CN114422181A - Vehicle data message safety communication method - Google Patents
Vehicle data message safety communication method Download PDFInfo
- Publication number
- CN114422181A CN114422181A CN202111518234.1A CN202111518234A CN114422181A CN 114422181 A CN114422181 A CN 114422181A CN 202111518234 A CN202111518234 A CN 202111518234A CN 114422181 A CN114422181 A CN 114422181A
- Authority
- CN
- China
- Prior art keywords
- message
- ecu
- encryption
- time
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000004364 calculation method Methods 0.000 claims description 4
- PEDCQBHIVMGVHV-UHFFFAOYSA-N Glycerine Chemical compound OCC(O)CO PEDCQBHIVMGVHV-UHFFFAOYSA-N 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/16—Threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/32—Flow control; Congestion control by discarding or delaying data units, e.g. packets or frames
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
Abstract
The invention relates to a vehicle data message safety communication method, which is used for communication of an ECU of a vehicle, wherein the ECU of the vehicle is communicated through a communication bus, and the method comprises the following steps: acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprise encryption and decryption information of each ECU; when the ECU sends a message, encrypting the message according to the encryption and decryption information of the ECU sending the message to form a ciphertext, and sending the ciphertext to the ECU receiving the message through a bus; and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message. Compared with the prior art, the method has the advantages of effectively preventing the vehicle message from eavesdropping, replay attack and disguised attack.
Description
Technical Field
The invention relates to the field of vehicle communication, in particular to a vehicle data message safety communication method.
Background
The CAN (controller area network) bus is the most important application bus of the high-speed network of the current automobile, and the ECU (electronic control unit) related to power, body control, comfort and brake safety is connected on the CAN bus, so that once the CAN bus is attacked, the consequences CAN be imagined. The information security of the CAN bus is not considered from the beginning of design, a plurality of security holes exist, and the existing information security algorithm is difficult to directly apply due to the excessively short data field length. The CAN-FD inherits the main characteristics of the CAN bus, makes up the defects of the bandwidth and the data field length of the CAN bus, but still does not consider the information safety of the CAN-FD.
The method analyzes the vulnerabilities of CAN and CAN-FD bus protocols from the viewpoint of data security, and the authenticity, confidentiality, validity and non-repudiation of the information are not guaranteed except the integrity.
Authenticity: no sending address exists in CAN and CAN-FD bus messages, so that the user CAN not see who the messages are sent, any ECU on the bus CAN send the same ID, and the receiving ECU CAN not confirm the authenticity of the received messages, so that the attack module CAN completely pretend to send the messages with certain ID.
Confidentiality: the CAN and CAN-FD bus messages are transmitted in a plaintext mode without any encryption, all ECUs on the bus CAN receive the messages at the same time without confidentiality, and an attack module CAN monitor all original messages on the bus in real time.
Effectiveness: the CAN and CAN-FD bus messages do not contain time marks or ordinal marks, and the receiving ECU cannot judge whether the received messages belong to messages in an effective time period.
Non-repudiation: since the message does not have any identity, no ECU can prove that it has sent a certain message or received a certain message.
According to the loopholes of the CAN and the CAN-FD, the CAN and the CAN-FD buses are easy to attack in the following modes:
(1) eavesdropping
The attack module can collect and store data on the bus in real time, and then analyzes the message protocol of the whole vehicle through actual vehicle operation and corresponding message data change. If the door is manually opened or closed in a static state, the corresponding relation between the door and the door is found according to the data change of the message. It is still relatively easy to analyze a small part of message protocols, but hard reverse analysis is needed to analyze the workload of the control logic of the whole vehicle. Different automobile manufacturers have different message protocols, which are the most important CAN bus information security defense means in the hands of the current automobile manufacturers, but once the message protocols are reversely analyzed, the loss of a certain automobile manufacturer is huge because the message protocols contain a large amount of control logic and technical parameters.
(2) Camouflage
Because only ID is in the CAN bus message and no sending address and receiving address are available, the attack module CAN forge and send a certain ID. Too many ECUs are connected to the vehicle-mounted CAN bus, including ECUs related to power, body, comfort, brake safety and other systems, such as BMS, VCU, ABS and the like, so that once an attack module falsely sends an ID related to power or brake safety, a control conflict is brought to normal operation and brake safety, and a major traffic safety accident is caused.
(3) Playback of video
Because the message has no time mark or ordinal number, the receiving ECU can not judge whether the received message is sent in an effective time period, so that the attack module can collect the message in the previous time period and then play back to the bus in the next time period, which conflicts with the real-time control, and the severity is not different from the disguised message.
Disclosure of Invention
The present invention is directed to a method for secure communication of vehicle data messages, which overcomes the above-mentioned drawbacks of the prior art.
The purpose of the invention can be realized by the following technical scheme:
a vehicle data message security communication method for communication of ECUs of a vehicle, the ECUs of the vehicle communicating through a communication bus, the method comprising the steps of:
acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprise encryption and decryption information of each ECU;
when the ECU sends a message, encrypting the message according to the encryption and decryption information of the ECU sending the message to form a ciphertext, and sending the ciphertext to the ECU receiving the message through a bus;
and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message.
Preferably, the encryption and decryption information includes a source address, an identifier, a key seed and a key.
Preferably, the communication bus is a CAN bus or a CAN-FD bus.
Preferably, the data segment of the message includes a source address segment, a time segment, an identification segment, and an information segment,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the time period comprises the sending time information of the message;
the identification section comprises identification information of the ECU which sends the message;
the information segment comprises message information of the message.
Preferably, the data frame of the message is 64 bytes, the source address field occupies 1 byte, the time period occupies 7 bytes, the identification field occupies 2 bytes, and the message field occupies 54 bytes.
Preferably, the data segment of the ciphertext comprises a source address segment and a ciphertext segment,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the ciphertext segment comprises ciphertext data obtained by performing encryption calculation on the message segment according to the encryption and decryption information.
Preferably, the data frame of the ciphertext is 64 bytes, the source address segment occupies 1 byte, and the ciphertext segment occupies 63 bytes.
Preferably, the communication method further comprises the following steps:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; and if the number is smaller than the preset value, receiving the message.
Preferably, the real-time obtaining method is as follows:
the vehicle communication module acquires the current time and sends the current time to the vehicle gateway, the vehicle gateway randomly sends a group of key seeds to all the ECUs, and the ECUs write the key seeds into the encryption and decryption data and start real-time timing according to the time signals.
Preferably, it is as described. The communication method further comprises the following steps:
when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message.
Compared with the prior art, the invention has the following advantages:
(1) according to the invention, the ECU message is encrypted to form a ciphertext to be communicated on the bus, the interception risk is effectively avoided by using a ciphertext transmission mode, the hardware of the vehicle is not required to be modified, the encryption and decryption data of the ciphertext can be periodically modified according to the requirement, the decryption is avoided, and the safety performance of vehicle information communication is effectively improved;
(2) the message information comprises the time period mark, so that the time for sending the message and the time for receiving the message can be compared, the message exceeding a time threshold value is discarded and an alarm is given, playback attack is effectively avoided, the anti-attack capability of communication is improved, and the safety performance of vehicle information communication is improved;
(3) the encryption and decryption data containing the encryption and decryption information of each ECU are stored in each ECU, when the message is received, the message identification can be compared, the message with inconsistent comparison is discarded, and a disguised alarm is sent out, so that the anti-attack capability of communication is improved, and the safety performance of vehicle information communication is improved.
Drawings
FIG. 1 is a flowchart of example 1 of the present invention;
FIG. 2 is a flowchart of example 2 of the present invention;
FIG. 3 is a flowchart of embodiment 3 of the present invention;
FIG. 4 is a flowchart of embodiment 4 of the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments. Note that the following description of the embodiments is merely a substantial example, and the present invention is not intended to be limited to the application or the use thereof, and is not limited to the following embodiments.
Example 1
A vehicle data message security communication method for communication of ECUs of a vehicle, the ECUs of the vehicle being communicated through a communication bus, as shown in fig. 1, the communication method comprising the steps of:
s1: and acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprises encryption and decryption information of each ECU.
Each ECU is distributed with corresponding encryption and decryption information, wherein the encryption and decryption information comprises a source address, an identifier, a key seed and a key. In this embodiment, the communication bus is a CAN-FD bus, and the corresponding data frames are shown in table 1 below,
TABLE 1 data segment partitioning of CAN-FD data frames
Source address | Time period | Identification segment | Message segment |
1 byte | 7 bytes | 2 bytes | 54 bytes |
Correspondingly, the data segment of the message of the embodiment comprises a source address segment, a time segment, an identification segment and an information segment, and the data content of the source address segment comprises source address information of the ECU sending the message; the data content of the time period comprises the sending time information of the message; the data content of the identification section comprises identification information of the ECU sending the message; the data content of the information segment includes a message of the message. Corresponding to the CAN-FD, the data frame of the message is 64 bytes, the source address field occupies 1 byte, the time period occupies 7 bytes, the identification field occupies 2 bytes, and the message field occupies 54 bytes.
In this embodiment, the encryption and decryption data are shown in table 2, and each ECU allocates one corresponding piece of encryption and decryption information.
TABLE 2 encryption/decryption data sheet
ECU | Source address | Identification | Key seed | Secret key |
ECU1 | SA1 | B1 | Ke1? | Kkey1 |
ECU2 | SA2 | B2 | Ke2? | Kkey2 |
ECU3 | SA3 | B3 | Ke3? | Kkey3 |
ECU4 | SA4 | B4 | Ke4? | Kkey4 |
ECU5 | SA5 | B5 | Ke5? | Kkey5 |
ECU6 | SA6 | B6 | Ke6? | Kkey6 |
ECU7 | SA7 | B7 | Ke7? | Kkey7 |
… | … | … | … | … |
ECUn | SAn | Bn | Ken? | Kkeyn |
S2: when the ECU sends a message, the message is encrypted to form a ciphertext according to the encryption and decryption information of the ECU sending the message, and the ciphertext is sent to the ECU receiving the message through a bus.
In this embodiment, as shown in table 3, the data segment of the ciphertext includes a source address segment and a ciphertext segment, and the source address segment includes source address information of the ECU that sends the message; the ciphertext segment comprises ciphertext data obtained by carrying out encryption calculation on the message segment according to the encryption and decryption information, the data frame of the ciphertext is 64 bytes, the source address segment occupies 1 byte, and the ciphertext segment occupies 63 bytes. And during encryption, carrying out encryption calculation on the time segment, the identification segment and the message segment according to the source address, the identification, the key seed and the key of the ECU which sends the message in the encryption and decryption data table to obtain a ciphertext. Because the cipher text is transmitted on the bus, the interception of the signal by an external node can be effectively prevented.
TABLE 3 ciphertext data segment
Source address field | Cipher text section |
1 byte | 63 bytes |
S3: and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message. Specifically, after receiving the ciphertext, other ECUs on the CAN-FD bus translate the ciphertext into the plaintext as shown in table 4 below according to the data of the source address field and the ECU source address, the identification, the key seed and the key.
TABLE 4 plaintext data segments
Example 2
The present embodiment is different from embodiment 1 in that, as shown in fig. 2, the method further includes step S4:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; and if the number is smaller than the preset value, receiving the message.
The real-time acquisition mode is as follows:
the communication module of the vehicle acquires the current time and sends the current time to the vehicle gateway, the vehicle gateway randomly sends a group of key seeds to all the ECUs, and the ECU writes the key seeds into the encryption and decryption data and starts real-time timing according to the time signals.
Specifically, in this embodiment, the vehicle gateway may be connected to all CAN-FD modules of the vehicle, a module with 4G communication may be provided in the vehicle, after the vehicle is powered on, the module with 4G communication sends the current beijing time (accurate to milliseconds) to the gateway, the gateway sends the received beijing time signal and randomly sends a group of key seeds to all ECUs of the vehicle, all ECUs of the vehicle write the key seeds into their ECU source addresses, identifiers, key seeds and keys, and start timing the received time signal, where the timing time is real-time.
All ECUs on the CAN-FD bus start timing after receiving time signals sent by the gateway, and filling is needed according to the timing when each ECU sends messages. When receiving the message, the ECU compares the time of the time period with the real-time, the time threshold value of the embodiment is 1s, if the error is within 1s, the message is received, otherwise, the message is discarded, and the replay attack alarm is sent out, so that the replay attack can be effectively prevented. The byte format of the time period is shown in Table 5
TABLE 5 byte format for time periods
Year of year | Moon cake | Day(s) | Time of flight | Is divided into | Second of | Millisecond (ms) |
1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte |
Example 3
The present embodiment is different from embodiment 1 in that, as shown in fig. 3, the method further includes step S4:
when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message. Specifically, the receiving ECU finds corresponding identification parameters in the ECU source address, the identification, the key seed and the key of the receiving ECU through the source address section parameters, and compares the identification parameters with the identification parameters in the plain text to see whether the identification parameters are the same or not, if the identification parameters are not the same, the signal is possibly disguised, the signal is discarded, and a disguised alarm is sent out.
Example 4
The present embodiment is different from embodiment 1 in that, as shown in fig. 4, the method further includes step S4:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; if yes, go to step S5;
s5: when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message.
The above embodiments are merely examples and do not limit the scope of the present invention. These embodiments may be implemented in other various manners, and various omissions, substitutions, and changes may be made without departing from the technical spirit of the present invention.
Claims (10)
1. A vehicle data message secure communication method for communication of an ECU of a vehicle, the ECU of the vehicle communicating through a communication bus, the method comprising:
acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprise encryption and decryption information of each ECU;
when the ECU sends a message, encrypting the message according to the encryption and decryption information of the ECU sending the message to form a ciphertext, and sending the ciphertext to the ECU receiving the message through a bus;
and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message.
2. The method of claim 1, wherein the encryption/decryption information comprises a source address, an identifier, a key seed, and a key.
3. The method as claimed in claim 1, wherein the communication bus is a CAN bus or a CAN-FD bus.
4. The vehicle data message security communication method of claim 1, wherein the data section of the message comprises a source address section, a time section, an identification section, and an information section,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the time period comprises the sending time information of the message;
the identification section comprises identification information of the ECU sending the message;
the information segment includes a message of the message.
5. The method of claim 4, wherein the data frame of the message is 64 bytes, the source address field is 1 byte, the time period is 7 bytes, the identification field is 2 bytes, and the message field is 54 bytes.
6. The vehicle data message security communication method of claim 1, wherein the data segment of the message comprises a source address segment and a message segment,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the ciphertext segment comprises ciphertext data obtained by performing encryption calculation on the message segment according to the encryption and decryption information.
7. The vehicle data message security communication method of claim 1, wherein the data frame of the message is 64 bytes, the source address segment is 1 byte, and the message segment is 63 bytes.
8. The vehicle data message security communication method of claim 1, wherein said communication method further comprises the steps of:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; and if the number is smaller than the preset value, receiving the message.
9. The vehicle data message security communication method according to claim 6, wherein the real-time is obtained by:
the vehicle communication module acquires the current time and sends the current time to the vehicle gateway, the vehicle gateway sends a group of key seeds to all the ECUs randomly, and the ECU writes the key seeds into the encryption and decryption data and starts real-time counting according to the time signals.
10. The method of claim 1, wherein the vehicle data message is a vehicle data message. The communication method further comprises the following steps:
when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111518234.1A CN114422181A (en) | 2021-12-11 | 2021-12-11 | Vehicle data message safety communication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111518234.1A CN114422181A (en) | 2021-12-11 | 2021-12-11 | Vehicle data message safety communication method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114422181A true CN114422181A (en) | 2022-04-29 |
Family
ID=81264886
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111518234.1A Pending CN114422181A (en) | 2021-12-11 | 2021-12-11 | Vehicle data message safety communication method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114422181A (en) |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016075869A1 (en) * | 2014-11-13 | 2016-05-19 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ | Key management method, vehicle-mounted network system and key management device |
CN105897669A (en) * | 2015-11-11 | 2016-08-24 | 乐卡汽车智能科技(北京)有限公司 | Data sending method, data receiving method, sending terminal, receiving terminal and CAN bus network |
KR101705639B1 (en) * | 2016-10-24 | 2017-02-13 | 고려대학교 산학협력단 | Method for transmitting and receiving a message in a vehicle network system |
CN107454107A (en) * | 2017-09-15 | 2017-12-08 | 中国计量大学 | A kind of controller LAN automobile bus alarm gateway for detecting injection attack |
KR20190040714A (en) * | 2017-10-11 | 2019-04-19 | 현대자동차주식회사 | Method and system for ECU execution time monitoring and fault finding |
CH714535A2 (en) * | 2017-12-20 | 2019-06-28 | Univ Beihang | In-vehicle network intrusion detection method and system. |
CN110635893A (en) * | 2019-09-21 | 2019-12-31 | 吉林大学 | Vehicle-mounted Ethernet information security protection method |
CN111077883A (en) * | 2019-12-27 | 2020-04-28 | 国家计算机网络与信息安全管理中心 | Vehicle-mounted network safety protection method and device based on CAN bus |
CN111726274A (en) * | 2020-05-25 | 2020-09-29 | 武汉理工大学 | Automobile CAN bus data communication method, equipment and storage medium |
KR20210038851A (en) * | 2020-02-19 | 2021-04-08 | 베이징 바이두 넷컴 사이언스 테크놀로지 컴퍼니 리미티드 | In-vehicle electronic control unit upgrading method, device and equipment and vehicle system |
CN113162928A (en) * | 2021-04-19 | 2021-07-23 | 广州小鹏汽车科技有限公司 | Communication method, communication device, ECU, vehicle and storage medium |
-
2021
- 2021-12-11 CN CN202111518234.1A patent/CN114422181A/en active Pending
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016075869A1 (en) * | 2014-11-13 | 2016-05-19 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ | Key management method, vehicle-mounted network system and key management device |
CN105897669A (en) * | 2015-11-11 | 2016-08-24 | 乐卡汽车智能科技(北京)有限公司 | Data sending method, data receiving method, sending terminal, receiving terminal and CAN bus network |
KR101705639B1 (en) * | 2016-10-24 | 2017-02-13 | 고려대학교 산학협력단 | Method for transmitting and receiving a message in a vehicle network system |
CN107454107A (en) * | 2017-09-15 | 2017-12-08 | 中国计量大学 | A kind of controller LAN automobile bus alarm gateway for detecting injection attack |
KR20190040714A (en) * | 2017-10-11 | 2019-04-19 | 현대자동차주식회사 | Method and system for ECU execution time monitoring and fault finding |
CH714535A2 (en) * | 2017-12-20 | 2019-06-28 | Univ Beihang | In-vehicle network intrusion detection method and system. |
CN110635893A (en) * | 2019-09-21 | 2019-12-31 | 吉林大学 | Vehicle-mounted Ethernet information security protection method |
CN111077883A (en) * | 2019-12-27 | 2020-04-28 | 国家计算机网络与信息安全管理中心 | Vehicle-mounted network safety protection method and device based on CAN bus |
KR20210038851A (en) * | 2020-02-19 | 2021-04-08 | 베이징 바이두 넷컴 사이언스 테크놀로지 컴퍼니 리미티드 | In-vehicle electronic control unit upgrading method, device and equipment and vehicle system |
CN111726274A (en) * | 2020-05-25 | 2020-09-29 | 武汉理工大学 | Automobile CAN bus data communication method, equipment and storage medium |
CN113162928A (en) * | 2021-04-19 | 2021-07-23 | 广州小鹏汽车科技有限公司 | Communication method, communication device, ECU, vehicle and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Radu et al. | Leia: Al ightweight auth e nticat i on protocol for can | |
CN110635893B (en) | Vehicle-mounted Ethernet information security protection method | |
Hazem et al. | Lcap-a lightweight can authentication protocol for securing in-vehicle networks | |
Murvay et al. | Security shortcomings and countermeasures for the SAE J1939 commercial vehicle bus protocol | |
Haas et al. | Design and analysis of a lightweight certificate revocation mechanism for VANET | |
US9992178B2 (en) | Method, apparatus and system for dynamically controlling secure vehicle communication based on ignition | |
EP1882346B1 (en) | Communication protocol and electronic communication system, in particular authentication control system, as well as corresponding method | |
DE102018216915A1 (en) | System and method for secure communications between controllers in a vehicle network | |
US8577036B2 (en) | Method and device for transmitting messages in real time | |
US20170150361A1 (en) | Secure vehicle network architecture | |
CN106899404A (en) | Vehicle-mounted CAN FD bus communication systems and method based on wildcard | |
DE102018100157A1 (en) | Method and apparatus for decryption, encryption and authentication | |
CN105897819A (en) | Data communication method and system and gateway applied to in-vehicle network comprising multiple sub-networks | |
CN111049803A (en) | Data encryption and platform security access method based on vehicle-mounted CAN bus communication system | |
Schmandt et al. | Mini-MAC: Raising the bar for vehicular security with a lightweight message authentication protocol | |
CN112688845A (en) | Communication method and device of vehicle-mounted CAN network | |
Püllen et al. | Using implicit certification to efficiently establish authenticated group keys for in-vehicle networks | |
Püllen et al. | Security and safety co-engineering of the flexray bus in vehicular networks | |
Agrawal et al. | CAN-FD-Sec: improving security of CAN-FD protocol | |
Hartzell et al. | Security analysis of an automobile controller area network bus | |
KR20130021157A (en) | Data certification and acquisition method and system for vehicle | |
CN113938304B (en) | CAN bus-based data encryption transmission method | |
CN110764802A (en) | Front-mounted vehicle-mounted unit | |
EP3713190B1 (en) | Secure bridging of controller area network buses | |
CN114422181A (en) | Vehicle data message safety communication method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 310051 No. 1760, Jiangling Road, Hangzhou, Zhejiang, Binjiang District Applicant after: ZHEJIANG GEELY HOLDING GROUP Co.,Ltd. Applicant after: Zhejiang Yizhen Automobile Research and Development Co.,Ltd. Address before: 310051 No. 1760, Jiangling Road, Hangzhou, Zhejiang, Binjiang District Applicant before: ZHEJIANG GEELY HOLDING GROUP Co.,Ltd. Applicant before: Zhejiang Yinglun electric vehicle research and Development Co.,Ltd. |
|
CB02 | Change of applicant information |