CN111865743A - Vehicle CAN bus fuzzy test method, system, electronic equipment and storage medium - Google Patents
Vehicle CAN bus fuzzy test method, system, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111865743A CN111865743A CN202010639434.1A CN202010639434A CN111865743A CN 111865743 A CN111865743 A CN 111865743A CN 202010639434 A CN202010639434 A CN 202010639434A CN 111865743 A CN111865743 A CN 111865743A
- Authority
- CN
- China
- Prior art keywords
- data
- packet
- bus
- test data
- diagnostic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L12/40006—Architecture of a communication node
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a vehicle CAN bus fuzzy test method, which is used for discovering potential bugs in a vehicle CAN network and improving the driving safety of a vehicle. The fuzz testing method comprises the following steps: generating conventional packet test data for a conventional data packet, specifically: legal data transmitted by the vehicle ECU on the CAN bus is acquired, and fuzzy variation is carried out on the legal data based on a fuzzy test principle to generate conventional packet test data. Generating diagnostic packet test data for the diagnostic data packet, specifically: and generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and the fuzzy test principle. And then, sending the normal packet test data and the diagnosis packet test data to the tested CAN bus. In addition, the invention also discloses a vehicle CAN bus fuzzy test system, electronic equipment and a computer readable storage medium.
Description
Technical Field
The invention relates to the technical field of vehicle network safety, in particular to a vehicle CAN bus fuzzy test method, a vehicle CAN bus fuzzy test system, electronic equipment and a computer readable storage medium.
Background
The CAN bus is a serial communication network and has stronger anti-interference capability due to the characteristics of a data structure and a communication mode. The vehicle ECU (Electronic Control Unit) and the ECU carry out information interaction through the CAN network, the ECU broadcasts a data message with a specific ID to the CAN network when sending information, and other ECUs connected to the CAN network CAN selectively receive or respond to the message according to the message ID so as to Control the vehicle to execute corresponding actions.
The vehicle CAN network is flooded with a large number of packets, and the packets on the vehicle CAN network are divided into regular packets and diagnostic packets according to whether the packets comply with a Universal Diagnostic Service (UDS). Both regular data packets and diagnostic data packets may be used to control the vehicle, thereby posing a threat to the driving safety of the vehicle. Serious network security threats usually need to enter a vehicle CAN network, so that control over a vehicle ECU is realized, and the driving safety of a vehicle is influenced. For this reason, it is necessary to take safety measures to prevent illegal data from entering the vehicle CAN network.
The fuzzy test is used as an important test means and a vulnerability mining method and is applied to a plurality of fields, but due to various problems such as data structure difference, the fuzzy test method is not applied to a vehicle CAN network at present.
Disclosure of Invention
The invention aims to provide a vehicle CAN bus fuzzy test method, a vehicle CAN bus fuzzy test system, an electronic equipment device and a computer readable storage medium, so as to discover potential bugs in a vehicle CAN network and improve the driving safety of a vehicle.
In order to achieve the aim, the invention provides a vehicle CAN bus fuzzy test method, which comprises the following steps: generating regular packet test data for regular data packets: legal data transmitted by a vehicle ECU on a CAN bus is obtained, and fuzzy variation is carried out on the legal data based on a fuzzy test principle to generate the conventional packet test data; generating diagnostic packet test data for the diagnostic data packet: generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and a fuzzy test principle; and sending the test data of the conventional packet and the test data of the diagnosis packet to a tested CAN bus.
Specifically, the "obfuscating the legal data based on the obfuscation test principle" includes deleting, adding, and modifying at least one of partial bytes, and partial bytes of the legal data.
Preferably, the "generating the diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and the fuzzy test principle" specifically includes: and generating diagnosis packet test data conforming to the unified diagnosis service table based on the unified diagnosis service table.
Preferably, the normal packet test data and/or the diagnosis packet test data are sent to the tested CAN bus, and simultaneously, the data layer of the CAN bus is monitored in real time to obtain the abnormality of the CAN bus.
In order to achieve the purpose, the invention provides a vehicle CAN bus fuzzy test system which comprises a conventional packet test data generator, a diagnosis packet test data generator and a data sending module. Wherein the regular packet test data generator is configured to generate regular packet test data for a regular data packet, which performs: legal data transmitted by the vehicle ECU on the CAN bus is obtained, and fuzzy variation is carried out on the legal data based on a fuzzy test principle to generate the conventional packet test data. The diagnostic packet test data generator is for generating diagnostic packet test data for a diagnostic data packet, which performs: and generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and the fuzzy test principle. And the data sending module is used for sending the conventional packet test data and the diagnosis packet test data to the tested CAN bus.
Specifically, the regular packet test data generator performs fuzzy mutation on the legal data, including at least one of deleting partial bytes, adding partial bytes, and changing partial bytes of the legal data.
Preferably, the diagnostic package test data generator generates diagnostic package test data conforming to a unified diagnostic service table based on the unified diagnostic service table.
Preferably, the vehicle CAN bus fuzzy test system further comprises a monitor, wherein the monitor is used for monitoring a data layer of the CAN bus in real time to obtain the abnormality of the CAN bus while the regular packet test data and/or the diagnosis packet test data are transmitted to the tested CAN bus.
To achieve the above object, the present invention also provides an electronic device comprising one or more processors and a memory for storing one or more computer programs, which when executed by the one or more processors, perform the vehicle CAN bus fuzz testing method as described above.
To achieve the above object, the present invention also provides a computer-readable storage medium storing a computer program executable by a processor to perform the vehicle CAN bus fuzz testing method as described above.
Compared with the prior art, the method and the device generate the fuzzy test data suitable for the vehicle CAN network so as to discover the potential bugs in the vehicle CAN network, thereby improving the driving safety of the vehicle. In addition, the invention respectively generates test data for two different types of data packets in the CAN network based on different principles; for a conventional data packet, conventional packet test data is generated in a variation mode, and the variation data is legal data transmitted by a CAN network, so that the generated fuzz test data (the conventional packet test data) is closer to real data, the deception of the test data is improved, and the result of the fuzz test is more accurate; and for the diagnosis data packet, the diagnosis packet test data conforming to the UDS diagnosis protocol is generated based on the UDS diagnosis protocol, so that the problem that fuzzy test data (diagnosis packet test data) generated by adopting a random generation mode falls outside an effective range is avoided, and the test efficiency is improved.
Drawings
FIG. 1 is a block diagram of a vehicle CAN bus fuzzy test system according to an embodiment of the present invention.
FIG. 2 is a flowchart illustrating a conventional packet test data generation process according to an embodiment of the present invention.
FIG. 3 is a flowchart illustrating the generation of test data for a diagnostic package according to an embodiment of the present invention.
Fig. 4 is a block diagram of a composition structure of an embodiment of an electronic device according to the invention.
Detailed Description
In order to explain technical contents and structural features of the present invention in detail, the following description is further made with reference to the accompanying drawings. It is to be understood that the described embodiments are merely a subset of embodiments of the invention and not all embodiments of the invention, with the understanding that the invention is not limited to the example embodiments described herein. All other embodiments, which can be derived by a person skilled in the art from the described embodiments without inventive effort, shall fall within the scope of protection of the invention.
An embodiment of the invention provides a vehicle CAN bus fuzzy test method to discover potential bugs in a vehicle CAN network and improve vehicle driving safety. The vehicle CAN bus fuzzy test method comprises the following steps:
generating conventional packet test data for a conventional data packet, specifically: legal data transmitted by the vehicle ECU on the CAN bus is acquired, and fuzzy variation is carried out on the legal data based on a fuzzy test principle to generate conventional packet test data.
Generating diagnostic packet test data for the diagnostic data packet, specifically: and generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and the fuzzy test principle.
And sending the conventional packet test data and the diagnosis packet test data to the tested CAN bus, and simultaneously monitoring the data layer of the CAN bus in real time to obtain the influence of the test data on the data layer of the CAN bus, thereby realizing the monitoring of abnormal data of the data layer and discovering bugs existing in a CAN network of the vehicle. Furthermore, abnormal responses of the vehicle body can be observed simultaneously to evaluate the direct influence of the fuzzy test on the vehicle functions.
In this embodiment, for generating the diagnostic packet test data for the regular data packet, based on a legal input, a part of bytes in the diagnostic packet test data is mutated (for example, a part of bytes of the legal data is deleted, a byte is added to the legal data, a part of bytes of the legal data is changed, and the like) to obtain the regular packet test data, and then whether a corresponding security hole exists is obtained according to a response condition of the CAN network to the regular packet test data. Since the definition of the conventional packet encoding is completely dependent on the vehicle manufacturer, and no related application layer protocol limits the effective range of the data and the relationship between data bytes, the conventional packet test data can be generated by adopting a variation-based method. And because the conventional packet test data is from the legal data transmitted by the legal ECU in the vehicle in the CAN network in real time, the generated fuzz test data (the conventional packet test data) CAN be closer to the real data, the deception of the test data is improved, and the result of the fuzz test is more accurate.
As shown in fig. 2, generating the regular packet test data for the regular data packet specifically includes the following steps:
s101, receiving a frame of legal data.
At S102, a random number site (one frame of CAN data includes 8 bytes from 0 to 7) from 0 to 7 is randomly generated to determine the head position of the mutation data, pre _ site.
S103, generating a varied byte length len within the boundary range [1,8-site ] (since at least one byte is varied, the minimum value of len is 1, and the maximum value is limited by the difference between the maximum length 8 of a frame of CAN data and the first position site of the variation).
S104, generating random data of the current position site, and enabling pre _ site + 1.
S105, judging whether pre _ site is larger than pre _ site + len; if not, returning to the step S104; if yes, the process is ended.
Because the diagnostic data packet strictly follows the UDS diagnostic protocol, the UDS diagnostic protocol specifies that the first byte of the data frame is the effective length of the data frame, the second byte is the main service, the third byte is the sub-function, the definition of the first three bytes has already been defined into the effective range, if a complete random number generation method is adopted, the generated fuzzy test data CAN fall outside the effective range, and the vehicle CAN network CAN make a uniform rejection response to the diagnostic data packet beyond the range in most cases, so that the efficiency of the fuzzy test CAN be obviously reduced. Therefore, in the present embodiment, unlike the conventional packet test data, which uses a legal input as a starting point, the diagnostic packet test data for the diagnostic data packet, which uses a protocol or a file description as an initial input, by knowing the byte, the data type, the valid value, and the relationship between the byte and other bytes of the UDS diagnostic protocol, a partially valid input is created from the beginning, the problem that the fuzz test data (diagnostic packet test data) generated in a random generation manner falls outside the valid range is avoided, and the test efficiency is improved. Furthermore, since diagnostic packets are normally not present in the CAN network, which are only derived from the session between the diagnostic tool and the ECU, it is impractical to collect a large number of diagnostic packets from the vehicle itself for mutation, as is the generation of regular packet test data for regular packets.
To meet different requirements, a plurality of diagnostic services are specified in ISO14229-1, with a one-to-one correspondence between each service ID and service function. In this embodiment, the diagnostic packet test data conforming to the unified diagnostic service table is generated based on the unified diagnostic service table (a relational table of the main service ID, the sub function ID, and the service function which prescribe the UDS diagnostic protocol). Therefore, the validity of the test data CAN be ensured, the generation of invalid service or sub-functions which do not exist under the service CAN be avoided, the interference of the test data of the diagnosis packet to the CAN network is improved, and the test efficiency CAN be improved.
As shown in fig. 3, in this embodiment, generating the diagnostic packet test data for the diagnostic data packet specifically includes the following steps:
s201, randomly generating an effective Length in Byte0 (0 th Byte), where the effective Length is [0x02,0x07 ].
S202, query the valid host Service list and generate a host Service at Byte1 (Byte 1).
S203, judging whether the sub-functions are supported, if so, executing a step S204; if not, go to step S205.
S204, query the sub-function list in Service and generate sub-function sub-Service in Byte2 (Byte 2), and then execute step S206.
S205, the sub-function byte is randomly generated, and then step S206 is performed.
S206, if the current random Byte is 2, let Byte + 1.
S207, judging whether the Byte is more than or equal to the Length + 1; if yes, ending; if not, go to step S208.
S208, randomly generates the current byte, and returns to step S206.
Referring to fig. 1, an embodiment of the present invention further discloses a vehicle CAN bus fuzzy test system, which includes a fuzzy test engine, a data transmission module 330 and a monitor 340, wherein the fuzzy test engine includes a regular packet test data generator 310 and a diagnostic packet test data generator 320. Wherein the regular packet test data generator 310 is configured to generate regular packet test data for the regular data packet, and performs: legal data transmitted by the vehicle ECU on the CAN bus is acquired, and fuzzy variation is carried out on the legal data based on a fuzzy test principle to generate conventional packet test data. The diagnostic packet test data generator 320 is for generating diagnostic packet test data for the diagnostic data packet, which performs: and generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and the fuzzy test principle. The data sending module 330 is configured to send the normal packet test data and the diagnostic packet test data to the tested CAN bus. The monitor 340 is configured to monitor the data layer of the CAN bus in real time to obtain an influence of the test data on the data layer of the CAN bus while the normal packet test data and/or the diagnostic packet test data are sent to the tested CAN bus, so as to monitor abnormal data of the data layer and discover a bug existing in the CAN network. Furthermore, abnormal responses of the vehicle body CAN be observed simultaneously to evaluate the influence of the fuzzy test on the vehicle function directly, and the abnormality of the CAN bus is obtained.
Specifically, in this embodiment, the regular packet test data generator 310 obtains the regular packet test data by mutating a part of bytes (for example, deleting a part of bytes of the legal data, adding bytes to the legal data, changing a part of bytes of the legal data, etc.) based on a legal input, and then obtains whether a corresponding security hole exists according to a response condition of the CAN network to the regular packet test data. Since the definition of the conventional packet encoding is completely dependent on the vehicle manufacturer, and no related application layer protocol limits the effective range of the data and the relationship between data bytes, the conventional packet test data can be generated by adopting a variation-based method. And because the conventional packet test data is from the legal data transmitted by the legal ECU in the vehicle in the CAN network in real time, the generated fuzz test data (the conventional packet test data) CAN be closer to the real data, the deception of the test data is improved, and the result of the fuzz test is more accurate.
More specifically, the functional blocks of the conventional packet test data generator 310 are shown in the following table:
| submodule | Function(s) | Value range |
| Fuzz_recv | Receiving legal data for mutation | —— |
| Fuzz_site | Determining the first position of variant data | site=[0,7] |
| Fuzz_len | Determining byte length of variant data | len=[1,8-site] |
| Fuzz_gen | Generating random data | data=[0x00,0xff] |
That is, the regular packet test data generator 310 includes sub-modules, such as Fuzz _ recv, Fuzz _ site, Fuzz _ len, and Fuzz _ gen. After receiving legal data from the CAN network using the Fuzz _ recv module, the Fuzz _ site module is first called to randomly generate a random number site of 0 to 7 for determining the head position of the variant data. And then calling a fuzzy _ Len module to randomly generate a variant byte length Len within a boundary range, wherein the minimum value of the Len is 1 and the maximum value is limited by the difference between the maximum length 8 of a frame of CAN DATA (the format example of a CAN DATA standard frame: ECUID:0x030 DATA:0x 800 x 000 x 210 x 000 x 000 x 920 x04 Len:08) and the first position site of the variant, namely the boundary range is [1,8-site ], because at least one byte is variant. And finally, sequentially generating random data of corresponding positions and lengths by a fuzzy _ gen module, and finally generating the test data of the conventional packet.
Because the diagnostic data packet strictly follows the UDS diagnostic protocol, the UDS diagnostic protocol specifies that the first byte of the data frame is the effective length of the data frame, the second byte is the main service, the third byte is the sub-function, the definition of the first three bytes has already been defined into the effective range, if a complete random number generation method is adopted, the generated fuzzy test data CAN fall outside the effective range, and the vehicle CAN network CAN make a uniform rejection response to the diagnostic data packet beyond the range in most cases, so that the efficiency of the fuzzy test CAN be obviously reduced. Therefore, in the present embodiment, unlike the conventional packet test data that starts with a legal input, the diagnostic packet test data generator 320 creates a partial valid input from the beginning by knowing the bytes, the data type, the valid value, and the relationship between the bytes and other bytes of the UDS diagnostic protocol, and thus avoids the problem that the fuzzy test data (diagnostic packet test data) generated in a random generation manner falls outside the valid range, and improves the test efficiency. Furthermore, since diagnostic packets are normally not present in the CAN network, which are only derived from the session between the diagnostic tool and the ECU, it is impractical to collect a large number of diagnostic packets from the vehicle itself for mutation, as is the generation of regular packet test data for regular packets.
To meet different requirements, a plurality of diagnostic services are specified in ISO14229-1, with a one-to-one correspondence between each service ID and service function. In the present embodiment, the diagnostic packet test data generator 320 generates the diagnostic packet test data conforming to the unified diagnostic service table based on the unified diagnostic service table (the relationship table of the main service ID, the sub-function ID and the service function which prescribes the UDS diagnostic protocol). Therefore, the validity of the test data CAN be ensured, the generation of invalid service or sub-functions which do not exist under the service CAN be avoided, the interference of the test data of the diagnosis packet to the CAN network is improved, and the test efficiency CAN be improved.
Specifically, the functional blocks of the diagnostic package test data generator 320 are shown in the following table:
that is, the diagnostic packet test data generator 320 includes sub-modules such as Fuzz _ Length, Fuzz _ Service, Fuzz _ SubService, and Fuzz _ AddByte. In the diagnostic packet test data generator 320, first, the 0 th Byte data (Byte0) of the Fuzz _ Length test data is called to generate the test data, which represents the valid Byte of the requested service, and since it occupies one Byte, the maximum valid Length is 0x07, and the main service and the sub-function each occupy one Byte, the valid Length is at least 0x 02. The fuzzy _ Service is used for generating a request main Service, and the fuzzy _ sub Service is used for generating a corresponding sub function. Since the main service code specified in the UDS diagnostic protocol is not numerically completely continuous and the sub-functions are completely dependent on the main service, the range of sub-functions under different main services is different, and the use of a random generation method will result in an invalid service or a sub-function that does not exist under the service; therefore, in this embodiment, Fuzz _ Service and Fuzz _ sub Service use table lookup (unified diagnostic Service table) to generate the main Service byte and the sub-function byte. The bytes (Byte 3-Byte 7) following the sub-function represent the specific function that the request service requires to implement, and the encoding of the data depends on the vehicle manufacturer definition, and thus is randomly generated by the fuzzy _ AddByte module.
Referring to fig. 4, the present invention also discloses an electronic device 400, which includes one or more processors 410 and a memory 420, wherein the memory 420 is used for storing one or more computer programs, such as a vehicle CAN bus fuzz test program. The vehicle CAN bus fuzz testing method described above is performed when one or more computer programs are executed by the one or more processors 410. Specifically, the electronic device 400 may be any computing device with data processing capability, such as a desktop computer, a notebook computer, and the like, and the electronic device 400 is not limited to include the processor 410 and the memory 420. Those skilled in the art will appreciate that the schematic diagram shown in fig. 4 is merely an example of the electronic device 400, and does not constitute a limitation of the electronic device 400, and may include more or less components than those shown, or combine certain components, or different components, such as may also include input-output devices, network access devices, buses, and the like.
Accordingly, the present invention also relates to a computer-readable storage medium storing a computer program, which when executed by the processor 410, performs the vehicle CAN bus fuzz testing method in the above embodiments. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable storage medium may include: any entity or device capable of carrying computer program code, recording medium, U.S. disk, removable hard disk, magnetic disk, optical disk, computer memory, Read Only Memory (ROM), Random Access Memory (RAM), or the like.
In the following, taking an actual vehicle as an example, the execution steps in the fuzzy test process are described:
first, connecting to an OBD interface of a vehicle using a data transceiver to access a CAN network of the vehicle; then, the regular package test data generator 310 and the diagnostic package test data generator 320 are driven to work at the same time, and the generated fuzzy test data (the regular package test data and the diagnostic package test data) are sent to the CAN network of the vehicle and are recorded and saved to a file at the same time; meanwhile, the drive monitor 340 acquires the response of the data layer of the CAN network to the test data in real time to evaluate the potential threat of the fuzzy test to the network system program, and meanwhile, the abnormal response of the vehicle body CAN be observed at the same time to evaluate the direct influence of the fuzzy test on the vehicle function.
The present invention has been described in connection with the preferred embodiments, but the present invention is not limited to the embodiments disclosed above, and is intended to cover various modifications, equivalent combinations, which are made in accordance with the spirit of the present invention.
Claims (10)
1. A vehicle CAN bus fuzzy test method is characterized by comprising the following steps:
generating regular packet test data for regular data packets: legal data transmitted by a vehicle ECU on a CAN bus is obtained, and fuzzy variation is carried out on the legal data based on a fuzzy test principle to generate the conventional packet test data;
Generating diagnostic packet test data for the diagnostic data packet: generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and a fuzzy test principle;
and sending the test data of the conventional packet and the test data of the diagnosis packet to a tested CAN bus.
2. The vehicle CAN bus fuzz testing method of claim 1, wherein the fuzz mutation of the legal data based on the fuzz testing principle comprises at least one of deleting partial bytes, adding partial bytes, and changing partial bytes of the legal data.
3. The vehicle CAN bus fuzzy test method according to claim 1, wherein said "generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and the fuzzy test principle" is specifically:
and generating diagnosis packet test data conforming to the unified diagnosis service table based on the unified diagnosis service table.
4. The vehicle CAN bus fuzzy test method according to claim 1, wherein while transmitting the regular packet test data and/or the diagnosis packet test data to the CAN bus under test, the data layer of the CAN bus is monitored in real time to obtain the abnormality of the CAN bus.
5. A vehicle CAN bus fuzz testing system, comprising:
a regular packet test data generator for generating regular packet test data for a regular data packet, which performs: legal data transmitted by a vehicle ECU on a CAN bus is obtained, and fuzzy variation is carried out on the legal data based on a fuzzy test principle to generate the conventional packet test data;
a diagnostic packet test data generator for generating diagnostic packet test data for the diagnostic data packet, which performs: generating diagnostic packet test data conforming to the UDS diagnostic protocol based on the UDS diagnostic protocol and a fuzzy test principle; and
and the data sending module is used for sending the conventional packet test data and the diagnosis packet test data to the tested CAN bus.
6. The vehicle CAN bus fuzz testing system of claim 5, wherein the regular packet test data generator fuzz-mutating the legal data includes at least one of deleting partial bytes, adding partial bytes, changing partial bytes of the legal data.
7. The vehicle CAN bus fuzz testing system of claim 5, wherein the diagnostic packet test data generator generates diagnostic packet test data that conforms to a unified diagnostic service table based on the unified diagnostic service table.
8. The vehicle CAN bus fuzz testing system of claim 5, further comprising a monitor to monitor a data layer of a CAN bus in real time to obtain an anomaly of the CAN bus while the regular packet test data and/or the diagnostic packet test data is sent to the CAN bus under test.
9. An electronic device, comprising:
one or more processors;
a memory for storing one or more computer programs,
the vehicle CAN bus fuzz testing method of any of claims 1 to 4 when executed by the one or more processors.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program executable by a processor to perform the vehicle CAN bus fuzz testing method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010639434.1A CN111865743A (en) | 2020-07-03 | 2020-07-03 | Vehicle CAN bus fuzzy test method, system, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010639434.1A CN111865743A (en) | 2020-07-03 | 2020-07-03 | Vehicle CAN bus fuzzy test method, system, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111865743A true CN111865743A (en) | 2020-10-30 |
Family
ID=73152183
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010639434.1A Pending CN111865743A (en) | 2020-07-03 | 2020-07-03 | Vehicle CAN bus fuzzy test method, system, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111865743A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112105042A (en) * | 2020-11-02 | 2020-12-18 | 深圳开源互联网安全技术有限公司 | Fuzzy test and signal connection method, system and equipment based on wireless network |
| CN112532716A (en) * | 2020-11-25 | 2021-03-19 | 中国人民解放军陆军军事交通学院军事交通运输研究所 | Vehicle ECU safety test method and device |
| CN113194497A (en) * | 2021-03-12 | 2021-07-30 | 深圳开源互联网安全技术有限公司 | Wifi packet sending method and device in fuzzy test and storage medium |
| CN113268430A (en) * | 2021-06-17 | 2021-08-17 | 北京邮电大学 | CAN bus fuzzy test method based on data analysis |
| CN113872985A (en) * | 2021-10-14 | 2021-12-31 | 重庆邮电大学 | Fuzzy test method, terminal and computer equipment for vehicle-mounted CAN bus |
| CN114338451A (en) * | 2021-12-31 | 2022-04-12 | 武汉思普崚技术有限公司 | Controller local area network bus test system, method and storage medium |
| CN115550228A (en) * | 2022-08-23 | 2022-12-30 | 深圳开源互联网安全技术有限公司 | Internet of vehicles bus communication network test method and system |
| CN116668175A (en) * | 2023-06-30 | 2023-08-29 | 重庆大学 | New energy automobile operating system |
| CN116684185A (en) * | 2023-06-30 | 2023-09-01 | 中汽院新能源科技有限公司 | Automatic road condition data synthesizing method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109240278A (en) * | 2018-11-16 | 2019-01-18 | 上海元城汽车技术有限公司 | Automated diagnostic method, apparatus and system |
| CN110007658A (en) * | 2019-03-12 | 2019-07-12 | 百度在线网络技术(北京)有限公司 | The method for monitoring abnormality and device of vehicle CAN bus |
| CN110191019A (en) * | 2019-05-28 | 2019-08-30 | 北京百度网讯科技有限公司 | Test method, device, computer equipment and the storage medium of vehicle CAN bus |
| CN110191018A (en) * | 2019-05-28 | 2019-08-30 | 百度在线网络技术(北京)有限公司 | Method for monitoring abnormality, device and the computer equipment of vehicle CAN bus |
| CN110191021A (en) * | 2019-05-29 | 2019-08-30 | 北京百度网讯科技有限公司 | A kind of protocol testing method, device, electronic equipment and storage medium |
-
2020
- 2020-07-03 CN CN202010639434.1A patent/CN111865743A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109240278A (en) * | 2018-11-16 | 2019-01-18 | 上海元城汽车技术有限公司 | Automated diagnostic method, apparatus and system |
| CN110007658A (en) * | 2019-03-12 | 2019-07-12 | 百度在线网络技术(北京)有限公司 | The method for monitoring abnormality and device of vehicle CAN bus |
| CN110191019A (en) * | 2019-05-28 | 2019-08-30 | 北京百度网讯科技有限公司 | Test method, device, computer equipment and the storage medium of vehicle CAN bus |
| CN110191018A (en) * | 2019-05-28 | 2019-08-30 | 百度在线网络技术(北京)有限公司 | Method for monitoring abnormality, device and the computer equipment of vehicle CAN bus |
| CN110191021A (en) * | 2019-05-29 | 2019-08-30 | 北京百度网讯科技有限公司 | A kind of protocol testing method, device, electronic equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 黄涛: ""基于模糊测试的车控网络漏洞挖掘技术研究与实现"", 《中国优秀博硕士学位论文全文数据库(硕士)工程科技Ⅱ辑》 * |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112105042A (en) * | 2020-11-02 | 2020-12-18 | 深圳开源互联网安全技术有限公司 | Fuzzy test and signal connection method, system and equipment based on wireless network |
| CN112532716A (en) * | 2020-11-25 | 2021-03-19 | 中国人民解放军陆军军事交通学院军事交通运输研究所 | Vehicle ECU safety test method and device |
| CN113194497A (en) * | 2021-03-12 | 2021-07-30 | 深圳开源互联网安全技术有限公司 | Wifi packet sending method and device in fuzzy test and storage medium |
| CN113268430A (en) * | 2021-06-17 | 2021-08-17 | 北京邮电大学 | CAN bus fuzzy test method based on data analysis |
| CN113872985A (en) * | 2021-10-14 | 2021-12-31 | 重庆邮电大学 | Fuzzy test method, terminal and computer equipment for vehicle-mounted CAN bus |
| CN113872985B (en) * | 2021-10-14 | 2023-07-18 | 重庆邮电大学 | Fuzzy test method, terminal and computer equipment for vehicle-mounted CAN bus |
| CN114338451A (en) * | 2021-12-31 | 2022-04-12 | 武汉思普崚技术有限公司 | Controller local area network bus test system, method and storage medium |
| CN114338451B (en) * | 2021-12-31 | 2023-10-13 | 武汉思普崚技术有限公司 | Controller local area network bus test system, method and storage medium |
| CN115550228A (en) * | 2022-08-23 | 2022-12-30 | 深圳开源互联网安全技术有限公司 | Internet of vehicles bus communication network test method and system |
| CN116668175A (en) * | 2023-06-30 | 2023-08-29 | 重庆大学 | New energy automobile operating system |
| CN116684185A (en) * | 2023-06-30 | 2023-09-01 | 中汽院新能源科技有限公司 | Automatic road condition data synthesizing method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111865743A (en) | Vehicle CAN bus fuzzy test method, system, electronic equipment and storage medium | |
| Wang et al. | An entropy analysis based intrusion detection system for controller area network in vehicles | |
| EP3982587A1 (en) | Authentication method, device, and system | |
| CN112640365B (en) | Controller area network CAN bus secure communication method and device | |
| CN111538312B (en) | Vehicle remote diagnosis method, system, equipment connector and vehicle connector | |
| CN113608483B (en) | Method for acquiring vehicle signal value, electronic equipment and electronic control unit | |
| CN109885037B (en) | Vehicle diagnosis method and related equipment | |
| Xiong et al. | Threat Modeling and Attack Simulations of Connected Vehicles: A Research Outlook. | |
| Jichici et al. | Effective intrusion detection and prevention for the commercial vehicle SAE J1939 CAN bus | |
| CN110730091A (en) | Automobile data processing method and device | |
| Costantino et al. | CANDY CREAM-hacking infotainment android systems to command instrument cluster via can data frame | |
| CN112513850A (en) | Electronic control unit and data access method and device thereof | |
| CN115603975B (en) | Message intrusion detection method and device, electronic equipment and storage medium | |
| Murvay et al. | Development of an AUTOSAR compliant cryptographic library on state-of-the-art automotive grade controllers | |
| CN112417407A (en) | Data authorization processing method, device, equipment and storage medium | |
| CN111917692A (en) | Fuzzy test method, device, equipment and computer readable storage medium | |
| CN110752917A (en) | Vehicle access control method, device and system | |
| CN115801375A (en) | Penetration test system and method for vehicle-mounted CAN/CAN FD bus | |
| CN109951368B (en) | Anti-scanning method, device, equipment and storage medium for controller local area network | |
| US20230299967A9 (en) | Method for monitoring a network | |
| Zhong et al. | Security modeling and analysis on intra vehicular network | |
| CN114756585A (en) | Vehicle data acquisition method and device, electronic equipment and storage medium | |
| Liu et al. | Source identification from In-Vehicle CAN-FD signaling: what can we expect? | |
| KR20220016692A (en) | System for processing diagnosis message of vehicle and method thereof | |
| CN112738219B (en) | Program running method, program running device, vehicle and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20211230 Address after: 518000 401-405, building e, phase II, Xinghe world, Minle community, Minzhi street, Longhua District, Shenzhen, Guangdong Applicant after: SECZONE TECHNOLOGY Co.,Ltd. Applicant after: Open source network security Internet of things technology (Wuhan) Co.,Ltd. Applicant after: SHENZHEN MAINWAY TECHNOLOGY CO.,LTD. Address before: Unit KL, 6th floor, block B, building 7, Baoneng Science Park, Qinghu Industrial Park, Qingxiang Road, Longhua street, Longhua District, Shenzhen, Guangdong 518000 Applicant before: SECZONE TECHNOLOGY Co.,Ltd. Applicant before: Open source network security Internet of things technology (Wuhan) Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |
|
| RJ01 | Rejection of invention patent application after publication |