EK is usednObtained after decryption M andAnd HMAC' is generated, i.e.,It is compared with the HMAC received, if unanimously, comparingWithIfIt updatesIt is followed by receiving text, is otherwise abandoned;
(6) strategy P6Ciphertext is transmitted and the HMAC of 64bits is used to authenticate: the generation of HMAC and encryption process and P5One It causes, only difference is that the HMAC of generation is sent with an individual message.
Implement the adaptive interior CAN bus method of controlling security another object of the present invention is to provide a kind of Adaptive interior CAN bus safety control system.
In conclusion advantages of the present invention and good effect are as follows:
The invention proposes a kind of adaptive interior CAN bus security mechanisms, comprehensively consider message demand and vehicle first Interior network factors, the thought based on fuzzy decision realize adaptive selection security strategy.Then it is communicated according between ECU The domain structure that frequency is divided into stratification carries out key distribution and devises the security strategy and corresponding communication of differentiation Agreement.Suggested plans feasibility and safety are demonstrated finally by theory analysis, and by opening needed for description of test scheme Sell limited, the CAN bus network of the ECU node and high real-time demand that are limited suitable for computing capability.
Aiming at the problem that existing scheme is difficult to message demand for security and the dynamic in-vehicle network environment suitable for differentiation, mention The security strategy Choice based on fuzzy decision is gone out.Pass through the analysis to message feature and in-vehicle network environment, specific aim Ground has selected several influence factors, and using the thought of analytic hierarchy process (AHP) and fuzzy decision, adaptive selection security strategy is real Show while the demand for security for meeting message, security strategy is adjusted according to dynamic in-vehicle network environment self-adaption.
For this problem of effective key managing project is lacked in the certification and encryption of current CAN bus, by interior ECU The communication frequency of node is abstracted as non-directed graph, the side right weight using communication frequency as figure, using Markov clustering (Markov Cluster Algorithm, MCL) method the domain structure of stratification is divided into according to communication frequency between ECU, and make Key management is carried out to node with tree-like domain key structure, reduces bring communication overhead due to node cross-domain communication.It ties simultaneously Adaptive security strategy Choice is closed, the security strategy and corresponding communication protocol of differentiation are devised.
For scheme proposed by the invention, comprehensive theory analysis has been carried out from feasibility, safety etc. first. Then, by the validity of experimental verification adaptive fuzzy decision, and domain and key managing project is divided to carry out performance point ECU Analysis.Compared with existing scheme, the results showed that the present invention required storage and computing cost is less, be suitable for computing capability by The ECU node of limit and the CAN bus network of high real-time demand.
Detailed description of the invention
Fig. 1 is adaptive CAN bus method of controlling security flow chart provided in an embodiment of the present invention.
Fig. 2 is the hierarchical model figure of CAN bus security mechanism provided in an embodiment of the present invention.
Fig. 3 is the tree-like domain key structure chart provided in an embodiment of the present invention based on LKH.
Fig. 4 is security strategy P provided in an embodiment of the present invention2Communication protocol flow figure.
Fig. 5 is security strategy P provided in an embodiment of the present invention3Communication protocol flow figure.
Fig. 6 is security strategy P provided in an embodiment of the present invention5Communication protocol flow figure.
Fig. 7 is that provided in an embodiment of the present invention will invent is applied to CAN extension frame figure.
Fig. 8 is accounting situation map of the change bus load provided in an embodiment of the present invention than each security strategy.
In figure: (a) in the case where channel busy ratio and constant network safe state, bus load ratio is 0.25 signal Figure.(b) in the case where channel busy ratio and constant network safe state, bus load ratio is 1 schematic diagram.
Fig. 9 is accounting situation map of the change channel busy provided in an embodiment of the present invention than each security strategy.
In figure: (a) indicating in the case where bus load ratio and constant network safe state, in channel busy than increasing When, then strategy P4, P6Shared specific gravity is 37.77% schematic diagram in all messages of entire bus network.(b) it indicates total In the case that linear load ratio and network safe state are constant, when channel busy is than increasing, then strategy P4, P6In entire bus network Shared specific gravity is 4.46% schematic diagram in all messages of network.
Figure 10 is the accounting situation map provided in an embodiment of the present invention for changing each security strategy of network safe state.
In figure: (a), bus load ratio and channel busy than it is constant in the case where, if network security level reduces, need In-vehicle network security level is improved, message is authenticated or is encrypted.It is suggested plans according to the present invention, the safety of encrypted transmission Tactful P2,P5,P6Accounting be 70.86% schematic diagram.(b) bus load ratio and channel busy than it is constant in the case where, if net Network security level reduces, then needs to improve in-vehicle network security level, authenticated or encrypted to message.It is mentioned according to the present invention Scheme, the security strategy P of encrypted transmission2,P5,P6Accounting be 95.44% schematic diagram.
Figure 11 is key distribution time diagram provided in an embodiment of the present invention.
Figure 12 is the ECU node communication response time diagram under different security strategies provided in an embodiment of the present invention.
Figure 13 is present invention figure compared with LeiA, Woo provided in an embodiment of the present invention.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to the present invention It is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to Limit the present invention.
Existing scheme does not consider the otherness of message demand for security and the dynamic of in-vehicle network environment, it is difficult to take into account Safety and network performance;Lack efficient key Managed Solution in existing CAN bus Authenticated Encryption Schemes, is not particularly suited for counting Calculate the limited ECU node of storage capacity.
To solve the above problems, below with reference to related work, the present invention is described in detail.
The messages such as CAN bus prevailing transmission control instruction and sensor parameters information, the multiple ECU nodes being connected with bus It competes to bus and sends message, the control of bus is determined according to the priority of message.Priority depends on message identifier, i.e., message ID.It sends the high ECU node of message priority and sends message to bus, remaining node waits bus free competing again It strives.This bit-by-bit arbitration, the mode for broadcasting plaintext improve the real-time of data communication, but because bus message does not include sender And recipient address, only in cyclic redundancy check (Cyclic Redundancy Check, CRC) detection transmission process Mistake does not provide the security mechanisms such as any encryption or certification, invades interior bus for attacker and provides possibility.With car ECU node and the interconnection degree of extraneous network are higher and higher, and for the safe transmission for realizing CAN bus message, researcher proposes more The key managing project of kind CAN bus message authentication, encryption and ECU node.
(1) certification of CAN bus message
Realize that message authentication refers to that reception ECU can verify the authenticity in the source of message and the integrality of content. The it is proposeds such as Groza are wide using class TESLA (Timed Efficient Stream Losstolerance Authentication) Broadcast authentication protocol.It sends ECU and chooses the corresponding message authentication code (Message of key k generation message only oneself known Authentication Code, MAC) it is sent to bus.Bus is sent by key k again later, ECU is received and receives rear basis Corresponding k verifies message.Ensure the authenticity in the source of message by Laid-Open key, but the program can not be real Now instant Message Processing, inevitably brings authentication delay, the ECU of CAN bus and time-critical to high real-time Node is difficult to be applicable in.Nilsson et al. proposes the delay authentication mode by compound MAC, simultaneously for four parts by the MAC of generation points It is transmitted using the crc field of four messages then transmitted.Although such scheme does not increase additional bus load, it can bring and recognize Card delay.And lead to not mistake of the checking prediction message in transmission process due to occupying crc field.Woo et al. proposition will be used for The MAC truncation of certification is 32bits, occupies extended identifier and crc field is sent, thus not increasing additional bus load In the case of realize message authentication.But the MAC of 32bits is difficult to provide enough safeties.Radu et al. proposes the side LeiA Case, to guarantee enough safeties, by the MAC of generation with individual message transmissions.But the bus that the program at least doubles Load, increases communication overhead.Kurachi et al. proposes CaCAN agreement, by central monitoring node to other nodes in network Carry out authentication.Once it was found that the message transmissions of unauthorized, the erroneous frame of central monitoring node real-time Transmission higher priority To prevent the transmission of invalid packet.But this method needs to modify CAN controller.And if monitor node be damaged or by It removes, whole network also will receive safely influence.In the prior art, using the physical layer characteristic of CAN bus, such as CAN+ agreement, It is inserted into additional position between the sampled point of CAN interface and is used for transmission authentication information, but the method needs controller node Sample rate with higher needs to replace CAN transceiver and corresponding ECU node from hardware view, increase manufacturer at This.
(2) encryption of CAN bus message
It sends ECU and encrypts message data field using key, the receiving node for only possessing key can be decrypted.But due to The computing capability of ECU node is limited, and CAN bus, to real-time demand height, the big Encryption Algorithm of expense is simultaneously not suitable for.The side LCAP Case is by authentication information and data field field using encrypting together with stream cipher RC4.Jukl et al. suggests using tiny in CAN bus Encryption Algorithm, and it is smaller to be experimentally confirmed program time delay, has feasibility.In addition, Woo et al. proposes a kind of differentiation Thinking determines whether message needs to encrypt and authenticate according to the security level of ECU node that is, in CAN-FD bus, only to safety The message encryption transmission that the higher ECU of rank is sent, remaining message are broadcasted in plain text.The mode of this differentiation ensure that important The secure communication of ECU node, but only consider this factor of ECU node, fine-grained security protection can not be provided, the program is caused It is difficult to be applicable under special scenes.
(3) key management of ECU node
Herrewege et al. proposes CANAuth agreement, and authentication key is associated with message identifier, i.e., each Message ID corresponds to an authentication key, then the number of keys that each node need at most save is 211, this has storage capacity It is no small challenge for the ECU node of limit.Groza et al. et al. proposes LiBra-CAN agreement.ECU node is divided into identical Multiple groups of size, each ECU node can belong to multiple groups, the authentication key for generating MAC shared in each group. This mode can provide enough safeties in the case that malicious node occupies the minority in group.But program number of keys with Number of nodes exponent function relation, each ECU node need to store a large amount of keys.Lin et al. proposes the CAN bus report based on HMAC Literary certificate scheme shares authentication key and synchronization message counter two-by-two by ECU node to avoid playback and counterfeit message Attack, but the program also needs ECU node to store a large amount of key, brings a large amount of computing cost and communication overhead.
Below with reference to concrete scheme, the invention will be further described.
As shown in Figure 1.The present invention proposes a kind of adaptive CAN bus method of controlling security, including is based on fuzzy decision Security strategy choosing method and ECU divide domain key management and security protocol.
Security strategy choosing method based on fuzzy decision includes: to comprehensively consider differentiation message demand and dynamic vehicle The factors such as interior network environment, using the thought of fuzzy decision, the relatively reasonable security strategy of adaptive selection;
ECU divides domain key management and security protocol control method includes: by ECU node point domain and to be established according to communication frequency Tree-like domain key structure.On this basis, the decision process of combining adaptive designs the security strategy and its communication protocols of differentiation View.
In embodiments of the present invention, the CAN bus security strategy choosing method based on fuzzy decision includes:
A) the determination of set of factors
The present invention chooses and message demand for security and dynamic in-vehicle network environmental correclation and may influence security strategy and determine Fixed factor constructs set of factors U.The influence factor of selection is as follows:
(1) confidentiality demandDue to oil temperature relevant to traffic safety, this kind of message of the sensor parameters such as speed If being eavesdropped and being cracked by attacker, the information such as important information or the privacy of user of traffic safety may be exposed.It can be commented by expert Grade, is divided into four grades from high to low for confidentiality demand, sets hereIndicate message msgiConfidentiality demand, enableWhenWhen, illustrate the confidentiality demand highest of message.
(2) demand is authenticatedCertification refer to receive ECU can verify message content integrality and source it is true Reality.IfIndicate message msgiCertification demand, whereinBy expert or manufacturer to message content, transmitting-receiving ECU etc. is analyzed, and the certification demand of message is divided into four grades from high to low.It enablesWhen, illustrate the certification demand highest of message.The present invention is used and is based on The message authentication code HMAC of hash carries out message authentication.
(3) real-time demandIfIndicate message msgiReal-time demand, whereinHere Real-time refers to the priority of message.CAN bus determines message priority, dominant level according to message ID in arbitration " 0 " covers recessive level " 1 ", and the high ECU of priority seizes bus.Thus it can be extrapolated that manufacturer communicates square in design CAN bus It is to enable certain messages to be sent to bus in time, the priority level initializing of these messages is higher when battle array.Therefore, the present invention according to Message ID is arranged real-time demand rank, and message ID is the hexadecimal number of 11bits, if its start bit is y, ThenValue such as formula (1).WhenIndicate the real-time demand highest of message.
(4) length scale of messageIfIndicate message msgiLength scale.When choosing security strategy, It can refer to message length, intercept the MAC of certain length, transmitted together with former message.If message length is l bits,Take It is worth such as formula (2), whereinIndicate message length grade highest.
(5) bus load ratio (Bt): total inorganic nitrogen refers to the percentage of bus bandwidth shared by 1s internal bus transmission data, Indicate the case where period internal bus resource is used.If gateway ECU monitors the total inorganic nitrogen in certain period T, and unites Count the time span t that the period internal bus load factor is greater than 50%1The ratio for accounting for (t ≠ 0) total duration t, with bus load ratio Bt It indicates, i.e. Bt=t1/t,Bt∈ (0,1], for the value closer to 1, then the bus load ratio in the period is higher.
(6) channel busy ratio (CBRt): Congestion Level SPCC of the channel busy than being used to indicate channel.Channel is busier, low excellent The waiting time of first grade message is longer.Define channel busy ratio (CBRt) it is in monitoring time T, detection channel is busy state Ratio shared by time, i.e.,N is Channel Detection number, kiIn channel busy It is 1, is 0 when channel idle.Work as CBRtValue it is bigger when, illustrate that channel is busier.
(7) current network security Status Level (St): set StFor intruding detection system interior in current slot T The in-vehicle network security level of (Intrusion Detection System, IDS) feedback.Existing scholar proposes a variety of vehicles at present Interior CAN bus intrusion detection program is such as based on message information entropy[7]And data frame rate[9-10]Etc. a variety of detection schemes.If Current network security state is fed back to gateway ECU by IDS, wherein St=s | s=(n-k)/n, k=0,1,2,3, n=4 } successively Indicate four grades of current network state from high to low.Work as StWhen=1, current network security Status Level highest is indicated.
To sum up, message factor and the value range of network environmental factors (0,1] within, by factors above successively table It is shown as u1,u2,...,u7, and be added in set of factors U, i.e. U={ u1,u2,...,u7}.It, can with the development of car networking technology The factor that will affect security strategy is added in set of strategies U, meets concrete application situation.
B) the determination of set of strategies
In the CAN bus certificate scheme that researcher proposes at present, the transmission mode of MAC is broadly divided into individual message transmissions And two kinds are transmitted together with former message: transmitting the MAC of 64bits in the form of individual message, higher safety is provided, but Increase bus load at double.If transmitting together with former message, though not increasing bus load, the MAC of finite length is reduced Safety.The present invention summarizes according to the demand for security of message and proposes common six kinds of security strategies in CAN bus in the car. If set of strategies P indicates the set of optional strategy provided by the invention, it is expressed as P={ P1,P2,P3,P4,P5,P6, wherein P1It indicates Broadcast transmission in plain text, P2Indicate ciphertext transmission, P3Indicate plaintext transmission and using the HMAC of truncation certification, P4Indicate plaintext transmission And it is authenticated using the HMAC of 64bits, P5Indicate that ciphertext is transmitted and uses the HMAC certification of truncation, P6Indicate that ciphertext is transmitted and used The HMAC of 64bits is authenticated.New security strategy can be added in practical application into set of strategies, to meet personalized safety Demand.
C) the differentiation security strategy based on fuzzy decision is chosen:
Since the demand of message has certain ambiguity, as the "high" of confidentiality demand and " low " have no apparent boundary Line has certain subjectivity;The transmission strategy of " relatively reasonable " is substantially between safety and network performance simultaneously Tradeoff, concept also have certain ambiguity.Therefore the present invention uses fuzzy decision[26]Thought, design adaptive peace Full strategy Choice, it is assumed that gateway ECU has enough computing capabilitys, can get the vehicle in message demand and certain period T Interior network parameter uses analytic hierarchy process (AHP) first[27](Analytic Hierarchy Process, AHP) determines influence factor Weight, then determine security strategy to the subordinating degree functions of Comment gathers and construct fuzzy matrix for assessment, strategy is obscured Overall merit is finally choosing relatively reasonable security strategy output.Steps are as follows.
(1) weight of each influence factor of set of factors is determined based on AHP method
The hierarchical model of CAN bus security mechanism is initially set up, as shown in Figure 2.Wherein set of factors U={ U1,U2, U1Table Show message set of factors, U2For network environmental factors collection.
Compared two-by-two by the factor to same layer, different degree assessment is carried out by expert or manufacturer, determines that it is opposite Significance level.From top to bottom establish comparison matrix Mu=(mij)n×n,mij> 0.Wherein, mijExpression factor uiWith factor ujIt is opposite Significance level, n are factor number, such as formula (3):
Here M is requireduFor Consistent Matrix, that is, meet: mji=1/mijAndThis is because The distribution that weight need to be met is logically with uniformity.After determining comparison matrix, the determination of factor weight such as algorithm 1.
Finally determine the weight of each factor relative target layer of sub- rule layer.If rule layer weightSub- rule layer To factor U1,U2Weight be respectively W1And W2, then according to weighting method, the weight of final all factors is α=[W1·α1,W2· α2]。
(2) it determines subordinating degree function, constructs fuzzy matrix for assessment R
Firstly, by expert or manufacturer by analyzing influence of each factor to security strategy, to each factor construction one A policy scores ranking matrix G=(gij)6×4, wherein gijIndicate the strategy P when factor takes different values respectivelyiScore.Such as It is rightConstruct its policy scores matrix G1, wherein gijIt indicatesWhen successively taking { 0.25,0.5,0.75,1 }, each strategy Pi Scoring event.
Then determine security strategy to the subordinating degree function of Comment gathers each element.If Comment gathers are all evaluation results composition Set, with V={ v1,v2,...,vmIndicate, m is the sum of evaluation result.Present invention selection V=it is poor, it is poor, preferably, It is good }.With degree of membership rijFor indicating tactful PiIn factor uiUnder the influence of for Comment gathers element vjBelong to degree, wherein rij ∈[0,1]。rijCloser to 1, illustrate PiTo vjDegree of membership it is higher.The present invention chooses lower semi-trapezoid and is distributed subordinating degree function, Expression formula such as formula (4-7), wherein j={ 1,2,3,4 } respectively indicates vjPossible four kinds of values it is poor, it is poor, preferably, good, then Corresponding rijIt is followed successively by ri1,ri2,ri3,ri4, a in formula1< a2< a3< a4, gijThe score for indicating the strategy, is commented from strategy Sub-matrix G.
Gateway ECU is after the parameter information of certain message of acquisition and the network environment parameters in the period, according to each Factor policy scores matrix G, successively acquisition strategy collection Pi(i=1,2 ... 6) corresponding score gij, and subordinating degree function is substituted into, The fuzzy matrix for assessment R of each security strategy is successively constituted, wherein
(3) fuzzy overall evaluation is carried out to strategy
According to formula (8), P in general is calculatediTo vjDegree of membership B=(b1,b2,...,bm), i.e. strategy PiIt is fuzzy Evaluation result vector.Wherein biIndicate PiTo vjDegree of membership, that is, comprehensively consider the influence of each factor, determine PiFor comment Collect vjDegree of membership.Each security strategy is successively calculated to Comment gathers vjDegree of membership.
(4) security strategy is chosen according to maximum membership grade principle
Obtaining PiFuzzy evaluation vector Bi=(bi1,bi2,bi3,bi4) after, strategy is determined according to maximum membership grade principle PiEvaluation result, that is, work asWhen, PiIt is under the jurisdiction of r grade on the whole.Successively determine Pi(i=1,2 ... 6) Generally it is more likely to evaluation result.The strategy in highest evaluation is chosen in all policies.If in highest evaluation Strategy have multiple, then output of the strategy for selecting degree of membership bigger as fuzzy decision.Gateway ECU is by the message of selection Security strategy is broadcasted to bus, and send and receive ECU relevant to the message updates the message in the strategy of subsequent time period T.
In embodiments of the present invention, ECU divides domain key management and security protocol control method includes:
The present invention proposes a kind of efficient ECU points of domain and key managing project.It is opened first to reduce the communication of domain intermediate node Pin, the present invention is based on the thoughts of MCL cluster then to establish logic-based according to the communication frequency of ECU to ECU node division domain The tree-like domain key structure of key tree (Logical Key Hierarchy, LKH) simultaneously completes key distribution.It finally combines adaptive Security strategy choosing method is answered, the security strategy and its communication protocol of differentiation are designed.
As the preferred embodiment of the present invention, the ECU points of domain based on MCL cluster includes:
How to design reasonable and efficient ECU points of domain rule is that this trifle will solve the problems, such as.The present invention constructs ECU first The traffic diagram G (V, E) of node, vertex V indicate that ECU, side E indicate the communication between ECU, logical between the weight expression node on side Believe frequency.Define communication frequency CFijFor the ECU in unit time TiWith ECUjBetween number of communications.Need exist for explanation It is to have the ECU of interface, such as OBD with external network, is easier to become the entrance that attacker invades interior CAN bus.Therefore, for There is the ECU of interface with external network, answering single ECU points is a domain.Specific steps are as shown in algorithm 2.
The algorithm is recycled, the input by the output of every wheel as next round is clustered with the ECU node of the output of i-th Result set constructs new figure Gi(Vi,Ei), the ECU of ECU and remaining set that each set is entirely gathered as the vertex in figure Weight of the sum of the communication frequency of node as side carries out MCL cluster again, until ultimately forming a cluster, according to poly- every time Class result set establishes the tree-like logical construction in ECU node point domain.
As the preferred embodiment of the present invention, the domain key based on LKH, which is distributed with management, includes:
Since interior CAN bus network is higher to real-time demand, it is desirable that communication delay minimizes.In addition ECU node meter Calculation ability is limited, and to reduce cross-domain communication bring communication overhead as far as possible, the present invention divides field result collection according to ECU, establishes Based on the tree-like domain key structure of LKH.Firstly, because the quantity of current ECU is at 50 to 100 or so, therefore to ECU with unique 8 Binary number mark, is expressed as ECUi;Next the tree-like domain key logical construction based on LKH is established.Leaf node indicates ECU, dummy node represent domain, and the brotgher of node of same father's node belongs to the same domain.Each ECU need to be saved from leaf node All keys to the root node path.IfThe cipher key number of representative domain, wherein i, is arranged if j is respectively indicated by ECU ID Sequence, start node and end node ID, s in domain indicate the layer number of key tree.As shown in Figure 3.ECUiThe domain in domain 2 need to be stored Interior keyAnd key in the domain in domain 3
After establishing tree-like domain key logical construction, key distribution is carried out by gateway ECU.Assuming that the ECU node and net of domain n Close ECU wildcardAnd the downloading of key is to pass through safe lane.Gateway ECU is stored all as control node Key.Some ECU when progress is dispatched from the factory and replaced to the process for loading wildcard only in automobile.When vehicle launch, gateway ECU According to the logical construction of tree-like domain key, distribute key by fixed sequence.If ECUi∈Yn, wherein YnRepresentative domain n.Step is such as Under.
(1) gateway ECU selects two random number seedsFor generating YnDomain in session key EKnWith Authentication key AKn.Use YnThe encryption key of interior ECU and gateway ECU pre-shareEncrypted random number seed is simultaneously broadcasted, such as Formula (9) (10);
(2)YnNode receive and decrypted with corresponding key after message, obtainAnd calculate separately YnMeeting Talk about key EKnWith authentication key AKn, such as formula (11) (12).Wherein KDF () indicates the unilateral hash function for being used for key derivation;
It (3) is to verify whether successfully shared key EKnWith AKn, the EK of gateway ECU step (1) generationnWith AKnIt encrypts respectively CTRnAnd it broadcasts.Wherein, CTRnFor key distribution when gateway ECU save and YnRelevant counter such as formula (13) (14);
(4)YnInterior nodes receive the corresponding secret key decryption generated after message with step (2), the CTR that will be obtainednValue is protected with oneself The Counter Value CTR' depositednComparison, if equal, then it is assumed that successfully have shared corresponding key.Otherwise, ECU node need to be to gateway ECU sends erroneous frame, shows and failed shared key.
Gateway ECU successively distributes session key EK as unit of domainnWith authentication key AKn.Vehicle igniting when and one In fixed period of time T in a manner described, gateway ECU presses domain distribution key, more new session key and authentication key again.
As the preferred embodiment of the present invention, the design of differentiation security protocol includes:
The present invention summarizes according to the demand for security of message and proposes common six kinds of security strategies in CAN bus.If Set of strategies is P={ P1,P2,P3,P4,P5,P6, wherein P1Indicate broadcast transmission in plain text, P2Indicate ciphertext transmission, P3It indicates in plain text Transmit and use the HMAC certification of truncation, P4It indicates plaintext transmission and is authenticated using the HMAC of 64bits, P5Indicate ciphertext transmission simultaneously It is authenticated using the HMAC of truncation, P6Indicate that ciphertext is transmitted and the HMAC of 64bits is used to authenticate.ECUiTo ECUjMessage is sent, and ECUi,ECUj∈Yn.Each strategy detailed process is as follows.
(1) strategy P1Broadcast transmission in plain text: former message is broadcasted in plain text, without any processing.
(2) strategy P2Ciphertext transmission, such as Fig. 4.Detailed process is as follows:
a.ECUiUpdate packet accouterAnd choose corresponding key EKnEncrypting plaintext M andAfter obtain Ciphertext C is sent to bus, here
b.ECUjCorresponding security strategy is determined according to message ID, and corresponding key EK is chosen according to sender IDn After decryption plaintext M andIt willThe counter saved with oneselfIt compares.IfThen updateIt is followed by receiving text, is otherwise abandoned.
(3) strategy P3Indicate the HMAC certification using truncation: as shown in figure 5, ECUjNeed to verify whether message is modified to And whether really derive from ECUi, authenticated used here as HMAC.If former message length is l bits, tactful P3It chooses and generates (64-l) bits before HMAC.If ECUi,ECUj∈Yn, detailed process is as follows:
a.ECUiRefresh counterUse authentication key AKnIt generates (64-l) bits before taking, with M andIt is sent to bus together;
b.ECUjDetermine corresponding security strategy and authentication key AKnAfterwards, it calculates It is compared with the HMAC received, if unanimously, comparingIt is saved with oneselfIfIt updatesIt is followed by receiving text, otherwise abandons the message.
(4) strategy P4It is authenticated using the HMAC of 64bits, the process and P of certification3Unanimously.The difference is that being that will generate here HMAC take preceding 64bits, CAN bus is sent to an individual message.
(5) strategy P5Ciphertext is transmitted and uses the HMAC certification of truncation: as shown in Figure 6.Detailed process is as follows:
a.ECUiUpdate packet accouterChoose corresponding key EKnMessage is encrypted, i.e.,And generate HMAC, i.e.,Here former message length is set as l Bits, tactful P5Choose (64-l) bits before generating HMAC.And ciphertext C is sent to bus together with the HMAC after truncation;
b.ECUjDetermining security strategy and corresponding key EKnAnd AKnAfterwards, EK is usednObtained after decryption M and And generate HMAC', i.e.,It is compared with the HMAC received, if unanimously, comparingWithIfIt updatesIt is followed by receiving text, is otherwise abandoned.
(6) strategy P6Ciphertext is transmitted and the HMAC of 64bits is used to authenticate: the generation of HMAC and encryption process and P5One It causes, only difference is that the HMAC of generation is sent with an individual message.
Below with reference to experiment, the invention will be further described.
1, feasibility analysis:
CAN bus message can be divided into CAN standard frame and CAN extension frame according to the length of message ID.Wherein CAN expands It opens up frame and the ID identifier of 29bits is divided into identifier and extended identifier two parts, wherein identifier field is mainly used to determine The priority of message.It needs to do following repair to CAN Extended Superframe Format if CAN extends in frame if the present invention suggests plans to apply Change, as shown in Figure 7.
The extended identifier field of 18bits is divided into three parts: the control field of 4bits, the sender ID of 8bits with And the reserved field of 6bits.Wherein control field is used to illustrate the type of message, including key delivery frame, data transmission frames, plan Frame etc. is slightly identified, is specifically defined as shown in table 1.Not used field temporarily retains, and can be used for extension from now on.The transmission of 8bits Square id field is the unique identification of ECU node, is authenticated for realizing the source of message.
1 control field of table coding
The present invention makes full use of the extended identifier field of CAN extension frame, is used for identification message type and sender ID. The program has feasibility, this is because in CAN bus, the extended identifier field of 18bits and the identifier word of 11bits Duan Gongcun, and the priority of message is determined according to the identifier field of 11bits, occupying extended identifier field can't do Disturb the arbitrated procedure of CAN bus.Therefore the present invention has feasibility to the modification of CAN extension frame, it is easy to implement, and have centainly Scalability.
2 safety analysis
The present invention analyzes its safety from the forward-backward algorithm safety of message confidentiality, certification, anti-replay-attack, key Property.
(1) message confidentiality: security strategy P2, P5, P6AES-128 algorithm is all made of to ensure the secret of CAN bus message Property.Key is used with gateway ECUAnd random number seedGenerate session key EKnAnd attacker can not obtainSince the safety of AES-128 algorithm has been demonstrated[30], i.e. attacker can not be fromObtain EKn.Therefore can not Obtain session key EKnIn the case where, attacker can not decrypt message.
(2) message authentication: refer to that the integrality of message content and the authenticity in source can be verified by receiving ECU.Tactful P3, P4, P5, P6It chooses HMAC and carries out message authentication.As attacker do not know the message generate HMAC used in authentication key AK, only One mode is to carry out exhaustion in key space, 2xSelect the character string of an x bits as authentication key during kind is possible. If exhaustion HMAC is sent to CAN bus in attacker's short time, will cause bus network will transmit " CAN a BUS The erroneous frame of OFF " indicates the error condition of communication failure.
(3) anti-replay-attack: ECU difference maintenance packet counter is sent and receivedWithFor message Synchronous and generation HMAC.Therefore, the present invention is safe for Replay Attack.
(4) the forward-backward algorithm safety of key: when each key updating,
ECU can not learn pre and post session key and authentication key.Even if kth time session key exposure, It can not obtain kth -1 time, kth+1 time session key, this is because the random number seed and kth -1 of the generation key of kth time Secondary, kth+1 time random number is unrelated, guarantees the forward-backward algorithm safety of key well.Similarly, the present invention also can guarantee The forward-backward algorithm safety of authentication key.
3 experimental analyses
This experiment is used to simulate interior CAN bus network environment using CANoe V10.0 software, uses in the software CAPL language is as programming language.Experimental situation is PC machine, 64 systems of Windows7, i7-6700 dominant frequency 3.4GHz, memory 8G uses Python as programming language.Choose CAN bus collected in certain period on certain brand automobile at home Message data collection includes 731622 messages in the data set for simulating certain period true interior bus environment, according to Message ID can be divided into 51 kinds.
3, the validity of 1 adaptive fuzzy decision
The present invention uses the process of PC machine analog gateway ECU node self-adapting fuzzy decision, by changing in-vehicle network ginseng Number observes influence of the variation of network environment to selection security strategy.Certain period T is simulated according to CAN bus message data collection Interior bus network environment, and to the type of message of 51 kinds of difference message ID, the random real number generated in [0,1] is used for The confidentiality demand and certification demand of analog message.And the real-time demand of message is determined according to message ID, according to data Field length determines message length rank.Experiment is chosen according to CAN bus hierarchical model and construction rules layer compares matrix Mu1, The comparison matrix M of sub- rule layeru2,Mu3.According to AHP method, calculates and obtain corresponding weightAnd W1,W2And set of factors is each Total weight α of element, specific data are as follows:
W2=[0.4286,0.1429,0.4286] α=[0.0236,0.076,0.1519,0.0818,0.2857, 0.0953,0.2857]
Then simultaneously Constructing Policy rating matrix is chosen.After completing Preparatory work of experiment work, according to above-mentioned real data set Bus environment in certain period T of simulation observes the accounting situation of each security strategy by changing in-vehicle network parameter. Network parameter { Bt,CBRt,StAll possible values be { 0.25,0.5,0.75,1 }, used here as vector
β={ β123Indicate { Bt,CBRt,StOne group of possible value.Detailed experimental result is as follows.
Fig. 8 (a) (b) it can be seen that in the case where channel busy ratio and constant network safe state, bus load ratio from The 0.25 of figure (a) increases to 1 shown in figure (b), then needs the security strategy P of additional transmissions 64bits MAC4, P6Entire total Shared specific gravity is reduced to 37.77% by 64.52% in all messages of gauze network, this explanation works as the case where bus load increases Under, adaptation scheme needs the security strategy of additional MAC transmission by selection is reduced, and does not increase additional bus load as far as possible.
Fig. 9 (a) (b) is indicated in the case where bus load ratio and constant network safe state, in channel busy than increasing When, then strategy P4, P6Shared specific gravity is reduced to 4.46% by 37.77% in all messages of entire bus network.This explanation When channel busy is than increase, to send message as early as possible, real-time is improved, adaptation scheme will reduce selection and need additionally The security strategy of MAC transmission.
Figure 10 (a) (b) can be seen that, bus load ratio and channel busy than it is constant in the case where, if network security level It reduces, then needs to improve in-vehicle network security level, message is authenticated or is encrypted.It is suggested plans, is encrypted according to the present invention The security strategy P of transmission2,P5,P6Accounting from 70.86% improve 95.44%, illustrate when network safe state rank reduction when, Message is carried out encrypted transmission by the present invention, to prevent attacker from eavesdropping attack, guarantees the confidentiality of message transmissions.
4, divide in domain and domain key management in ECU node of the present invention,
For the present invention to ECU key managing project from storage overhead, two aspects of computing cost have carried out performance evaluation respectively And comparison.
(1) storage overhead: refer to the number of keys that each ECU node needs to store.The present invention by the present invention and existing scheme It compares.In order to facilitate calculating, if the sum of ECU node is n, tree-like domain key structure be the full m fork of n node set (m >= 2), each ECU node needs to store all domain key on leaf node to the root node path where it, the domain in each domain Interior key has 2, including EK and AK.As can be seen from Table 2, the tree-like domain key structure that the present invention uses, reduces each ECU The number of keys and total number of keys amount of node storage.
The number of keys of each scheme of table 2 compares
(2) computing cost: referring in key updating process, the calculating time needed for average each ECU node.It is assumed that ECU node clock frequency having the same in in-vehicle network.By changing the message transmission rate of CAN bus, measurement gateway ECU divides The time required to sending out key.It wherein, include: 1) gateway ECU encrypted random number and to broadcast the time required to key distribution procedure;2) message Transmission;3) ECU node decryption data frame and key is generated;4) it gateway ECU ciphering counters and broadcasts;5) ECU node decryption number According to frame and the sum of the time of comparison.By Figure 11 it can be seen that, increase and bus data transfer with ECU nodal clock frequency The increase of rate, key distribution time are reduced therewith.According to the present invention, due to using the form for dividing domain, gateway ECU broadcast report Text, the initial key distribution time does not increase with the increase of ECU quantity, while not increasing additional storage overhead, tool There is good feasibility.
5, the performance evaluation of security strategy
This trifle simulates interior CAN bus using CANoe V10.0 simulation software, establishes dynamic link library and comes in CANoe Middle execution security strategy.Assuming that ECU clock frequency having the same in in-vehicle network, changes the message transmission rate of CAN bus, survey Measure the communication response time of ECU.Wherein, the communication response time include: 1) sender execute security strategy after send;2) message passes It is defeated;3) after recipient receives data frame, HMAC verifying or decryption are carried out.
Figure 12 indicates that each security strategy is required when ECU nodal clock frequency difference is with bus data transfer rate difference The communication response time.Wherein strategy P1In plain text using broadcast, the communication response time only includes the time delay of 2) message transmissions, therefore The present invention only measures the ECU communication response time of other 5 security strategies.It can be seen that with bus data transfer The increase of rate, communication response time needed for ECU node gradually decrease.Meanwhile needed for the higher ECU node of clock frequency The communication response time is fewer.Therefore, according to the difference of the computing capability of ECU and the size of bus data transfer rate, according to The security strategy of selection differentiation of the invention that can be adaptive of suggesting plans, and then reduce communication delay and computing cost.
6, comparative experiments
The mentioned adaptive security mechanism of the present invention and LeiA scheme and Woo et al. are suggested plans and compare experiment. Time series T={ t is randomly selected in CAN bus message data concentration1,t2,...,t8, it measures in tiBus in period Load and the communication response time for using LeiA, Woo and bus load of the invention and ECU node.Experiment setting ECU section Dot frequency is 150MHz, and the message transmission rate of bus is 1Mbps, message amount such as table in the time series randomly selected Shown in 3.
The time series that the experiment of table 3 is chosen includes message amount
Such as Figure 13 (a), bus load is constantly changing at any time.Woo scheme uses the MAC of 32bits, together with message Transmission, does not increase bus load, therefore the variation tendency of the program is overlapped with the variation of bus load;LeiA scheme is by 64bits's MAC is with additional message transmissions, therefore bus load doubles.And the solution of the present invention uses adaptive fuzzy decision, needle To message demand and network environment, the MAC of 32bits or 64bits is chosen, it is remote low although will increase certain bus load In LeiA scheme.By Figure 13 (b), the ECU node response time that the present invention is suggested plans also between LeiA and Woo scheme, The communication response time of not more increase ECU node.
Table 4 is by LeiA scheme, Woo scheme compared with the present invention is between safety and network performance.Wherein safety packet Include the length of the MAC whether encrypted and for certification.Network performance includes the communication response of the influence and ECU to bus load Time.It can be seen that the present invention is compared to LeiA scheme.It is smaller on bus load influence, and communication delay is smaller;Compared to Woo scheme, provides longer MAC, and safety is higher.This is because being taken into account invention increases adaptive policy selection Network performance and safety.
Table 4 LeiA, Woo and safety of the invention are compared with network performance
Below with reference to effect, the invention will be further described.
Have the following problems for existing CAN bus safety approach: (1) single security mechanism is difficult to meet differentiation Message demand for security and dynamic in-vehicle network environment, existing scheme are difficult to compromise between security and network performance;(2) existing Lack efficient key managing project in CAN bus encryption and certificate scheme, it is difficult to be suitable for the limited ECU section of computing capability Point.The invention proposes a kind of adaptive CAN bus security mechanisms, specifically include that (1) comprehensively considers message demand and car Bus network factor proposes the security strategy Choice based on analytic hierarchy process (AHP) and fuzzy decision, for the message of differentiation With the in-vehicle network environment of dynamic change, the relatively reasonable security strategy of adaptive selection;(2) according to the communication frequency between ECU ECU node division is the domain of stratification by rate, carries out key management.And devise the security strategy and corresponding communication of differentiation Agreement;(3) it is suggested plans to the present invention, has carried out feasibility and safety analysis, and demonstrate having for adaptive fuzzy decision Effect property divides domain and key managing project to carry out performance evaluation ECU.It is compared with existing scheme, the results showed that institute of the present invention The storage overhead and computing cost needed is extremely limited, the CAN of the ECU node and high real-time demand that are limited suitable for computing capability Bus network.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.

Claims (10)

1. a kind of adaptive interior CAN bus method of controlling security, which is characterized in that the adaptive interior CAN bus Method of controlling security includes:
By the analysis to message feature and in-vehicle network environment, several influence factors are selected, and utilize analytic hierarchy process (AHP) and mould Paste the thought of decision, adaptive selection security strategy, while the demand for security for meeting message, according to dynamic in-vehicle network Adjust security strategy to network environment self-adaption;
The communication frequency of interior ECU node is abstracted as non-directed graph, the side right weight using communication frequency as figure, using markov The method of cluster is divided into the domain structure of stratification according to communication frequency between ECU, and uses tree-like domain key structure pair Node carries out key management, in combination with adaptive security strategy choosing method, carries out the security strategy of differentiation and corresponding Communication protocol is chosen, and realizes interior CAN bus security control.
2. adaptive interior CAN bus method of controlling security as described in claim 1, which is characterized in that determined based on fuzzy The CAN bus security strategy choosing method of plan includes:
The determination of set of factors: step 1 is chosen and message demand for security and dynamic in-vehicle network environmental correclation and influence safety The factor of strategy decision constructs set of factors U;Message factor and the value range of network environmental factors (0,1] within, will Message factor and network environmental factors are represented sequentially as u1,u2,...,u7, and be added in set of factors U, U={ u1,u2,..., u7};
Step 2, the determination of set of strategies:
Set of strategies P indicates the set of optional strategy, is expressed as P={ P1,P2,P3,P4,P5,P6, wherein P1Indicate that broadcast passes in plain text It is defeated, P2Indicate ciphertext transmission, P3Indicate plaintext transmission and using the HMAC of truncation certification, P4It indicates plaintext transmission and uses The HMAC of 64bits is authenticated, P5Indicate that ciphertext is transmitted and uses the HMAC certification of truncation, P6Indicate that ciphertext is transmitted and uses 64bits HMAC certification;
Step 3, is chosen based on the differentiation security strategy of fuzzy decision: determining influence factor using analytic hierarchy process (AHP) first Then weight determines security strategy to the subordinating degree function of Comment gathers and constructs fuzzy matrix for assessment, obscure to strategy comprehensive Evaluation is closed, is finally choosing relatively reasonable security strategy output.
3. adaptive interior CAN bus method of controlling security as claimed in claim 2, which is characterized in that
The influence factor that step 1 is chosen further comprises:
(1) confidentiality demandDue to oil temperature relevant to traffic safety, if this kind of message of vehicle speed sensor parameter is attacked Person eavesdrops and cracks, the information such as important information or privacy of user of exposure traffic safety;It is graded by expert, by confidentiality demand It is divided into four grades from high to low, ifIndicate message msgiConfidentiality demand, enableWhenWhen, illustrate the confidentiality demand highest of message;
(2) demand is authenticatedRecognizeIndicate message msgiCertification demand, whereinBy expert or manufacturer pair Message content, transmitting-receiving ECU etc. are analyzed, and the certification demand of message is divided into four grades from high to low;It enables When, illustrate the certification demand highest of message;
(3) real-time demandIfIndicate message msgiReal-time demand, whereinAccording to message Real-time demand rank is arranged in ID, and message ID is the hexadecimal number of 11bits, if its start bit is y, thenValue Such as formula (1);WhenIndicate the real-time demand highest of message;
(4) length scale of message Indicate message msgiLength scale;Message length is l bits,Take It is worth such as formula (2), whereinIndicate message length grade highest;
(5) bus load ratio Bt: gateway ECU monitors the total inorganic nitrogen in certain period T, and it is negative to count the period internal bus Load rate is greater than 50% time span t1The ratio for accounting for (t ≠ 0) total duration t, with bus load ratio BtIt indicates, Bt=t1/t,Bt∈ (0,1], for the value closer to 1, then the bus load ratio in the period is higher;
(6) channel busy ratio CBRt: define channel busy ratio CBRtFor in monitoring time T, detection channel is the time of busy state Shared ratio,N is Channel Detection number, kiIt is 1 in channel busy, letter It is 0 when the road free time;Work as CBRtValue it is bigger when, illustrate that channel is busier;
(7) current network security Status Level St: set StFor the in-vehicle network of intruding detection system feedback interior in current slot T Network security level;Current network security state is fed back to gateway ECU by IDS, wherein St=s | s=(n-k)/n, k=0,1,2, 3, n=4 } four grades of current network state from high to low are successively indicated;Work as StWhen=1, current network security state is indicated Rank highest.
4. adaptive interior CAN bus method of controlling security as claimed in claim 2, which is characterized in that step 3 is into one Step includes:
1) weight of each influence factor of set of factors is determined based on AHP method:
The hierarchical model of CAN bus security mechanism is established, wherein set of factors U={ U1,U2, U1Indicate message set of factors, U2For net Network environmental factor collection;
Compared two-by-two by the factor to same layer, different degree assessment is carried out by expert or manufacturer, determines that its is relatively important Degree;From top to bottom establish comparison matrix Mu=(mij)n×n,mij> 0;Wherein, mijExpression factor uiWith factor ujIt is relatively important Degree, n are factor number, such as formula (3):
MuFor Consistent Matrix, meet: mji=1/mijAndAfter determining comparison matrix, factor power It is determined again;If rule layer weightSub- rule layer is to factor U1,U2Weight be respectively W1And W2, then basis adds Quan Fa, the weight of final all factors are α=[W1·α1,W2·α2];
2) it determines subordinating degree function, constructs fuzzy matrix for assessment R:
By expert or manufacturer by analyzing influence of each factor to security strategy, a policy scores are constructed to each factor Ranking matrix G=(gij)6×4, wherein gijIndicate the strategy P when factor takes different values respectivelyiScore;It is rightConstructing Policy Rating matrix G1, wherein gijIt indicatesWhen successively taking { 0.25,0.5,0.75,1 }, each strategy PiScoring event;
Security strategy is determined to the subordinating degree function of Comment gathers each element, if Comment gathers are the set of all evaluation results composition, With V={ v1,v2,...,vmIndicate, m is the sum of evaluation result;Selection V=it is poor, it is poor, preferably, good;With degree of membership rij For indicating tactful PiIn factor uiUnder the influence of for Comment gathers element vjBelong to degree, wherein rij∈[0,1];rijMore connect It is bordering on 1, illustrates PiTo vjDegree of membership it is higher.The present invention chooses lower semi-trapezoid and is distributed subordinating degree function, wherein { 1,2,3,4 } j= Respectively indicate vjPossible four kinds of values { poor, poor, preferably, good }, then corresponding rijIt is followed successively by ri1,ri2,ri3,ri4, a in formula1 < a2< a3< a4, gijIt indicates the score of the strategy, derives from policy scores matrix G;
Gateway ECU is after the parameter information of certain message of acquisition and the network environment parameters in the period, according to each factor Policy scores matrix G, successively acquisition strategy collection Pi(i=1,2 ... 6) corresponding score gij, and subordinating degree function is substituted into, successively The fuzzy matrix for assessment R of each security strategy is constituted, wherein
3) fuzzy overall evaluation is carried out to strategy:
According to formula (8), P is calculatediTo vjDegree of membership B=(b1,b2,...,bm), tactful PiFuzzy evaluation results vector;Wherein biIndicate PiTo vjDegree of membership, comprehensively consider the influence of each factor, determine PiFor Comment gathers vjDegree of membership;Successively calculate Each security strategy is to Comment gathers vjDegree of membership;
4) security strategy is chosen according to maximum membership grade principle:
Obtaining PiFuzzy evaluation vector Bi=(bi1,bi2,bi3,bi4) after, strategy P is determined according to maximum membership grade principlei's Evaluation result, whenWhen, PiIt is under the jurisdiction of r grade on the whole;Successively determine Pi(i=1,2 ... 6);All The strategy in highest evaluation is chosen in strategy;If the strategy in highest evaluation has multiple, select degree of membership bigger Output of the strategy as fuzzy decision;Gateway ECU broadcasts the security strategy of the message of selection to bus, with the message phase The ECU that sends and receives closed updates the message in the strategy of subsequent time period T.
5. adaptive interior CAN bus method of controlling security as claimed in claim 4, which is characterized in that in step 1) because Plain weight is determined method
Input: comparison matrix Mu=(mij)n×n
Output: weight vectors;
I) by matrix MuBy row normalization, matrix M is obtainedu'=(m'ij)n×n, wherein
Ii) by matrix Mu' by row summation, obtain vectorWherein
Iii) to vectorNormalization, obtains characteristic vector W=[w1,w2,...,wn]T, wherein
Iv Maximum characteristic root value λ) is soughtmax:
V) consistency check compares random index RI, calculates coincident indicator CI and consistency ratio CR, wherein CI= (λmax- n)/(n-1), CR=CI/RI.As CR >=0.1, need to MuIn element assignment and be constantly adjusted again, jump Go to step i);
Vi) vector W is normalized, obtains this layer of weight α=[α12,...,αn]T, wherein
6. adaptive interior CAN bus method of controlling security as described in claim 1, which is characterized in that
ECU divides domain key management and security protocol choosing method includes: to be based on first for the communication overhead for reducing domain intermediate node The thought of MCL cluster, according to the communication frequency of ECU to ECU node division domain;
Then it establishes the tree-like domain key structure of logic-based key tree and completes key distribution;
Last combining adaptive security strategy choosing method, designs the security strategy and its communication protocol of differentiation.
7. adaptive interior CAN bus method of controlling security as claimed in claim 6, which is characterized in that clustered based on MCL ECU points of domain include:
Input: ECU communication frequency weighted-graph, n are node total number;
Output: ECU divides the result set in domain;
1) adjacency matrix C=(c is established by ECU node traffic diagram G (V, E)ij)n×n, wherein cijFor ECUiAnd ECUjBetween communication Frequency CFij
2) Matrix C diagonal entry adds 1, i.e., as i=j, cij=1;And will be normalized by column, communication frequency is calculated Probability matrix C'=(c'ij)n×n, wherein
3) Selecting All Parameters e multiplies Matrix C ' power, i.e. C'=(C')e
4) Selecting All Parameters r, to Matrix C ' in each element carry out r power and multiply, and be normalized by column, obtain Matrix C "= (c”ij)n×n, wherein
5) the carry out step 3), step 4) of iteration, until Matrix C "=(c "ij)n×nConvergence;
6) the cluster result collection of ECU node is exported;
Above-mentioned steps are recycled, input of the output as next round of every wheel is clustered knot with the ECU node of the output of i-th Fruit collection, constructs new figure Gi(Vi,Ei), the ECU of ECU and remaining set that each set is entirely gathered as the vertex in figure are saved Weight of the sum of the communication frequency of point as side, carries out MCL cluster again, until ultimately forming a cluster, according to each cluster Result set establishes the tree-like logical construction in ECU node point domain.
8. adaptive interior CAN bus method of controlling security as described in claim 1, which is characterized in that the domain based on LKH Key is distributed with management method
Divide field result collection according to ECU, establish and be based on the tree-like domain key structure of LKH, unique 8 bit of ECU is identified, It is expressed as ECUi;The tree-like domain key logical construction based on LKH is established, leaf node indicates that ECU, dummy node represent domain, together The brotgher of node of one father's node belongs to the same domain;Each ECU saves all on the path from leaf node to root node Key;The cipher key number of representative domain, wherein i, sorts if j is respectively indicated by ECU ID, start node and end section in domain Point ID, s indicate the layer number of key tree;
After establishing tree-like domain key logical construction, key distribution is carried out by gateway ECU;The ECU node and gateway ECU of domain n is pre- Shared keyAnd the downloading of key is to pass through safe lane;Gateway ECU stores all keys as control node;Add Some ECU when progress is dispatched from the factory and replaced to the process for carrying wildcard only in automobile;When vehicle launch, gateway ECU is according to tree The logical construction of shape domain key distributes key by fixed sequence;ECUi∈Yn, wherein YnRepresentative domain n;
Specific step is as follows.
(1) gateway ECU selects two random number seedsFor generating YnDomain in session key EKnAnd certification Key A Kn;Use YnThe encryption key of interior ECU and gateway ECU pre-shareEncrypted random number seed is simultaneously broadcasted, such as formula (9) (10);
(2)YnNode receive and decrypted with corresponding key after message, obtainAnd calculate separately YnSession it is close Key EKnWith authentication key AKn, such as formula (11) (12);Wherein KDF () indicates the unilateral hash function for being used for key derivation;
It (3) is to verify whether successfully shared key EKnWith AKn, the EK of gateway ECU step (1) generationnWith AKnCTR is encrypted respectivelyn And it broadcasts;Wherein, CTRnFor key distribution when gateway ECU save and YnRelevant counter such as formula (13) (14);
(4)YnInterior nodes receive the corresponding secret key decryption generated after message with step (2), the CTR that will be obtainednValue is saved with oneself Counter Value CTR'nComparison, if equal, then it is assumed that successfully have shared corresponding key;Otherwise, ECU node need to be sent out to gateway ECU Erroneous frame is sent, is shown and failed shared key.
Gateway ECU successively distributes session key EK as unit of domainnWith authentication key AKn;In vehicle igniting and centainly In period of time T in a manner described, gateway ECU presses domain distribution key, more new session key and authentication key again.
9. adaptive interior CAN bus method of controlling security as described in claim 1, which is characterized in that differentiation safety The choosing method of agreement includes:
If set of strategies is P={ P1,P2,P3,P4,P5,P6, wherein P1Indicate broadcast transmission in plain text, P2Indicate ciphertext transmission, P3Table Show plaintext transmission and using the HMAC of truncation certification, P4It indicates plaintext transmission and is authenticated using the HMAC of 64bits, P5Indicate ciphertext Transmit and use the HMAC certification of truncation, P6Indicate that ciphertext is transmitted and the HMAC of 64bits is used to authenticate.ECUiTo ECUjSend report Text, and ECUi,ECUj∈Yn
(1) strategy P1Broadcast transmission in plain text: former message is broadcasted in plain text, without any processing;
(2) strategy P2Ciphertext transmission: ECUiUpdate packet accouterAnd choose corresponding key EKnEncrypting plaintext M andAfter obtain ciphertext C, be sent to bus, hereECUjIt is determined according to message ID corresponding Security strategy, and corresponding key EK is chosen according to sender IDnAfter decryption plaintext M andIt willIt is protected with oneself The counter depositedIt compares.IfThen updateIt is followed by receiving text, is otherwise abandoned;
(3) strategy P3Indicate the HMAC certification using truncation: ECUjNeed to verify message whether be modified to and whether true source In ECUi, authenticated using HMAC;If former message length is lbits, tactful P3Choose (64-l) bits before generating HMAC; If ECUi,ECUj∈Yn, ECUiRefresh counterUse authentication key AKnIt generates(64-l) bits before taking, with M andIt is sent to bus together;
ECUjDetermine corresponding security strategy and authentication key AKnAfterwards, it calculatesWith The HMAC comparison received, if unanimously, comparingIt is saved with oneselfIfIt updatesIt is followed by receiving text, otherwise abandons the message;
(4) strategy P4It is authenticated using the HMAC of 64bits, the process and P of certification3Unanimously;The difference is that will generate here HMAC takes preceding 64bits, is sent to CAN bus with an individual message;
(5) strategy P5Ciphertext is transmitted and uses the HMAC certification of truncation: ECUiUpdate packet accouterIt chooses corresponding close Key EKnMessage is encrypted, i.e.,And generate HMAC, i.e.,If former Message length is lbits, tactful P5Choose (64-l) bits before generating HMAC.And by ciphertext C together with the HMAC after truncation It is sent to bus;
ECUjDetermining security strategy and corresponding key EKnAnd AKnAfterwards, EK is usednObtained after decryption M andAnd it generates HMAC', i.e.,It is compared with the HMAC received, if unanimously, comparingWithIfIt updatesIt is followed by receiving text, is otherwise abandoned;
(6) strategy P6Ciphertext is transmitted and the HMAC of 64bits is used to authenticate: the generation of HMAC and encryption process and P5Unanimously, Only difference is that the HMAC of generation is sent with an individual message.
10. a kind of adaptive interior CAN for implementing interior CAN bus method of controlling security adaptive described in claim 1 Bus safety control system.
CN201910493594.7A 2019-06-06 2019-06-06 Self-adaptive in-vehicle CAN bus safety control method and system Active CN110377002B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910493594.7A CN110377002B (en) 2019-06-06 2019-06-06 Self-adaptive in-vehicle CAN bus safety control method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910493594.7A CN110377002B (en) 2019-06-06 2019-06-06 Self-adaptive in-vehicle CAN bus safety control method and system

Publications (2)

Publication Number Publication Date
CN110377002A true CN110377002A (en) 2019-10-25
CN110377002B CN110377002B (en) 2021-07-30

Family

ID=68249966

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910493594.7A Active CN110377002B (en) 2019-06-06 2019-06-06 Self-adaptive in-vehicle CAN bus safety control method and system

Country Status (1)

Country Link
CN (1) CN110377002B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112600724A (en) * 2020-11-18 2021-04-02 江苏徐工工程机械研究院有限公司 CAN bus performance test method and test system
CN112602303A (en) * 2020-08-28 2021-04-02 华为技术有限公司 Data transmission method and device
CN112637003A (en) * 2020-12-04 2021-04-09 重庆邮电大学 Message transmission time estimation method for automobile CAN network
WO2021139190A1 (en) * 2020-01-10 2021-07-15 华为技术有限公司 Intra-vehicle network-based communication method and apparatus
CN113132098A (en) * 2021-03-12 2021-07-16 北京航空航天大学 Large-scale in-vehicle network-oriented extensible CAN bus safety communication method and device
CN113179152A (en) * 2021-03-11 2021-07-27 江苏大学 In-vehicle network data communication method based on ECU communication frequency characteristics
CN113268383A (en) * 2021-04-26 2021-08-17 北京控制工程研究所 Four-machine four-bus fault class-replacing method based on grading strategy
CN113328919A (en) * 2021-05-28 2021-08-31 江苏徐工工程机械研究院有限公司 CAN bus identifier, communication method and communication system
WO2021213726A1 (en) * 2020-04-20 2021-10-28 Bayerische Motoren Werke Aktiengesellschaft Device and method for sending a message to at least two receivers for a motor vehicle
CN114650536A (en) * 2022-03-31 2022-06-21 重庆长安新能源汽车科技有限公司 Intrusion detection method, system, vehicle and storage medium based on message fingerprint
CN114785543A (en) * 2022-03-09 2022-07-22 西安电子科技大学 In-vehicle network cross-domain communication method, computer equipment and intelligent terminal
CN115065491A (en) * 2022-03-30 2022-09-16 成都市以太节点科技有限公司 Function and information security policy comprehensive selection method, electronic equipment and storage medium
CN115913814A (en) * 2022-12-05 2023-04-04 东北大学 Vehicle-mounted CAN bus encryption communication system and method supporting security level classification

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102541047A (en) * 2011-11-10 2012-07-04 浙江吉利汽车研究院有限公司 Software adaptive allocation method of combination meter
CN104724007A (en) * 2015-01-28 2015-06-24 长城汽车股份有限公司 Automobile network system and automobile
JP2016055673A (en) * 2014-09-05 2016-04-21 株式会社デンソー Failure diagnosis device and electronic control device
EP3062477A1 (en) * 2015-02-27 2016-08-31 Samsung Electronics Co., Ltd. Electronic device employing level-based transmission of configuration information
CN106549940A (en) * 2016-10-13 2017-03-29 北京奇虎科技有限公司 Vehicle data transmission method and system
WO2017079287A1 (en) * 2015-11-04 2017-05-11 Visa International Service Association In-vehicle access application
CN106774232A (en) * 2015-11-20 2017-05-31 上海汽车集团股份有限公司 VATS Vehicle Anti-Theft System collocation method, apparatus and system
CN108023876A (en) * 2017-11-20 2018-05-11 西安电子科技大学 Intrusion detection method and intruding detection system based on sustainability integrated study
EP3337120A1 (en) * 2016-12-14 2018-06-20 Nxp B.V. Network message authentication and verification
EP3339080A1 (en) * 2016-12-23 2018-06-27 Samsung Electronics Co., Ltd. Vehicle and method for controlling thereof
CN108494725A (en) * 2018-01-30 2018-09-04 惠州市德赛西威汽车电子股份有限公司 A kind of encryption communication method of vehicle-mounted CAN bus message
CN108536118A (en) * 2017-03-01 2018-09-14 福特全球技术公司 End-to-end vehicle safety ECU unlocks in half offline environment
CN109274566A (en) * 2018-08-28 2019-01-25 开沃新能源汽车集团有限公司 A method of realizing that the data communication of different CAN baud rates completes EPS with the data interaction of VCU based on gateway
US20190104149A1 (en) * 2017-10-03 2019-04-04 George Mason University Hardware module-based authentication in intra-vehicle networks
CN109830002A (en) * 2019-01-23 2019-05-31 征辕科技(宁波)有限公司 Event data record method, apparatus of driving a vehicle and event data recorder

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102541047A (en) * 2011-11-10 2012-07-04 浙江吉利汽车研究院有限公司 Software adaptive allocation method of combination meter
JP2016055673A (en) * 2014-09-05 2016-04-21 株式会社デンソー Failure diagnosis device and electronic control device
CN104724007A (en) * 2015-01-28 2015-06-24 长城汽车股份有限公司 Automobile network system and automobile
EP3062477A1 (en) * 2015-02-27 2016-08-31 Samsung Electronics Co., Ltd. Electronic device employing level-based transmission of configuration information
WO2017079287A1 (en) * 2015-11-04 2017-05-11 Visa International Service Association In-vehicle access application
CN106774232A (en) * 2015-11-20 2017-05-31 上海汽车集团股份有限公司 VATS Vehicle Anti-Theft System collocation method, apparatus and system
CN106549940A (en) * 2016-10-13 2017-03-29 北京奇虎科技有限公司 Vehicle data transmission method and system
EP3337120A1 (en) * 2016-12-14 2018-06-20 Nxp B.V. Network message authentication and verification
EP3339080A1 (en) * 2016-12-23 2018-06-27 Samsung Electronics Co., Ltd. Vehicle and method for controlling thereof
CN108536118A (en) * 2017-03-01 2018-09-14 福特全球技术公司 End-to-end vehicle safety ECU unlocks in half offline environment
US20190104149A1 (en) * 2017-10-03 2019-04-04 George Mason University Hardware module-based authentication in intra-vehicle networks
CN108023876A (en) * 2017-11-20 2018-05-11 西安电子科技大学 Intrusion detection method and intruding detection system based on sustainability integrated study
CN108494725A (en) * 2018-01-30 2018-09-04 惠州市德赛西威汽车电子股份有限公司 A kind of encryption communication method of vehicle-mounted CAN bus message
CN109274566A (en) * 2018-08-28 2019-01-25 开沃新能源汽车集团有限公司 A method of realizing that the data communication of different CAN baud rates completes EPS with the data interaction of VCU based on gateway
CN109830002A (en) * 2019-01-23 2019-05-31 征辕科技(宁波)有限公司 Event data record method, apparatus of driving a vehicle and event data recorder

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
罗峰 等: "基于CAN-FD总线的车载网络安全通信", 《同济大学学报(自然科学版)》 *
马超 等: "汽车信息安全文献综述", 《装备维修技术》 *

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021139190A1 (en) * 2020-01-10 2021-07-15 华为技术有限公司 Intra-vehicle network-based communication method and apparatus
CN113132082A (en) * 2020-01-10 2021-07-16 华为技术有限公司 Communication method and device based on vehicle intranet
WO2021213726A1 (en) * 2020-04-20 2021-10-28 Bayerische Motoren Werke Aktiengesellschaft Device and method for sending a message to at least two receivers for a motor vehicle
CN112602303A (en) * 2020-08-28 2021-04-02 华为技术有限公司 Data transmission method and device
CN112600724A (en) * 2020-11-18 2021-04-02 江苏徐工工程机械研究院有限公司 CAN bus performance test method and test system
CN112637003A (en) * 2020-12-04 2021-04-09 重庆邮电大学 Message transmission time estimation method for automobile CAN network
CN112637003B (en) * 2020-12-04 2022-03-29 重庆邮电大学 Message transmission time estimation method for automobile CAN network
CN113179152A (en) * 2021-03-11 2021-07-27 江苏大学 In-vehicle network data communication method based on ECU communication frequency characteristics
CN113132098A (en) * 2021-03-12 2021-07-16 北京航空航天大学 Large-scale in-vehicle network-oriented extensible CAN bus safety communication method and device
CN113268383B (en) * 2021-04-26 2023-07-14 北京控制工程研究所 Four-machine four-bus fault shift replacing method based on hierarchical strategy
CN113268383A (en) * 2021-04-26 2021-08-17 北京控制工程研究所 Four-machine four-bus fault class-replacing method based on grading strategy
CN113328919A (en) * 2021-05-28 2021-08-31 江苏徐工工程机械研究院有限公司 CAN bus identifier, communication method and communication system
CN113328919B (en) * 2021-05-28 2023-10-10 江苏徐工工程机械研究院有限公司 CAN bus identifier, communication method and communication system
CN114785543A (en) * 2022-03-09 2022-07-22 西安电子科技大学 In-vehicle network cross-domain communication method, computer equipment and intelligent terminal
CN114785543B (en) * 2022-03-09 2023-10-20 西安电子科技大学 In-vehicle network cross-domain communication method, computer equipment and intelligent terminal
CN115065491A (en) * 2022-03-30 2022-09-16 成都市以太节点科技有限公司 Function and information security policy comprehensive selection method, electronic equipment and storage medium
CN114650536B (en) * 2022-03-31 2023-06-02 重庆长安新能源汽车科技有限公司 Intrusion detection method, system, vehicle and storage medium based on message fingerprint
CN114650536A (en) * 2022-03-31 2022-06-21 重庆长安新能源汽车科技有限公司 Intrusion detection method, system, vehicle and storage medium based on message fingerprint
CN115913814A (en) * 2022-12-05 2023-04-04 东北大学 Vehicle-mounted CAN bus encryption communication system and method supporting security level classification

Also Published As

Publication number Publication date
CN110377002B (en) 2021-07-30

Similar Documents

Publication Publication Date Title
CN110377002A (en) A kind of adaptive interior CAN bus method of controlling security and system
Wei et al. A privacy-preserving fog computing framework for vehicular crowdsensing networks
Pu et al. Lightweight authentication protocol for unmanned aerial vehicles using physical unclonable function and chaotic system
Rathore et al. Real-time secure communication for Smart City in high-speed Big Data environment
Liu et al. PPTM: A privacy-preserving trust management scheme for emergency message dissemination in space–air–ground-integrated vehicular networks
Yang et al. SDAP: A secure hop-by-hop data aggregation protocol for sensor networks
CN105049401B (en) A kind of safety communicating method based on intelligent vehicle
CN107508859A (en) Vehicle communication method based on block chain technology in vehicular ad hoc network
Liu et al. BTMPP: Balancing trust management and privacy preservation for emergency message dissemination in vehicular networks
CN101262333A (en) A secure communication method between nodes in vehicular network
Gu et al. Vehicle driving pattern based sybil attack detection
Dong et al. A blockchain-based hierarchical reputation management scheme in vehicular network
CN103841553B (en) A kind of hybrid wireless Mesh network routing safety and the method for secret protection
CN110868294A (en) Key updating method, device and equipment
CN104717644A (en) Two-tiered wireless sensor network range query method capable of verifying privacy protection
Wang et al. A novel anonymous authentication scheme based on edge computing in internet of vehicles
Gu et al. Cluster-based malicious node detection for false downstream data in fog computing-based VANETs
CN111200604A (en) Privacy protection method and system based on data aggregation
SriVenkateswaran et al. Secure cluster-based data aggregation in wireless sensor networks with aid of ECC
Yang et al. An overview of sybil attack detection mechanisms in vfc
Dhanaraj et al. Probit cryptographic blockchain for secure data transmission in intelligent transportation systems
Geng et al. A software defined networking-oriented security scheme for vehicle networks
Kore et al. Reliable and Secure Data Transmission in Smart Healthcare Application of Internet of Things
Hu et al. A data sharing scheme based on federated learning in iov
Liang et al. Bac-Crl: Blockchain-Assisted Coded Caching Certificate Revocation List for Authentication in Vanets

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant