CN111061250B - Automobile CAN bus information safety testing method - Google Patents
Automobile CAN bus information safety testing method Download PDFInfo
- Publication number
- CN111061250B CN111061250B CN201911320809.1A CN201911320809A CN111061250B CN 111061250 B CN111061250 B CN 111061250B CN 201911320809 A CN201911320809 A CN 201911320809A CN 111061250 B CN111061250 B CN 111061250B
- Authority
- CN
- China
- Prior art keywords
- bus
- automobile
- data
- test
- vehicle
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B23/00—Testing or monitoring of control systems or parts thereof
- G05B23/02—Electric testing or monitoring
- G05B23/0205—Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
- G05B23/0218—Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults
- G05B23/0224—Process history based detection method, e.g. whereby history implies the availability of large amounts of data
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/24—Pc safety
- G05B2219/24065—Real time diagnostics
Abstract
The invention provides a method for testing the information safety of an automobile CAN bus, which comprises the steps of identifying pins of the automobile CAN bus; identifying the Baud rate of the CAN bus of the automobile; reading automobile CAN bus data; generating automobile CAN bus safety test data, analyzing the CAN bus data, and producing a specific test data packet aiming at each path of CAN bus data; sending CAN bus safety data, observing the state of the automobile, and judging whether the automobile has a safety problem or not; and analyzing the loopholes obtained by the test, outputting a loophole analysis report, and giving a repair suggestion. The invention has the beneficial effects that: the bidirectional data transmission of the bus can be realized, the bus fault can be monitored in real time, and the bus can be ensured not to lose frames and the bus data can be stably received; the CAN bus security vulnerability testing method CAN test and analyze the CAN bus security vulnerability before the vehicle is on the market, give a repair suggestion and provide a good guiding function for the information security testing of the CAN bus.
Description
Technical Field
The invention belongs to the field of automobile safety, and particularly relates to an automobile CAN bus information safety testing method.
Background
With the rapid development of the intelligent networking automobile technology, the automobile information safety problem is increasingly highlighted. How to effectively avoid the problem of automobile information safety needs to strengthen the information safety test of automobiles, discover the existing safety problem in time and repair the safety problem. However, a mature automobile information safety test method, a test tool and a test system are not formed aiming at the information safety of the intelligent networking automobile CAN bus.
Disclosure of Invention
In view of the above, the present invention is directed to a method for testing information security of a CAN bus of an automobile, so as to solve the above-mentioned problems.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
a method for testing information safety of an automobile CAN bus comprises the following steps:
A. identifying a pin of an automobile CAN bus;
B. identifying the Baud rate of the CAN bus of the automobile;
C. reading automobile CAN bus data;
D. generating automobile CAN bus safety test data, analyzing the CAN bus data acquired in the step C, and producing a specific test data packet aiming at each path of CAN bus data;
E. sending CAN bus safety data, observing the state of the automobile, and judging whether the automobile has a safety problem or not;
F. and performing reverse analysis on the data message of the tested loophole, analyzing the meaning of the communication signal, outputting a loophole analysis report and giving a repair suggestion.
Further, the specific steps of the step a are as follows:
A1. the test vehicle was flamed out for 5 minutes;
A2. measuring resistance values between two pins in 16 pins of an On-Board Diagnostics (OBD) interface of the automobile one by using a universal meter, if the resistance values are displayed to be about 60 ohms, the two pins are one-way CAN bus of the automobile, and finding out all CAN buses of the automobile according to the operation;
A3. and respectively measuring the voltage difference of a pair of pins corresponding to the CAN bus by using an oscilloscope, and finding out all CANH and CANL.
Furthermore, in the step B, a tester connects the CAN bus test equipment to the automobile OBD interface, and selects a mode for automatically identifying the baud rate, so that the baud rate of each bus CAN be correctly identified; if the baud rate cannot be identified, traversing the common baud rate until the equipment can acquire the whole vehicle message, and indicating that the baud rate is correct.
Further, in the step C, all high, medium, and low speed CAN messages of the entire vehicle are collected by using the bus data analysis device, and the CAN bus data of each path is stored separately.
Further, in the step D, traversing all IDs within the range of 0x00-0x7FF of the high-speed CAN and the low-speed CAN by using a brute force breaking algorithm, and performing a brute force breaking test on the tested vehicle;
positioning 8 bytes of data of each effective ID by utilizing a dichotomy, reversely obtaining a control instruction of the vehicle action, and cracking the ID and the corresponding bytes of the vehicle action;
a packet data packet with high priority is sent to the high-speed CAN and the low-speed CAN by using a denial of service algorithm to perform denial of service test on the vehicle bus;
and sending a data packet of a diagnostic service scanning algorithm to pins 6 and 14 of the OBD interface, and compiling a sub-service blasting algorithm aiming at the scanned service to test the encryption degree of the ECU security access algorithm.
Further, the application data packet is sent to the whole automobile through the OBD in the step E, and whether the automobile has the problems that a bus is closed due to overhigh load rate, and the power system and the comfortable entertainment system of the automobile are influenced or not is observed;
and sending the diagnosis data packet to the whole vehicle through OBD, collecting a response message of the whole vehicle, analyzing whether the vehicle has a security access 27 service loss, a security access algorithm is too weak, and a vulnerability without fingerprint verification added in programming, and observing whether the vehicle has the problems of tampering calibration, malicious programming and control action.
Compared with the prior art, the method for testing the information safety of the automobile CAN bus has the following advantages:
the automobile CAN bus information safety test method CAN realize bus bidirectional data transmission, monitor bus faults in real time, and ensure that the bus does not lose frames and bus data is stably received; the CAN bus security vulnerability CAN be tested and analyzed before the vehicle is on the market, and a repair suggestion is given, so that a good guiding function is provided for the information security test of the CAN bus; the method CAN effectively make up the technical blank in the field and promote the improvement of the information safety test level of the automobile CAN bus.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate an embodiment of the invention and, together with the description, serve to explain the invention and not to limit the invention. In the drawings:
FIG. 1 is a flow chart of a method for testing information security of a CAN bus of an automobile according to an embodiment of the present invention;
FIG. 2 is a block diagram of a test structure according to an embodiment of the present invention.
Detailed Description
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
As shown in fig. 1, a method for testing the information security of a CAN bus of an automobile includes the following steps:
A. identifying a pin of an automobile CAN bus;
B. identifying the Baud rate of the CAN bus of the automobile;
C. reading automobile CAN bus data;
D. generating automobile CAN bus safety test data, analyzing the CAN bus data acquired in the step C, and producing a specific test data packet aiming at each path of CAN bus data;
E. sending CAN bus safety data, observing the state of the automobile, and judging whether the automobile has a safety problem or not;
F. and performing reverse analysis on the data message of the tested loophole, analyzing the meaning of the communication signal, outputting a loophole analysis report and giving a repair suggestion.
Further, the specific steps of the step a are as follows:
A1. the test vehicle was flamed out for 5 minutes;
A2. measuring resistance values between two pins in 16 pins of an On-Board Diagnostics (OBD) interface of the automobile one by using a universal meter, if the resistance values are displayed to be about 60 ohms, the two pins are one-way CAN bus of the automobile, and finding out all CAN buses of the automobile according to the operation;
A3. and respectively measuring the voltage difference of a pair of pins corresponding to the CAN bus by using an oscilloscope, and finding out all CANH and CANL.
Furthermore, in the step B, a tester connects the CAN bus test equipment to the automobile OBD interface, and selects a mode for automatically identifying the baud rate, so that the baud rate of each bus CAN be correctly identified; if the common baud rate cannot be identified, traversing the common baud rate until the device can acquire the whole vehicle message, wherein the baud rate is correct, and the common baud rates for vehicle communication are 1Mbps, 500kbps, 250kbps, 125kbps, 100kbps and 33.33 kbps.
Further, in the step C, all high, medium, and low speed CAN messages of the entire vehicle are collected by using the bus data analysis device, and the CAN bus data of each path is stored separately.
Further, in the step D, traversing all IDs within the range of 0x00-0x7FF of the high-speed CAN and the low-speed CAN by using a brute force breaking algorithm, and performing a brute force breaking test on the tested vehicle;
positioning 8 bytes of data of each effective ID by utilizing a dichotomy, reversely obtaining a control instruction of the vehicle action, and cracking the ID and the corresponding bytes of the vehicle action;
a packet data packet with high priority (the smaller the ID packet value, the higher the priority) is sent to the high-speed CAN and the low-speed CAN by using a denial of service algorithm to perform denial of service test on a vehicle bus;
and sending a data packet of a diagnostic service scanning algorithm to pins 6 and 14 of the OBD interface, and compiling a sub-service blasting algorithm aiming at the scanned service to test the encryption degree of the ECU security access algorithm. According to the national standard, the communication of the general automobile diagnosis service is carried out on the pins 6 and 14, so that the pins 6 and 14 of the OBD interface are used.
Further, the application data packet is sent to the whole automobile through the OBD in the step E, and whether the automobile has the problems that a bus is closed due to overhigh load rate, and the power system and the comfortable entertainment system of the automobile are influenced or not is observed;
and sending the diagnosis data packet to the whole vehicle through OBD, collecting a response message of the whole vehicle, analyzing whether the vehicle has a security access 27 service loss, a security access algorithm is too weak, and a vulnerability without fingerprint verification added in programming, and observing whether the vehicle has the problems of tampering calibration, malicious programming and control action.
As shown in fig. 2, the test structure of the present embodiment is: set up the OBD interface in the information security test vehicle, the OBD interface connects gradually bus data analysis equipment, USB interface and test computer, wherein, bus data analysis equipment is including CAN transceiver, CAN controller and the singlechip that connects gradually, CAN transceiver and OBD interface connection, the singlechip with be connected with the test computer through the USB interface.
The single chip microcomputer is a USB flash memory single chip microcomputer, the CAN controller is MCP2515 in model, the CAN transceiver is MCP2561 in model, a DB9 male interface is adopted as a CAN bus interface, CAN2.0A and CAN2.0B protocols are supported, and the standard is in accordance with ISO/DIS 11898.
When the equipment is connected to the vehicle bus and works normally, the CAN message on the bus CAN be received on the testing computer immediately after the baud rate is set. Similarly, after the device is connected with the tested bus, the data of different algorithms such as the fuzzy test algorithm, the denial of service algorithm, the dichotomy and the like can be sent to the tested bus by using the sending interface. The transceiving data supports any CAN2.0A/B format standard.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (6)
1. A method for testing information safety of an automobile CAN bus is characterized by comprising the following steps:
A. identifying a pin of an automobile CAN bus;
B. identifying the Baud rate of the CAN bus of the automobile;
C. reading automobile CAN bus data;
D. generating automobile CAN bus safety test data, analyzing the CAN bus data acquired in the step C, and producing a specific test data packet aiming at each path of CAN bus data;
E. sending CAN bus safety data, observing the state of the automobile, and judging whether the automobile has a safety problem or not;
F. and performing reverse analysis on the data message of the tested loophole, analyzing the meaning of the communication signal, outputting a loophole analysis report and giving a repair suggestion.
2. The method for testing the information safety of the CAN bus of the automobile according to claim 1, wherein the specific steps of the step A are as follows:
A1. the test vehicle was flamed out for 5 minutes;
A2. measuring resistance values between two pins in 16 pins of an On-Board Diagnostics (OBD) interface of the automobile one by using a universal meter, if the resistance values are displayed to be about 60 ohms, the two pins are one-way CAN bus of the automobile, and finding out all CAN buses of the automobile according to the operation;
A3. and respectively measuring the voltage difference of a pair of pins corresponding to the CAN bus by using an oscilloscope, and finding out all CANH and CANL.
3. The method for testing the information safety of the CAN bus of the automobile according to claim 1, which is characterized in that: in the step B, a tester connects the CAN bus test equipment with an automobile OBD interface, and selects a mode for automatically identifying the baud rate, so that the baud rate of each bus CAN be correctly identified; if the baud rate cannot be identified, traversing the common baud rate until the equipment can acquire the whole vehicle message, and indicating that the baud rate is correct.
4. The method for testing the information safety of the CAN bus of the automobile according to claim 1, which is characterized in that: and C, respectively collecting all high-speed, medium-speed and low-speed CAN messages of the whole vehicle by using bus data analysis equipment, and independently storing the CAN bus data of each path.
5. The method for testing the information safety of the CAN bus of the automobile according to claim 1, which is characterized in that: d, traversing all IDs within the range of 0x00-0x7FF of the high-speed CAN and the low-speed CAN by using a brute force breaking algorithm, and carrying out brute force breaking test on the test vehicle;
positioning 8 bytes of data of each effective ID by utilizing a dichotomy, reversely obtaining a control instruction of the vehicle action, and cracking the ID and the corresponding bytes of the vehicle action;
a packet data packet with high priority is sent to the high-speed CAN and the low-speed CAN by using a denial of service algorithm to perform denial of service test on the vehicle bus;
and sending a data packet of a diagnostic service scanning algorithm to pins 6 and 14 of the OBD interface, and compiling a sub-service blasting algorithm aiming at the scanned service to test the encryption degree of the ECU security access algorithm.
6. The method for testing the information safety of the CAN bus of the automobile according to claim 1, which is characterized in that: e, sending the application data packet to the whole automobile through OBD, and observing whether the automobile has the problems that a bus is closed due to overhigh load rate, and an automobile power system and a comfortable entertainment system are influenced;
and sending the diagnosis data packet to the whole vehicle through OBD, collecting a response message of the whole vehicle, analyzing whether the vehicle has a security access 27 service loss, a security access algorithm is too weak, and a vulnerability without fingerprint verification added in programming, and observing whether the vehicle has the problems of tampering calibration, malicious programming and control action.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911320809.1A CN111061250B (en) | 2019-12-19 | 2019-12-19 | Automobile CAN bus information safety testing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911320809.1A CN111061250B (en) | 2019-12-19 | 2019-12-19 | Automobile CAN bus information safety testing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111061250A CN111061250A (en) | 2020-04-24 |
| CN111061250B true CN111061250B (en) | 2021-06-04 |
Family
ID=70302436
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911320809.1A Active CN111061250B (en) | 2019-12-19 | 2019-12-19 | Automobile CAN bus information safety testing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111061250B (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111813080A (en) * | 2020-06-30 | 2020-10-23 | 深圳市元征科技股份有限公司 | CAN bus pin identification method and device of vehicle OBD interface |
| CN111999073A (en) * | 2020-08-20 | 2020-11-27 | 工业和信息化部计算机与微电子发展研究中心(中国软件评测中心) | Safety detection method and system for vehicle information transmission |
| CN112051834B (en) * | 2020-09-02 | 2021-10-08 | 柏科智能(厦门)科技有限公司 | Universal vehicle data acquisition/simulation method and system |
| CN112241158A (en) * | 2020-10-20 | 2021-01-19 | 上海星融汽车科技有限公司 | Vehicle OBD port CAN communication pin detection method, system and diagnosis equipment |
| CN112596962A (en) * | 2020-12-08 | 2021-04-02 | 国汽(北京)智能网联汽车研究院有限公司 | Automobile CAN bus penetration test system and method |
| CN112600711B (en) * | 2020-12-21 | 2023-03-14 | 上海星融汽车科技有限公司 | Real vehicle bus data remote cloning system and method |
| CN113067723A (en) * | 2021-03-02 | 2021-07-02 | 深圳市道通科技股份有限公司 | Automobile bus fault analysis method, diagnosis equipment and bus fault analysis system |
| CN113093710B (en) * | 2021-04-09 | 2022-07-19 | 深圳市道通科技股份有限公司 | Bus data analysis method, device and equipment and automobile diagnosis system |
| CN113589793B (en) * | 2021-07-30 | 2022-07-22 | 中汽院(重庆)汽车检测有限公司 | Automobile bus network design safety detection method |
| CN113688397A (en) * | 2021-08-20 | 2021-11-23 | 泰安北航科技园信息科技有限公司 | System for automatically detecting bus defect loophole |
| CN113805567B (en) * | 2021-09-22 | 2023-10-13 | 中车株洲电力机车有限公司 | MVB fault diagnosis method, train control unit and rail locomotive |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102082708A (en) * | 2011-01-18 | 2011-06-01 | 上海三一科技有限公司 | Crawler crane CAN (Controller Area Network) bus online diagnostic system |
| CN105159269A (en) * | 2014-05-30 | 2015-12-16 | 广州汽车集团股份有限公司 | Method and apparatus of identifying definition of pin of on board diagnostics interface |
| CN106487630A (en) * | 2016-12-02 | 2017-03-08 | 北京奇虎科技有限公司 | A kind of method and apparatus that vehicle safety is detected based on test case |
| DE102016013669A1 (en) * | 2016-11-16 | 2017-05-24 | Daimler Ag | Method for operating a data communication system |
| CN109361569A (en) * | 2018-11-26 | 2019-02-19 | 中汽研(天津)汽车工程研究院有限公司 | CAN bus based communication diagnostic trouble code automatization test system and test method |
| CN110162008A (en) * | 2019-05-10 | 2019-08-23 | 中国汽车技术研究中心有限公司 | A kind of new energy vehicle CAN bus analytic method |
-
2019
- 2019-12-19 CN CN201911320809.1A patent/CN111061250B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102082708A (en) * | 2011-01-18 | 2011-06-01 | 上海三一科技有限公司 | Crawler crane CAN (Controller Area Network) bus online diagnostic system |
| CN105159269A (en) * | 2014-05-30 | 2015-12-16 | 广州汽车集团股份有限公司 | Method and apparatus of identifying definition of pin of on board diagnostics interface |
| DE102016013669A1 (en) * | 2016-11-16 | 2017-05-24 | Daimler Ag | Method for operating a data communication system |
| CN106487630A (en) * | 2016-12-02 | 2017-03-08 | 北京奇虎科技有限公司 | A kind of method and apparatus that vehicle safety is detected based on test case |
| CN109361569A (en) * | 2018-11-26 | 2019-02-19 | 中汽研(天津)汽车工程研究院有限公司 | CAN bus based communication diagnostic trouble code automatization test system and test method |
| CN110162008A (en) * | 2019-05-10 | 2019-08-23 | 中国汽车技术研究中心有限公司 | A kind of new energy vehicle CAN bus analytic method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111061250A (en) | 2020-04-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111061250B (en) | Automobile CAN bus information safety testing method | |
| WO2019128929A1 (en) | Obd interface bus type detection method and device | |
| CN106104636B (en) | Automobile detection system using network-based computing infrastructure | |
| EP3133774B1 (en) | Vehicle-mounted network system, abnormality detection electronic control unit and abnormality detection method | |
| CN108207039B (en) | Safe transmission method of vehicle-mounted data, external equipment and vehicle-mounted gateway | |
| CN110162008B (en) | CAN bus analysis method for new energy vehicle | |
| CN105450645B (en) | On-board automatic diagnosis system data transmission method | |
| CN107544463B (en) | Automatic test method and test device for diagnosis function of vehicle controller | |
| CN101916087B (en) | Diagnostic testing system based on CANoe | |
| US9082242B2 (en) | Vehicle network health assessment | |
| US20160110929A1 (en) | Method and system for providing vehicle security service | |
| WO2019141114A1 (en) | Vehicle diagnosis method and device | |
| CN104734911A (en) | CAN bus network management test system and method | |
| CN110233768B (en) | UDS-based CAN bus test system and CAN bus test method | |
| CN110750790B (en) | CAN bus vulnerability detection method and device, terminal equipment and medium | |
| CN112596962A (en) | Automobile CAN bus penetration test system and method | |
| CN111999073A (en) | Safety detection method and system for vehicle information transmission | |
| CN111538312A (en) | Vehicle remote diagnosis method, system, equipment connector and vehicle connector | |
| CN113608518B (en) | Data generation method, device, terminal equipment and medium | |
| Frassinelli et al. | I know where you parked last summer: Automated reverse engineering and privacy analysis of modern cars | |
| CN108334058A (en) | A kind of diagnostic system and method based on car body controller | |
| CN113114659B (en) | Diagnostic equipment detection method and device, terminal equipment and storage medium | |
| Perişoară et al. | Vehicles diagnosis based on LabVIEW and CAN interfaces | |
| CN115951647A (en) | Abnormal event detection method and system for UDS vehicle diagnosis service scene | |
| CN104980316B (en) | data link monitoring method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |