CN109344609A - A kind of TCU module, TCU system and guard method - Google Patents
A kind of TCU module, TCU system and guard method Download PDFInfo
- Publication number
- CN109344609A CN109344609A CN201811009179.1A CN201811009179A CN109344609A CN 109344609 A CN109344609 A CN 109344609A CN 201811009179 A CN201811009179 A CN 201811009179A CN 109344609 A CN109344609 A CN 109344609A
- Authority
- CN
- China
- Prior art keywords
- access
- module
- tcu
- resource
- processing module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G06F9/4881—Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computing Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
The present invention relates to automobile TCU technical fields, specifically disclose a kind of TCU module, TCU system and guard method, including sequentially connected 4G mould group, core cpu processing module and CAN transceiver, the core cpu processing module includes application component, the serviced component being connect with application component, and the operating system being connect with serviced component, the operating system includes system interface and the kernel-driven that connect with system interface, the kernel-driven includes control gateway, the control gateway is connected with access monitoring module and access request module, the access monitoring module is connected with exception processing module, the present invention limits the access of system resource by control gateway, and when system is by invading, active analysis is carried out to the unauthorized access of abnormal permission modification or keystone resources, and it is invaded in confirmation It alerts simultaneously shielding system in time afterwards, the connection with vehicle body is blocked, to avoid the loss of the driver as caused by network intrusions or property.
Description
Technical field
The present invention relates to automobile TCU technical field more particularly to a kind of TCU modules, TCU system and guard method.
Background technique
With the fast development of car networking industry, the relevant technologies are widely used in Automobile Electronic Industry, Che Lian
The development of net is to complete information interconnection and intercommunication between vehicle and vehicle, Che Yulu, vehicle and people based on network communication technology.Automobile
No longer it is a simple vehicles, gradually develops the important composition portion for intelligent travel and vehicle data collection
Point.Wherein, network function is increasingly becoming important service component part, and vehicle module function is more and more abundant, hands over internet
It is mutually more frequent, and security risk is also following.
Since In-vehicle networking module itself includes some important personal information, or even vehicle is controlled to a certain extent
Behavior, therefore often become the primary object of attack of network attack, not only cause leakage of personal information, in some instances it may even be possible to threaten and drive
The security of the lives and property of vehicle personnel.Current In-vehicle networking module usually has complicated operating system and application program abundant,
But lack the control of effective access authority and the management of the Permission Levels to each functional block inside entire software systems, it is right
Behavior after system is invaded and invaded effectively can not be defendd and be alerted and isolation of system, is unable to satisfy complexity
Network security need.
Summary of the invention
In view of the above technical problems, it effectively avoids leading to driver due to network intrusions the present invention provides a kind of
Or TCU module, TCU system and the guard method of property loss.
In order to solve the above technical problem, the present invention provides concrete scheme it is as follows: a kind of TCU module, including successively connect
4G mould group, core cpu processing module and the CAN transceiver connect, the core cpu processing module include application component and application
The serviced component of component connection and the operating system that is connect with serviced component, the operating system include system interface and with
The kernel-driven of system interface connection, the kernel-driven include control gateway, and the control gateway is connected with access monitoring mould
Block and access request module, the access monitoring module are connected with exception processing module.
The present invention limits the access of system resource by control gateway, and when system is by invading, becomes to abnormal permission
More or the unauthorized access of keystone resources carries out active analysis, and alarm and the shielding system in time after confirmation is invaded, resistance
Disconnected and vehicle body connection, to avoid the loss of the driver as caused by network intrusions or property.
Preferably, the access control that the control gateway includes whitelist management module and connect with whitelist management module
Module, whitelist management module needs the resource accessed and permission effectively to be configured concrete application and service, in interior karyomorphism
At network filtering module, each resource access all can be compared and be checked, legal access request is issued, stop
Invalid or unauthorized access, while checking the process permission whether there is or not illegal change, when access control module to the optimization of performance at
Reason is put into queue according to priority and carries out resource access for the request by access.
Preferably, the access request module includes device drives, memory management, file system, process resource and permission
Management.
The present invention also provides a kind of TCU system, including TCU module as claimed in claim 3 and it is connect with TCU module
Vehicle body CAN bus, 4G mould group is responsible for and external sending and receiving data, core cpu processing module are responsible for the data that dissection process receives
And message, CAN transceiver are responsible for the data that core cpu processing module issues being transferred to vehicle body CAN bus up, each module portion
Divide and is communicated by hardware bus.
The present invention also provides a kind of guard methods of TCU system according to claim 4, comprising the following steps:
S1, target program process calling system interface access system resources, control gateway inspection access resource whether this into
Within the scope of journey;
S2, access resource access in the Process Extents and operate and return the result;
Resource is accessed not in the Process Extents, go to step S3;
Whether S3, control gateway notice access monitoring module check process access hardware adaptor, kernel interface or permission modification;
If so, the S4 that gos to step;If it is not, then denied access operation and backward reference failure;
S4, the access monitoring module check process are with the presence or absence of abnormal;
If so, recording this exception and exception processing module being notified to carry out abnormality processing;If it is not, then returning to this access failure
As a result it and records.
Preferably, the abnormality processing in the step S4 specifically includes: exception processing module send default warning information to
System background simultaneously forbids CAN transceiver to communicate, and destructive control instruction is prevented to be issued to vehicle body by vehicle body CAN bus, to reach
To the purpose of protection vehicle safety.
Preferably, the step S4 access monitoring module check process specifically includes following procedure with the presence or absence of abnormal:
Check whether all access records of the process have illegal operation record;Check whether code is distorted;Check current process permission
Whether effectively and whether have and go beyond one's commission with account.
Preferably, whether the inspection code is distorted specifically: by the program process code stored in storage region and
Code in current memory compares.
Preferably, the step S4 access monitoring module check process further includes following procedure with the presence or absence of exception: interior
Inspection is deposited, checks process current code, data, stack segment whether in the range of attributes of section setting.
Preferably, the access control module is to device drives, memory management, file system, process resource and permission pipe
The access privileges of reason is arranged.
Compared with prior art, the beneficial effects of the present invention are: the present invention to TCU module using enhancing access control,
Code and data are protected in memory level, the enhancing filtered unauthorized access of access control is carried out to continue monitoring, and
Analysis checks access main body, and when there is abnormal process in discovery system, system is by initiative alarming and carries out self isolation of system, cutting
With the communication of vehicle body, vehicle is further encroached on to prevent instruction from issuing.
Detailed description of the invention
Fig. 1 is the TCU module frame chart of the embodiment of the present invention one;
Fig. 2 is the TCU system block diagram of the embodiment of the present invention two;
Fig. 3 is the flow chart that traditional core cpu processing module handles external network message;
Fig. 4 is that control gateway wraps up destination application process schematic diagram;
Fig. 5 is the specific flow chart of the embodiment of the present invention three.
Specific embodiment
For the technical solution that the present invention will be described in detail, below in conjunction with the attached drawing of the embodiment of the present invention, to of the invention real
The technical solution for applying example carries out clear, complete description.Obviously, described embodiment is a part of the embodiments of the present invention,
Instead of all the embodiments.Based on described the embodiment of the present invention, those of ordinary skill in the art are without creativeness
Every other embodiment obtained, shall fall within the protection scope of the present invention under the premise of labour.
Embodiment one:
Fig. 1 is please referred to, a kind of TCU module, including sequentially connected 4G mould group, core cpu processing module are present embodiments provided
And CAN transceiver, core cpu processing module include application component, the serviced component being connect with application component and with service
The operating system of component connection, operating system include system interface and the kernel-driven that connect with system interface, kernel-driven packet
Control gateway is included, control gateway is connected with access monitoring module and access request module, and access monitoring module is connected with exception
Module is managed, access monitoring module monitors illegally access with abnormal resource and permission transition and judge whether to attack, and work as hair
When raw unauthorized access and abnormal permission modification request, it is meant that it is possible that system is hacked or program exception, this
When need according to access record and access boundary carry out analyze and determine current system whether problem occurs, if it find that process exception
And have invasion that may then notify exception processing module, it is different when monitoring module judges that current system is attacked or system exception
Normal processing module calls Network Driver Interface to send and alerts and cut off CAN bus connection.
Wherein, the access control module that gateway includes whitelist management module and connect with whitelist management module is controlled,
Whitelist management module needs the resource accessed and permission effectively to be configured concrete application and service, in interior karyomorphism at network
Filtering module all can compare and check to each resource access, issue legal access request, stop it is invalid or
Person's unauthorized access, while checking the process permission whether there is or not illegal change, to the optimization processing of performance when access control module, for
By the request of access, queue is put into according to priority and carries out resource access, access request module includes device drives, memory pipe
Reason, file system, process resource and rights management.
Embodiment two:
Referring to Fig.1 and 2, present embodiments provide a kind of TCU system, including in embodiment one TCU module and with TCU mould
The vehicle body CAN bus of block connection, the 4G mould group in TCU module is responsible for and external sending and receiving data, core cpu processing module are responsible for solution
The data and message, CAN transceiver that analysis processing receives are responsible for the data that core cpu processing module issues being transferred to vehicle body CAN
Bus gets on, and each module section is communicated by hardware bus.
When network attack occurs, attacker can penetrate into core cpu processing by 4G mould group in the form of network message
Module is disguised oneself as normal procedure process using system or program bug, by injecting destructive code, access critical resource or
Person promotes access authority to control core cpu processing module, and then destructiveness instruction is transmitted to vehicle body by CAN transceiver
CAN bus, since CAN transceiver and 4G mould group do not have as communication receiving/transmission module identification and the filtering energy of network message usually
Power, and attacker is generally also to control core cpu processing module as invasion purpose, by taking the long-range control vehicle in backstage as an example,
As shown in figure 3, backstage instruction enters system by APN device drives in the form of network message, network service module passes through operation
The network communication interface that system provides receives message, and usually in addition to the transmitting-receiving of message, which is also responsible for the encryption reconciliation of communication
It is close, message is decrypted to here and is carried out by format preliminary parsing, network service module turns message according to the command word of parsing
It is dealt into the application program of processing corresponding function, is long-range control processing application here, obtains tool using by further parsing
The instruction and parameter of body issue instruction by the communication interface of CAN transceiver;CAN transceiver communication driving module will under
The message of hair removes corresponding ECU by vehicle body CAN bus hair, and when network attack occurs, attacker can be using using journey
Perhaps the loophole acquisition access authority of operating system or the normal procedure that disguises oneself as carry out system calling access for sequence, service routine
Keystone resources, then by injection or alter program the destructive instruction of transmission.It can be seen that network service interface, network service module
And application program can all become the target attacked, therefore, in this implementation using the defense detection of core cpu processing module as
Main realization rate, when invader permeates core cpu processing module and attempts to obtain permission or unauthorized access keystone resources,
When passing through firewall and whitelist management module, abnormal operation can be rejected and system can detect the different of the program
Chang Hangwei carries out active analysis to the program being broken into, and issues alarm to backstage by network service module after confirmation invasion
And by the method shielding system of cutting CAN transceiver communication, destructive control instruction is prevented to be issued to by vehicle body CAN bus
Vehicle body, to achieve the purpose that protect vehicle safety.
As shown in figure 4, in systems, program is wrapped up by control gateway in logic as target process, including memory, CPU,
It is read-write that all resource access of Flash, bus etc. requires to carry out verifying rear by access control gateway.Usual one
On startup, binary code that will be executable is loaded into memory to process, reads data in operational process from memory, and running
The ephemeral data generated in journey is put into storehouse, and all codes and data are all to be stored in different sections to compare according to type here
If code is placed on code segment, ephemeral data is placed on storehouse, and constant is placed on data segment etc..Therefore in order to prevent the code of memory and
Data are tampered, other than according to the whitelist management module of each program process configuration access segment limit, each application heap
Also need to be arranged frontier properties, each process can only access the resource of whitelist management module permission, when access white list management
Resource other than module can be rejected, and whether extremely access monitoring module record log simultaneously scans the process.
Mainly take precautions against in the present embodiment network intrusions and mainly pass through: (1) the enhanced access control of program process is led to
Whitelist management module setting access attribute and permission are crossed to prevent attacker from distorting or injecting codes.Such as, when attacker tries
When desiring to make money or profit with loophole modification internal storage data, the read only attribute in memory can refuse the operation;(2) by forcing access isolation
Problem process, after attacker successfully has modified application program using loophole, even if controlling the behavior of process but due to power
The limitation of limit and access, prevents attacker from further destroying system;(3) when unauthorized access or unauthorized operation occurs
It waits, system can check the main body of the operation or the access to judge whether it has been invaded;(4) when confirmation system is invaded
Afterwards, pass through network active alarm and cut off vehicle body connection.
Embodiment three:
Present embodiments provide the guard method based on TCU system in embodiment two, comprising the following steps: S1, target journey
Sequence process calling system interface access system resources, whether the resource of control gateway inspection access is in the Process Extents;S2, visit
Resource is asked in the Process Extents, is accessed and is operated and return the result;Resource is accessed not in the Process Extents, jumps to step
Rapid S3;Whether S3, control gateway notice access monitoring module check process access hardware adaptor, kernel interface or permission and become
More;If so, the S4 that gos to step;If it is not, then denied access operation and backward reference failure;S4, access monitoring module check
The process is with the presence or absence of abnormal, that is, checks whether all access records of the process have illegal operation record;Check whether code has
It distorts, the code in the program process code and current memory stored in storage region is compared;Check current process permission
Whether effectively and whether have and go beyond one's commission with account;Memory inspection, checks whether process current code, data, stack segment are arranged in section
Range of attributes in;If so, recording this exception and exception processing module being notified to carry out abnormality processing;If it is not, then returning to this
Secondary access failure result simultaneously records.
Wherein, the abnormality processing in step S4 specifically includes: after exception processing module sends default warning information to system
Platform simultaneously forbids CAN transceiver to communicate, and destructive control instruction is prevented to be issued to vehicle body by vehicle body CAN bus, to reach protection
The purpose of vehicle safety.
Access control module is to device drives, memory management, file system, process resource and the privilege of access of rights management
Grade is arranged, and specifically putting in order can be arranged according to its importance, as shown in figure 5, system is receiving access request
Afterwards, whether the resource of control gateway inspection access is in the Process Extents, if access resource in the Process Extents, is pressed preferential
Grade enqueue, accesses and operates and return the result;If accessing resource not in the Process Extents, judge whether access critical
Resource or permission modification, keystone resources such as hardware adaptor and kernel interface etc., if it is not, then denied access operation and backward reference mistake
It loses;If so, checking access record, checking process code change and checking memory section, results abnormity, then recorded if it exists
This abnormal conditions simultaneously notifies that network module alerts and cutting CAN controller communicates;If it is not, then returning to this access failure result
And it records.
Embodiments of the present invention are explained in detail above in conjunction with attached drawing, but the present invention is not limited to above-mentioned implementations
Mode within the knowledge of a person skilled in the art can also be without departing from the purpose of the present invention
Various changes can be made.
Claims (10)
1. a kind of TCU module, including sequentially connected 4G mould group, core cpu processing module and CAN transceiver, it is characterised in that:
The core cpu processing module includes application component, the serviced component connecting with application component and connect with serviced component
Operating system, the operating system include system interface and the kernel-driven that connect with system interface, and the kernel-driven includes
Gateway is controlled, the control gateway is connected with access monitoring module and access request module, and the access monitoring module is connected with
Exception processing module.
2. TCU module according to claim 1, it is characterised in that: the control gateway include whitelist management module and
The access control module being connect with whitelist management module.
3. TCU module according to claim 2, it is characterised in that: the access request module includes device drives, memory
Management, file system, process resource and rights management.
4. a kind of TCU system, it is characterised in that: including TCU module as claimed in claim 3 and the vehicle being connect with TCU module
Body CAN bus.
5. a kind of guard method of TCU system according to claim 4, which comprises the following steps:
S1, target program process calling system interface access system resources, control gateway inspection access resource whether this into
Within the scope of journey;
S2, access resource access in the Process Extents and operate and return the result;
Resource is accessed not in the Process Extents, go to step S3;
Whether S3, control gateway notice access monitoring module check process access hardware adaptor, kernel interface or permission modification;
If so, the S4 that gos to step;If it is not, then denied access operation and backward reference failure;
S4, the access monitoring module check process are with the presence or absence of abnormal;
If so, recording this exception and exception processing module being notified to carry out abnormality processing;If it is not, then returning to this access failure
As a result it and records.
6. guard method according to claim 5, which is characterized in that the abnormality processing in the step S4 specifically includes:
Exception processing module sends default warning information and to system background and CAN transceiver is forbidden to communicate.
7. guard method according to claim 5, which is characterized in that the step S4 access monitoring module check process
Following procedure is specifically included with the presence or absence of abnormal: checking whether all access records of the process have illegal operation record;Check generation
Whether code is distorted;Check whether current process permission and account effectively and have and go beyond one's commission.
8. guard method according to claim 7, which is characterized in that whether the inspection code is distorted specifically: will
The code in program process code and current memory stored in storage region compares.
9. guard method according to claim 7, which is characterized in that the step S4 access monitoring module check process
Further include following procedure with the presence or absence of exception: memory inspection checks whether process current code, data, stack segment are arranged in section
Range of attributes in.
10. guard method according to claim 5, it is characterised in that: the access control module is to device drives, memory
Management, file system, the access privileges of process resource and rights management are arranged.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811009179.1A CN109344609B (en) | 2018-08-31 | 2018-08-31 | TCU module, TCU system and protection method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811009179.1A CN109344609B (en) | 2018-08-31 | 2018-08-31 | TCU module, TCU system and protection method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109344609A true CN109344609A (en) | 2019-02-15 |
CN109344609B CN109344609B (en) | 2023-02-28 |
Family
ID=65292108
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811009179.1A Active CN109344609B (en) | 2018-08-31 | 2018-08-31 | TCU module, TCU system and protection method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109344609B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110266717A (en) * | 2019-07-03 | 2019-09-20 | 北京百度网讯科技有限公司 | Information detecting method and device |
CN111314354A (en) * | 2020-02-19 | 2020-06-19 | 北京天融信网络安全技术有限公司 | Intelligent vehicle communication method and device |
CN111464417A (en) * | 2020-04-09 | 2020-07-28 | 东风汽车集团有限公司 | Vehicle-mounted network architecture based on gigabit Ethernet bus and communication method |
CN112258683A (en) * | 2020-10-20 | 2021-01-22 | 云账户技术(天津)有限公司 | Inspection method and device for business system |
CN113678408A (en) * | 2019-03-29 | 2021-11-19 | 马自达汽车株式会社 | Vehicle computing system and method for processing received data |
CN115102706A (en) * | 2022-04-27 | 2022-09-23 | 麦格纳斯太尔汽车技术(上海)有限公司 | HOST-IDS safety detection system and method for vehicle ECU |
CN115223273A (en) * | 2021-04-21 | 2022-10-21 | 广州汽车集团股份有限公司 | TCU data monitoring method and device, terminal equipment and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101242380A (en) * | 2007-02-07 | 2008-08-13 | 株式会社日立制作所 | On-vehicle gateway device, controlling method thereof, connecting device and connection controlling method thereof |
CN101446830A (en) * | 2008-12-25 | 2009-06-03 | 奇瑞汽车股份有限公司 | Vehicle fault diagnosis instrument and fault diagnosis method |
CN102416872A (en) * | 2011-10-14 | 2012-04-18 | 奇瑞汽车股份有限公司 | Method and device for acquiring vehicle speed signal for automobile combination instrument |
CN103112459A (en) * | 2011-11-17 | 2013-05-22 | 中国北车股份有限公司大连电力牵引研发中心 | Engine control device, engine control system and engine control method |
US20130227648A1 (en) * | 2011-11-16 | 2013-08-29 | Flextronics Ap, Llc | On board vehicle network security |
CN105553946A (en) * | 2015-12-08 | 2016-05-04 | 严威 | Vehicle-mounted system based on CAN bus firewall and control method thereof |
CN105867314A (en) * | 2015-01-20 | 2016-08-17 | 株式会社日立制作所 | Remote monitoring system and communication method thereof |
CN106357633A (en) * | 2016-09-07 | 2017-01-25 | 惠州市德赛西威汽车电子股份有限公司 | Method and device for protecting car TCU data |
-
2018
- 2018-08-31 CN CN201811009179.1A patent/CN109344609B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101242380A (en) * | 2007-02-07 | 2008-08-13 | 株式会社日立制作所 | On-vehicle gateway device, controlling method thereof, connecting device and connection controlling method thereof |
CN101446830A (en) * | 2008-12-25 | 2009-06-03 | 奇瑞汽车股份有限公司 | Vehicle fault diagnosis instrument and fault diagnosis method |
CN102416872A (en) * | 2011-10-14 | 2012-04-18 | 奇瑞汽车股份有限公司 | Method and device for acquiring vehicle speed signal for automobile combination instrument |
US20130227648A1 (en) * | 2011-11-16 | 2013-08-29 | Flextronics Ap, Llc | On board vehicle network security |
CN103112459A (en) * | 2011-11-17 | 2013-05-22 | 中国北车股份有限公司大连电力牵引研发中心 | Engine control device, engine control system and engine control method |
CN105867314A (en) * | 2015-01-20 | 2016-08-17 | 株式会社日立制作所 | Remote monitoring system and communication method thereof |
CN105553946A (en) * | 2015-12-08 | 2016-05-04 | 严威 | Vehicle-mounted system based on CAN bus firewall and control method thereof |
CN106357633A (en) * | 2016-09-07 | 2017-01-25 | 惠州市德赛西威汽车电子股份有限公司 | Method and device for protecting car TCU data |
Non-Patent Citations (1)
Title |
---|
赵磊主编: "《电脑组装自由做主》", 31 December 2009 * |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113678408A (en) * | 2019-03-29 | 2021-11-19 | 马自达汽车株式会社 | Vehicle computing system and method for processing received data |
CN110266717A (en) * | 2019-07-03 | 2019-09-20 | 北京百度网讯科技有限公司 | Information detecting method and device |
CN111314354A (en) * | 2020-02-19 | 2020-06-19 | 北京天融信网络安全技术有限公司 | Intelligent vehicle communication method and device |
CN111464417A (en) * | 2020-04-09 | 2020-07-28 | 东风汽车集团有限公司 | Vehicle-mounted network architecture based on gigabit Ethernet bus and communication method |
CN112258683A (en) * | 2020-10-20 | 2021-01-22 | 云账户技术(天津)有限公司 | Inspection method and device for business system |
CN112258683B (en) * | 2020-10-20 | 2022-07-01 | 云账户技术(天津)有限公司 | Inspection method and device for business system |
CN115223273A (en) * | 2021-04-21 | 2022-10-21 | 广州汽车集团股份有限公司 | TCU data monitoring method and device, terminal equipment and storage medium |
CN115223273B (en) * | 2021-04-21 | 2024-02-23 | 广州汽车集团股份有限公司 | TCU data monitoring method and device, terminal equipment and storage medium |
CN115102706A (en) * | 2022-04-27 | 2022-09-23 | 麦格纳斯太尔汽车技术(上海)有限公司 | HOST-IDS safety detection system and method for vehicle ECU |
CN115102706B (en) * | 2022-04-27 | 2023-10-20 | 麦格纳斯太尔汽车技术(上海)有限公司 | HOST-IDS safety detection system and method of vehicle ECU |
Also Published As
Publication number | Publication date |
---|---|
CN109344609B (en) | 2023-02-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109344609A (en) | A kind of TCU module, TCU system and guard method | |
KR102642875B1 (en) | Systems and methods for providing security to in-vehicle networks | |
JP7194396B2 (en) | Specially programmed computing system with associated devices configured to implement secure lockdown and method of use | |
KR102524204B1 (en) | Apparatus and method for intrusion response in vehicle network | |
EP2474934A1 (en) | Unauthorized process detection method and unauthorized process detection system | |
KR102433928B1 (en) | System for Managing Cyber Security of Autonomous Ship | |
JP7253663B2 (en) | MONITORING DEVICE, MONITORING SYSTEM AND MONITORING METHOD | |
US20140230012A1 (en) | Systems, methods, and media for policy-based monitoring and controlling of applications | |
CN103679028A (en) | Software behavior monitoring method and terminal | |
CN106559399A (en) | A kind of the Internet mobile terminal synthesis managing and control system | |
Hamad et al. | Red-Zone: Towards an Intrusion Response Framework for Intra-vehicle System. | |
CN114418263A (en) | A defense system for power monitoring device of thermal power plant | |
CN113382076A (en) | Internet of things terminal security threat analysis method and protection method | |
CN113132318A (en) | Active defense method and system for information safety of power distribution automation system master station | |
CN112839031A (en) | Industrial control network security protection system and method | |
CN109241769B (en) | Electronic equipment privacy safety early warning method and system | |
CN105701415B (en) | A kind of mobile terminal kernel Rights Management System and method | |
Hagan et al. | Policy-based security modelling and enforcement approach for emerging embedded architectures | |
CN108768996A (en) | A kind of detection guard system of SQL injection attack | |
EP4106278A1 (en) | System and method for detecting intrusion into in-vehicle network | |
CN113110354A (en) | Ferry-based industrial data security system and method | |
CN107070913B (en) | Webshell attack-based detection and protection method and system | |
CN111859473A (en) | External terminal protection equipment and protection system based on space detection | |
CN111291390A (en) | Key data safety destruction triggering system and triggering method | |
CN114884993B (en) | Virtualized android system for enhancing data security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |