CN115292185A - OBD interface testing method and device, electronic equipment and storage medium - Google Patents
OBD interface testing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN115292185A CN115292185A CN202210991256.8A CN202210991256A CN115292185A CN 115292185 A CN115292185 A CN 115292185A CN 202210991256 A CN202210991256 A CN 202210991256A CN 115292185 A CN115292185 A CN 115292185A
- Authority
- CN
- China
- Prior art keywords
- test
- obd interface
- test case
- diagnosis
- testing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012360 testing method Methods 0.000 title claims abstract description 332
- 238000000034 method Methods 0.000 claims abstract description 31
- 238000003745 diagnosis Methods 0.000 claims description 100
- 230000005540 biological transmission Effects 0.000 claims description 24
- 238000004590 computer program Methods 0.000 claims description 16
- 238000012545 processing Methods 0.000 claims description 14
- 230000006378 damage Effects 0.000 claims description 13
- 230000007246 mechanism Effects 0.000 claims description 7
- 238000010998 test method Methods 0.000 claims description 7
- 238000011076 safety test Methods 0.000 claims description 6
- 238000005336 cracking Methods 0.000 claims description 4
- 230000004044 response Effects 0.000 claims description 2
- 238000004891 communication Methods 0.000 description 19
- 238000013461 design Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 238000004458 analytical method Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3692—Test management for test results analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a method and a device for testing an OBD interface, electronic equipment and a storage medium. The method comprises the following steps: responding to an OBD interface test instruction of the target vehicle, and configuring a test case corresponding to the OBD interface; testing the OBD interface according to the test example to obtain an OBD interface test result; and determining whether the OBD interface meets the safety requirement according to the test result. According to the scheme of the embodiment of the invention, whether the OBD interface of the vehicle meets the safety requirement can be accurately determined, and the safety of the vehicle is guaranteed.
Description
Technical Field
The embodiment of the invention relates to the technical field of vehicle safety, in particular to a method and a device for testing an OBD (on-board diagnostics) interface, electronic equipment and a storage medium.
Background
With the continuous development of intelligent automobiles, more and more Engine Control Units (ECUs) are arranged in the automobiles, and On-Board Diagnostics (OBD) equipment can communicate with all ECU electronic Control units connected with an in-automobile gateway through an OBD interface to monitor the working conditions of all ECU electronic Control units On different buses in the automobiles in real time and perform fault diagnosis. The OBD interface is used as a node on the bus, not only can monitor the information on the bus, but also can forge the information to deceive the ECU, thereby achieving the purpose of changing the behavior state of the automobile.
In order to prevent the OBD interface from being maliciously utilized, a security encryption protection method and a physical intrusion prevention function aiming at the OBD are adopted for external communication of the existing OBD interface, and how to determine whether the OBD interface is safe and reliable is a key problem of research in the industry.
Disclosure of Invention
The embodiment of the invention provides a method and a device for testing an OBD (on-board diagnostics) interface, electronic equipment and a storage medium, which are used for accurately determining whether the OBD interface of a vehicle meets safety requirements or not and providing guarantee for the safety of the vehicle.
According to an aspect of the embodiments of the present invention, there is provided a method for testing an OBD interface, including:
responding to an OBD interface test instruction of a target vehicle, and configuring a test case corresponding to the OBD interface;
testing the OBD interface according to the test example to obtain an OBD interface test result;
and determining whether the OBD interface meets the safety requirement according to the test result.
According to another aspect of the embodiments of the present invention, there is provided an OBD interface testing apparatus, including:
the test case configuration module is used for responding to an OBD interface test instruction of a target vehicle and configuring a test case corresponding to the OBD interface;
the test result determining module is used for testing the OBD interface according to the test example to obtain an OBD interface test result;
and the OBD interface safety determination module is used for determining whether the OBD interface meets the safety requirement according to the test result.
According to another aspect of the embodiments of the present invention, there is provided an electronic apparatus, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor, and the computer program is executed by the at least one processor to enable the at least one processor to execute the OBD interface testing method according to any embodiment of the present invention.
According to another aspect of the embodiments of the present invention, there is provided a computer-readable storage medium storing computer instructions for causing a processor to implement a method for testing an OBD interface according to any one of the embodiments of the present invention when the computer instructions are executed.
According to the technical scheme of the embodiment of the invention, a test example corresponding to an OBD interface is configured by responding to an OBD interface test instruction of a target vehicle; testing the OBD interface according to the test example to obtain an OBD interface test result; and determining whether the OBD interface meets the safety requirement according to the test result, and accurately determining whether the OBD interface of the vehicle meets the safety requirement so as to provide guarantee for the safety of the vehicle.
It should be understood that the statements in this section do not necessarily identify key or critical features of any embodiments of the present invention, nor limit the scope of any embodiments of the present invention. Other features of embodiments of the present invention will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a testing method for an OBD interface according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a test system of an OBD interface according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a testing apparatus for an OBD interface according to a second embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device implementing the method for testing an OBD interface according to the embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the embodiments of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only some embodiments, not all embodiments, of the embodiments of the present invention. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments of the present invention without any creative efforts shall fall within the protection scope of the embodiments of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the embodiments of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1 is a flowchart of a method for testing an OBD interface according to an embodiment of the present invention, where the embodiment is applicable to testing the OBD interface of a vehicle, so as to ensure the safety of the vehicle, and the method may be executed by a testing apparatus of the OBD interface, where the testing apparatus of the OBD interface may be implemented in a form of hardware and/or software, and the testing apparatus of the OBD interface may be configured in an electronic device such as a vehicle-mounted terminal, a computer, a server, or a tablet computer. As shown in fig. 1, the method includes:
and step 110, responding to an OBD interface test instruction of the target vehicle, and configuring a test case corresponding to the OBD interface.
The target vehicle may be any vehicle, such as a car, a racing car, or a van, and is not limited in this embodiment.
The OBD device communicates with each ECU electronic control unit connected to the gateway in the vehicle through the OBD interface, and monitors the operating conditions of each ECU electronic control unit on different buses in the vehicle in real time to perform fault diagnosis.
In this embodiment, the OBD interface may be in communication connection with the diagnostic access terminal and the diagnostic admission terminal; the diagnosis access end can be a diagnosis instrument, the diagnosis access end can be an automobile central gateway, and the diagnosis access end can simultaneously communicate with a plurality of ECU electronic control units.
In an optional implementation manner of this embodiment, when a test instruction for an OBD interface of a target vehicle is received, a test case corresponding to the OBD interface may be configured to be generated; in this embodiment, the test cases corresponding to the OBD interface may include an identity authentication test case, a data security test case, an authentication algorithm test case, a key security storage test case, a key data usage test case, a key destruction test case, a key security storage test case, an authentication identification processing test case, and a physical security test case. The identity authentication test case, the data security test case and the authentication algorithm test case are test cases aiming at the OBD interface; the key safety storage test case, the key data use test case and the key destruction test case are test cases aiming at the diagnosis access end; the key safety storage test case and the authentication identification processing test case are test cases aiming at a diagnosis admission end; the physical security test case is a test case for a hardware device of the OBD interface.
In an optional implementation manner of this embodiment, in response to an OBD interface test instruction of a target vehicle, configuring a test case corresponding to an OBD interface includes: determining a test type aiming at the OBD interface according to the test instruction; the test type comprises a software test and/or a hardware test; and determining at least one test case according to the test type.
The test type can be software test, hardware test or software test and hardware test; the software test may also be an OBD interface test, a diagnostic access terminal test, or a diagnostic access terminal test, which is not limited in this embodiment.
For example, if the test type determined according to the test instruction is a hardware test, a physical security test case may be generated; if the test type determined according to the test instruction is a software test, an identity authentication test case, a data security test case, an authentication algorithm test case, a key security storage test case, a key data use test case, a key destruction test case, a key security storage test case, or an authentication identification processing test case may be generated.
And 120, testing the OBD interface according to the test example to obtain an OBD interface test result.
In an optional implementation manner of this embodiment, after the test case corresponding to the OBD interface is configured and obtained by responding to the OBD interface test instruction of the target vehicle, the OBD interface may be further tested according to the test case obtained by the configuration, so as to obtain an OBD interface test result.
In an optional implementation manner of this embodiment, the testing the OBD interface according to the test case to obtain an OBD interface test result may include: if the test example is an identity authentication test example, respectively performing authentication test on the identity authorities of the diagnosis access end and the diagnosis admission end; wherein, the identity authority to diagnosis incoming end and diagnosis incoming end is admitted respectively and is carried out authentication test, can include: determining whether the diagnosis access terminal carries out identity authority authentication on the diagnosis access terminal according to a preset standard requirement; or, determining whether the diagnosis access terminal opens different access rights for different diagnosis access terminals according to preset standard requirements; or, determining whether the diagnosis access terminal performs identity authority authentication on the diagnosis access terminal according to a preset standard requirement. The content required by the preset specification is not specifically limited in the embodiment of the present invention, and is not limited to the embodiment of the present invention.
In this embodiment, whether the diagnosis access terminal performs identity right authentication on the diagnosis access terminal according to the specification requirement may be tested according to the design requirement of the identity authentication logic. If yes, the test is passed, otherwise, the test is not passed; or the accountability can test whether the diagnosis access terminal opens different access rights for different diagnosis access terminals according to the specification requirement according to the design requirement of the identity authentication logic. If yes, the test is passed, otherwise, the test is not passed; or the diagnosis access terminal can be tested according to the design requirement of the identity authentication logic to test whether the identity authority authentication is carried out on the diagnosis access terminal according to the standard requirement. If yes, the test passes, otherwise, the test fails.
Optionally, if the test case is a data security test case, the diagnostic access terminal and the diagnostic admission terminal are respectively logged in to obtain diagnostic transmission data; and determining the integrity of the diagnosis transmission data according to the comparison result of the diagnosis transmission data and the target transmission data, and obtaining a data safety test result according to the integrity.
In this embodiment, the diagnosis access terminal and the diagnosis admission terminal may be respectively logged in to obtain diagnosis transmission data, and the transmitted diagnosis data may be checked by modifying the transmission data to check whether confidentiality and integrity protection is implemented. If confidentiality integrity protection exists, the test is passed, otherwise, the test is not passed; whether an SE security chip is adopted to protect the secret key can be checked; if yes, the test passes, otherwise, the test fails.
Optionally, if the test case is an authentication algorithm test case, the transmission data sent to the OBD interface through the diagnosis access terminal is acquired, the transmission data is analyzed, and it is determined whether to encrypt the transmission data by using an encryption algorithm.
In this embodiment, the use of the algorithm can be comprehensively judged by the packet length intercepted by the communication protocol, and whether the strength encryption algorithm of SM2, RSA2048 or ECC256 or more is used or not is tested; if yes, the test is passed, otherwise, the test is not passed; and whether the SE chip is used or not can be tested, the calling mode of the key can be tested, and whether safe storage is performed or not can be checked. If yes, the test is passed, otherwise, the test is not passed; a key updating mechanism can be obtained, and the security of the key updating mechanism is tested; if yes, the test passes, otherwise, the test fails.
In another optional implementation manner of this embodiment, the testing the OBD interface according to the test case to obtain an OBD interface test result may further include: and if the test case is a secret key safe storage test case, obtaining secret key information used by identity authentication of the diagnosis access end, and determining whether the diagnosis access end carries out safe storage according to the secret key information.
In this embodiment, whether the diagnosis access terminal performs secure storage may be tested according to the key information used for the identity authentication. If yes, the test passes, otherwise, the test fails.
Optionally, if the test case is a key data use test case, it is determined whether the key information used by the identity authentication of the diagnosis access terminal is correct, and if the key information is wrong, whether the diagnosis access terminal can be accessed.
In this embodiment, the key information used for the identity authentication may be tested, and it may be diagnosed whether the access terminal should only allow the access of the corresponding user to the access terminal, and other users cannot use or access the key information for the identity authentication. If yes, the test passes, otherwise, the test fails.
Optionally, if the test case is a key destruction test case, it is determined whether the diagnosis access terminal has a key destruction mechanism.
In this embodiment, it may be tested and diagnosed whether the access end has a key destruction mechanism, and the data after destruction should not be recovered. If yes, the test passes, otherwise, the test fails.
In another optional implementation manner of this embodiment, the testing the OBD interface according to the test case to obtain an OBD interface test result may further include: and if the test example is the secret key safe storage test example, determining whether the diagnosis admission end carries out safe storage.
In this embodiment, whether the diagnosis admission end performs SE security storage may be tested according to key information used for identity authentication. If yes, the test passes, otherwise, the test fails.
Optionally, if the test case is the authentication failure processing test case, it is determined whether brute force cracking can be prevented.
In this embodiment, a processing mechanism for diagnosing access terminal authentication failure may be triggered to test whether brute force cracking can be prevented. If yes, the test passes, otherwise, the test fails.
In another optional implementation manner of this embodiment, the testing the OBD interface according to the test case to obtain an OBD interface test result may further include: and if the test case is a physical security test case, testing the OBD interface through a logic analyzer or an Ethernet adapter.
In this embodiment, the hardware of the OBD interface may be tested using an analysis interface such as a logic analyzer, a CAN card, and an ethernet adapter; illustratively, VCC and GND of the OBD interface may be found by a multimeter; capturing data of an unknown interface by a logic analyzer; analyzing the interface and identifying the interface definition; after the interface is identified, the corresponding tools such as a CAN card and an Ethernet adapter are used for connection verification; if the communication bus connected with the test diagnosis interface only has one electric control unit and the electric control unit is an access terminal, if the communication bus is in accordance with the test diagnosis interface, the test is passed, otherwise, the test is not passed.
And step 130, determining whether the OBD interface meets the safety requirement according to the test result.
In an optional implementation manner of this embodiment, after the OBD interface is tested according to the test case and the OBD interface test result is obtained, it may be further determined whether the OBD interface meets the security requirement according to the obtained test result.
In an optional implementation manner of this embodiment, determining whether the OBD interface meets the security requirement according to the test result may include: if the test result is that the test is passed, determining that the OBD interface meets the safety requirement; and otherwise, determining that the OBD interface does not meet the safety requirement, and sending a safety early warning message to the vehicle-mounted terminal to prompt the user to maintain the target vehicle.
According to the technical scheme of the embodiment, a test case corresponding to an OBD interface is configured by responding to an OBD interface test instruction of a target vehicle; testing the OBD interface according to the test example to obtain an OBD interface test result; and determining whether the OBD interface meets the safety requirement according to the test result, and accurately determining whether the OBD interface of the vehicle meets the safety requirement so as to provide guarantee for the safety of the vehicle.
For better understanding of the embodiment of the present invention, fig. 2 is a schematic structural diagram of a test system of an OBD interface according to an embodiment of the present invention; as shown in fig. 2, the test system of the OBD interface mainly includes: the system comprises an OBD interface 210, a diagnosis access end 220, a diagnosis access end 230, a vehicle information electronic safety token 221 connected with the diagnosis access end 220 in a communication mode, a communication protocol analysis tool 211 connected with the OBD interface in a communication mode, a CAN card 212, an Ethernet adapter 213, a power supply 231 connected with the diagnosis access end 230, a CAN bus tool 232 and an ECU unit 233.
In an optional implementation manner of this embodiment, the software module of the OBD interface security testing system may include:
(1) The test management module: the method comprises information configuration, test plan management, test case management, test report management and the like;
(2) Identity authentication authority diagnosis library: storing a UDS session access service matrix defined by a vehicle gateway;
(3) The communication protocol data analysis module: comprehensively judging the use of an analysis algorithm according to the length of a data packet intercepted by a communication protocol to generate an algorithm analysis result;
(4) A log module: recording a communication protocol data packet and diagnosis service data monitored by a CAN bus;
(5) A test result analysis module: and analyzing whether the OBD interface meets the safety requirement or not according to the identity authentication rule and the authority design scheme.
In the technical scheme of the embodiment of the invention, the acquisition, storage, application and the like of the personal information (such as face information, voice information and the like) of the related user all accord with the regulations of related laws and regulations without violating the good customs of the public order.
According to the scheme of the embodiment of the invention, the test can be carried out according to the OBD interface information safety design specification, and the identity authentication and the permission test between the diagnosis access end and the diagnosis admission end of the OBD interface can be checked. Establishing a diagnosis service library, and testing the services allowed by the OBD authentication diagnosis access terminal under different scenes; testing whether the keys of the diagnosis access end and the diagnosis ready-to-access end are safely stored; testing whether the data transmission of the diagnosis access end and the diagnosis ready-to-access end has confidentiality integrity protection; testing whether the OBD physical interface meets the security design requirements, and the like. So as to verify whether the automobile OBD interface has a security hole.
EXAMPLE III
Fig. 3 is a schematic structural diagram of a testing apparatus for an OBD interface according to a second embodiment of the present invention, where the testing apparatus can perform a testing method for the OBD interface according to the above-mentioned embodiments; as shown in fig. 3, the apparatus includes: a test case configuration module 310, a test result determination module 320, and an OBD interface security determination module 330.
The test case configuration module 310 is configured to respond to an OBD interface test instruction of a target vehicle, and configure a test case corresponding to the OBD interface;
the test result determining module 320 is configured to test the OBD interface according to the test case to obtain an OBD interface test result;
and the OBD interface security determining module 330 is configured to determine whether the OBD interface meets the security requirement according to the test result.
According to the scheme of the embodiment, a test case configuration module responds to an OBD interface test instruction of a target vehicle, and a test case corresponding to the OBD interface is configured; testing the OBD interface according to the test example through a test result determining module to obtain an OBD interface test result; and determining whether the OBD interface meets the safety requirement or not through an OBD interface safety determination module according to the test result, and accurately determining whether the OBD interface of the vehicle meets the safety requirement or not so as to provide guarantee for the safety of the vehicle.
In an optional implementation manner of this embodiment, the test case includes at least one of the following:
the system comprises an identity authentication test case, a data security test case, an authentication algorithm test case, a key security storage test case, a key data use test case, a key destruction test case, a key security storage test case, an authentication identification processing test case and a physical security test case.
In an optional implementation manner of this embodiment, the test case configuration module 310 is specifically configured to determine, according to the test instruction, a test type for the OBD interface; the test type comprises a software test and/or a hardware test;
and determining at least one test case according to the test type.
In an optional implementation manner of this embodiment, the test result determining module 320 is specifically configured to perform, if the test case is an identity authentication test case, authentication tests on identity authorities of the diagnosis access terminal and the diagnosis admission terminal respectively;
the identity authority to diagnosis incoming end and diagnosis incoming end carries out authentication test respectively, includes:
determining whether the diagnosis access terminal carries out identity authority authentication on the diagnosis access terminal according to a preset standard requirement;
or, determining whether the diagnosis access terminal opens different access rights for different diagnosis access terminals according to a preset standard requirement;
or, determining whether the diagnosis access terminal performs identity authority authentication on the diagnosis access terminal according to a preset standard requirement;
if the test case is a data safety test case, logging in the diagnosis access terminal and the diagnosis access terminal respectively to obtain diagnosis transmission data;
determining the integrity of the diagnosis transmission data according to the comparison result of the diagnosis transmission data and the target transmission data, and obtaining a data safety test result according to the integrity;
and if the test case is an authentication algorithm test case, acquiring transmission data sent to the OBD interface through the diagnosis access end, analyzing the transmission data, and determining whether to encrypt the transmission data by using an encryption algorithm.
In an optional implementation manner of this embodiment, the test result determining module 320 is further specifically configured to, if the test case is a secret key secure storage test case, obtain secret key information used for identity authentication of the diagnosis access terminal, and determine whether the diagnosis access terminal performs secure storage according to the secret key information;
if the test case is a key data use test case, determining whether the key information used by the identity authentication of the diagnosis access terminal is correct, and if the key information is wrong, determining whether the diagnosis access terminal can be accessed;
and if the test case is the key destruction test case, determining whether the diagnosis access end has a key destruction mechanism.
In an optional implementation manner of this embodiment, the test result determining module 320 is further specifically configured to determine whether the diagnosis admission end performs secure storage if the test case is a secret key secure storage test case;
and if the test case is the authentication failure processing test case, determining whether brute force cracking can be prevented.
In an optional implementation manner of this embodiment, the test result determining module 320 is further specifically configured to test the OBD interface through a logic analyzer or an ethernet adapter if the test case is a physical security test case.
In an optional implementation manner of this embodiment, the OBD interface security determining module 330 is specifically configured to determine that the OBD interface meets the security requirement if the test result is that the test is passed;
and otherwise, determining that the OBD interface does not meet the safety requirement, and sending a safety early warning message to the vehicle-mounted terminal to prompt the user to maintain the target vehicle.
The OBD interface testing device provided by the embodiment of the invention can execute the OBD interface testing method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
EXAMPLE III
FIG. 4 shows a schematic block diagram of an electronic device 10 that may be used to implement embodiments of the present invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of embodiments of the inventions described and/or claimed herein.
As shown in fig. 4, the electronic device 10 includes at least one processor 11, and a memory communicatively connected to the at least one processor 11, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 11 can perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from a storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data necessary for the operation of the electronic apparatus 10 can also be stored. The processor 11, the ROM 12, and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to the bus 14.
A number of components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, or the like; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. The processor 11 performs the various methods and processes described above, such as the test method of the OBD interface.
In some embodiments, the method of testing an OBD interface may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into RAM 13 and executed by processor 11, one or more steps of the above described method of testing an OBD interface may be performed. Alternatively, in other embodiments, the processor 11 may be configured by any other suitable means (e.g. by means of firmware) to perform the test method of the OBD interface.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Computer programs for implementing methods of embodiments of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of embodiments of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above, reordering, adding or deleting steps, may be used. For example, the steps described in the embodiments of the present invention may be executed in parallel, may be executed sequentially, or may be executed in different orders, as long as the desired result of the technical solution of the embodiments of the present invention can be achieved, which is not limited herein.
The above detailed description does not limit the scope of the embodiments of the present invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the embodiments of the present invention should be included in the scope of the embodiments of the present invention.
Claims (11)
1. A test method of an OBD interface is characterized by comprising the following steps:
responding to an OBD interface test instruction of a vehicle-mounted automatic diagnosis system of a target vehicle, and configuring a test case corresponding to the OBD interface;
testing the OBD interface according to the test example to obtain an OBD interface test result;
and determining whether the OBD interface meets the safety requirement according to the test result.
2. The method of claim 1, wherein the test case comprises at least one of:
the system comprises an identity authentication test case, a data security test case, an authentication algorithm test case, a key security storage test case, a key data use test case, a key destruction test case, a key security storage test case, an authentication identification processing test case and a physical security test case.
3. The method of claim 2, wherein configuring the test case corresponding to the OBD interface in response to the target vehicle's OBD interface test instructions comprises:
determining a test type aiming at the OBD interface according to the test instruction; the test type comprises a software test and/or a hardware test;
and determining at least one test case according to the test type.
4. The method according to claim 3, wherein the testing the OBD interface according to the test case to obtain an OBD interface test result comprises:
if the test example is an identity authentication test example, respectively performing authentication test on the identity authorities of the diagnosis access end and the diagnosis admission end;
the identity authority to diagnosis incoming end and diagnosis incoming end carries out authentication test respectively, includes:
determining whether the diagnosis access terminal carries out identity authority authentication on the diagnosis access terminal according to the preset standard requirement;
or, determining whether the diagnosis access terminal opens different access rights for different diagnosis access terminals according to preset standard requirements;
or, determining whether the diagnosis access terminal performs identity authority authentication on the diagnosis access terminal according to a preset standard requirement;
if the test case is a data safety test case, logging in the diagnosis access terminal and the diagnosis access terminal respectively to obtain diagnosis transmission data;
determining the integrity of the diagnosis transmission data according to the comparison result of the diagnosis transmission data and the target transmission data, and obtaining a data safety test result according to the integrity;
and if the test case is an authentication algorithm test case, acquiring transmission data sent to the OBD interface through the diagnosis access end, analyzing the transmission data, and determining whether to encrypt the transmission data by using an encryption algorithm.
5. The method according to claim 3, wherein the testing the OBD interface according to the test case to obtain an OBD interface test result comprises:
if the test case is a secret key safe storage test case, obtaining secret key information used by identity authentication of the diagnosis access end, and determining whether the diagnosis access end carries out safe storage according to the secret key information;
if the test case is a key data use test case, determining whether the key information used by the identity authentication of the diagnosis access terminal is correct, and if the key information is wrong, determining whether the diagnosis access terminal can be accessed;
and if the test case is the key destruction test case, determining whether the diagnosis access end has a key destruction mechanism.
6. The method according to claim 3, wherein the testing the OBD interface according to the test case to obtain an OBD interface test result comprises:
if the test case is a secret key safe storage test case, determining whether a diagnosis access terminal carries out safe storage;
and if the test case is the authentication failure processing test case, determining whether brute force cracking can be prevented.
7. The method according to claim 3, wherein the testing the OBD interface according to the test case to obtain an OBD interface test result comprises:
and if the test case is a physical safety test case, testing the OBD interface through a logic analyzer or an Ethernet adapter.
8. The method of claim 1, wherein determining whether the OBD interface meets a security requirement based on the test result comprises:
if the test result is that the test is passed, determining that the OBD interface meets the safety requirement;
and otherwise, determining that the OBD interface does not meet the safety requirement, and sending a safety early warning message to the vehicle-mounted terminal to prompt the user to maintain the target vehicle.
9. An OBD interface testing device, comprising:
the test case configuration module is used for responding to an OBD interface test instruction of a target vehicle and configuring a test case corresponding to the OBD interface;
the test result determining module is used for testing the OBD interface according to the test example to obtain an OBD interface test result;
and the OBD interface safety determination module is used for determining whether the OBD interface meets the safety requirement according to the test result.
10. An electronic device, characterized in that the electronic device comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of testing an OBD interface according to any of claims 1-8.
11. A computer-readable storage medium storing computer instructions for causing a processor to perform the method of testing an OBD interface of any of claims 1-8 when executed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210991256.8A CN115292185A (en) | 2022-08-18 | 2022-08-18 | OBD interface testing method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210991256.8A CN115292185A (en) | 2022-08-18 | 2022-08-18 | OBD interface testing method and device, electronic equipment and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115292185A true CN115292185A (en) | 2022-11-04 |
Family
ID=83830156
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210991256.8A Pending CN115292185A (en) | 2022-08-18 | 2022-08-18 | OBD interface testing method and device, electronic equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115292185A (en) |
-
2022
- 2022-08-18 CN CN202210991256.8A patent/CN115292185A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106828362B (en) | Safety testing method and device for automobile information | |
CN106462702B (en) | Method and system for acquiring and analyzing electronic forensic data in a distributed computer infrastructure | |
CN111881452B (en) | Safety test system for industrial control equipment and working method thereof | |
ben Othmane et al. | On the performance of detecting injection of fabricated messages into the can bus | |
CN110088744B (en) | Database maintenance method and system | |
CN111984975B (en) | Vulnerability attack detection system, method and medium based on mimicry defense mechanism | |
CN114374565A (en) | Intrusion detection method and device for vehicle CAN network, electronic equipment and medium | |
CN112953971A (en) | Network security traffic intrusion detection method and system | |
CN112615858B (en) | Internet of things equipment monitoring method, device and system | |
CN117290803B (en) | Energy storage inverter remote fault diagnosis method, system and medium | |
CN115147956A (en) | Data processing method and device, electronic equipment and storage medium | |
CN109885037A (en) | A kind of method and relevant device of vehicle diagnostics | |
KR102304237B1 (en) | compliance management system through automatic diagnosis of infrastructure asset threat and method therefor | |
CN114938521A (en) | Network state detection method and device, electronic equipment and storage medium | |
CN117707112B (en) | Fault diagnosis method, system, equipment and storage medium | |
CN113569254A (en) | High-safety network information protection system and protection method thereof | |
CN115292185A (en) | OBD interface testing method and device, electronic equipment and storage medium | |
CN114157464B (en) | Network test monitoring method and monitoring system | |
CN116303069A (en) | Test method, device, upper computer, system and medium of vehicle-mounted terminal | |
CN115883138A (en) | Method, device, equipment and medium for polling running state of airborne entertainment system | |
CN115296874A (en) | Computer network security system, method, medium, equipment and terminal | |
CN115037531A (en) | Unauthorized access vulnerability detection method, device and system | |
CN112583812B (en) | Account security determination method, device, equipment and medium | |
US20240193273A1 (en) | Threat analysis method and threat analysis system | |
CN114553490B (en) | Industrial passive fuzzy test method, system and readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |