CN114422181A - Vehicle data message safety communication method - Google Patents

Vehicle data message safety communication method Download PDF

Info

Publication number
CN114422181A
CN114422181A CN202111518234.1A CN202111518234A CN114422181A CN 114422181 A CN114422181 A CN 114422181A CN 202111518234 A CN202111518234 A CN 202111518234A CN 114422181 A CN114422181 A CN 114422181A
Authority
CN
China
Prior art keywords
message
ecu
encryption
time
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111518234.1A
Other languages
Chinese (zh)
Inventor
王向辉
潘利辉
康鹏
潘亚宁
宋慧慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Geely Holding Group Co Ltd
Zhejiang LEVC R&D Co Ltd
Original Assignee
Zhejiang Geely Holding Group Co Ltd
Zhejiang LEVC R&D Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Geely Holding Group Co Ltd, Zhejiang LEVC R&D Co Ltd filed Critical Zhejiang Geely Holding Group Co Ltd
Priority to CN202111518234.1A priority Critical patent/CN114422181A/en
Publication of CN114422181A publication Critical patent/CN114422181A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/32Flow control; Congestion control by discarding or delaying data units, e.g. packets or frames
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN

Abstract

The invention relates to a vehicle data message safety communication method, which is used for communication of an ECU of a vehicle, wherein the ECU of the vehicle is communicated through a communication bus, and the method comprises the following steps: acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprise encryption and decryption information of each ECU; when the ECU sends a message, encrypting the message according to the encryption and decryption information of the ECU sending the message to form a ciphertext, and sending the ciphertext to the ECU receiving the message through a bus; and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message. Compared with the prior art, the method has the advantages of effectively preventing the vehicle message from eavesdropping, replay attack and disguised attack.

Description

Vehicle data message safety communication method
Technical Field
The invention relates to the field of vehicle communication, in particular to a vehicle data message safety communication method.
Background
The CAN (controller area network) bus is the most important application bus of the high-speed network of the current automobile, and the ECU (electronic control unit) related to power, body control, comfort and brake safety is connected on the CAN bus, so that once the CAN bus is attacked, the consequences CAN be imagined. The information security of the CAN bus is not considered from the beginning of design, a plurality of security holes exist, and the existing information security algorithm is difficult to directly apply due to the excessively short data field length. The CAN-FD inherits the main characteristics of the CAN bus, makes up the defects of the bandwidth and the data field length of the CAN bus, but still does not consider the information safety of the CAN-FD.
The method analyzes the vulnerabilities of CAN and CAN-FD bus protocols from the viewpoint of data security, and the authenticity, confidentiality, validity and non-repudiation of the information are not guaranteed except the integrity.
Authenticity: no sending address exists in CAN and CAN-FD bus messages, so that the user CAN not see who the messages are sent, any ECU on the bus CAN send the same ID, and the receiving ECU CAN not confirm the authenticity of the received messages, so that the attack module CAN completely pretend to send the messages with certain ID.
Confidentiality: the CAN and CAN-FD bus messages are transmitted in a plaintext mode without any encryption, all ECUs on the bus CAN receive the messages at the same time without confidentiality, and an attack module CAN monitor all original messages on the bus in real time.
Effectiveness: the CAN and CAN-FD bus messages do not contain time marks or ordinal marks, and the receiving ECU cannot judge whether the received messages belong to messages in an effective time period.
Non-repudiation: since the message does not have any identity, no ECU can prove that it has sent a certain message or received a certain message.
According to the loopholes of the CAN and the CAN-FD, the CAN and the CAN-FD buses are easy to attack in the following modes:
(1) eavesdropping
The attack module can collect and store data on the bus in real time, and then analyzes the message protocol of the whole vehicle through actual vehicle operation and corresponding message data change. If the door is manually opened or closed in a static state, the corresponding relation between the door and the door is found according to the data change of the message. It is still relatively easy to analyze a small part of message protocols, but hard reverse analysis is needed to analyze the workload of the control logic of the whole vehicle. Different automobile manufacturers have different message protocols, which are the most important CAN bus information security defense means in the hands of the current automobile manufacturers, but once the message protocols are reversely analyzed, the loss of a certain automobile manufacturer is huge because the message protocols contain a large amount of control logic and technical parameters.
(2) Camouflage
Because only ID is in the CAN bus message and no sending address and receiving address are available, the attack module CAN forge and send a certain ID. Too many ECUs are connected to the vehicle-mounted CAN bus, including ECUs related to power, body, comfort, brake safety and other systems, such as BMS, VCU, ABS and the like, so that once an attack module falsely sends an ID related to power or brake safety, a control conflict is brought to normal operation and brake safety, and a major traffic safety accident is caused.
(3) Playback of video
Because the message has no time mark or ordinal number, the receiving ECU can not judge whether the received message is sent in an effective time period, so that the attack module can collect the message in the previous time period and then play back to the bus in the next time period, which conflicts with the real-time control, and the severity is not different from the disguised message.
Disclosure of Invention
The present invention is directed to a method for secure communication of vehicle data messages, which overcomes the above-mentioned drawbacks of the prior art.
The purpose of the invention can be realized by the following technical scheme:
a vehicle data message security communication method for communication of ECUs of a vehicle, the ECUs of the vehicle communicating through a communication bus, the method comprising the steps of:
acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprise encryption and decryption information of each ECU;
when the ECU sends a message, encrypting the message according to the encryption and decryption information of the ECU sending the message to form a ciphertext, and sending the ciphertext to the ECU receiving the message through a bus;
and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message.
Preferably, the encryption and decryption information includes a source address, an identifier, a key seed and a key.
Preferably, the communication bus is a CAN bus or a CAN-FD bus.
Preferably, the data segment of the message includes a source address segment, a time segment, an identification segment, and an information segment,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the time period comprises the sending time information of the message;
the identification section comprises identification information of the ECU which sends the message;
the information segment comprises message information of the message.
Preferably, the data frame of the message is 64 bytes, the source address field occupies 1 byte, the time period occupies 7 bytes, the identification field occupies 2 bytes, and the message field occupies 54 bytes.
Preferably, the data segment of the ciphertext comprises a source address segment and a ciphertext segment,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the ciphertext segment comprises ciphertext data obtained by performing encryption calculation on the message segment according to the encryption and decryption information.
Preferably, the data frame of the ciphertext is 64 bytes, the source address segment occupies 1 byte, and the ciphertext segment occupies 63 bytes.
Preferably, the communication method further comprises the following steps:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; and if the number is smaller than the preset value, receiving the message.
Preferably, the real-time obtaining method is as follows:
the vehicle communication module acquires the current time and sends the current time to the vehicle gateway, the vehicle gateway randomly sends a group of key seeds to all the ECUs, and the ECUs write the key seeds into the encryption and decryption data and start real-time timing according to the time signals.
Preferably, it is as described. The communication method further comprises the following steps:
when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message.
Compared with the prior art, the invention has the following advantages:
(1) according to the invention, the ECU message is encrypted to form a ciphertext to be communicated on the bus, the interception risk is effectively avoided by using a ciphertext transmission mode, the hardware of the vehicle is not required to be modified, the encryption and decryption data of the ciphertext can be periodically modified according to the requirement, the decryption is avoided, and the safety performance of vehicle information communication is effectively improved;
(2) the message information comprises the time period mark, so that the time for sending the message and the time for receiving the message can be compared, the message exceeding a time threshold value is discarded and an alarm is given, playback attack is effectively avoided, the anti-attack capability of communication is improved, and the safety performance of vehicle information communication is improved;
(3) the encryption and decryption data containing the encryption and decryption information of each ECU are stored in each ECU, when the message is received, the message identification can be compared, the message with inconsistent comparison is discarded, and a disguised alarm is sent out, so that the anti-attack capability of communication is improved, and the safety performance of vehicle information communication is improved.
Drawings
FIG. 1 is a flowchart of example 1 of the present invention;
FIG. 2 is a flowchart of example 2 of the present invention;
FIG. 3 is a flowchart of embodiment 3 of the present invention;
FIG. 4 is a flowchart of embodiment 4 of the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments. Note that the following description of the embodiments is merely a substantial example, and the present invention is not intended to be limited to the application or the use thereof, and is not limited to the following embodiments.
Example 1
A vehicle data message security communication method for communication of ECUs of a vehicle, the ECUs of the vehicle being communicated through a communication bus, as shown in fig. 1, the communication method comprising the steps of:
s1: and acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprises encryption and decryption information of each ECU.
Each ECU is distributed with corresponding encryption and decryption information, wherein the encryption and decryption information comprises a source address, an identifier, a key seed and a key. In this embodiment, the communication bus is a CAN-FD bus, and the corresponding data frames are shown in table 1 below,
TABLE 1 data segment partitioning of CAN-FD data frames
Source address Time period Identification segment Message segment
1 byte 7 bytes 2 bytes 54 bytes
Correspondingly, the data segment of the message of the embodiment comprises a source address segment, a time segment, an identification segment and an information segment, and the data content of the source address segment comprises source address information of the ECU sending the message; the data content of the time period comprises the sending time information of the message; the data content of the identification section comprises identification information of the ECU sending the message; the data content of the information segment includes a message of the message. Corresponding to the CAN-FD, the data frame of the message is 64 bytes, the source address field occupies 1 byte, the time period occupies 7 bytes, the identification field occupies 2 bytes, and the message field occupies 54 bytes.
In this embodiment, the encryption and decryption data are shown in table 2, and each ECU allocates one corresponding piece of encryption and decryption information.
TABLE 2 encryption/decryption data sheet
ECU Source address Identification Key seed Secret key
ECU1 SA1 B1 Ke1? Kkey1
ECU2 SA2 B2 Ke2? Kkey2
ECU3 SA3 B3 Ke3? Kkey3
ECU4 SA4 B4 Ke4? Kkey4
ECU5 SA5 B5 Ke5? Kkey5
ECU6 SA6 B6 Ke6? Kkey6
ECU7 SA7 B7 Ke7? Kkey7
ECUn SAn Bn Ken? Kkeyn
S2: when the ECU sends a message, the message is encrypted to form a ciphertext according to the encryption and decryption information of the ECU sending the message, and the ciphertext is sent to the ECU receiving the message through a bus.
In this embodiment, as shown in table 3, the data segment of the ciphertext includes a source address segment and a ciphertext segment, and the source address segment includes source address information of the ECU that sends the message; the ciphertext segment comprises ciphertext data obtained by carrying out encryption calculation on the message segment according to the encryption and decryption information, the data frame of the ciphertext is 64 bytes, the source address segment occupies 1 byte, and the ciphertext segment occupies 63 bytes. And during encryption, carrying out encryption calculation on the time segment, the identification segment and the message segment according to the source address, the identification, the key seed and the key of the ECU which sends the message in the encryption and decryption data table to obtain a ciphertext. Because the cipher text is transmitted on the bus, the interception of the signal by an external node can be effectively prevented.
TABLE 3 ciphertext data segment
Source address field Cipher text section
1 byte 63 bytes
S3: and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message. Specifically, after receiving the ciphertext, other ECUs on the CAN-FD bus translate the ciphertext into the plaintext as shown in table 4 below according to the data of the source address field and the ECU source address, the identification, the key seed and the key.
TABLE 4 plaintext data segments
Figure BDA0003405610720000061
Example 2
The present embodiment is different from embodiment 1 in that, as shown in fig. 2, the method further includes step S4:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; and if the number is smaller than the preset value, receiving the message.
The real-time acquisition mode is as follows:
the communication module of the vehicle acquires the current time and sends the current time to the vehicle gateway, the vehicle gateway randomly sends a group of key seeds to all the ECUs, and the ECU writes the key seeds into the encryption and decryption data and starts real-time timing according to the time signals.
Specifically, in this embodiment, the vehicle gateway may be connected to all CAN-FD modules of the vehicle, a module with 4G communication may be provided in the vehicle, after the vehicle is powered on, the module with 4G communication sends the current beijing time (accurate to milliseconds) to the gateway, the gateway sends the received beijing time signal and randomly sends a group of key seeds to all ECUs of the vehicle, all ECUs of the vehicle write the key seeds into their ECU source addresses, identifiers, key seeds and keys, and start timing the received time signal, where the timing time is real-time.
All ECUs on the CAN-FD bus start timing after receiving time signals sent by the gateway, and filling is needed according to the timing when each ECU sends messages. When receiving the message, the ECU compares the time of the time period with the real-time, the time threshold value of the embodiment is 1s, if the error is within 1s, the message is received, otherwise, the message is discarded, and the replay attack alarm is sent out, so that the replay attack can be effectively prevented. The byte format of the time period is shown in Table 5
TABLE 5 byte format for time periods
Year of year Moon cake Day(s) Time of flight Is divided into Second of Millisecond (ms)
1 byte 1 byte 1 byte 1 byte 1 byte 1 byte 1 byte
Example 3
The present embodiment is different from embodiment 1 in that, as shown in fig. 3, the method further includes step S4:
when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message. Specifically, the receiving ECU finds corresponding identification parameters in the ECU source address, the identification, the key seed and the key of the receiving ECU through the source address section parameters, and compares the identification parameters with the identification parameters in the plain text to see whether the identification parameters are the same or not, if the identification parameters are not the same, the signal is possibly disguised, the signal is discarded, and a disguised alarm is sent out.
Example 4
The present embodiment is different from embodiment 1 in that, as shown in fig. 4, the method further includes step S4:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; if yes, go to step S5;
s5: when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message.
The above embodiments are merely examples and do not limit the scope of the present invention. These embodiments may be implemented in other various manners, and various omissions, substitutions, and changes may be made without departing from the technical spirit of the present invention.

Claims (10)

1. A vehicle data message secure communication method for communication of an ECU of a vehicle, the ECU of the vehicle communicating through a communication bus, the method comprising:
acquiring encryption and decryption data, writing the encryption and decryption data into each ECU, wherein the encryption and decryption data comprise encryption and decryption information of each ECU;
when the ECU sends a message, encrypting the message according to the encryption and decryption information of the ECU sending the message to form a ciphertext, and sending the ciphertext to the ECU receiving the message through a bus;
and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message.
2. The method of claim 1, wherein the encryption/decryption information comprises a source address, an identifier, a key seed, and a key.
3. The method as claimed in claim 1, wherein the communication bus is a CAN bus or a CAN-FD bus.
4. The vehicle data message security communication method of claim 1, wherein the data section of the message comprises a source address section, a time section, an identification section, and an information section,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the time period comprises the sending time information of the message;
the identification section comprises identification information of the ECU sending the message;
the information segment includes a message of the message.
5. The method of claim 4, wherein the data frame of the message is 64 bytes, the source address field is 1 byte, the time period is 7 bytes, the identification field is 2 bytes, and the message field is 54 bytes.
6. The vehicle data message security communication method of claim 1, wherein the data segment of the message comprises a source address segment and a message segment,
the source address section comprises source address information of an ECU (electronic control unit) sending a message;
the ciphertext segment comprises ciphertext data obtained by performing encryption calculation on the message segment according to the encryption and decryption information.
7. The vehicle data message security communication method of claim 1, wherein the data frame of the message is 64 bytes, the source address segment is 1 byte, and the message segment is 63 bytes.
8. The vehicle data message security communication method of claim 1, wherein said communication method further comprises the steps of:
when the ECU receives the message, acquiring real-time, acquiring the time difference between the time information time of the time period in the plaintext message and the real-time, judging whether the time difference is greater than a preset time threshold value, and if so, discarding the message and sending a replay attack alarm; and if the number is smaller than the preset value, receiving the message.
9. The vehicle data message security communication method according to claim 6, wherein the real-time is obtained by:
the vehicle communication module acquires the current time and sends the current time to the vehicle gateway, the vehicle gateway sends a group of key seeds to all the ECUs randomly, and the ECU writes the key seeds into the encryption and decryption data and starts real-time counting according to the time signals.
10. The method of claim 1, wherein the vehicle data message is a vehicle data message. The communication method further comprises the following steps:
when the ECU receives the message, inquiring identification in the stored encryption and decryption data according to the source address field in the plaintext message and comparing the identification with the identification in the plaintext message, if the comparison is not consistent, discarding the message and sending a camouflage alarm; and if the comparison is consistent, receiving the message.
CN202111518234.1A 2021-12-11 2021-12-11 Vehicle data message safety communication method Pending CN114422181A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111518234.1A CN114422181A (en) 2021-12-11 2021-12-11 Vehicle data message safety communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111518234.1A CN114422181A (en) 2021-12-11 2021-12-11 Vehicle data message safety communication method

Publications (1)

Publication Number Publication Date
CN114422181A true CN114422181A (en) 2022-04-29

Family

ID=81264886

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111518234.1A Pending CN114422181A (en) 2021-12-11 2021-12-11 Vehicle data message safety communication method

Country Status (1)

Country Link
CN (1) CN114422181A (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016075869A1 (en) * 2014-11-13 2016-05-19 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ Key management method, vehicle-mounted network system and key management device
CN105897669A (en) * 2015-11-11 2016-08-24 乐卡汽车智能科技(北京)有限公司 Data sending method, data receiving method, sending terminal, receiving terminal and CAN bus network
KR101705639B1 (en) * 2016-10-24 2017-02-13 고려대학교 산학협력단 Method for transmitting and receiving a message in a vehicle network system
CN107454107A (en) * 2017-09-15 2017-12-08 中国计量大学 A kind of controller LAN automobile bus alarm gateway for detecting injection attack
KR20190040714A (en) * 2017-10-11 2019-04-19 현대자동차주식회사 Method and system for ECU execution time monitoring and fault finding
CH714535A2 (en) * 2017-12-20 2019-06-28 Univ Beihang In-vehicle network intrusion detection method and system.
CN110635893A (en) * 2019-09-21 2019-12-31 吉林大学 Vehicle-mounted Ethernet information security protection method
CN111077883A (en) * 2019-12-27 2020-04-28 国家计算机网络与信息安全管理中心 Vehicle-mounted network safety protection method and device based on CAN bus
CN111726274A (en) * 2020-05-25 2020-09-29 武汉理工大学 Automobile CAN bus data communication method, equipment and storage medium
KR20210038851A (en) * 2020-02-19 2021-04-08 베이징 바이두 넷컴 사이언스 테크놀로지 컴퍼니 리미티드 In-vehicle electronic control unit upgrading method, device and equipment and vehicle system
CN113162928A (en) * 2021-04-19 2021-07-23 广州小鹏汽车科技有限公司 Communication method, communication device, ECU, vehicle and storage medium

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016075869A1 (en) * 2014-11-13 2016-05-19 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ Key management method, vehicle-mounted network system and key management device
CN105897669A (en) * 2015-11-11 2016-08-24 乐卡汽车智能科技(北京)有限公司 Data sending method, data receiving method, sending terminal, receiving terminal and CAN bus network
KR101705639B1 (en) * 2016-10-24 2017-02-13 고려대학교 산학협력단 Method for transmitting and receiving a message in a vehicle network system
CN107454107A (en) * 2017-09-15 2017-12-08 中国计量大学 A kind of controller LAN automobile bus alarm gateway for detecting injection attack
KR20190040714A (en) * 2017-10-11 2019-04-19 현대자동차주식회사 Method and system for ECU execution time monitoring and fault finding
CH714535A2 (en) * 2017-12-20 2019-06-28 Univ Beihang In-vehicle network intrusion detection method and system.
CN110635893A (en) * 2019-09-21 2019-12-31 吉林大学 Vehicle-mounted Ethernet information security protection method
CN111077883A (en) * 2019-12-27 2020-04-28 国家计算机网络与信息安全管理中心 Vehicle-mounted network safety protection method and device based on CAN bus
KR20210038851A (en) * 2020-02-19 2021-04-08 베이징 바이두 넷컴 사이언스 테크놀로지 컴퍼니 리미티드 In-vehicle electronic control unit upgrading method, device and equipment and vehicle system
CN111726274A (en) * 2020-05-25 2020-09-29 武汉理工大学 Automobile CAN bus data communication method, equipment and storage medium
CN113162928A (en) * 2021-04-19 2021-07-23 广州小鹏汽车科技有限公司 Communication method, communication device, ECU, vehicle and storage medium

Similar Documents

Publication Publication Date Title
Radu et al. Leia: Al ightweight auth e nticat i on protocol for can
CN110635893B (en) Vehicle-mounted Ethernet information security protection method
Hazem et al. Lcap-a lightweight can authentication protocol for securing in-vehicle networks
Murvay et al. Security shortcomings and countermeasures for the SAE J1939 commercial vehicle bus protocol
Haas et al. Design and analysis of a lightweight certificate revocation mechanism for VANET
US9992178B2 (en) Method, apparatus and system for dynamically controlling secure vehicle communication based on ignition
EP1882346B1 (en) Communication protocol and electronic communication system, in particular authentication control system, as well as corresponding method
DE102018216915A1 (en) System and method for secure communications between controllers in a vehicle network
US8577036B2 (en) Method and device for transmitting messages in real time
US20170150361A1 (en) Secure vehicle network architecture
CN106899404A (en) Vehicle-mounted CAN FD bus communication systems and method based on wildcard
DE102018100157A1 (en) Method and apparatus for decryption, encryption and authentication
CN105897819A (en) Data communication method and system and gateway applied to in-vehicle network comprising multiple sub-networks
CN111049803A (en) Data encryption and platform security access method based on vehicle-mounted CAN bus communication system
Schmandt et al. Mini-MAC: Raising the bar for vehicular security with a lightweight message authentication protocol
CN112688845A (en) Communication method and device of vehicle-mounted CAN network
Püllen et al. Using implicit certification to efficiently establish authenticated group keys for in-vehicle networks
Püllen et al. Security and safety co-engineering of the flexray bus in vehicular networks
Agrawal et al. CAN-FD-Sec: improving security of CAN-FD protocol
Hartzell et al. Security analysis of an automobile controller area network bus
KR20130021157A (en) Data certification and acquisition method and system for vehicle
CN113938304B (en) CAN bus-based data encryption transmission method
CN110764802A (en) Front-mounted vehicle-mounted unit
EP3713190B1 (en) Secure bridging of controller area network buses
CN114422181A (en) Vehicle data message safety communication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 310051 No. 1760, Jiangling Road, Hangzhou, Zhejiang, Binjiang District

Applicant after: ZHEJIANG GEELY HOLDING GROUP Co.,Ltd.

Applicant after: Zhejiang Yizhen Automobile Research and Development Co.,Ltd.

Address before: 310051 No. 1760, Jiangling Road, Hangzhou, Zhejiang, Binjiang District

Applicant before: ZHEJIANG GEELY HOLDING GROUP Co.,Ltd.

Applicant before: Zhejiang Yinglun electric vehicle research and Development Co.,Ltd.

CB02 Change of applicant information