CN109076081A - Method for monitoring the safety of the communication connection of vehicle - Google Patents

Method for monitoring the safety of the communication connection of vehicle Download PDF

Info

Publication number
CN109076081A
CN109076081A CN201780025765.2A CN201780025765A CN109076081A CN 109076081 A CN109076081 A CN 109076081A CN 201780025765 A CN201780025765 A CN 201780025765A CN 109076081 A CN109076081 A CN 109076081A
Authority
CN
China
Prior art keywords
vehicle
rule
monitoring
network
mobile radio
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201780025765.2A
Other languages
Chinese (zh)
Other versions
CN109076081B (en
Inventor
M.扎博克
M.沃尔多斯基
T.温克尔沃斯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Volkswagen AG
Original Assignee
Volkswagen AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Volkswagen AG filed Critical Volkswagen AG
Publication of CN109076081A publication Critical patent/CN109076081A/en
Application granted granted Critical
Publication of CN109076081B publication Critical patent/CN109076081B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R16/00Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for
    • B60R16/02Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements
    • B60R16/023Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements for transmission of signals between vehicle parts or subsystems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Abstract

The present invention relates to a kind of methods for monitoring the safety of the communication connection (18) of vehicle (12), wherein vehicle (12) passes through at least one mobile radio agreement and/or at least one internet protocol communication.Provided with following steps: establishing for the rule (26) by least one mobile radio agreement and/or the communication of the permission of at least one Internet Protocol;It monitors at least one mobile radio agreement and/or at least one Internet Protocol that vehicle (12) uses for the rule violation of rule;And trigger action, such as when one or more rule violations have been determined, creation includes the report (28) of identified rule violation and/or takes at least one measure.The technical problem to be solved by the present invention is to further increase the safety of the communication connection of vehicle.

Description

Method for monitoring the safety of the communication connection of vehicle
Technical field
The method that the present invention relates to a kind of for monitoring the safety of the communication connection of vehicle, with the vehicle of communication connection With the control equipment at least one communication connection.
Background technique
It is vehicle networked to become more and more important in the automotive industry.Modern vehicle is largely networked now, and due to difference Sensor and entrance and a possibility that various built-in systems for making automobile are attacked by malicious hackers is provided.It chooses at center War is normal and abnormal communication stream that is distinguished from each other, and is therefore tracked to manipulation and attack.
10 2,013 016 096 A1 of DE discloses a kind of method for showing the current operating conditions of motor vehicle, In, the image data of the perimeter of motor vehicle is generated, and motor vehicle is to the component request parameter value of motor vehicle, then to scheme Shape is shown.
10 2,011 076 350 A1 of DE discloses a kind of for being based on the vehicle network of at least one vehicle interior The digital finger-print of vehicle network carries out manipulation and knows method for distinguishing.
US 2014/0257624A1 discloses the monitoring of the electric energy generating system of a kind of pair of vehicle, wherein transfers from node Data and it is fed to reporting system.
Summary of the invention
Now, the technical problem to be solved by the present invention is to further increase the safety of the communication connection of vehicle.
Above-mentioned technical problem is by the method according to claim 1, vehicle according to claim 9 and according to claim 10 control equipment solves.
Method according to the present invention for monitoring the safety of the communication connection of vehicle includes the following steps, wherein vehicle Pass through at least one mobile radio agreement and/or at least one internet protocol communication:
Establish the communication for allowing by least one mobile radio agreement and/or at least one Internet Protocol Rule;
Monitoring is directed at least one mobile radio agreement and/or at least one Internet Protocol that vehicle uses The rule violation of rule;And
Trigger action, such as when one or more rule violations have been determined, creation includes identified rule violation It reports (28) and/or takes at least one measure.
The method imagined herein is based on automatically assessing network event and shows its result in the car or having The thought actively reacted in the case where harm.That is, driver can not only be alerted before harmful, and Driver actively can also be protected in order to avoid being affected.In principle, using two indices and compensate it mutually.One Index is related to event or rule violation, and another index is related to the movement to be triggered, such as creation report or takes measures, example Such as intensive observation and/or limitation communication connection.It proposes, is on the one hand classified according to seriousness to possible event.Thus The known method in vehicle technology and IT can be used.On the other hand, also according to the seriousness of its intervention to possible movement It is ranked up.For identified event suitably trigger action.
The information that the safe condition about its vehicle is provided to driver is had the advantages that according to the method for the present invention. If the display problem in this report or state takes measures in network side, enable the customer to obtain in same report The influence of measure.The function reduction of network side does not influence driving safety.Network disconnects and bandwidth fluctuation is in mobile radio Daily phenomenon.It means that all on-line systems of exploitation vehicle, so that even if in the event of a network outage, it is all basic Vehicle functions also can continue to using.Due to these measures of network side, for manufacturer's system, access vehicle can continue to ?.Thus it is for example possible to continue to diagnose and intervene, be for example updated.Therefore, safety can be excluded specifically for vehicle Accident.At any time safety message can be provided to (authorization) driver.One possible expansion scheme is, when vehicle is built When vertical data connection, report or report are always transferred.Then, Infotainment unit may indicate that there are new message.This head First obviously it is easier to realize than introducing new technological system in the car in the scheme that network side is realized.In addition, therefore can also be with Improve the safety of existing vehicle.This method enables vehicle user and manufacturer to transfer safe condition about vehicle Information, therefore the attack for obtaining generation and report the case where its influence.Counter-measure is taken in the formation of these situation information Basis.
It can be set to, at least interim show in the car to driver is reported.Therefore, driver can directly be apprised of The security situation of its vehicle.It can choose the display for being easy to read of such as signal lamp form.It can be set to, report display Duration is related with the seriousness of rule violation.Therefore, slight rule violation for example can be used as of short duration pop-up window To show.Detailed report can be then transferred when needed.
It can be further arranged to, report is created in rear end.Rear end is herein by by being connected to the network enterable, offer The IT infrastructure of service about network connection is constituted.This have the advantages that do not need in the car setting hardware or Existing hardware can be used for other tasks.There are computing capabilitys in rear end, or enable computing capability more simply It uses.In addition, can more simply be carried out in rear end with different network or agreement and multiple vehicles and multiple network components Communication.
Furthermore, it is possible to be set as, the report group of multiple vehicles is combined into data set.In this way, vehicular manufacturer, vehicle The general view of operator of team or the available entire fleet of service provider, and for example check and assess rule violation or be based on rule The distribution or seriousness of the problem of then violating or attack.Therefore, more rapidly and more targetedly reply can be executed to arrange It applies.
According to the quantity and/or security risk of identified rule violation, intensive observation can be carried out and/or at least faced When limit vehicle network capabilities.It may be thus possible, for example, to address range or agreement be prevented or limit, to minimize or prevent safety Risk.Limitation network capabilities can be carried out gradually.Limitation can be from limitation connection until disconnecting or deactivating each of communication connection Component, such as smart phone or SIM card.This makes it possible to pointedly be protected in the case where keeping function as much as possible Shield.Furthermore, it is possible to be set as, less serious event triggers intensive observation first, just takes measures later.This makes it possible to Better discriminate between mistake and erroneous estimation (" false positives (wrong report) ") and really attack.
The monitoring of rule violation can be carried out at the network interface of vehicle.It may be thus possible, for example, to directly on vehicle Observe the communication entered and left.This makes it possible to make rule violation very quick reaction.
At least one mobile radio agreement and/or at least one internet protocol can realized to the monitoring of rule violation It is carried out at the network components of the network of view.These network components can be the target point or terminal of the communication of vehicle, or logical Believe the intermediate point or relay station in path.Monitor that rule violation may be simpler in network internal, because usually there is institute there The infrastructure needed.Therefore, the irrelevance with the hardware of vehicle, software and model is obtained.
The convergence and/or confidence level of rule violation can be checked at different network components.In this case, no Same data source can mutually compensate, therefore to obtain the more accurate estimation to situation and can to carry out to data credible Degree test.
It can be set to, monitor the rule violation of the communication of vehicle interior.In this way, it can not only monitor and outside The communication of partner, and can monitor with internal partner, for example control the communication of equipment, which further improves safeties.Vehicle The result of the monitoring of inside equally may be embodied in report.
It is according to the present invention to have for the logical of at least one mobile radio agreement and/or at least one Internet Protocol The vehicle for believing connection is configured as executing the previously described method for monitoring the safety of communication connection.Applicable and front Described identical advantage and modification.Vehicle can have display equipment, be configurable for display comprising identified The report of rule violation.Display equipment can be already existing unit, such as information entertainment, this makes it possible in vehicle In simply implement.It can be set to, there are the communication network of vehicle interior and monitoring unit is set, monitoring unit is configured For for monitoring whether the communication of vehicle interior breaks the rules in communication network inside the vehicle.The communication network of vehicle interior It can be bus system, such as CAN bus (Controller Area Network, controller zone network) or local number According to network, such as Ethernet.Such as security-related event can be informed by rear end by control equipment, to come from vehicle system The diagnostic message extended report or safety message of system.The monitoring of additional vehicle interior can be further improved safety.
Control equipment according to the present invention at least one communication connection is configurable for executing previously described Method for monitoring the safety of communication connection.It is applicable in and identical advantage and modification described above.Controlling equipment can To be independent control equipment, or the function can be integrated into existing control equipment, such as communicating.
Other preferred designs of the invention are obtained from remaining feature mentioned in the dependent claims.
Unless in addition illustrating on rare occasion, the different embodiments of the invention otherwise mentioned in this application can To be advantageously mutually combined.
Detailed description of the invention
In the following, illustrating the present invention in embodiment by attached drawing.
Fig. 1 shows the schematic diagram of the system for the safety for monitoring the communication connection of vehicle.
Specific embodiment
Fig. 1 shows the system 10 of the safety for monitoring the communication of vehicle 12.It shows herein as car form The schematic diagram of vehicle 12.In addition, land vehicle, such as lorry, bus, motorcycle, rail vehicle and aircraft and ship also regard For vehicle.
Vehicle 12 includes the interface 14 for communicating with mobile radio telephone network 16, with one or more standards, such as UMTS, GSM and/or protocol-compliant.Agreement is for example referred to as level (Strata) in umts, and can be divided into and be related to The particular protocol layer of the protocol layer and the service being related in core network that are wirelessly electrically accessed and participant's management.Pass through interface 14 It can establish one or more communication connections 18, vehicle 12 communicated with external partners.Interface 14 and necessity When vehicle other component parts, for example accordingly control equipment be communicate to connect 18 or at least one communication connection 18 composition Part.
Communication connection 18 is used as carrier commonly using mobile radio telephone network 16, wherein PERCOM peripheral communication partner for example services Device 20 is arranged in computer network 22.Computer network 22 and mobile radio telephone network 16 are correspondingly connected with each other.It is calculating In machine network 22, multiple agreements, such as Ethernet can be movable again.Communication connection 18 for example can be from the interface of vehicle 12 14 extend to server 20 by mobile radio telephone network 16 and computer network 22.Communication connection 18 can be one-way or bi-directional 's.
For the multiple agreements of each Web vector graphic.By additionally observing multiple agreements in different networks, by inspection Accurate analysis can be executed by looking into convergence and/or confidence level.In general, the association that monitoring or processing communication connection 18 use One or more rule violations in view, multiple or all agreements.Here, the agreement for monitoring or handling may communicate to connect 18 use one, extend on multiple or all-network.
The monitoring of monitoring unit 24 passes through at least one mobile radio agreement and/or the basis of at least one Internet Protocol The communication that rule or rule set 26 allow.When one or more rule violations have been determined, the creation of monitoring unit 24 report 28.Report Accusing 28 includes identified rule violation.According to the quantity and/or seriousness of rule violation, adjustable report or report it is aobvious Show or filter content.
Monitoring unit 24 can be arranged in rear end 30.Rear end 30 can be component part or the participation of computer network 22 Person.Monitoring unit 24 can also be arranged in vehicle 12.In addition, monitoring unit 24, which may be constructed such that, is distributed in multiple units On.For example, monitoring unit 24 can also monitor the communication network 32 of vehicle interior.This can by with mobile radio telephone network 16 Interface 14 or carried out for example, by the other interface 34 specific to manufacturer.
In the following, being directed to rule in mobile radio agreement and/or Internet Protocol that detailed description uses vehicle 12 The monitoring of 26 rule violation, and the report when one or more rule violations have been determined comprising identified rule violation 28 creation.
Technical solution described herein based on the idea that be located at vehicle 12 in the rule-based of network 16,22 Observation causes the movement of definition, such as creation to report 28 and/or take measures when abnormal.By in order to carry out safety analysis And network event is recorded, the shadow that part there may be the safety accident that significantly affects to driver and vehicle can be obviously reduced It rings.By the networking of vehicle, various processing possibilities are obtained.
Here, taking the precondition of movement is: not only in the level of mobile radio agreement, but also to computer network Agreement the communication behavior of the vehicle of networking is checked for rule violation.It should be noted that can carry out this Detection, so that only detected rule violates, to meet applicable data protection condition.This can be shown by taking dns resolution as an example. The vehicle 12 of networking transfers network address (URL) for service.Because the service discharged now for vehicle 12 is known, institute It can identify when to have transferred abnormal address from vehicle 12 with network 22.It is such to transfer the corresponding movement of triggering. (authorization) vehicle user can identify that there are rule violations by the display in vehicle 12 now.It optionally, equally can be with The measure taken and its influence are shown for driver.
The readily identified classification of the rule violation boil down to that display will test, such as signal lamp color, and according to Need to provide detailed security report.This report is produced by the network element that runs outside vehicle 12, such as monitoring unit 24 It is raw.That is, being only used for the system of display report 28, the browser in such as Infotainment component is located in vehicle 12.Report Vehicle 12 can be transferred to by the interface 14 with mobile radio telephone network 16 or by other interface 34 by accusing 28.
The following example for enumerating the rule 26 that do not abide by network 16 and 22 comprising monitoring.
It is in computer network 22 it is contemplated that following regular, such as using nonlicet network protocol, such as allow HTTPs agreement forbids HTTP and/or FTP.As rule, transferring to the address URL/ not discharged can be monitored.As rule It then, can also be in agreement, such as ICMP (Internet Control Message Protocol, internet control message association View) in realize limitation to type of message.
In mobile radio telephone network 20, as the rule to be monitored, such as the number attempted with do not allowed may be implemented Connection is established, SMS is received from it to the participant of unauthorized transmission SMS/ and/or changes IMEI (International Mobile Station Equipment Identity, international mobile station EIC equipment identification code) combination, check vehicle 12 position (such as leaving EU) and ICCID (Integrated Circuit Card Identifier, integrated circuit card identifier) are set, this Show that SIM card is stolen.
Rule violation can be by the HLR (Home in the different components of network 16 and 22, such as mobile radio telephone network 16 Location Register, home location register), MSC (Mobile Switching Center, mobile switching centre), DNS in SGSN (Serving GPRS Support Node, Serving GPRS Support Node) and/or computer network 22 (Domain Name System, domain name system) server, firewall, gateway, server are monitored and are detected.
In addition, rule, rule set, update etc. can be sent to network 16 and 22 and its component by monitoring unit 24.Net Network 16 and 22 is directly fed back to monitoring unit 24 or to the same accessible database of monitoring unit 24.
According to identified rule violation, movement is taken in monitoring unit 24, such as creation includes identified rule It the report 28 of violation and/or takes measures.This report is sent to vehicle 12 to notify driver, and there at least temporarily When shown to driver.Furthermore, it is possible to the fleet of multiple vehicles, such as company, identical vehicle model, manufacturer it is all The report 28 of vehicle of vehicle or arbitary inquiry request is grouped and is assessed together, so as to therefore obtain for example about Information except the single unit vehicle of threat condition.This assessment can provide in monitoring unit 24 or in manufacturer or service Implement in the rear end of quotient, report 28 or combined assessment are sent to the rear end.
Other than creation report 28, it is also based on report result and takes measures.Solution proposed herein is to rule It then violates and different reactions is provided.The type of reaction and the seriousness of rule violation are related.It is all reaction herein technically by The network element of network 16 and 22 triggers, without being triggered by Vehicular system.
Simplest reaction is to acquire the complementary network data of vehicle 12.The assessment formation of network data is judged whether to deposit On the basis of safety accident.Assessment carries out on network element or in monitoring unit 24.It, then can be with if there is safety accident The network capabilities of vehicle 12 is limited step by step.This is equally used for weakening to driver to the influence of vehicle and related for limiting Vehicle.
It limits and for example may include:
The attainability (such as address range) of limit network resource;
Pointedly close each service (combination of agreement and address);
Block the data connection of all progress;
It separates customer equipment (such as smart phone, USB disk);
The data rate (being no longer able to carry out data connection) of SIM card used in cancelling;
Permanently deactivate SIM card (vehicle continues offline).
In the cascade of measure described above, possible measure is carried out according to the influence of the intervention of measure or seriousness Classification, wherein simplest measure is in first.This cascade is at least optionally arranged to the number with rule violation herein Amount and/or correlation interaction.Thus, for example can directly apply the cascade in the very relevant situation of rule violation Afterbody in measure.In the case where rule violation is slight or is not understood fully completely, can also carry out first intensive Observation.
Described measure can be grouped, therefore to form the state for being easy to explain for a user.It can The feature of energyOr overview (Profile) may is that there is no problem, under observation, function limitation, from Line.
Therefore, it together with the traffic light system for estimating the seriousness of safety accident, is clearly informed always to user The safe condition of its vehicle.Described measure realizes in calculating center or monitoring unit 24 as function, therefore can also be with It is used during customer service.It means that the network capabilities of vehicle 12 therefore can be limited according to customer requirement.
Described invention can be realized in a simple manner by monitoring the agreement that communication uses rule-basedly and be supervised Depending on the communication with vehicle.When rule violation has been determined, movement is executed, such as creation is reported and/or takes what is be preferably classified to answer To measure.
Reference signs list
10 systems
12 vehicles
14 interfaces
16 mobile radio telephone networks
18 communication connections
20 servers
22 computer networks
24 monitoring units
26 rule sets
28 reports
30 rear ends
The communication network of 32 vehicle interiors
34 interfaces

Claims (10)

1. the method for the safety of communication connection (18) of the one kind for monitoring vehicle (12), wherein vehicle (12) is by least One mobile radio agreement and/or at least one internet protocol communication, the method have following steps:
It establishes for by the communication of at least one mobile radio agreement and/or the permission of at least one Internet Protocol Regular (26);
Monitoring is directed at least one mobile radio agreement and/or at least one Internet Protocol that vehicle (12) uses The rule violation of rule;And
Trigger action, such as when one or more rule violations have been determined, creation includes the report of identified rule violation (28) and/or at least one measure is taken.
2. being reported the method according to claim 1, wherein at least temporarily being shown in vehicle (12) to driver (28)。
3. method according to any of the preceding claims, which is characterized in that by the report (28) of multiple vehicles (12) Group is combined into data set.
4. method according to any of the preceding claims, which is characterized in that according to the number of identified rule violation Amount and/or security risk, carry out the network capabilities of intensive observation and/or at least temporal limitation vehicle (12).
5. method according to any of the preceding claims, which is characterized in that the monitoring of rule violation in vehicle (12) it is carried out at network interface (14,34).
6. method according to any of the preceding claims, which is characterized in that realized extremely to the monitoring of rule violation It is carried out at the network components of the network (16,22) of a few mobile radio agreement and/or at least one Internet Protocol.
7. according to the method described in claim 6, it is characterized in that, checking the convergence of rule violation at different network components Property and/or confidence level.
8. method according to any of the preceding claims, which is characterized in that monitor whether the communication of vehicle interior is disobeyed Anti- rule.
9. a kind of vehicle at least one mobile radio agreement and/or the communication connection of at least one Internet Protocol , which is characterized in that vehicle (12) is configurable for executing according to any one of claim 1 to 8 for monitoring The method for communicating to connect the safety of (18).
10. a kind of control equipment at least one communication connection, which is characterized in that control equipment is configurable for executing Method according to any one of claim 1 to 8 for monitoring the safety of communication connection.
CN201780025765.2A 2016-03-24 2017-02-23 Method for monitoring the safety of a communication connection of a vehicle Active CN109076081B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE102016204999.2 2016-03-24
DE102016204999.2A DE102016204999A1 (en) 2016-03-24 2016-03-24 Method for monitoring the security of communication links of a vehicle
PCT/EP2017/054156 WO2017162395A1 (en) 2016-03-24 2017-02-23 Method for monitoring the security of communication connections of a vehicle

Publications (2)

Publication Number Publication Date
CN109076081A true CN109076081A (en) 2018-12-21
CN109076081B CN109076081B (en) 2023-04-04

Family

ID=58162567

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780025765.2A Active CN109076081B (en) 2016-03-24 2017-02-23 Method for monitoring the safety of a communication connection of a vehicle

Country Status (3)

Country Link
CN (1) CN109076081B (en)
DE (1) DE102016204999A1 (en)
WO (1) WO2017162395A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107579995A (en) * 2017-09-30 2018-01-12 北京奇虎科技有限公司 The network protection method and device of onboard system
DE102018209251A1 (en) * 2018-06-11 2019-12-12 Bayerische Motoren Werke Aktiengesellschaft Vehicle, system, method for replacing a control unit of a car and computer-readable storage medium
DE102019220157A1 (en) * 2019-12-19 2021-06-24 Volkswagen Aktiengesellschaft Security check method, security check device, information system for a motor vehicle, motor vehicle
DE102019220164A1 (en) * 2019-12-19 2021-06-24 Volkswagen Aktiengesellschaft Security check method, security check device, information system, motor vehicle

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101399835A (en) * 2007-09-17 2009-04-01 英特尔公司 Method and apparatus for dynamic switching and real time security control on virtualized systems
DE102010008816A1 (en) * 2010-02-22 2011-08-25 Continental Automotive GmbH, 30165 Method for online communication
CN102572814A (en) * 2010-12-27 2012-07-11 中国移动通信集团上海有限公司 Method, system and device for monitoring viruses in mobile terminal
CN103237308A (en) * 2013-05-15 2013-08-07 西华大学 Distributed intrusion detection method of vehicle ad hoc network
CN103661248A (en) * 2012-09-05 2014-03-26 通用汽车环球科技运作有限责任公司 System for preventing relay attack for vehicle entry
CN204331382U (en) * 2015-01-06 2015-05-13 中州大学 A kind of automobile electronic information platform
EP2892199A1 (en) * 2014-01-06 2015-07-08 Argus Cyber Security Ltd. Global automotive safety system
US20150271201A1 (en) * 2012-10-17 2015-09-24 Tower-Sec Ltd. Device for detection and prevention of an attack on a vehicle
US9173100B2 (en) * 2011-11-16 2015-10-27 Autoconnect Holdings Llc On board vehicle network security
CN105235634A (en) * 2015-10-21 2016-01-13 黄海聆 Monitoring method and device for vehicle
US20160021127A1 (en) * 2014-07-17 2016-01-21 VisualThreat Inc. System and method for detecting obd-ii can bus message attacks

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102011076350A1 (en) 2011-05-24 2012-11-29 Siemens Aktiengesellschaft Method and control unit for detecting tampering with a vehicle network
US9489340B2 (en) 2013-03-08 2016-11-08 The Boeing Company Electrical power health monitoring system
DE102013016096A1 (en) 2013-09-27 2015-04-02 Audi Ag Motor vehicle configuration by means of communication terminal

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101399835A (en) * 2007-09-17 2009-04-01 英特尔公司 Method and apparatus for dynamic switching and real time security control on virtualized systems
DE102010008816A1 (en) * 2010-02-22 2011-08-25 Continental Automotive GmbH, 30165 Method for online communication
CN102572814A (en) * 2010-12-27 2012-07-11 中国移动通信集团上海有限公司 Method, system and device for monitoring viruses in mobile terminal
US9173100B2 (en) * 2011-11-16 2015-10-27 Autoconnect Holdings Llc On board vehicle network security
CN103661248A (en) * 2012-09-05 2014-03-26 通用汽车环球科技运作有限责任公司 System for preventing relay attack for vehicle entry
US20150271201A1 (en) * 2012-10-17 2015-09-24 Tower-Sec Ltd. Device for detection and prevention of an attack on a vehicle
CN105050868A (en) * 2012-10-17 2015-11-11 安全堡垒有限责任公司 A device for detection and prevention of an attack on a vehicle
CN103237308A (en) * 2013-05-15 2013-08-07 西华大学 Distributed intrusion detection method of vehicle ad hoc network
EP2892199A1 (en) * 2014-01-06 2015-07-08 Argus Cyber Security Ltd. Global automotive safety system
US20160021127A1 (en) * 2014-07-17 2016-01-21 VisualThreat Inc. System and method for detecting obd-ii can bus message attacks
CN204331382U (en) * 2015-01-06 2015-05-13 中州大学 A kind of automobile electronic information platform
CN105235634A (en) * 2015-10-21 2016-01-13 黄海聆 Monitoring method and device for vehicle

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王文骏: ""基于车联网的合谋攻击研究"", 《网络安全技术与应用》 *
邬海琴: ""基于信任距离的车联网恶意节点检测方法"", 《计算机科学》 *

Also Published As

Publication number Publication date
CN109076081B (en) 2023-04-04
DE102016204999A1 (en) 2017-09-28
WO2017162395A1 (en) 2017-09-28

Similar Documents

Publication Publication Date Title
Kim et al. Cybersecurity for autonomous vehicles: Review of attacks and defense
Kelarestaghi et al. Intelligent transportation system security: impact-oriented risk assessment of in-vehicle networks
Kneib et al. Scission: Signal characteristic-based sender identification and intrusion detection in automotive networks
CN107426285B (en) Vehicle-mounted CAN bus safety protection method and device
CN105871830B (en) A kind of firewall of automobile mounted information system
EP3220605B1 (en) Method and system for dynamically adapting privacy and security for internet of things (iot) communication
CN109076081A (en) Method for monitoring the safety of the communication connection of vehicle
US20200059383A1 (en) In-vehicle gateway device and communication restriction method
US20210044612A1 (en) In-vehicle apparatus and incident monitoring method
KR20200103643A (en) Systems and methods for providing security to in-vehicle networks
JPWO2016185514A1 (en) Attack detection device
CN106792681B (en) Intrusion detection method, device and equipment for Internet of vehicles
CN112514351A (en) Abnormality detection method and apparatus
KR101966345B1 (en) Method and System for detecting bypass hacking attacks based on the CAN protocol
CN111077883A (en) Vehicle-mounted network safety protection method and device based on CAN bus
CN109088743A (en) For providing the system and method for the notice of network attack in the security system
JP2019021095A (en) Attack monitoring system and attack monitoring method
US20220157090A1 (en) On-vehicle security measure device, on-vehicle security measure method, and security measure system
Ruddle et al. Cyber security riskanalysis for intelligent transport systems and in-vehicle networks
KR102204655B1 (en) A mitigation method against message flooding attacks for secure controller area network by predicting attack message retransfer time
CN103475634B (en) Method and communication system for safely transmission data
Knauel et al. Automotive cybersecurity-efficient risk management for the entire life cycle of vehicles
Monge et al. Use of Intrusion Detection Systems in Vehicular Controller Area Networks to Preclude Remote Attacks
US11971982B2 (en) Log analysis device
CN113613962B (en) System and method for protecting vehicle electronic control system from hacking

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant