CN109344609A - A kind of TCU module, TCU system and guard method - Google Patents

A kind of TCU module, TCU system and guard method Download PDF

Info

Publication number
CN109344609A
CN109344609A CN201811009179.1A CN201811009179A CN109344609A CN 109344609 A CN109344609 A CN 109344609A CN 201811009179 A CN201811009179 A CN 201811009179A CN 109344609 A CN109344609 A CN 109344609A
Authority
CN
China
Prior art keywords
access
module
tcu
resource
processing module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811009179.1A
Other languages
Chinese (zh)
Other versions
CN109344609B (en
Inventor
江浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huizhou Desay SV Automotive Co Ltd
Original Assignee
Huizhou Desay SV Automotive Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huizhou Desay SV Automotive Co Ltd filed Critical Huizhou Desay SV Automotive Co Ltd
Priority to CN201811009179.1A priority Critical patent/CN109344609B/en
Publication of CN109344609A publication Critical patent/CN109344609A/en
Application granted granted Critical
Publication of CN109344609B publication Critical patent/CN109344609B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/4881Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present invention relates to automobile TCU technical fields, specifically disclose a kind of TCU module, TCU system and guard method, including sequentially connected 4G mould group, core cpu processing module and CAN transceiver, the core cpu processing module includes application component, the serviced component being connect with application component, and the operating system being connect with serviced component, the operating system includes system interface and the kernel-driven that connect with system interface, the kernel-driven includes control gateway, the control gateway is connected with access monitoring module and access request module, the access monitoring module is connected with exception processing module, the present invention limits the access of system resource by control gateway, and when system is by invading, active analysis is carried out to the unauthorized access of abnormal permission modification or keystone resources, and it is invaded in confirmation It alerts simultaneously shielding system in time afterwards, the connection with vehicle body is blocked, to avoid the loss of the driver as caused by network intrusions or property.

Description

A kind of TCU module, TCU system and guard method
Technical field
The present invention relates to automobile TCU technical field more particularly to a kind of TCU modules, TCU system and guard method.
Background technique
With the fast development of car networking industry, the relevant technologies are widely used in Automobile Electronic Industry, Che Lian The development of net is to complete information interconnection and intercommunication between vehicle and vehicle, Che Yulu, vehicle and people based on network communication technology.Automobile No longer it is a simple vehicles, gradually develops the important composition portion for intelligent travel and vehicle data collection Point.Wherein, network function is increasingly becoming important service component part, and vehicle module function is more and more abundant, hands over internet It is mutually more frequent, and security risk is also following.
Since In-vehicle networking module itself includes some important personal information, or even vehicle is controlled to a certain extent Behavior, therefore often become the primary object of attack of network attack, not only cause leakage of personal information, in some instances it may even be possible to threaten and drive The security of the lives and property of vehicle personnel.Current In-vehicle networking module usually has complicated operating system and application program abundant, But lack the control of effective access authority and the management of the Permission Levels to each functional block inside entire software systems, it is right Behavior after system is invaded and invaded effectively can not be defendd and be alerted and isolation of system, is unable to satisfy complexity Network security need.
Summary of the invention
In view of the above technical problems, it effectively avoids leading to driver due to network intrusions the present invention provides a kind of Or TCU module, TCU system and the guard method of property loss.
In order to solve the above technical problem, the present invention provides concrete scheme it is as follows: a kind of TCU module, including successively connect 4G mould group, core cpu processing module and the CAN transceiver connect, the core cpu processing module include application component and application The serviced component of component connection and the operating system that is connect with serviced component, the operating system include system interface and with The kernel-driven of system interface connection, the kernel-driven include control gateway, and the control gateway is connected with access monitoring mould Block and access request module, the access monitoring module are connected with exception processing module.
The present invention limits the access of system resource by control gateway, and when system is by invading, becomes to abnormal permission More or the unauthorized access of keystone resources carries out active analysis, and alarm and the shielding system in time after confirmation is invaded, resistance Disconnected and vehicle body connection, to avoid the loss of the driver as caused by network intrusions or property.
Preferably, the access control that the control gateway includes whitelist management module and connect with whitelist management module Module, whitelist management module needs the resource accessed and permission effectively to be configured concrete application and service, in interior karyomorphism At network filtering module, each resource access all can be compared and be checked, legal access request is issued, stop Invalid or unauthorized access, while checking the process permission whether there is or not illegal change, when access control module to the optimization of performance at Reason is put into queue according to priority and carries out resource access for the request by access.
Preferably, the access request module includes device drives, memory management, file system, process resource and permission Management.
The present invention also provides a kind of TCU system, including TCU module as claimed in claim 3 and it is connect with TCU module Vehicle body CAN bus, 4G mould group is responsible for and external sending and receiving data, core cpu processing module are responsible for the data that dissection process receives And message, CAN transceiver are responsible for the data that core cpu processing module issues being transferred to vehicle body CAN bus up, each module portion Divide and is communicated by hardware bus.
The present invention also provides a kind of guard methods of TCU system according to claim 4, comprising the following steps:
S1, target program process calling system interface access system resources, control gateway inspection access resource whether this into Within the scope of journey;
S2, access resource access in the Process Extents and operate and return the result;
Resource is accessed not in the Process Extents, go to step S3;
Whether S3, control gateway notice access monitoring module check process access hardware adaptor, kernel interface or permission modification;
If so, the S4 that gos to step;If it is not, then denied access operation and backward reference failure;
S4, the access monitoring module check process are with the presence or absence of abnormal;
If so, recording this exception and exception processing module being notified to carry out abnormality processing;If it is not, then returning to this access failure As a result it and records.
Preferably, the abnormality processing in the step S4 specifically includes: exception processing module send default warning information to System background simultaneously forbids CAN transceiver to communicate, and destructive control instruction is prevented to be issued to vehicle body by vehicle body CAN bus, to reach To the purpose of protection vehicle safety.
Preferably, the step S4 access monitoring module check process specifically includes following procedure with the presence or absence of abnormal: Check whether all access records of the process have illegal operation record;Check whether code is distorted;Check current process permission Whether effectively and whether have and go beyond one's commission with account.
Preferably, whether the inspection code is distorted specifically: by the program process code stored in storage region and Code in current memory compares.
Preferably, the step S4 access monitoring module check process further includes following procedure with the presence or absence of exception: interior Inspection is deposited, checks process current code, data, stack segment whether in the range of attributes of section setting.
Preferably, the access control module is to device drives, memory management, file system, process resource and permission pipe The access privileges of reason is arranged.
Compared with prior art, the beneficial effects of the present invention are: the present invention to TCU module using enhancing access control, Code and data are protected in memory level, the enhancing filtered unauthorized access of access control is carried out to continue monitoring, and Analysis checks access main body, and when there is abnormal process in discovery system, system is by initiative alarming and carries out self isolation of system, cutting With the communication of vehicle body, vehicle is further encroached on to prevent instruction from issuing.
Detailed description of the invention
Fig. 1 is the TCU module frame chart of the embodiment of the present invention one;
Fig. 2 is the TCU system block diagram of the embodiment of the present invention two;
Fig. 3 is the flow chart that traditional core cpu processing module handles external network message;
Fig. 4 is that control gateway wraps up destination application process schematic diagram;
Fig. 5 is the specific flow chart of the embodiment of the present invention three.
Specific embodiment
For the technical solution that the present invention will be described in detail, below in conjunction with the attached drawing of the embodiment of the present invention, to of the invention real The technical solution for applying example carries out clear, complete description.Obviously, described embodiment is a part of the embodiments of the present invention, Instead of all the embodiments.Based on described the embodiment of the present invention, those of ordinary skill in the art are without creativeness Every other embodiment obtained, shall fall within the protection scope of the present invention under the premise of labour.
Embodiment one:
Fig. 1 is please referred to, a kind of TCU module, including sequentially connected 4G mould group, core cpu processing module are present embodiments provided And CAN transceiver, core cpu processing module include application component, the serviced component being connect with application component and with service The operating system of component connection, operating system include system interface and the kernel-driven that connect with system interface, kernel-driven packet Control gateway is included, control gateway is connected with access monitoring module and access request module, and access monitoring module is connected with exception Module is managed, access monitoring module monitors illegally access with abnormal resource and permission transition and judge whether to attack, and work as hair When raw unauthorized access and abnormal permission modification request, it is meant that it is possible that system is hacked or program exception, this When need according to access record and access boundary carry out analyze and determine current system whether problem occurs, if it find that process exception And have invasion that may then notify exception processing module, it is different when monitoring module judges that current system is attacked or system exception Normal processing module calls Network Driver Interface to send and alerts and cut off CAN bus connection.
Wherein, the access control module that gateway includes whitelist management module and connect with whitelist management module is controlled, Whitelist management module needs the resource accessed and permission effectively to be configured concrete application and service, in interior karyomorphism at network Filtering module all can compare and check to each resource access, issue legal access request, stop it is invalid or Person's unauthorized access, while checking the process permission whether there is or not illegal change, to the optimization processing of performance when access control module, for By the request of access, queue is put into according to priority and carries out resource access, access request module includes device drives, memory pipe Reason, file system, process resource and rights management.
Embodiment two:
Referring to Fig.1 and 2, present embodiments provide a kind of TCU system, including in embodiment one TCU module and with TCU mould The vehicle body CAN bus of block connection, the 4G mould group in TCU module is responsible for and external sending and receiving data, core cpu processing module are responsible for solution The data and message, CAN transceiver that analysis processing receives are responsible for the data that core cpu processing module issues being transferred to vehicle body CAN Bus gets on, and each module section is communicated by hardware bus.
When network attack occurs, attacker can penetrate into core cpu processing by 4G mould group in the form of network message Module is disguised oneself as normal procedure process using system or program bug, by injecting destructive code, access critical resource or Person promotes access authority to control core cpu processing module, and then destructiveness instruction is transmitted to vehicle body by CAN transceiver CAN bus, since CAN transceiver and 4G mould group do not have as communication receiving/transmission module identification and the filtering energy of network message usually Power, and attacker is generally also to control core cpu processing module as invasion purpose, by taking the long-range control vehicle in backstage as an example, As shown in figure 3, backstage instruction enters system by APN device drives in the form of network message, network service module passes through operation The network communication interface that system provides receives message, and usually in addition to the transmitting-receiving of message, which is also responsible for the encryption reconciliation of communication It is close, message is decrypted to here and is carried out by format preliminary parsing, network service module turns message according to the command word of parsing It is dealt into the application program of processing corresponding function, is long-range control processing application here, obtains tool using by further parsing The instruction and parameter of body issue instruction by the communication interface of CAN transceiver;CAN transceiver communication driving module will under The message of hair removes corresponding ECU by vehicle body CAN bus hair, and when network attack occurs, attacker can be using using journey Perhaps the loophole acquisition access authority of operating system or the normal procedure that disguises oneself as carry out system calling access for sequence, service routine Keystone resources, then by injection or alter program the destructive instruction of transmission.It can be seen that network service interface, network service module And application program can all become the target attacked, therefore, in this implementation using the defense detection of core cpu processing module as Main realization rate, when invader permeates core cpu processing module and attempts to obtain permission or unauthorized access keystone resources, When passing through firewall and whitelist management module, abnormal operation can be rejected and system can detect the different of the program Chang Hangwei carries out active analysis to the program being broken into, and issues alarm to backstage by network service module after confirmation invasion And by the method shielding system of cutting CAN transceiver communication, destructive control instruction is prevented to be issued to by vehicle body CAN bus Vehicle body, to achieve the purpose that protect vehicle safety.
As shown in figure 4, in systems, program is wrapped up by control gateway in logic as target process, including memory, CPU, It is read-write that all resource access of Flash, bus etc. requires to carry out verifying rear by access control gateway.Usual one On startup, binary code that will be executable is loaded into memory to process, reads data in operational process from memory, and running The ephemeral data generated in journey is put into storehouse, and all codes and data are all to be stored in different sections to compare according to type here If code is placed on code segment, ephemeral data is placed on storehouse, and constant is placed on data segment etc..Therefore in order to prevent the code of memory and Data are tampered, other than according to the whitelist management module of each program process configuration access segment limit, each application heap Also need to be arranged frontier properties, each process can only access the resource of whitelist management module permission, when access white list management Resource other than module can be rejected, and whether extremely access monitoring module record log simultaneously scans the process.
Mainly take precautions against in the present embodiment network intrusions and mainly pass through: (1) the enhanced access control of program process is led to Whitelist management module setting access attribute and permission are crossed to prevent attacker from distorting or injecting codes.Such as, when attacker tries When desiring to make money or profit with loophole modification internal storage data, the read only attribute in memory can refuse the operation;(2) by forcing access isolation Problem process, after attacker successfully has modified application program using loophole, even if controlling the behavior of process but due to power The limitation of limit and access, prevents attacker from further destroying system;(3) when unauthorized access or unauthorized operation occurs It waits, system can check the main body of the operation or the access to judge whether it has been invaded;(4) when confirmation system is invaded Afterwards, pass through network active alarm and cut off vehicle body connection.
Embodiment three:
Present embodiments provide the guard method based on TCU system in embodiment two, comprising the following steps: S1, target journey Sequence process calling system interface access system resources, whether the resource of control gateway inspection access is in the Process Extents;S2, visit Resource is asked in the Process Extents, is accessed and is operated and return the result;Resource is accessed not in the Process Extents, jumps to step Rapid S3;Whether S3, control gateway notice access monitoring module check process access hardware adaptor, kernel interface or permission and become More;If so, the S4 that gos to step;If it is not, then denied access operation and backward reference failure;S4, access monitoring module check The process is with the presence or absence of abnormal, that is, checks whether all access records of the process have illegal operation record;Check whether code has It distorts, the code in the program process code and current memory stored in storage region is compared;Check current process permission Whether effectively and whether have and go beyond one's commission with account;Memory inspection, checks whether process current code, data, stack segment are arranged in section Range of attributes in;If so, recording this exception and exception processing module being notified to carry out abnormality processing;If it is not, then returning to this Secondary access failure result simultaneously records.
Wherein, the abnormality processing in step S4 specifically includes: after exception processing module sends default warning information to system Platform simultaneously forbids CAN transceiver to communicate, and destructive control instruction is prevented to be issued to vehicle body by vehicle body CAN bus, to reach protection The purpose of vehicle safety.
Access control module is to device drives, memory management, file system, process resource and the privilege of access of rights management Grade is arranged, and specifically putting in order can be arranged according to its importance, as shown in figure 5, system is receiving access request Afterwards, whether the resource of control gateway inspection access is in the Process Extents, if access resource in the Process Extents, is pressed preferential Grade enqueue, accesses and operates and return the result;If accessing resource not in the Process Extents, judge whether access critical Resource or permission modification, keystone resources such as hardware adaptor and kernel interface etc., if it is not, then denied access operation and backward reference mistake It loses;If so, checking access record, checking process code change and checking memory section, results abnormity, then recorded if it exists This abnormal conditions simultaneously notifies that network module alerts and cutting CAN controller communicates;If it is not, then returning to this access failure result And it records.
Embodiments of the present invention are explained in detail above in conjunction with attached drawing, but the present invention is not limited to above-mentioned implementations Mode within the knowledge of a person skilled in the art can also be without departing from the purpose of the present invention Various changes can be made.

Claims (10)

1. a kind of TCU module, including sequentially connected 4G mould group, core cpu processing module and CAN transceiver, it is characterised in that: The core cpu processing module includes application component, the serviced component connecting with application component and connect with serviced component Operating system, the operating system include system interface and the kernel-driven that connect with system interface, and the kernel-driven includes Gateway is controlled, the control gateway is connected with access monitoring module and access request module, and the access monitoring module is connected with Exception processing module.
2. TCU module according to claim 1, it is characterised in that: the control gateway include whitelist management module and The access control module being connect with whitelist management module.
3. TCU module according to claim 2, it is characterised in that: the access request module includes device drives, memory Management, file system, process resource and rights management.
4. a kind of TCU system, it is characterised in that: including TCU module as claimed in claim 3 and the vehicle being connect with TCU module Body CAN bus.
5. a kind of guard method of TCU system according to claim 4, which comprises the following steps:
S1, target program process calling system interface access system resources, control gateway inspection access resource whether this into Within the scope of journey;
S2, access resource access in the Process Extents and operate and return the result;
Resource is accessed not in the Process Extents, go to step S3;
Whether S3, control gateway notice access monitoring module check process access hardware adaptor, kernel interface or permission modification;
If so, the S4 that gos to step;If it is not, then denied access operation and backward reference failure;
S4, the access monitoring module check process are with the presence or absence of abnormal;
If so, recording this exception and exception processing module being notified to carry out abnormality processing;If it is not, then returning to this access failure As a result it and records.
6. guard method according to claim 5, which is characterized in that the abnormality processing in the step S4 specifically includes: Exception processing module sends default warning information and to system background and CAN transceiver is forbidden to communicate.
7. guard method according to claim 5, which is characterized in that the step S4 access monitoring module check process Following procedure is specifically included with the presence or absence of abnormal: checking whether all access records of the process have illegal operation record;Check generation Whether code is distorted;Check whether current process permission and account effectively and have and go beyond one's commission.
8. guard method according to claim 7, which is characterized in that whether the inspection code is distorted specifically: will The code in program process code and current memory stored in storage region compares.
9. guard method according to claim 7, which is characterized in that the step S4 access monitoring module check process Further include following procedure with the presence or absence of exception: memory inspection checks whether process current code, data, stack segment are arranged in section Range of attributes in.
10. guard method according to claim 5, it is characterised in that: the access control module is to device drives, memory Management, file system, the access privileges of process resource and rights management are arranged.
CN201811009179.1A 2018-08-31 2018-08-31 TCU module, TCU system and protection method Active CN109344609B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811009179.1A CN109344609B (en) 2018-08-31 2018-08-31 TCU module, TCU system and protection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811009179.1A CN109344609B (en) 2018-08-31 2018-08-31 TCU module, TCU system and protection method

Publications (2)

Publication Number Publication Date
CN109344609A true CN109344609A (en) 2019-02-15
CN109344609B CN109344609B (en) 2023-02-28

Family

ID=65292108

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811009179.1A Active CN109344609B (en) 2018-08-31 2018-08-31 TCU module, TCU system and protection method

Country Status (1)

Country Link
CN (1) CN109344609B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110266717A (en) * 2019-07-03 2019-09-20 北京百度网讯科技有限公司 Information detecting method and device
CN111314354A (en) * 2020-02-19 2020-06-19 北京天融信网络安全技术有限公司 Intelligent vehicle communication method and device
CN111464417A (en) * 2020-04-09 2020-07-28 东风汽车集团有限公司 Vehicle-mounted network architecture based on gigabit Ethernet bus and communication method
CN112258683A (en) * 2020-10-20 2021-01-22 云账户技术(天津)有限公司 Inspection method and device for business system
CN113678408A (en) * 2019-03-29 2021-11-19 马自达汽车株式会社 Vehicle computing system and method for processing received data
CN115102706A (en) * 2022-04-27 2022-09-23 麦格纳斯太尔汽车技术(上海)有限公司 HOST-IDS safety detection system and method for vehicle ECU
CN115223273A (en) * 2021-04-21 2022-10-21 广州汽车集团股份有限公司 TCU data monitoring method and device, terminal equipment and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242380A (en) * 2007-02-07 2008-08-13 株式会社日立制作所 On-vehicle gateway device, controlling method thereof, connecting device and connection controlling method thereof
CN101446830A (en) * 2008-12-25 2009-06-03 奇瑞汽车股份有限公司 Vehicle fault diagnosis instrument and fault diagnosis method
CN102416872A (en) * 2011-10-14 2012-04-18 奇瑞汽车股份有限公司 Method and device for acquiring vehicle speed signal for automobile combination instrument
CN103112459A (en) * 2011-11-17 2013-05-22 中国北车股份有限公司大连电力牵引研发中心 Engine control device, engine control system and engine control method
US20130227648A1 (en) * 2011-11-16 2013-08-29 Flextronics Ap, Llc On board vehicle network security
CN105553946A (en) * 2015-12-08 2016-05-04 严威 Vehicle-mounted system based on CAN bus firewall and control method thereof
CN105867314A (en) * 2015-01-20 2016-08-17 株式会社日立制作所 Remote monitoring system and communication method thereof
CN106357633A (en) * 2016-09-07 2017-01-25 惠州市德赛西威汽车电子股份有限公司 Method and device for protecting car TCU data

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242380A (en) * 2007-02-07 2008-08-13 株式会社日立制作所 On-vehicle gateway device, controlling method thereof, connecting device and connection controlling method thereof
CN101446830A (en) * 2008-12-25 2009-06-03 奇瑞汽车股份有限公司 Vehicle fault diagnosis instrument and fault diagnosis method
CN102416872A (en) * 2011-10-14 2012-04-18 奇瑞汽车股份有限公司 Method and device for acquiring vehicle speed signal for automobile combination instrument
US20130227648A1 (en) * 2011-11-16 2013-08-29 Flextronics Ap, Llc On board vehicle network security
CN103112459A (en) * 2011-11-17 2013-05-22 中国北车股份有限公司大连电力牵引研发中心 Engine control device, engine control system and engine control method
CN105867314A (en) * 2015-01-20 2016-08-17 株式会社日立制作所 Remote monitoring system and communication method thereof
CN105553946A (en) * 2015-12-08 2016-05-04 严威 Vehicle-mounted system based on CAN bus firewall and control method thereof
CN106357633A (en) * 2016-09-07 2017-01-25 惠州市德赛西威汽车电子股份有限公司 Method and device for protecting car TCU data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵磊主编: "《电脑组装自由做主》", 31 December 2009 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113678408A (en) * 2019-03-29 2021-11-19 马自达汽车株式会社 Vehicle computing system and method for processing received data
CN110266717A (en) * 2019-07-03 2019-09-20 北京百度网讯科技有限公司 Information detecting method and device
CN111314354A (en) * 2020-02-19 2020-06-19 北京天融信网络安全技术有限公司 Intelligent vehicle communication method and device
CN111464417A (en) * 2020-04-09 2020-07-28 东风汽车集团有限公司 Vehicle-mounted network architecture based on gigabit Ethernet bus and communication method
CN112258683A (en) * 2020-10-20 2021-01-22 云账户技术(天津)有限公司 Inspection method and device for business system
CN112258683B (en) * 2020-10-20 2022-07-01 云账户技术(天津)有限公司 Inspection method and device for business system
CN115223273A (en) * 2021-04-21 2022-10-21 广州汽车集团股份有限公司 TCU data monitoring method and device, terminal equipment and storage medium
CN115223273B (en) * 2021-04-21 2024-02-23 广州汽车集团股份有限公司 TCU data monitoring method and device, terminal equipment and storage medium
CN115102706A (en) * 2022-04-27 2022-09-23 麦格纳斯太尔汽车技术(上海)有限公司 HOST-IDS safety detection system and method for vehicle ECU
CN115102706B (en) * 2022-04-27 2023-10-20 麦格纳斯太尔汽车技术(上海)有限公司 HOST-IDS safety detection system and method of vehicle ECU

Also Published As

Publication number Publication date
CN109344609B (en) 2023-02-28

Similar Documents

Publication Publication Date Title
CN109344609A (en) A kind of TCU module, TCU system and guard method
KR102642875B1 (en) Systems and methods for providing security to in-vehicle networks
JP7194396B2 (en) Specially programmed computing system with associated devices configured to implement secure lockdown and method of use
KR102524204B1 (en) Apparatus and method for intrusion response in vehicle network
EP2474934A1 (en) Unauthorized process detection method and unauthorized process detection system
KR102433928B1 (en) System for Managing Cyber Security of Autonomous Ship
JP7253663B2 (en) MONITORING DEVICE, MONITORING SYSTEM AND MONITORING METHOD
US20140230012A1 (en) Systems, methods, and media for policy-based monitoring and controlling of applications
CN103679028A (en) Software behavior monitoring method and terminal
CN106559399A (en) A kind of the Internet mobile terminal synthesis managing and control system
Hamad et al. Red-Zone: Towards an Intrusion Response Framework for Intra-vehicle System.
CN114418263A (en) A defense system for power monitoring device of thermal power plant
CN113382076A (en) Internet of things terminal security threat analysis method and protection method
CN113132318A (en) Active defense method and system for information safety of power distribution automation system master station
CN112839031A (en) Industrial control network security protection system and method
CN109241769B (en) Electronic equipment privacy safety early warning method and system
CN105701415B (en) A kind of mobile terminal kernel Rights Management System and method
Hagan et al. Policy-based security modelling and enforcement approach for emerging embedded architectures
CN108768996A (en) A kind of detection guard system of SQL injection attack
EP4106278A1 (en) System and method for detecting intrusion into in-vehicle network
CN113110354A (en) Ferry-based industrial data security system and method
CN107070913B (en) Webshell attack-based detection and protection method and system
CN111859473A (en) External terminal protection equipment and protection system based on space detection
CN111291390A (en) Key data safety destruction triggering system and triggering method
CN114884993B (en) Virtualized android system for enhancing data security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant