CN115098367A - Method, device and equipment for testing security algorithm - Google Patents

Method, device and equipment for testing security algorithm Download PDF

Info

Publication number
CN115098367A
CN115098367A CN202210718482.9A CN202210718482A CN115098367A CN 115098367 A CN115098367 A CN 115098367A CN 202210718482 A CN202210718482 A CN 202210718482A CN 115098367 A CN115098367 A CN 115098367A
Authority
CN
China
Prior art keywords
message
test
testing
controller
test case
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210718482.9A
Other languages
Chinese (zh)
Inventor
张树青
张路
曹海燕
黄颍华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Electric Vehicle Co Ltd
Original Assignee
Beijing Electric Vehicle Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Electric Vehicle Co Ltd filed Critical Beijing Electric Vehicle Co Ltd
Priority to CN202210718482.9A priority Critical patent/CN115098367A/en
Publication of CN115098367A publication Critical patent/CN115098367A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites

Abstract

The invention provides a method, a device and equipment for testing a safety algorithm, wherein the method for testing the safety algorithm comprises the following steps: obtaining a test case; testing a safety algorithm of the controller according to the test case and a test function which is constructed on a ring HIL test platform of hardware in advance to obtain a test result; wherein the test function comprises at least one of: a message counter function; a message checksum function; a data identifier function. According to the scheme of the invention, the test function is established on the loop test HIL test platform, and the safety algorithm of the controller is tested according to the test case and the test function to obtain the test result, so that the bus communication E2E safety algorithm can be tested.

Description

Method, device and equipment for testing security algorithm
Technical Field
The present invention relates to the field of case testing technologies, and in particular, to a method, an apparatus, and a device for testing a security algorithm.
Background
An End-to-End (E2E) safety algorithm for automobile bus communication aims at messages related to functional safety in bus information of an automobile Controller Area Network (CAN) and a variable Rate Controller Area Network (CAN FD), and is used for judging and processing malicious interference conditions such as tampering, replay and counterfeiting in a communication process, performing problem determination and fault processing on abnormal conditions, ensuring the safety of automobile bus communication information and realizing a means of an automobile safety Controller.
If a message containing unexpected safety-related data is sent in bus communication, the influence or fault generated by message transmission does not influence the safety of drivers, in order to prevent a communication link from being threatened by the outside and possibly generating faults and reduce risks, the integrity, the continuity and the consistency of message data are detected at a receiving end of a controller, and the risk generated in the communication process can be reduced through a bus communication E2E safety algorithm to protect the safety exchange of the data. Therefore, a testing method for the bus communication E2E safety algorithm needs to be designed to test whether the bus communication E2E safety algorithm fails or not.
Disclosure of Invention
The embodiment of the invention provides a method, a device and equipment for testing a security algorithm, which are used for solving the problem that the bus communication E2E security algorithm cannot be tested in the prior art.
In order to solve the above technical problem, an embodiment of the present invention provides the following technical solutions:
the embodiment of the invention provides a method for testing a security algorithm, which comprises the following steps:
obtaining a test case;
testing a safety algorithm of the controller according to the test case and a test function which is constructed on a ring HIL test platform of hardware in advance to obtain a test result;
wherein the test function comprises at least one of:
a message counter function;
a message checksum function;
a data identifier function.
Optionally, the test case includes at least one of:
counting test cases by messages;
message counting repetition period test cases;
checksum fault test case.
Optionally, the testing the safety algorithm of the controller includes at least one of:
testing the difference value of the message counting;
testing the message counting repetition period;
and carrying out fault test on the message checksum.
Optionally, before the testing the security algorithm of the controller according to the test case and the test function constructed on the ring HIL test platform in advance on the hardware, and obtaining a test result, the method further includes:
carrying out message counting test on the target message through the message counter function;
in a message receiving period of a receiving controller, under the condition that the numerical values of message counters in the received target messages are continuous, determining that the target messages are normally received;
and the target message is sent to the receiving controller by the sending controller.
Optionally, under the condition that the test case includes a packet counting test case, and the testing the security algorithm of the controller includes testing a to-be-packet counting difference value, the testing the security algorithm of the controller according to the test case and a test function constructed on the ring HIL test platform in advance on hardware to obtain a test result includes:
after a power-on signal is obtained according to the message counting test case, adjusting a message counter in a first message sent by a sending controller to be an initial value;
and in a first message period indicated by the message counting test case, determining whether the message counting difference value is normal or not through the function of the message counter.
Optionally, the method further comprises:
determining whether the value corresponding to the message counter is greater than or equal to a first value or not under the condition that the difference value of the message counts is not normal; the first value is determined according to the upper limit value of the message counter and a first preset value;
if so, subtracting the first value from the value corresponding to the message counter;
and if not, adding the first preset value to the numerical value corresponding to the message counter.
Optionally, under the condition that the test case includes a packet counting repetition period test case, and the testing the security algorithm of the controller includes testing the packet counting repetition period, the testing the security algorithm of the controller according to the test case and a test function that is constructed on a ring HIL test platform in advance on hardware, to obtain a test result, includes:
after a power-on signal is obtained according to the message counting repetition period test case, controlling a message counter in a second message sent by a sending controller to be a second preset value;
after the first preset time length, if the value corresponding to the message counter in the second message received by the receiving controller is the second preset value, determining that the message counting repetition period is greater than the first preset time length;
the message counting test case comprises the first preset time length.
Optionally, under the condition that the test case includes a checksum fault test case, and the testing the security algorithm of the controller includes performing a fault test on a message checksum, the testing the security algorithm of the controller according to the test case and a test function that is pre-established on the loop HIL test platform, so as to obtain a test result, includes:
after a power-on signal is obtained according to the checksum fault test case, determining a first check value of a third message sent by a sending controller and a second check value of the third message received by a receiving controller in a second message period through the message checksum function and the data identifier function;
determining a check sum fault detection result according to a comparison result of the first check value and the second check value;
and the check sum fault test case comprises the second message period.
Optionally, the method further comprises:
according to the message receiving time test case, under the condition that the receiving controller receives a third message sent by the sending controller within a second preset time length after being electrified, determining that the message is not lost;
and according to the message receiving time test case, determining that the message is lost under the condition that the receiving controller does not receive the third message sent by the sending controller within a second preset time length after power-on.
The embodiment of the invention provides a test device of a security algorithm, which comprises:
the acquisition module is used for acquiring a test case;
the first processing module is used for testing the safety algorithm of the controller according to the test case and the test function which is constructed on the ring HIL test platform of the hardware in advance to obtain a test result;
wherein the test function comprises at least one of:
a message counter function;
a message checksum function;
a data identifier function.
Optionally, the test case includes at least one of:
counting test cases by messages;
counting the message and repeating the periodic test case;
checksum fault test case.
Optionally, the first processing module includes at least one of:
the first testing unit is used for testing the message counting difference value;
the second test unit is used for testing the message counting repetition period;
and the third testing unit is used for carrying out fault testing on the message checksum.
Optionally, the apparatus further comprises:
the first testing module is used for carrying out message counting testing on the target message through the message counter function;
the first determining module is used for determining that the target message is normally received when the numerical value of the message counter in the received target message is continuous in the message receiving period of the receiving controller;
and the target message is sent to the receiving controller by the sending controller.
Optionally, the first test unit is specifically configured to:
after a power-on signal is obtained according to the message counting test case, adjusting a message counter in a first message sent by a sending controller to be an initial value;
and in a first message period indicated by the message counting test case, determining whether the message counting difference value is normal or not through the function of the message counter.
Optionally, the first test unit is specifically further configured to:
determining whether the value corresponding to the message counter is greater than or equal to a first value or not under the condition that the difference value of the message counts is not normal; the first value is determined according to the upper limit value of the message counter and a first preset value;
if so, subtracting the first value from the value corresponding to the message counter;
and if not, adding the first preset value to the numerical value corresponding to the message counter.
Optionally, the second test unit is specifically configured to:
after a power-on signal is obtained according to the message counting repetition period test case, controlling a message counter in a second message sent by a sending controller to be a second preset value;
after the first preset time length, if the value corresponding to the message counter in the second message received by the receiving controller is the second preset value, determining that the message counting repetition period is greater than the first preset time length;
the message counting test case comprises the first preset time length.
Optionally, the third testing unit is specifically configured to:
after a power-on signal is obtained according to the checksum fault test case, determining a first check value of a third message sent by a sending controller and a second check value of the third message received by a receiving controller in a second message period through the message checksum function and the data identifier function;
determining a check sum fault detection result according to a comparison result of the first check value and the second check value;
and the check sum fault test case comprises the second message period.
Optionally, the apparatus further comprises:
the second determining module is used for determining that the message is not lost under the condition that the receiving controller receives a third message sent by the sending controller within a second preset time length after power-on according to the message receiving time test case;
and the third determining module is used for determining that the message is lost under the condition that the receiving controller does not receive the third message sent by the sending controller within a second preset time length after power-on according to the message receiving time test case.
An embodiment of the present invention further provides a device for testing a security algorithm, including: a processor, a memory and a program stored on the memory and executable on the processor, which program, when executed by the processor, implements the steps of the method of testing a security algorithm as described in any one of the above.
An embodiment of the present invention further provides a readable storage medium, where a program is stored, and when the program is executed by a processor, the program implements the steps in the method for testing a security algorithm according to any one of the above embodiments.
The invention has the beneficial effects that:
according to the scheme of the invention, the test function is established on the loop test HIL test platform, and the safety algorithm of the controller is tested according to the test case and the test function to obtain the test result, so that the bus communication E2E safety algorithm can be tested.
Drawings
FIG. 1 is a flow chart of a method for testing a security algorithm according to an embodiment of the present invention;
fig. 2 is a flow chart illustrating a functional implementation of a Counter message Counter of a target message according to an embodiment of the present invention;
FIG. 3 is a logic diagram of a Counter delta exception test according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a security algorithm testing apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a test apparatus for a security algorithm according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in detail with reference to the accompanying drawings and specific embodiments.
The invention provides a method, a device and equipment for testing a safety algorithm, aiming at the problem that the bus communication E2E safety algorithm cannot be tested in the prior art.
As shown in fig. 1, an embodiment of the present invention provides a method for testing a security algorithm, including:
step 101: and acquiring a test case.
Before the test of the safety algorithm is carried out, a test case needs to be designed, wherein the test case comprises test time and input signals, and the input signals comprise a key-on signal, a brake signal, a gear signal and a test function signal. The test case may also include an output signal, i.e., the output signal may be used to record the results of the test function.
Step 102: testing a safety algorithm of the controller according to the test case and a test function which is constructed on a ring HIL test platform of hardware in advance to obtain a test result;
wherein the test function comprises at least one of:
a message counter function;
a message checksum function;
a data identifier function.
Note that, the message Counter (Counter): the message occupies 4 bits, the value range of the message counter is [0, 14] (based on AutoSAR E2E standard Profile1), the sending end controller sends a frame of message each time the transmission request, the value of the message counter is increased by 1, the upper limit is reached 14, and the counter value is restored to 0 to start counting repeatedly. The receiver controller needs to check the message counter value every time it receives a frame of message. If the message counter is detected to be wrong, the message information needs to be processed in combination with the functional safety requirement.
Message Checksum (Checksum): the sender controller Checksum needs to calculate before sending the message, and the Checksum in the message to be sent must ensure that the data in the message cannot be changed before the message is transmitted to the network. And when the receiving end controller receives a frame of message, executing a checksum algorithm the same as that of the sending end to calculate the data in the message, comparing the calculation result with the value of the received message, and if the calculation result is inconsistent, the data in the message is not used any more.
Data identifier (Data ID): and the check sum check is participated in, and the check sum check is used for protecting the message, preventing information insertion errors, information disguising errors, identifying illegal source messages and the like.
And testing the safety algorithm corresponding to the test case according to the designed test case and the constructed test function to obtain a test result.
Optionally, the test case includes at least one of:
counting test cases by messages;
counting the message and repeating the periodic test case;
checksum fault test case.
Specifically, the message counting test case includes a test time, an input signal and an output signal, wherein the input signal includes a key-on signal, a brake signal, a shift signal and a Counter exception calculation signal, and the output signal includes a Ready (Ready) signal and a Counter difference exception flag signal.
The message counting repetition period test case comprises test time, input signals and output signals, wherein the input signals comprise a key opening signal, a brake signal, a gear signal and a Counter signal, and the output signals comprise a Ready (Ready) signal and a Counter repetition flag signal.
The verification and fault test case comprises test time, input signals and output signals, wherein the input signals comprise a key-on signal, a brake signal, a gear signal and a Checksum verification signal, and the output signals comprise a Ready (Ready) signal and a Checksum verification fault signal.
Optionally, the testing the safety algorithm of the controller includes at least one of:
testing the difference value of the message counting;
testing the message counting repetition period;
and carrying out fault test on the message checksum.
It should be noted that the main implementation functions of the safety algorithm of the bus communication E2E of the test controller include: and testing whether the abnormal difference value of the key message Counter is greater than a fixed value, testing whether the Counter is greater than a fixed period repeatedly, and testing whether checksum check fails.
Optionally, before the testing the security algorithm of the controller according to the test case and the test function constructed on the ring HIL test platform in advance on the hardware, and obtaining a test result, the method further includes:
performing message counting test on the target message through the message counter function;
in a message receiving period of a receiving controller, under the condition that the numerical values of message counters in the received target messages are continuous, determining that the target messages are normally received;
and the target message is sent to the receiving controller by the sending controller.
For a controller to be tested with a safety function, before performing E2E safety algorithm testing through a Hardware-in-the-Loop (HIL) testing platform, an HIL testing environment needs to be improved, and the E2E safety algorithm testing can be performed without problems in the testing environment.
Specifically, according to the principle of the Counter message Counter, it is necessary to implement the function of the Counter message Counter in the HIL test environment for a message (target message) having a function security for a sending end (sending controller) except for a controller (receiving controller) to be tested, and the flow chart is shown in fig. 2, where the implementation logic is: after the sending controller is powered on, the counter starts to add 1 in each message period from 0, and when the counter > is 14, the counter starts to add in periods again from 0. The controller to be tested receives a frame of target message in each message period, and if the value of the timer is judged to be continuous, the controller to be tested judges that the received target message is not repeatedly received, lost and the like.
Optionally, under the condition that the test case includes a packet counting test case, and the testing the security algorithm of the controller includes testing a to-be-packet counting difference value, the testing the security algorithm of the controller according to the test case and a test function constructed on the ring HIL test platform in advance on hardware to obtain a test result includes:
after a power-on signal is obtained according to the message counting test case, adjusting a message counter in a first message sent by a sending controller to be an initial value;
and in a first message period indicated by the message counting test case, determining whether the message counting difference value is normal or not through the function of the message counter.
The following specifically describes a process of testing whether the abnormal difference value of the key packet (first packet) Counter is greater than a fixed value, where the test function is repeated in a transmission process of a packet sent by the E2E sending controller.
It should be noted that the period of the message is generally 10ms, 20ms, etc., and it is determined whether the key message to be tested is greater than a fixed value, a constant C needs to be given in the current period, and a fixed value less than or equal to 14 is added to C in the next message period.
Table 1 Counter difference anomaly test case one
Figure BDA0003709589190000091
Therefore, by analyzing the characteristic that the abnormal difference value of the test key message Counter is greater than the fixed value, the Counter abnormal difference value function can be realized only by realizing that the Counter of the message circularly transmits in the range of [0-14] according to the fixed value C.
Specifically, in this embodiment, in the HIL test environment, according to the test case shown in table 2, the function intervenes in the logic that the Counter implements the cycles in the numerical range [0 to 14], so that the Counter cycling in the numerical range [0 to 14] becomes a fault that can trigger the abnormal Counter difference by cycling through [0 to 14] by the fixed difference C.
TABLE 2 Counter Difference Exception test case two
Figure BDA0003709589190000101
The specific logic is as follows:
referring to fig. 3, after power-on, the initial value of the message Counter in the first message sent by the sending controller is adjusted to be 0, the Counter is self-added according to the period in the first message period indicated by the message count test case (the Counter difference value abnormal test case), when the Counter is greater than or equal to 14, the Counter is re-assigned to be 0, the Counter is added according to the period again, if it is detected that the Counter abnormal calculation flag bit is N, it is determined that the message count difference value is normal, the current cycle of self-adding 1 of the Counter is continuously executed, and if it is detected that the Counter abnormal calculation flag bit is Y, it is determined that the message count difference value is abnormal.
Further, the method further comprises:
determining whether the value corresponding to the message counter is greater than or equal to a first value or not under the condition that the difference value of the message counts is not normal; the first value is determined according to the upper limit value of the message counter and a first preset value;
if so, subtracting the first value from the value corresponding to the message counter;
and if not, adding the first preset value to the numerical value corresponding to the message counter.
Please continue to participate in fig. 3, when it is detected that the Counter abnormal computation flag is Y, the current Counter value range is determined, if the Counter is greater than or equal to the first value, the first value is equal to 14 (the upper limit value) minus C (the first preset value) plus 1, the Counter value in the next period is equal to the Counter minus the first value, that is, the Counter is equal to Counter-14+ C-1, if the Counter is smaller than the first value, the Counter is equal to the Counter plus C, and through the above steps, the Counter value is continuously determined to execute different self-adding strategies.
Optionally, under the condition that the test case includes a packet counting repetition period test case, and the testing the security algorithm of the controller includes testing the packet counting repetition period, the testing the security algorithm of the controller according to the test case and a test function constructed on a ring HIL test platform in advance on hardware to obtain a test result includes:
after the power-on signal is obtained according to the message counting repetition period test case, controlling a message counter in a second message sent by the sending controller to be a second preset value;
after the first preset time length, if the value corresponding to the message counter in the second message received by the receiving controller is the second preset value, determining that the message counting repetition period is greater than the first preset time length;
the message counting test case comprises the first preset time length.
In this embodiment, for the pre-designed message count repetition period test, for example, as shown in table 3 below, the message count (Counter) repetition is greater than the fixed period, and this function is that the Counter value is not changed within a certain time (a first preset time period) during the transmission process of the message (second message) of the E2E sending controller. After the power-on, the Counter of the second message sent by the sending controller is given a fixed value (a second preset value), and after a certain time, the controller to be tested judges that the received message is repeated by the Counter and outputs a repeated Counter flag bit.
Table 3 packet counting repetition period test case
Figure BDA0003709589190000111
Optionally, under the condition that the test case includes a checksum fault test case, and the testing the security algorithm of the controller includes a message checksum fault test, the testing the security algorithm of the controller according to the test case and a test function that is constructed on the ring HIL test platform in advance on hardware to obtain a test result includes:
after a power-on signal is obtained according to the checksum fault test case, determining a first check value of a third message sent by a sending controller and a second check value of the third message received by a receiving controller in a second message period through the message checksum function and the data identifier function;
determining a check sum fault detection result according to a comparison result of the first check value and the second check value;
and the check sum fault test case comprises the second message period.
It should be noted that, according to the principle of checksum, a Cyclic Redundancy Check (CRC) function needs to be implemented on a message with a function safety of a sending controller except for a controller to be tested in a test environment. The checksum function safety message has a special message Data ID sequence and is stored in the sending end and all receiving ends in advance.
The checksum calculates the Data ID, whose bytes are between Byte1 to Byte7, and finally obtains the check value. The Checksum calculation procedure is as follows: calculating the CRC value of Date ID (the initial value is 0x 00); and calculating CRC values of the Byte1 to the Byte7, obtaining a final check value (the initial value is the calculation result value of the previous step), and storing the final check value in the sending controller and all the receiving controllers.
In the implementation mode in the HIL test environment, a function for realizing calculation of checksum is called, and a final check value of a message to be sent is calculated and then stored in a sending controller.
The method comprises the steps that Counter counting and checksum calculation functions of the messages with functional safety are completed in an HIL test environment, and a controller to be tested judges the continuity of the messages and the integrity of message information of the messages of a sending controller according to an E2E safety algorithm.
In this embodiment, as shown in table 4 below, a pre-designed checksum fault test case is used to check a fault, and this function is directed to that, in the transmission process of a message sent by the E2E, the calculated CRC final check values of the sending controller and the receiving controller are inconsistent. According to the checksum check principle, the calculation of the message checksum of the sending end can be stopped in the HIL test environment, and the controller to be tested compares the final check values of the sending controller and the receiving controller in the next period to be inconsistent, so that a checksum check fault can be triggered.
Table 4 checksum check fault test case
Figure BDA0003709589190000121
Optionally, the method further comprises:
according to the message receiving time test case, determining that the message is not lost under the condition that the receiving controller receives a third message sent by the sending controller within a second preset time length after power-on;
and according to the message receiving time test case, determining that the message is lost under the condition that the receiving controller does not receive the third message sent by the sending controller within a second preset time length after power-on.
It should be noted that the main implementation functions of the safety algorithm of the bus communication E2E of the test controller further include: in this embodiment, the message receiving time test indicates that, for example, as shown in table 5 below, the message receiving time test indicates that, within a certain time (a second preset time period), the controller to be tested (the receiving controller) cannot receive the message sent by the sending controller, the sending of the message of the whole sending controller can be stopped by enabling the signal controller, the controller to be tested does not receive the message of the sending controller within a certain time period, and the controller to be tested sends out a key message loss flag bit.
TABLE 5 message reception time test case
Figure BDA0003709589190000131
According to the method for testing the security algorithm, provided by the embodiment of the invention, the function processing of the CRC algorithm of the transmitted signal in the environment of checksum is added by performing cyclic self-addition processing on the Counter signal in the HIL test environment, so that the E2E security algorithm becomes a testable item in the HIL test environment, and the information security of bus communication is ensured. Another test point is a test that makes it possible to have a counter difference greater than a fixed number, ensuring the adequacy of the E2E security algorithm verification. By making the E2E security algorithm testable on the HIL test set through the development of the test environment, the self-imposed cycles to Counter are counted within the numerical range [0-14] and the Counter difference becomes testable by a fixed value through the function trigger within the [0-14] count. These improvements enable the E2E security algorithm to be verified at the HIL, ensuring the security of the bus signals.
As shown in fig. 4, an embodiment of the present invention provides a device for testing a security algorithm, including:
an obtaining module 401, configured to obtain a test case;
a first processing module 402, configured to test a security algorithm of the controller according to the test case and a test function that is pre-established on a loop HIL test platform of hardware, to obtain a test result;
wherein the test function comprises at least one of:
a message counter function;
a message checksum function;
a data identifier function.
Optionally, the test case includes at least one of:
counting test cases by messages;
counting the message and repeating the periodic test case;
checksum fault test case.
Optionally, the first processing module 402 includes at least one of:
the first testing unit is used for testing the message counting difference value;
the second test unit is used for testing the message counting repetition period;
and the third testing unit is used for carrying out fault testing on the message checksum.
Optionally, the apparatus further comprises:
the first testing module is used for carrying out message counting testing on the target message through the message counter function;
the first determining module is used for determining that the target message is normally received when the numerical value of the message counter in the received target message is continuous in the message receiving period of the receiving controller;
and the target message is sent to the receiving controller by the sending controller.
Optionally, the first test unit is specifically configured to:
after a power-on signal is obtained according to the message counting test case, adjusting a message counter in a first message sent by a sending controller to be an initial value;
and in a first message period indicated by the message counting test case, determining whether the message counting difference value is normal or not through the function of the message counter.
Optionally, the first test unit is specifically further configured to:
determining whether the value corresponding to the message counter is greater than or equal to a first value or not under the condition that the difference value of the message counts is not normal; the first value is determined according to the upper limit value of the message counter and a first preset value;
if so, subtracting the first value from the value corresponding to the message counter;
and if not, adding the first preset value to the numerical value corresponding to the message counter.
Optionally, the second test unit is specifically configured to:
after a power-on signal is obtained according to the message counting repetition period test case, controlling a message counter in a second message sent by a sending controller to be a second preset value;
after the first preset time length, if the value corresponding to the message counter in the second message received by the receiving controller is the second preset value, determining that the message counting repetition period is greater than the first preset time length;
the message counting test case comprises the first preset time length.
Optionally, the third testing unit is specifically configured to:
after a power-on signal is obtained according to the checksum fault test case, a first check value of a third message sent by a sending controller and a second check value of the third message received by a receiving controller in a second message period are determined through the message checksum function and the data identifier function;
determining a check sum fault detection result according to a comparison result of the first check value and the second check value;
and the check sum fault test case comprises the second message period.
Optionally, the apparatus further comprises:
the second determining module is used for determining that the message is not lost under the condition that the receiving controller receives a third message sent by the sending controller within a second preset time length after electrification according to the message receiving time test case;
and the third determining module is used for determining that the message is lost under the condition that the receiving controller does not receive the third message sent by the sending controller within a second preset time length after power-on according to the message receiving time test case.
As shown in fig. 5, an embodiment of the present invention further provides a device for testing a security algorithm, including: a processor 501, a memory 502 and a program stored on the memory 502 and executable on the processor 501, which program, when executed by the processor 501, implements the steps of the method of testing a security algorithm as described in any one of the above.
Optionally, the method further comprises: a transceiver 503, the transceiver 503 for receiving and transmitting data under the control of the processor 501.
Specifically, the processor 501 is configured to:
acquiring a test case;
testing a safety algorithm of the controller according to the test case and a test function which is constructed on a ring HIL test platform of hardware in advance to obtain a test result;
wherein the test function comprises at least one of:
a message counter function;
a message checksum function;
a data identifier function.
Optionally, the test case includes at least one of:
counting test cases by messages;
counting the message and repeating the periodic test case;
checksum fault test case.
Optionally, the processor 501 is specifically configured to at least one of:
testing the message counting difference value;
testing the message counting repetition period;
and carrying out fault test on the message checksum.
Optionally, before the processor 501 tests the security algorithm of the controller according to the test case and the test function constructed on the ring HIL test platform in advance by the hardware, and obtains a test result, the processor 501 is further configured to:
carrying out message counting test on the target message through the message counter function;
in a message receiving period of a receiving controller, under the condition that the numerical values of message counters in the received target messages are continuous, determining that the target messages are normally received;
and the target message is sent to the receiving controller by the sending controller.
Optionally, the processor 501 is specifically configured to:
after a power-on signal is obtained according to the message counting test case, adjusting a message counter in a first message sent by a sending controller to be an initial value;
and in a first message period indicated by the message counting test case, determining whether the message counting difference value is normal or not through the function of the message counter.
Optionally, the processor 501 is specifically further configured to:
determining whether the value corresponding to the message counter is greater than or equal to a first value or not under the condition that the difference value of the message counts is not normal; the first value is determined according to the upper limit value of the message counter and a first preset value;
if so, subtracting the first value from the value corresponding to the message counter;
and if not, adding the first preset value to the numerical value corresponding to the message counter.
Optionally, the processor 501 is specifically configured to:
after a power-on signal is obtained according to the message counting repetition period test case, controlling a message counter in a second message sent by a sending controller to be a second preset value;
after the first preset time length, if the value corresponding to the message counter in the second message received by the receiving controller is the second preset value, determining that the message counting repetition period is greater than the first preset time length;
the message counting test case comprises the first preset duration.
Optionally, the processor 501 is specifically configured to:
after a power-on signal is obtained according to the checksum fault test case, a first check value of a third message sent by a sending controller and a second check value of the third message received by a receiving controller in a second message period are determined through the message checksum function and the data identifier function;
determining a check sum fault detection result according to a comparison result of the first check value and the second check value;
and the check sum fault test case comprises the second message period.
Optionally, the processor 501 is further configured to:
according to the message receiving time test case, determining that the message is not lost under the condition that the receiving controller receives a third message sent by the sending controller within a second preset time length after power-on;
and according to the message receiving time test case, determining that the message is lost under the condition that the receiving controller does not receive the third message sent by the sending controller within a second preset time length after power-on.
Where in fig. 5 the bus architecture may include any number of interconnected buses and bridges, in particular one or more processors represented by processor 501 and various circuits of memory represented by memory 502, linked together. The bus architecture may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. The bus interface provides a user interface 504. The transceiver 503 may be a plurality of elements, including a transmitter and a receiver, providing a means for communicating with various other apparatus over a transmission medium. The processor 501 is responsible for managing the bus architecture and general processing, and the memory 502 may store data used by the processor 501 in performing operations.
In addition, the specific embodiment of the present invention further provides a readable storage medium, where a program is stored, and the program, when executed by a processor, implements the steps in the method for testing a security algorithm according to any one of the above embodiments.
While the preferred embodiments of the present invention have been described, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the following claims.

Claims (12)

1. A method for testing a security algorithm, comprising:
obtaining a test case;
testing the safety algorithm of the controller according to the test case and a test function which is constructed on a ring HIL test platform of hardware in advance to obtain a test result;
wherein the test function comprises at least one of:
a message counter function;
a message checksum function;
a data identifier function.
2. The method for testing a security algorithm of claim 1, wherein the test case comprises at least one of:
counting test cases for messages;
counting the message and repeating the periodic test case;
checksum fault test case.
3. The method for testing a safety algorithm according to claim 1, wherein the testing a safety algorithm of a controller comprises at least one of:
testing the message counting difference value;
testing the message counting repetition period;
and carrying out fault test on the message checksum.
4. The method for testing a security algorithm according to claim 1, wherein before the testing of the security algorithm of the controller according to the test case and the test function constructed on the ring HIL test platform in advance on the hardware, the method further comprises:
carrying out message counting test on the target message through the message counter function;
in a message receiving period of a receiving controller, under the condition that the numerical values of message counters in the received target messages are continuous, determining that the target messages are normally received;
and the target message is sent to the receiving controller by the sending controller.
5. The method according to claim 1, wherein in a case that the test case includes a packet counting test case, and the testing the security algorithm of the controller includes testing a differential value of packet counting to be performed, the testing the security algorithm of the controller according to the test case and a test function previously constructed on a ring HIL test platform of hardware to obtain a test result includes:
after a power-on signal is obtained according to the message counting test case, adjusting a message counter in a first message sent by a sending controller to be an initial value;
and in a first message period indicated by the message counting test case, determining whether the message counting difference value is normal or not through the function of the message counter.
6. The method for testing a security algorithm of claim 5, further comprising:
determining whether the value corresponding to the message counter is greater than or equal to a first value or not under the condition that the difference value of the message counts is not normal; the first value is determined according to the upper limit value of the message counter and a first preset value;
if so, subtracting the first value from the value corresponding to the message counter;
and if not, adding the first preset value to the numerical value corresponding to the message counter.
7. The method according to claim 1, wherein in a case that the test case includes a packet count repetition period test case, and the testing the security algorithm of the controller includes testing a packet count repetition period, the testing the security algorithm of the controller according to the test case and a test function previously constructed on a hardware-in-loop HIL test platform to obtain a test result includes:
after the power-on signal is obtained according to the message counting repetition period test case, controlling a message counter in a second message sent by the sending controller to be a second preset value;
after the first preset time length, if the value corresponding to the message counter in the second message received by the receiving controller is the second preset value, determining that the message counting repetition period is greater than the first preset time length;
the message counting test case comprises the first preset time length.
8. The method for testing a security algorithm according to claim 1, wherein when the test case includes a checksum failure test case, and the testing the security algorithm of the controller includes performing a failure test on a message checksum, the testing the security algorithm of the controller according to the test case and a test function previously constructed on a ring HIL test platform of hardware to obtain a test result includes:
after a power-on signal is obtained according to the checksum fault test case, determining a first check value of a third message sent by a sending controller and a second check value of the third message received by a receiving controller in a second message period through the message checksum function and the data identifier function;
determining a check sum fault detection result according to a comparison result of the first check value and the second check value;
and the check sum fault test case comprises the second message period.
9. The method for testing a security algorithm of claim 1, further comprising:
according to the message receiving time test case, under the condition that the receiving controller receives a third message sent by the sending controller within a second preset time length after being electrified, determining that the message is not lost;
and according to the message receiving time test case, determining that the message is lost under the condition that the receiving controller does not receive the third message sent by the sending controller within a second preset time length after power-on.
10. A security algorithm testing apparatus, comprising:
the acquisition module is used for acquiring a test case;
the first processing module is used for testing the safety algorithm of the controller according to the test case and the test function which is constructed on the ring HIL test platform of the hardware in advance to obtain a test result;
wherein the test function comprises at least one of:
a message counter function;
a message checksum function;
a data identifier function.
11. A security algorithm testing apparatus, comprising: processor, memory and a program stored on the memory and executable on the processor, which program, when executed by the processor, implements the steps of the method of testing a security algorithm according to any one of claims 1 to 9.
12. A readable storage medium, characterized in that the readable storage medium has stored thereon a program which, when being executed by a processor, carries out the steps in the method of testing a security algorithm according to any one of claims 1 to 9.
CN202210718482.9A 2022-06-23 2022-06-23 Method, device and equipment for testing security algorithm Pending CN115098367A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210718482.9A CN115098367A (en) 2022-06-23 2022-06-23 Method, device and equipment for testing security algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210718482.9A CN115098367A (en) 2022-06-23 2022-06-23 Method, device and equipment for testing security algorithm

Publications (1)

Publication Number Publication Date
CN115098367A true CN115098367A (en) 2022-09-23

Family

ID=83293144

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210718482.9A Pending CN115098367A (en) 2022-06-23 2022-06-23 Method, device and equipment for testing security algorithm

Country Status (1)

Country Link
CN (1) CN115098367A (en)

Similar Documents

Publication Publication Date Title
US10432421B2 (en) Communication control device and communication system
US7185262B2 (en) Method and device for monitoring a data processing and transmission
CN112347021B (en) Security module for serial communication device
KR20170120029A (en) Method and device for preventing manipulation of a data transmission
CA2551433C (en) Sending device, receiving device, communication control device, communication system, and communication control method
US11522876B2 (en) Method and device for detecting an attack on a serial communications system
US11694489B2 (en) Message monitoring system, message transmission electronic control unit, and monitoring electronic control unit
US6915471B2 (en) Encoder and method for encoding data
CN115098367A (en) Method, device and equipment for testing security algorithm
CN112713996A (en) Fault verification method based on block chain, server and terminal
US11928019B2 (en) Serial management interface with improved reliability
CN116010158A (en) Verification device, verification system and chip device of configuration register
Ye et al. Component failure mitigation according to failure type
US20190229976A1 (en) Alert throttling
US11861046B2 (en) System for an improved safety and security check
CN111786842B (en) Data processing method and hardware-in-the-loop test system
CN112148514B (en) Watchdog resetting method and device, storage medium and electronic equipment
CN110492979B (en) Incremental data transmission method and device, slave and storage medium
CN116341011B (en) Detection system and method
JP3060076B2 (en) Line monitoring system
CN116300779A (en) Method and apparatus for vehicle diagnostic testing
CN113536309A (en) Software integrity detection method and device, electronic device and storage medium
CN116846775A (en) Fault tolerance test method and device, electronic equipment and storage medium
CN116204434A (en) Functional safety design verification method, device, equipment and medium
TW202034659A (en) Communication monitoring device, communication monitoring method, and communication monitoring program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination