CN114760160B - Vehicle CAN bus penetration test method and system - Google Patents

Vehicle CAN bus penetration test method and system Download PDF

Info

Publication number
CN114760160B
CN114760160B CN202110160055.9A CN202110160055A CN114760160B CN 114760160 B CN114760160 B CN 114760160B CN 202110160055 A CN202110160055 A CN 202110160055A CN 114760160 B CN114760160 B CN 114760160B
Authority
CN
China
Prior art keywords
current
tested
test
byte
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110160055.9A
Other languages
Chinese (zh)
Other versions
CN114760160A (en
Inventor
程艳阶
梁伟强
张雁英
黄光健
何烈炎
李冠佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Automobile Group Co Ltd
Original Assignee
Guangzhou Automobile Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Automobile Group Co Ltd filed Critical Guangzhou Automobile Group Co Ltd
Priority to CN202110160055.9A priority Critical patent/CN114760160B/en
Publication of CN114760160A publication Critical patent/CN114760160A/en
Application granted granted Critical
Publication of CN114760160B publication Critical patent/CN114760160B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/40273Bus for use in transportation systems the transportation system being a vehicle

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a vehicle CAN bus penetration test method and a system, comprising the following steps: acquiring a tested message, and acquiring data of a plurality of bytes of a data field in the tested message; obtaining a current byte to be tested according to the plurality of bytes; obtaining a current test value according to a plurality of preset test values, and generating a current camouflage message according to the current test value and the current byte to be tested; sending the tested message, delaying for a preset time or sending the current camouflage message according to a preset sending period so as to carry out penetration testing on the current byte to be tested; after the current camouflage message is sent, determining whether the vehicle function has response according to the real-time running state of the vehicle, and recording a test result according to the response condition; and testing all the bytes by all the test values based on the steps. The invention can avoid the problem of bus error frame which is easy to occur when the detected message and the disguised message are simultaneously sent.

Description

Vehicle CAN bus penetration test method and system
Technical Field
The invention relates to the technical field of vehicle information safety, in particular to a vehicle CAN bus penetration testing method and system.
Background
The CAN bus protocol is a communication protocol which is most widely applied to the current controllers in automobiles, and most automobile control signals are transmitted through the CAN bus protocol, so that penetration test is carried out on the control signals transmitted by the CAN bus protocol, defects of functional logic design of the automobile controllers or the entire automobiles CAN be found in time, and the robustness of the functions of the automobile controllers or the entire automobiles is improved.
The traditional CAN bus communication protocol penetration test adopts the following two methods:
(1) Operating vehicle functions, monitoring vehicle CAN bus signal changes, screening and confirming control signal definitions; the method can only test the operable functions of the vehicle part, and has extremely low efficiency;
(2) Using external equipment to send a camouflage message, traversing each byte of a data field of the camouflage message according to 0x00 to 0XFF, and then adopting a dichotomy test control signal definition; the method can test all control signals of the vehicle, and the efficiency is improved compared with the method (1), but the following defects exist: (1) the disguised message and the vehicle real message may be sent simultaneously, resulting in bus errors; (2) this test method of traversing all values may cause some functions to be repeatedly activated and closed in a short time (for example, several tens of milliseconds), damaging the vehicle electrical apparatus; (3) the testing efficiency is low, if all the possibilities are completely traversed, the testing time of one CAN bus message is long, for example, 8 bytes and 10ms periodic messages are taken as examples, the testing time is 2558 × 10ms, the actual testing process is simplified, for example, the control signal byte-crossing condition is not considered, the testing time of one message CAN be reduced to 20 seconds, but the binary method is required to be repeatedly used for determining the signal definition, and the actual testing time of one message is dozens of minutes; (4) the test is less effective because the test signal is only sent once and may not be received without response problems.
Disclosure of Invention
The invention aims to provide a vehicle CAN bus penetration test method and a vehicle CAN bus penetration test system, which at least solve the technical problem that bus error frames are easily sent by a tested message (real message) and a disguised message at the same time in the conventional CAN bus communication protocol penetration test.
In order to achieve the above object, a first aspect of the present invention provides a vehicle CAN bus penetration testing method, including:
s1, obtaining a tested message, and obtaining data of a plurality of bytes of a data field in the tested message;
s2, obtaining the current bytes to be tested according to the plurality of bytes;
s3, obtaining a current test value according to a plurality of preset test values, and generating a current camouflage message according to the current test value and the current byte to be tested;
s4, sending the tested message, delaying for a preset time or sending the current camouflage message according to a preset sending period so as to carry out penetration test on the current byte to be tested;
and S5, after the current camouflage message is sent, determining whether the vehicle function responds according to the real-time running state of the vehicle, and recording the current byte to be tested and the current test value when the vehicle function responds.
Optionally, the generating a current masquerading packet according to the current test value and the current byte to be tested includes:
and replacing the byte data in the current byte to be tested in the tested message with the current test value to obtain a current camouflage message.
Optionally, the method further comprises:
presetting a plurality of control signals, wherein the control signals comprise one bit length signal, two bit length signals, three bit length signals and four bit length signals;
placing the one-bit length signal into any one bit in one byte to obtain a plurality of test values; placing the two bit length signals into any two adjacent bits in a byte to obtain a plurality of test values; placing the three bit length signals into any three adjacent bits in a byte to obtain a plurality of test values; and, put the said four bit length signals into any four adjacent bits in a byte, obtain a plurality of test values;
and screening and subtracting all the obtained test values, and removing repeated test values to obtain the plurality of preset test values.
Optionally, the one bit length signal comprises 0, 1; the two bit length signals comprise 01, 10, 11; the three bit length signals comprise 001, 010, 011, 100, 101, 110, 111; the four-bit length signal includes 0001, 0010, 0011, 0100, 0101, 0110, 0111, 1000, 1001, 1010, 1011, 1100, 1101, 1111.
Optionally, the step S5 further includes:
judging whether the preset test values complete penetration test on the current byte to be tested; if the penetration test of the current byte to be tested is finished, further judging whether the penetration test of the bytes is finished, if so, ending the penetration test process, and if not, performing the penetration test of the next byte; and if at least one preset test value does not complete the penetration test on the current byte to be tested, performing the penetration test on the current byte to be tested by the next preset test value.
Optionally, wherein the performing the penetration test of the next byte comprises:
selecting any byte which is not subjected to the penetration test from the plurality of bytes as a current byte to be tested, and continuing to execute the steps S3-S5 according to the current byte to be tested;
performing a penetration test on the current byte to be tested by using the next preset test value comprises:
and selecting any preset test value which does not perform penetration test on the current byte to be tested from the plurality of preset test values as a current test value, and continuing to execute the steps S3-S5 according to the current test value.
The second aspect of the present invention provides a vehicle CAN bus penetration testing system, including:
the device comprises a tested message acquisition unit, a data field acquisition unit and a data field acquisition unit, wherein the tested message acquisition unit is used for acquiring a tested message and acquiring data of a plurality of bytes in the data field in the tested message;
the current byte to be tested acquiring unit is used for acquiring the current byte to be tested according to the plurality of bytes;
the device comprises a disguised message generating unit, a data processing unit and a data processing unit, wherein the disguised message generating unit is used for acquiring a current test value according to a plurality of preset test values and generating a current disguised message according to the current test value and a current byte to be tested;
the penetration testing unit is used for sending the tested message, delaying the preset time or sending the current camouflage message according to a preset sending period so as to perform penetration testing on the current byte to be tested; and
and the test result analysis unit is used for determining whether the vehicle function has a response according to the real-time running state of the vehicle after the current camouflage message is sent, and recording the current to-be-tested byte and the current test value when the vehicle function has a response.
Optionally, the disguised packet generating unit is specifically configured to:
and replacing the byte data in the current byte to be tested in the tested message with the current test value to obtain a current camouflage message.
Optionally, the system sets a plurality of control signals in advance, and the control signals include one bit length signal, two bit length signals, three bit length signals and four bit length signals; the preset test values are obtained according to the control signals;
wherein: placing the one-bit length signal into any one bit in one byte to obtain a plurality of test values; placing the two bit length signals into any two adjacent bits in a byte to obtain a plurality of test values; placing the three bit length signals into any three adjacent bits in a byte to obtain a plurality of test values; and, put the said four bit length signals into any four adjacent bits in a byte, obtain a plurality of test values; and screening and subtracting all the obtained test values, and removing repeated test values to obtain the plurality of preset test values.
Optionally, the test result analysis unit is further specifically configured to:
judging whether the preset test values all finish penetration tests on the current byte to be tested; if the penetration test of the current byte to be tested is finished, further judging whether the penetration test of the bytes is finished, if so, ending the penetration test process, and if not, performing the penetration test of the next byte; and if at least one preset test value does not complete the penetration test on the current byte to be tested, performing the penetration test on the current byte to be tested by the next preset test value.
The embodiment of the invention provides a vehicle CAN bus penetration test method and a system, which at least have the following beneficial effects:
the method and the system CAN perform penetration test on the CAN bus control signal of the vehicle, thereby evaluating which functions of the vehicle are controlled and possible safety risks caused by illegal control of a vehicle controller; moreover, the camouflage message adopts a sending strategy which is sent along with the tested message (real message), so that bus errors caused by sending the camouflage message and the real message at the same time are avoided; after the pretend message is sent by adopting the tested message, the pretend message is sent in a delayed and preset time, so that the receiving controller can ignore the real instruction of the real vehicle and execute the pretend instruction under most conditions, and the test is more effective.
Additional features and advantages of the invention will be set forth in the description which follows.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for testing vehicle CAN bus penetration according to an embodiment of the present invention.
Fig. 2 is a schematic structural diagram of a vehicle CAN bus penetration testing system according to an embodiment of the present invention.
Detailed Description
Various exemplary embodiments, features and aspects of the present disclosure will be described in detail below with reference to the accompanying drawings. In addition, in the following detailed description, numerous specific details are set forth in order to provide a better understanding of the present invention. It will be understood by those skilled in the art that the present invention may be practiced without some of these specific details. In some instances, well known means within the skill of those in the art have not been described in detail so as not to obscure the invention.
Referring to fig. 1, an embodiment of the present invention provides a method for testing a vehicle CAN bus penetration, where the method includes the following steps S1 to S5:
s1, obtaining a tested message, and obtaining data of a plurality of bytes of a data field in the tested message;
specifically, the message to be tested is a CAN bus message, and a data field of the message comprises a plurality of bytes;
s2, obtaining the current bytes to be tested according to the plurality of bytes;
specifically, when performing the penetration test, the plurality of bytes need to be tested in sequence;
s3, obtaining a current test value according to a plurality of preset test values, delaying for a preset time or sending the current camouflage message according to a preset sending period to perform penetration test on the current bytes to be tested;
in this embodiment, two transmission modes of the disguised message are proposed, that is, the transmission is delayed for a preset time (following transmission), or the transmission is performed according to a preset transmission period, where the delayed preset time is, for example, 1ms; the regular message sending mode is a message CAN bus message according to a preset sending period;
specifically, in the method of this embodiment, a plurality of preset test values are preset, and the plurality of bytes are sequentially tested by using the plurality of preset test values;
specifically, in this embodiment, the current test value is used to replace byte data in the current to-be-tested byte in the tested message, so as to obtain a current masquerading message;
it should be noted that the difference between the current camouflage message and the message to be tested is only that the content of the current byte to be tested is different, and the data of other bytes in the message data field is the same, which is beneficial to improving the reliability of the penetration test;
exemplarily, the method in the present embodiment includes:
step S31, presetting a plurality of control signals, wherein the control signals comprise one bit length signal, two bit length signals, three bit length signals and four bit length signals;
specifically, the maximum length of the control signal is set to be no more than four bits (bit), and the control signal is not placed across bytes when being packaged in the camouflage message;
step S32, the bit length signal is placed into any bit of a byte to obtain a plurality of test values; placing the two bit length signals into any two adjacent bits in a byte to obtain a plurality of test values; placing the three bit length signals into any three adjacent bits in a byte to obtain a plurality of test values; and, put the said four bit length signals into any four adjacent bits in a byte, obtain a plurality of test values;
preferably, the one-bit length signal includes 0, 1;
the two bit length signals comprise 01, 10, 11;
the three bit length signals comprise 001, 010, 011, 100, 101, 110, 111;
the four bit length signals comprise 0001, 0010, 0011, 0100, 0101, 0110, 0111, 1000, 1001, 1010, 1011, 1100, 1101, 1111;
in the embodiment, effective assumption is made on the control signals, and the control signal definition can be covered by more than 90% while the test efficiency is considered;
based on the above signal values, the step S32 specifically includes:
for one bit length signal test value (per bit): 0 or 1
Each bit was tested for two values, 0 and 1, as shown in table 1 below:
TABLE 1
Bit(0) Bit(1) Bit(2) Bit(3) Bit(4) Bit(5) Bit(6) Bit(7)
0/1 0/1 0/1 0/1 0/1 0/1 0/1 0/1
Then the test value in this embodiment can be shifted right by 1 bit in the order of 0 and 1 to obtain the following test values:
signal 0:0;
signal 1:1*2 0 、1*2 1 、1*2 2 、1*2 3 、1*2 4 、1*2 5 、1*2 6 、1*2 7
00, 01, 10, 11 for two bit length signal test values (binary);
likewise, the following test values can be obtained for 00 and 01, 10, 11 by shifting right by 1 bit:
signal 01:1*2 0 、1*2 1 、1*2 2 、1*2 3 、1*2 4 、1*2 5 、1*2 6 、1*2 7 、;
Signal 10:2*2 0 、2*2 1 、2*2 2 、2*2 3 、2*2 4 、2*2 5 、2*2 6
Signal 11:3*2 0 、3*2 1 、3*2 2 、3*2 3 、3*2 4 、3*2 5 、3*2 6
Test values (binary) for three bit length signals: 000. 001, 010, 011, 100, 101, 110, 111;
the same algorithm can obtain test values as follows:
signal 001:1*2 0 、1*2 1 、1*2 2 、1*2 3 、1*2 4 、1*2 5 、1*2 6 、1*2 7
The signals 010:2*2 0 、2*2 1 、2*2 2 、2*2 3 、2*2 4 、2*2 5 、2*2 6
Signal 011:3*2 0 、3*2 1 、3*2 2 、3*2 3 、3*2 4 、3*2 5 、3*2 6
Signal 100:4*2 0 、4*2 1 、4*2 2 、4*2 3 、4*2 4 、4*2 5
Signal 101:5*2 0 、5*2 1 、5*2 2 、5*2 3 、5*2 4 、5*2 5
Signal 110:6*2 0 、6*2 1 、6*2 2 、6*2 3 、6*2 4 、6*2 5
Signal 111:7*2 0 、7*2 1 、7*2 2 、7*2 3 、7*2 4 、7*2 5
Test values (binary) for four bit length signals: 0000. 0001, 0010, 0011, 0100, 0101, 0110, 0111, 1000, 1001, 1010, 1011, 1100, 1101, 1110 and 1111, and obtaining a test value of each byte according to the same method as follows:
signal 0001:1*2 0 、1*2 1 、1*2 2 、1*2 3 、1*2 4 、1*2 5 、1*2 6 、1*2 7
Signal 0010:2*2 0 、2*2 1 、2*2 2 、2*2 3 、2*2 4 、2*2 5 、2*2 6
Signal 0011:3*2 0 、3*2 1 、3*2 2 、3*2 3 、3*2 4 、3*2 5 、3*2 6
The signal 0100:4*2 0 、4*2 1 、4*2 2 、4*2 3 、4*2 4 、4*2 5
Signal 0101:5*2 0 、5*2 1 、5*2 2 、5*2 3 、5*2 4 、5*2 5
The signal 0110:6*2 0 、6*2 1 、6*2 2 、6*2 3 、6*2 4 、6*2 5
The signal 0111:7*2 0 、7*2 1 、7*2 2 、7*2 3 、7*2 4 、7*2 5
Signal 1000:8*2 0 、8*2 1 、8*2 2 、8*2 3 、8*2 4
Signal 1001:9*2 0 、9*2 1 、9*2 2 、9*2 3 、9*2 4
Signal 1010:10*2 0 、10*2 1 、10*2 2 、10*2 3 、10*2 4
Signal 1011:11*2 0 、11*2 1 、11*2 2 、11*2 3 、11*2 4
Signal 1100:12*2 0 、12*2 1 、12*2 2 、12*2 3 、12*2 4
Signal 1101:13*2 0 、13*2 1 、13*2 2 、13*2 3 、13*2 4
The signals 1110:14*2 0 、14*2 1 、6*2 2 、6*2 3 、6*2 4
Signal 1111:15*2 0 、15*2 1 、15*2 2 、15*2 3 、15*2 4
S33, screening and subtracting all the obtained test values, and eliminating repeated test values to obtain a plurality of preset test values;
specifically, the signal test values are subjected to screening and subtraction, and repeated test values are removed to obtain a test value (hexadecimal) required by each byte of the penetration test, namely the following 48 test values (hexadecimal):
0x00、0x01、0x02、0x03、0x04、0x05、0x06、0x07、0x08、0x09、0x0a、0x0b、0x0c、0x0d、0x0e、0x0f、0x10、0x12、0x14、0x16、0x18、0x1a、0x1c、0x1e、0x20、0x24、0x28、0x2c、0x30、0x34、0x38、0x3c、0x40、0x48、0x50、0x58、0x60、0x68、0x70、0x78、0x80、0x90、0xa0、0xb0、0xc0、0xd0、0xe0、0xf0;
it should be noted that after the screening reduction in step S33, the test value of each byte penetration test is reduced from the original 256 to 48, which greatly improves the test efficiency and reduces the damage to the vehicle caused by repeatedly turning on and off the electrical apparatus function in a short time;
it should be noted that the steps S31 to S33 are performed before the method of the present embodiment is implemented, and when the method of the present embodiment is implemented, that is, when the penetration test is performed, the steps S31 to S33 do not need to be performed;
s4, sending the tested message, delaying for preset time, and sending the current camouflage message to perform penetration test on the current byte to be tested;
and S5, after the current camouflage message is sent, determining whether the vehicle function responds according to the real-time running state of the vehicle, and recording the current byte to be tested and the current test value when the vehicle function responds.
Specifically, the response condition of the vehicle needs to be monitored in real time in the test process;
the recording of the test result according to the vehicle function response result includes: if the vehicle function has a response, recording the current test value and the current byte information to be tested; and if the vehicle function does not respond, not recording the current test value and the current byte information to be tested.
Wherein, the step S5 further comprises:
if the penetration test of the current byte to be tested is finished, further judging whether the penetration test of the bytes is finished, if so, ending the penetration test process, and if not, performing the penetration test of the next byte;
if at least one preset test value does not complete the penetration test on the current byte to be tested, performing the penetration test on the current byte to be tested by the next preset test value;
specifically, the performing the penetration test of the next byte includes:
and selecting any byte which is not subjected to the penetration test from the plurality of bytes as a current byte to be tested, and continuing to execute the steps S3 to S5 according to the current byte to be tested.
Specifically, the performing the penetration test on the current byte to be tested by the next preset test value includes:
and selecting any preset test value which does not perform penetration test on the current byte to be tested from the plurality of preset test values as a current test value, and continuing to execute the steps S3-S5 according to the current test value.
As an example, to improve the reliability of the penetration test, each test value may be repeated 3 times.
It should be noted that the main body of execution of the method of the embodiment may be any kind of computer device.
For example, the computer device comprises a memory and a processor, wherein the memory stores computer readable instructions which, when executed by the processor, cause the processor to perform the steps of the vehicle CAN bus penetration testing method according to the above embodiments.
Of course, the computer device may also have components such as a wired or wireless network interface, a keyboard, and an input/output interface, so as to perform input/output, and the computer device may also include other components for implementing the functions of the device, which are not described herein again.
Illustratively, the computer program may be divided into one or more units, which are stored in the memory and executed by the processor to accomplish embodiments of the present invention. The one or more units may be a series of computer program instruction segments for describing the execution of the computer program in the computer device, which can perform certain functions.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like, the processor being the control center of the computer device, various interfaces and lines connecting the various parts of the overall computer device. The memory may be used for storing the computer program and/or unit, and the processor may implement various functions of the computer device by executing or executing the computer program and/or unit stored in the memory and calling data stored in the memory. In addition, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
Referring to fig. 2, another embodiment of the present invention provides a vehicle CAN bus penetration testing system, which CAN be used to implement the vehicle CAN bus penetration testing method according to the above embodiment, and the system includes:
the device comprises a tested message acquisition unit 1, a data field acquisition unit and a data field acquisition unit, wherein the tested message acquisition unit is used for acquiring a tested message and acquiring data of a plurality of bytes in a data field in the tested message;
the current byte to be tested obtaining unit 2 is used for obtaining the current byte to be tested according to the plurality of bytes;
the disguised message generating unit 3 is used for acquiring a current test value according to a plurality of preset test values and generating a current disguised message according to the current test value and the current byte to be tested;
the penetration testing unit 4 is used for sending the tested message, delaying for a preset time or sending the current camouflage message according to a preset sending period so as to perform penetration testing on the current byte to be tested; and
and the test result analysis unit 5 is used for determining whether the vehicle function has a response according to the real-time running state of the vehicle after the current camouflage message is sent, and recording the current to-be-tested byte and the current test value when the vehicle function has a response.
Optionally, the disguised packet generating unit 3 is specifically configured to:
and replacing the byte data in the current byte to be tested in the tested message with the current test value to obtain a current camouflage message.
Optionally, the system sets a plurality of control signals in advance, and the control signals include one bit length signal, two bit length signals, three bit length signals and four bit length signals; the preset test values are obtained according to the control signals;
wherein: placing the one-bit length signal into any one bit in one byte to obtain a plurality of test values; placing the two bit length signals into any two adjacent bits in a byte to obtain a plurality of test values; placing the three bit length signals into any three adjacent bits in a byte to obtain a plurality of test values; and, put the said four bit length signals into any four adjacent bits in a byte, obtain a plurality of test values; and screening and subtracting all the obtained test values, and removing repeated test values to obtain the plurality of preset test values.
Optionally, the test result analysis unit is further specifically configured to:
judging whether the preset test values complete penetration test on the current byte to be tested; if the penetration test of the current byte to be tested is finished, further judging whether the penetration test of the bytes is finished, if so, ending the penetration test process, and if not, performing the penetration test of the next byte; and if at least one preset test value does not complete the penetration test on the current byte to be tested, performing the penetration test on the current byte to be tested by the next preset test value.
Optionally, the one bit length signal comprises 0, 1; the two bit length signals comprise 01, 10, 11; the three bit length signals comprise 001, 010, 011, 100, 101, 110, 111; the four-bit length signal includes 0001, 0010, 0011, 0100, 0101, 0110, 0111, 1000, 1001, 1010, 1011, 1100, 1101, 1111.
The above-described system embodiments are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
It should be noted that the system described in the foregoing embodiment corresponds to the method described in the foregoing embodiment, and therefore, portions of the system described in the foregoing embodiment that are not described in detail can be obtained by referring to the content of the method described in the foregoing embodiment, and details are not described here.
In summary, the method and system of the embodiments of the present invention CAN perform penetration test on the CAN bus control signal of the vehicle, thereby evaluating which functions of the vehicle are controlled and possible safety risks caused when the vehicle controller is subjected to illegal control, and specifically, the method and system of the embodiments of the present invention test the control signal of the CAN bus network by actively sending a disguised message; moreover, the camouflage message adopts a sending strategy which is sent along with the tested message (real message), so that bus errors caused by sending the camouflage message and the real message at the same time are avoided; after the pretend message is sent by adopting the tested message, the pretend message is sent in a delayed and preset time, so that the receiving controller can ignore the real instruction of the real vehicle and execute the pretend instruction under most conditions, and the test is more effective.
Having described embodiments of the present invention, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or improvements made to the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.

Claims (8)

1. A vehicle CAN bus penetration test method is characterized by comprising the following steps:
s1, obtaining a tested message, and obtaining data of a plurality of bytes of a data field in the tested message;
s2, obtaining the current bytes to be tested according to the plurality of bytes;
s3, obtaining a current test value according to a plurality of preset test values, and generating a current camouflage message according to the current test value and the current byte to be tested; replacing byte data in the current byte to be tested in the tested message with the current test value to obtain a current camouflage message;
s4, sending the tested message, delaying for a preset time or sending the current camouflage message according to a preset sending period so as to carry out penetration test on the current byte to be tested;
and S5, after the current camouflage message is sent, determining whether the vehicle function responds according to the real-time running state of the vehicle, and recording the current byte to be tested and the current test value when the vehicle function responds.
2. The vehicle CAN bus penetration test method of claim 1, further comprising:
presetting a plurality of control signals, wherein the control signals comprise one bit length signal, two bit length signals, three bit length signals and four bit length signals;
placing the bit length signal into any bit in a byte to obtain a plurality of test values; placing the two bit length signals into any two adjacent bits in a byte to obtain a plurality of test values; placing the three bit length signals into any three adjacent bits in a byte to obtain a plurality of test values; and, put the said four bit length signals into any four adjacent bits in a byte, obtain a plurality of test values;
and screening and subtracting all the obtained test values, and removing repeated test values to obtain the plurality of preset test values.
3. The vehicle CAN bus penetration test method of claim 2, wherein the one bit length signal comprises 0, 1; the two bit length signals comprise 01, 10, 11; the three bit length signals comprise 001, 010, 011, 100, 101, 110, 111; the four-bit length signal includes 0001, 0010, 0011, 0100, 0101, 0110, 0111, 1000, 1001, 1010, 1011, 1100, 1101, 1111.
4. The vehicle CAN bus penetration test method of claim 1, wherein the step S5 further comprises:
judging whether the preset test values complete penetration test on the current byte to be tested; if the penetration test of the current byte to be tested is finished, further judging whether the penetration test of the bytes is finished, if so, ending the penetration test process, and if not, performing the penetration test of the next byte; and if at least one preset test value does not complete the penetration test on the current byte to be tested, performing the penetration test on the current byte to be tested by the next preset test value.
5. The vehicle CAN bus penetration test method according to any one of claims 1 to 4, wherein the performing the penetration test of the next byte comprises:
selecting any byte which is not subjected to the penetration test from the plurality of bytes as a current byte to be tested, and continuing to execute the steps S3-S5 according to the current byte to be tested;
wherein, the performing of the penetration test of the next preset test value to the current byte to be tested comprises:
and selecting any preset test value which does not perform penetration test on the current byte to be tested from the plurality of preset test values as a current test value, and continuing to execute the steps S3-S5 according to the current test value.
6. A vehicle CAN bus penetration test system, comprising:
the device comprises a tested message acquisition unit, a data field acquisition unit and a data field acquisition unit, wherein the tested message acquisition unit is used for acquiring a tested message and acquiring data of a plurality of bytes in the data field in the tested message;
the current byte to be tested acquiring unit is used for acquiring the current byte to be tested according to the plurality of bytes;
the device comprises a disguised message generating unit, a data processing unit and a data processing unit, wherein the disguised message generating unit is used for acquiring a current test value according to a plurality of preset test values and generating a current disguised message according to the current test value and a current byte to be tested; replacing byte data in the current byte to be tested in the tested message with the current test value to obtain a current camouflage message;
the penetration testing unit is used for sending the tested message, delaying the preset time or sending the current camouflage message according to a preset sending period so as to perform penetration testing on the current byte to be tested; and
and the test result analysis unit is used for determining whether the vehicle function has a response according to the real-time running state of the vehicle after the current camouflage message is sent, and recording the current to-be-tested byte and the current test value when the vehicle function has a response.
7. The vehicle CAN bus penetration test system of claim 6, wherein the system presets a plurality of control signals, the control signals comprising one bit length signal, two bit length signals, three bit length signals, and four bit length signals; the preset test values are obtained according to the control signals;
wherein: placing the bit length signal into any bit in a byte to obtain a plurality of test values; placing the two bit length signals into any two adjacent bits in a byte to obtain a plurality of test values; placing the three bit length signals into any three adjacent bits in a byte to obtain a plurality of test values; and, put the said four bit length signals into any four adjacent bits in a byte, obtain a plurality of test values; and screening and subtracting all the obtained test values, and removing repeated test values to obtain the plurality of preset test values.
8. The vehicle CAN bus penetration test system of claim 6, wherein the test result analysis unit is further specifically configured to:
judging whether the preset test values all finish penetration tests on the current byte to be tested; if the penetration test of the current byte to be tested is finished, further judging whether the penetration test of the bytes is finished, if so, ending the penetration test process, and if not, performing the penetration test of the next byte; and if at least one preset test value does not complete the penetration test on the current byte to be tested, performing the penetration test on the current byte to be tested by using the next preset test value.
CN202110160055.9A 2021-02-05 2021-02-05 Vehicle CAN bus penetration test method and system Active CN114760160B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110160055.9A CN114760160B (en) 2021-02-05 2021-02-05 Vehicle CAN bus penetration test method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110160055.9A CN114760160B (en) 2021-02-05 2021-02-05 Vehicle CAN bus penetration test method and system

Publications (2)

Publication Number Publication Date
CN114760160A CN114760160A (en) 2022-07-15
CN114760160B true CN114760160B (en) 2023-01-06

Family

ID=82325042

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110160055.9A Active CN114760160B (en) 2021-02-05 2021-02-05 Vehicle CAN bus penetration test method and system

Country Status (1)

Country Link
CN (1) CN114760160B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110789580A (en) * 2018-08-01 2020-02-14 中车大连电力牵引研发中心有限公司 Communication detection method, equipment and system of train network control system
CN111596570A (en) * 2020-05-26 2020-08-28 陈媛芳 Vehicle CAN bus simulation and attack system and method
CN111901349A (en) * 2020-07-29 2020-11-06 北京天融信网络安全技术有限公司 Penetration testing method, device and system based on in-vehicle CAN bus

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110191021B (en) * 2019-05-29 2021-04-30 北京百度网讯科技有限公司 Protocol testing method and device, electronic equipment and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110789580A (en) * 2018-08-01 2020-02-14 中车大连电力牵引研发中心有限公司 Communication detection method, equipment and system of train network control system
CN111596570A (en) * 2020-05-26 2020-08-28 陈媛芳 Vehicle CAN bus simulation and attack system and method
CN111901349A (en) * 2020-07-29 2020-11-06 北京天融信网络安全技术有限公司 Penetration testing method, device and system based on in-vehicle CAN bus

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
基于随机森林的车载CAN总线异常检测方法;吴玲云等;《吉林大学学报(理学版)》;20180526(第03期);全文 *
车载CAN总线及网关渗透测试;丁文龙等;《工业技术创新》;20181225(第06期);全文 *

Also Published As

Publication number Publication date
CN114760160A (en) 2022-07-15

Similar Documents

Publication Publication Date Title
CN111711546B (en) Device throughput testing method, device, system and computer readable storage medium
CN114760160B (en) Vehicle CAN bus penetration test method and system
CN112214366B (en) Test method, device, system, equipment and medium
CN104270362B (en) request processing method and device
CN112163468A (en) Image processing method and device based on multiple threads
CN113709650A (en) Microphone testing method, device and storage medium
CN111181790B (en) Method, device, equipment and storage medium for quickly generating automatic test script
CN116455784A (en) Gateway test method, system, computer and readable storage medium
CN111475414A (en) Method and system for simulating multiple AP (Access Point) clients to realize online of server products
CN111210826A (en) Voice information processing method and device, storage medium and intelligent terminal
CN114500348B (en) CDN gateway testing method and system
CN115981557A (en) Data stream acquisition method and system based on ring detection in dynamic source code test
CN111326176A (en) Detection method, device and medium of RTP packet based on OPUS coding
CN109584889A (en) Audio frequency transmission method and device and storage medium
CN113032255B (en) Response noise identification method, model, electronic device and computer storage medium
CN109309748B (en) Cloud mobile phone hardware quality batch test method and system
CN114936121A (en) Fault simulation method, device, system and medium
CN112180890B (en) Test case generation method, device and equipment
CN114328184A (en) Big data cloud test method based on vehicle-mounted Ethernet architecture
CN112083319A (en) Power amplifier test method, system, device and storage medium
CN108734088B (en) Data training method and device based on machine learning
CN112732557B (en) Interface test script implementation method and automatic test method for data offset downloading
CN113676724B (en) Automatic dial testing system and method for programs in IPTV service
CN116346919A (en) Out-of-order data processing method and device based on Internet of things
CN116679679A (en) Off-line simulation verification method and system for controller finished automobile CAN bus fault

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant