CN115378639A - Vehicle intrusion detection test method and device, storage medium and vehicle - Google Patents
Vehicle intrusion detection test method and device, storage medium and vehicle Download PDFInfo
- Publication number
- CN115378639A CN115378639A CN202210816550.5A CN202210816550A CN115378639A CN 115378639 A CN115378639 A CN 115378639A CN 202210816550 A CN202210816550 A CN 202210816550A CN 115378639 A CN115378639 A CN 115378639A
- Authority
- CN
- China
- Prior art keywords
- test
- target vehicle
- vehicle
- message
- execution result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 110
- 238000010998 test method Methods 0.000 title abstract description 6
- 238000012360 testing method Methods 0.000 claims abstract description 834
- 238000000034 method Methods 0.000 claims abstract description 92
- 230000006399 behavior Effects 0.000 claims description 67
- 238000004458 analytical method Methods 0.000 claims description 49
- 238000003745 diagnosis Methods 0.000 claims description 37
- 238000013515 script Methods 0.000 claims description 36
- 230000002159 abnormal effect Effects 0.000 claims description 30
- 238000004590 computer program Methods 0.000 claims description 14
- 238000007405 data analysis Methods 0.000 claims description 14
- 238000012545 processing Methods 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 5
- 230000000694 effects Effects 0.000 abstract description 3
- 230000008569 process Effects 0.000 description 65
- 230000006870 function Effects 0.000 description 63
- 230000004044 response Effects 0.000 description 51
- 230000005856 abnormality Effects 0.000 description 12
- 230000006855 networking Effects 0.000 description 12
- 230000008859 change Effects 0.000 description 8
- 238000004891 communication Methods 0.000 description 8
- 230000009545 invasion Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 238000004088 simulation Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000005034 decoration Methods 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 206010001488 Aggression Diseases 0.000 description 1
- 230000016571 aggressive behavior Effects 0.000 description 1
- 208000012761 aggressive behavior Diseases 0.000 description 1
- 230000002547 anomalous effect Effects 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a vehicle intrusion detection test method, a vehicle intrusion detection test device, a storage medium and a vehicle. Wherein, the method comprises the following steps: the target vehicle intrusion detection test report is generated based on the target execution result by acquiring the information set to be tested corresponding to the target vehicle, determining the task to be tested of the target vehicle according to the information set to be tested, and executing the task to be tested on the target vehicle to obtain the target execution result, so that the aim of flexibly detecting the vehicle intrusion behavior recognition capability by configuring test data meeting the vehicle intrusion detection test requirement is fulfilled, and the technical effect of improving the accuracy of the intrusion detection test result under various complex and diverse test requirements of the vehicle is realized. The invention solves the technical problem that the vehicle intrusion detection test result is not accurate enough due to inaccurate selection of vehicle test data in the related technology.
Description
Technical Field
The invention relates to the field of vehicle communication, in particular to a vehicle intrusion detection testing method, a vehicle intrusion detection testing device, a storage medium and a vehicle.
Background
In the related art in the field of vehicle communication, a Controller Area Network (CAN) bus is generally used for vehicle communication. The vehicle CAN bus has high transmission rate, strong anti-interference performance and moderate cost, and is widely used in the field of vehicle communication. However, the vehicle CAN bus is easily attacked by intrusion because of the characteristics of plaintext transmission, message broadcast transmission, few network segments, no content verification and the like. It is necessary to perform intrusion detection tests on vehicles in order to take corresponding measures to improve the security of vehicle communications based on the vehicle's detection capability of intrusion behavior.
The network attack scenes and modes of the vehicles are complex and various, and in the related technology, the vehicle intrusion detection test result is not accurate enough due to inaccurate selection of vehicle test data.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides a vehicle intrusion detection test method, a vehicle intrusion detection test device, a storage medium and a vehicle, and at least solves the technical problem that in the related technology, the vehicle intrusion detection test result is not accurate enough due to inaccurate vehicle test data selection.
According to an aspect of an embodiment of the present invention, there is provided a vehicle intrusion detection testing method, including:
acquiring a to-be-tested information set corresponding to a target vehicle, wherein the to-be-tested information set is used for determining test data of intrusion detection testing of the target vehicle; determining a task to be tested of the target vehicle according to the information set to be tested, wherein the task to be tested is used for determining an intrusion behavior to be executed on the target vehicle; executing a task to be tested on a target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects an intrusion behavior; and generating an intrusion detection test report of the target vehicle based on the target execution result.
Optionally, the set of information to be tested comprises: the first test information is used for determining user identity information corresponding to the target vehicle; second test information for determining vehicle information of the target vehicle; the third test information is used for determining parameter configuration information corresponding to the vehicle-mounted bus of the target vehicle; the fourth test information is used for determining the test time of the target vehicle for carrying out the intrusion detection test; and the fifth test information is used for determining a test case for the target vehicle to carry out the intrusion detection test.
Optionally, the third test information includes: the data analysis file is used for analyzing vehicle bus data of the target vehicle; a data diagnostic file for diagnosing vehicle bus data of the target vehicle; and the parameter configuration device is used for configuring file parameters of the data analysis file and the data diagnosis file.
Optionally, determining the task to be tested of the target vehicle according to the information set to be tested includes: determining a candidate test script according to the test case corresponding to the fifth test information; according to the third test information, carrying out configuration adjustment on the candidate test scripts to determine a target test script; and determining a task to be tested of the target vehicle based on the fourth test information and the target test script.
Optionally, the tasks to be tested include: the method comprises the steps of performing a flooding attack test, wherein the flooding attack test is used for determining that a first message is sent on a vehicle-mounted bus of a target vehicle, and the first message is used for increasing the load rate of the vehicle-mounted bus; the fuzzy test is used for determining that a second message is sent on the vehicle-mounted bus of the target vehicle, wherein the second message is a message with a message identifier not belonging to the predefined set of the target vehicle; the message abnormity test is used for determining that a third message is sent on the vehicle-mounted bus of the target vehicle, wherein the third message is a message of which the message identifier belongs to the predefined set and the message content is different from the predefined set content; the signal abnormity test is used for determining that a fourth message is sent on a vehicle-mounted bus of the target vehicle, wherein the fourth message is a message of which the message identification belongs to a predefined set and the content of a signal corresponding to the message is different from that of the predefined set; the message replay test is used for determining that the existing message is collected and completely replayed on the vehicle-mounted bus of the target vehicle; the message tampering test is used for determining that the existing message is collected, modified and forwarded on a vehicle-mounted bus of a target vehicle; the diagnostic anomaly test is used for determining that a fifth message is sent on the vehicle-mounted bus of the target vehicle, wherein the fifth message is a diagnostic request message with a plurality of message identifications being different; and a diagnostic state exception test for determining that a diagnostic request is made on the vehicle bus in the target vehicle launch state.
Optionally, executing the task to be tested on the target vehicle, and obtaining a target execution result includes: carrying out a flooding attack test on a target vehicle to obtain a first execution result; carrying out fuzzy test on the target vehicle to obtain a second execution result; performing message abnormity test on the target vehicle to obtain a third execution result; performing signal abnormity test on the target vehicle to obtain a fourth execution result; carrying out message replay test on the target vehicle to obtain a fifth execution result; performing message tampering test on the target vehicle to obtain a sixth execution result; performing a diagnosis abnormity test on the target vehicle to obtain a seventh execution result; performing a diagnosis state abnormity test on the target vehicle to obtain an eighth execution result; and determining a target execution result according to the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result and the eighth execution result.
Optionally, the generating an intrusion detection test report of the target vehicle based on the target execution result comprises: analyzing the target execution result by using a preset test analysis strategy to obtain an analysis result; and generating an intrusion detection test report of the target vehicle according to the target execution result and the analysis result.
According to an embodiment of the present invention, there is also provided a vehicle intrusion detection testing apparatus including: the system comprises an acquisition module, a detection module and a control module, wherein the acquisition module acquires an information set to be tested corresponding to a target vehicle, and the information set to be tested is used for determining test data of the target vehicle for intrusion detection test; the determining module is used for determining a task to be tested of the target vehicle according to the information set to be tested, wherein the task to be tested is used for determining an intrusion behavior to be executed on the target vehicle; the testing module executes a task to be tested on the target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects an intrusion behavior; and the reporting module is used for generating an intrusion detection test report of the target vehicle based on the target execution result.
Optionally, in the vehicle intrusion detection testing apparatus, the information set to be tested includes: the first test information is used for determining user identity information corresponding to the target vehicle; second test information for determining vehicle information of the target vehicle; the third test information is used for determining parameter configuration information corresponding to the vehicle-mounted bus of the target vehicle; the fourth test information is used for determining the test time of the target vehicle for carrying out the intrusion detection test; and the fifth test information is used for determining a test case for the target vehicle to carry out the intrusion detection test.
Optionally, in the vehicle intrusion detection testing apparatus, the third test information includes: the data analysis file is used for analyzing vehicle bus data of the target vehicle; a data diagnostic file for diagnosing vehicle bus data of the target vehicle; and the parameter configuration information is used for configuring file parameters of the data analysis file and the data diagnosis file.
Optionally, the determining module is further configured to: determining a candidate test script according to the test case corresponding to the fifth test information; according to the third test information, carrying out configuration adjustment on the candidate test scripts to determine a target test script; and determining a task to be tested of the target vehicle based on the fourth test information and the target test script.
Optionally, in the vehicle intrusion detection testing apparatus, the task to be tested includes: the method comprises the steps of performing a flooding attack test, wherein the flooding attack test is used for determining that a first message is sent on a vehicle-mounted bus of a target vehicle, and the first message is used for increasing the load rate of the vehicle-mounted bus; the fuzzy test is used for determining that a second message is sent on the vehicle-mounted bus of the target vehicle, wherein the second message is a message with a message identifier not belonging to the predefined set of the target vehicle; the message abnormity test is used for determining that a third message is sent on the vehicle-mounted bus of the target vehicle, wherein the third message is a message of which the message identifier belongs to the predefined set and the message content is different from the predefined set content; the signal abnormity test is used for determining that a fourth message is sent on a vehicle-mounted bus of the target vehicle, wherein the fourth message is a message of which the message identification belongs to the predefined set and the content of the signal corresponding to the message is different from that of the predefined set; the message replay test is used for determining that the existing message is collected and completely replayed on the vehicle-mounted bus of the target vehicle; the message tampering test is used for determining that the existing message is collected, modified and forwarded on a vehicle-mounted bus of a target vehicle; the diagnostic anomaly test is used for determining that a fifth message is sent on the vehicle-mounted bus of the target vehicle, wherein the fifth message is a diagnostic request message with a plurality of message identifications being different; and a diagnostic state anomaly test for determining that a diagnostic request is made on the on-board bus in the target vehicle-started state.
Optionally, the test module is further configured to: carrying out a flooding attack test on a target vehicle to obtain a first execution result; carrying out fuzzy test on the target vehicle to obtain a second execution result; performing message abnormity test on the target vehicle to obtain a third execution result; performing signal abnormity test on the target vehicle to obtain a fourth execution result; carrying out message replay test on the target vehicle to obtain a fifth execution result; performing message tampering test on the target vehicle to obtain a sixth execution result; performing a diagnosis abnormity test on the target vehicle to obtain a seventh execution result; performing a diagnosis state abnormity test on the target vehicle to obtain an eighth execution result; and determining a target execution result according to the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result and the eighth execution result.
Optionally, the reporting module is further configured to: analyzing the target execution result by using a preset test analysis strategy to obtain an analysis result; and generating an intrusion detection test report of the target vehicle according to the target execution result and the analysis result.
The invention also provides a non-volatile storage medium, characterized in that the non-volatile storage medium stores a computer program, wherein the computer program is configured to execute the vehicle intrusion detection testing method in any one of the above when running.
The invention also provides a vehicle comprising a vehicle-mounted memory and a vehicle-mounted processor, wherein the vehicle-mounted memory stores a computer program, and the vehicle-mounted processor is configured to run the vehicle intrusion detection test method of any one of the above.
In the embodiment of the invention, the target vehicle is determined according to the information set to be tested by acquiring the information set to be tested corresponding to the target vehicle, and then the task to be tested is executed on the target vehicle to obtain the target execution result, so that the intrusion detection test report of the target vehicle is generated based on the target execution result, and the aim of flexibly detecting the intrusion behavior recognition capability of the vehicle by configuring the test data meeting the vehicle intrusion detection test requirement is fulfilled, thereby realizing the technical effect of improving the accuracy of the intrusion detection test result of the vehicle under various complex and various test requirements, and further solving the technical problem that the vehicle intrusion detection test result is not accurate due to inaccurate selection of the vehicle test data in the related technology.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a flow chart of an alternative vehicle intrusion detection testing method according to an embodiment of the invention;
FIG. 2 is a schematic diagram of an alternative vehicle intrusion detection testing process for a remote attack application scenario according to an embodiment of the present invention;
fig. 3 is a block diagram of an alternative vehicle intrusion detection testing device according to an embodiment of the invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in other sequences than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The invention provides a test system for realizing a vehicle intrusion detection test method. The test system comprises a test machine, a power supply management module, a program-controlled stabilized voltage supply, a bus simulation acquisition tool and a controller interface connector. And the tester controls other equipment in the test system through instructions. And the program-controlled voltage-stabilized power supply is used for supplying power to the tested target vehicle. And the power supply management module is used for providing voltage input for the program-controlled voltage-stabilized power supply. And the bus simulation acquisition tool is used for accessing the target vehicle to acquire data. And the test controller is used for receiving the instruction sent by the tester to test the target vehicle. And the test controller interface connector is used for connecting the test controller to the tool of the target vehicle.
For example, the tester is a test Computer (PC). The power supply management module provides 220V standard voltage for the program-controlled voltage-stabilized power supply. The bus simulation acquisition tool is VN1640, and the VN1640 can be connected with a test PC through a USB. The VN1640 is accessed to the CAN controller of the target vehicle via the CAN bus of the target vehicle for data collection.
The test system provided by the invention comprises a user management function, a vehicle type management function, a parameter configuration function, a test plan management function, a test case management function, a test execution function and a test report generation function.
In accordance with an embodiment of the present invention, there is provided an embodiment of a vehicle intrusion detection testing method, it should be noted that the steps illustrated in the flowchart of the drawings may be performed in a computer system such as a set of computer executable instructions and that, although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in an order different than that presented herein.
FIG. 1 is a flow chart of an alternative vehicle intrusion detection testing method according to an embodiment of the invention, as shown in FIG. 1, the method including the steps of:
the method comprises the following steps that S1, an information set to be tested corresponding to a target vehicle is obtained, wherein the information set to be tested is used for determining test data of the target vehicle for intrusion detection test;
s2, determining a task to be tested of the target vehicle according to the information set to be tested, wherein the task to be tested is used for determining an intrusion behavior to be executed on the target vehicle;
s3, executing the task to be tested on the target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects an intrusion behavior;
and S4, generating an intrusion detection test report of the target vehicle based on the target execution result.
As described above in step S1, the target vehicle may be a vehicle that uses a vehicle Controller Area Network (CAN) bus for vehicle communication. The target vehicle is used for executing the intrusion detection test, and the tester analyzes the intrusion detection capability of the target vehicle according to the test result. The information set to be tested may be test data for determining that the target vehicle performs an intrusion detection test. The information set to be tested comprises a test case for executing intrusion behaviors aiming at a target vehicle, test time, parameter configuration information, vehicle information and user identity information. The information set to be tested can be updated according to the testing requirement, and the specific updating mode is set by a designer according to the actual situation, such as networking updating or appointing to upload required information according to the testing requirement.
In the invention, when a tester acquires an information set to be tested corresponding to a target vehicle from a test system and selects test data according to the information set to be tested, the problem that whether the selected test data meets the test requirement or not so as to test the target vehicle more accurately is involved in the process.
As the hardware implementation process in step S1, a tester may obtain the to-be-tested information set corresponding to the target vehicle on the testing machine. For example, a tester obtains a to-be-tested information set corresponding to a target vehicle on a testing PC.
As the software implementation process in the step S1, a tester selects the user identity information in the information set to be tested in the test system through the user management function; selecting vehicle information in the information set to be tested through a vehicle type management function; selecting parameter configuration information in the information set to be tested through a parameter configuration function; selecting information such as test time and the like in the information set to be tested through a test plan management function; and selecting the test case information in the information set to be tested through the test case management function.
As in step S2, the task to be tested may be a task that the test system automatically generates to perform intrusion detection testing on the target vehicle according to the test data selected from the information set to be tested. The intrusion behavior to be executed may be one or more intrusion behaviors that the test system obtains to correspondingly execute the intrusion detection test to the target vehicle by analyzing the task to be tested. The intrusion actions to be performed include: flood attack, fuzzy attack, message abnormal attack, signal abnormal attack, message replay attack, message tampering attack, diagnostic abnormal attack and diagnostic state abnormal attack.
The test system completes the task to be tested of the target vehicle by executing the intrusion behavior to be executed to the target vehicle. The task to be tested corresponds to one or more tests, and accordingly the task to be tested comprises one or more intrusion behaviors. The tasks to be tested include: flood attack testing, fuzzy testing, message anomaly testing, signal anomaly testing, message replay testing, message tampering testing, diagnostic anomaly testing, and diagnostic state anomaly testing.
According to the invention, when the testing system determines the task to be tested of the target vehicle, the intrusion behavior to be executed of the target vehicle is further determined according to the task to be tested, and the problem that whether the intrusion behavior to be executed accords with the testing requirement or not so as to carry out more accurate testing on the target vehicle is involved in the process.
As described above in the step S2, the hardware implementation process may be that the testing machine may automatically generate the task to be tested of the target vehicle according to the test data selected in the to-be-tested information set, and further generate the test instruction for the target vehicle according to the task to be tested. The testing machine sends a testing instruction to the testing controller, and the testing controller analyzes the task to be tested corresponding to the instruction according to the testing instruction. The test controller further analyzes the intrusion behavior to be executed corresponding to the task to be tested according to the task to be tested. For example, the test PC automatically generates a task to be tested of the target vehicle according to test data selected by a tester in the information set to be tested, and generates a test instruction for the target vehicle according to the task to be tested. For example, the tasks to be tested include a message exception test and a signal exception test. The test PC sends a test instruction to the test controller, the test controller analyzes the test instruction to obtain a task to be tested corresponding to the instruction, and two intrusion behaviors to be executed, namely a message abnormal attack and a signal abnormal attack corresponding to the task to be tested, are further analyzed.
As described above, in the step S2, the software implementation process may be that, in the test system, the tester may automatically generate the task to be tested of the target vehicle for the test data selected in the to-be-tested information set through the test case management function. In the test system, a tester can execute functions through the test case, so that the test system can obtain the intrusion behavior to be executed on the target vehicle by analyzing the task to be tested.
As in step S3, the target execution result is a result obtained by executing the intrusion behavior to be executed corresponding to the task to be tested for the target vehicle. And the target execution result indicates whether the target vehicle detects the intrusion behavior. The intrusion behaviors to be executed comprise one or more intrusion behaviors, and the test system obtains a target execution result of executing the intrusion detection test to the target vehicle by executing the one or more intrusion behaviors.
In the invention, the test system executes the intrusion behavior corresponding to the task to be tested on the target vehicle, and the problem that whether the intrusion behavior executed by the test system on the target vehicle meets the test requirement or not so as to comprehensively and accurately test the target vehicle is involved in the process.
As for the hardware implementation process in the step S3, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. The intrusion actions to be performed include one or more intrusion actions on the target vehicle. And the test controller carries out various intrusion behaviors on the target vehicle according to the intrusion behaviors to be executed. And the bus simulation tool collects response data of the target vehicle to the test controller to execute each intrusion behavior and sends the collected response data to the tester. The test machine obtains a target execution result whether the target vehicle detects each intrusion behavior by analyzing response data of the target vehicle to each intrusion behavior.
As described above, in the software implementation process of step S3, the tester can execute the task to be tested generated according to the test data in the test system through the test execution function, and obtain the target execution result of performing the intrusion detection test on the target vehicle. In order to complete the test execution function, the test system firstly analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested, and then obtains the target execution result of executing the intrusion detection test on the target vehicle by executing the intrusion behavior to be executed.
As in step S4, the intrusion detection test report may be generated by analyzing the target execution result according to a preset analysis rule by the test system. The specific content of the intrusion detection test report is set by a designer according to the actual situation, such as problem analysis including target execution results. Optionally, the intrusion detection test report may be obtained by manually analyzing the target execution result according to a tester.
According to the method and the device, the target execution result obtained by the target vehicle executing the intrusion detection test is analyzed to generate the intrusion detection test report, the problem that whether the rule for analyzing the target execution result is appropriate and accurate is involved in the process, and aiming at the problem, the method and the device configure the analysis rules for different vehicle types and different application scenes in the test system, so that a tester can accurately analyze the target execution result by selecting the appropriate and accurate analysis rule in the test system.
As the hardware implementation process of step S4, the tester obtains the intrusion detection test report of the target vehicle by analyzing the target execution result.
As described above, in the software implementation process of step S4, the tester can generate the intrusion detection test report of the target vehicle through the test report generation function in the test system. And the test system analyzes the target execution result according to the analysis rule of the target execution result selected by the tester in the test report generation function to complete the test report generation function, and generates an intrusion detection test report of the target vehicle.
Through the steps S1 to S4, the target vehicle to-be-tested task is determined according to the to-be-tested information set corresponding to the target vehicle, the target vehicle to-be-tested task is executed, the target execution result is obtained, and the intrusion detection test report of the target vehicle is generated based on the target execution result, so that the aim of flexibly detecting the intrusion behavior recognition capability of the vehicle by configuring test data meeting the vehicle intrusion detection test requirement is fulfilled, the technical effect of improving the accuracy of the intrusion detection test result of the vehicle under various complex and diverse test requirements is achieved, and the technical problem that the vehicle intrusion detection test result is not accurate due to inaccurate selection of the vehicle test data in the related technology is solved.
Optionally, the information set to be tested comprises: the first test information is used for determining user identity information corresponding to the target vehicle; second test information for determining vehicle information of the target vehicle; the third test information is used for determining parameter configuration information corresponding to the vehicle-mounted bus of the target vehicle; the fourth test information is used for determining the test time of the target vehicle for carrying out the intrusion detection test; and the fifth test information is used for determining a test case for the target vehicle to carry out the intrusion detection test.
The first test information can be managed by the user management function of the test system. The user identity information specifically contained in the first test information is set by a designer according to the actual situation. For example, the first test information may include management information of the user and information of a tester by the test system. The management information of the test system to the user can comprise information of user creation, user modification, user deletion and the like. The information of the tester may include information such as a company to which the tester belongs, a department to which the tester belongs, and a name of the tester. The tester selects specific user identity information in the first test information. For example, in the user management function of the test system, the tester information selected or input from the first test information is company B, department C, and employee a.
The second test information can be managed by the vehicle type management function of the test system. The vehicle information specifically included in the second test information is set by the designer according to the actual situation. For example, the second test information may include vehicle type information of the target vehicle recorded in the test system. The tester selects the vehicle information of the specific target vehicle among the second test information. For example, in the vehicle type management function of the test system, the target vehicle information selected or input by the tester a from the second test information is the vehicle type D.
The third test information may be managed by a parameter configuration function of the test system. The parameter configuration information specifically included in the third test information is set by a designer according to the actual situation, so as to configure the parameter information related to the test system. For example, the third test information may include information such as the software and hardware version number of the test controller in the test system, the CAN bus data analysis file of the target vehicle, the CAN bus data diagnosis file of the target vehicle, and the test case parameters used in the test. And the tester selects the parameter configuration information meeting the test requirement of the target vehicle from the third test information. For example, in the parameter configuration function of the test system, the tester a selects or manually adds the vehicle CAN bus data analysis file, the vehicle CAN bus data diagnosis file and the test case parameter information used for the test, which are adapted to the vehicle type D, from the third test information.
The fourth test information may be managed by a test plan management function of the test system. The test time information specifically included in the fourth test information is set by the designer according to the actual situation. For example, the fourth test information may include information such as the number of test rounds, the test time, and the test location where the test system tests the target vehicle. And the tester selects the information such as the number of testing wheels, the testing time, the testing place and the like which meet the testing requirements of the target vehicle from the fourth testing information. For example, in the test plan management function of the test system, the tester a selects or inputs 2 test rounds, 20 minutes for the test time, and the test point E from the fourth test information.
The fifth test information may be managed by a test case management function of the test system. The test case information specifically contained in the fifth test information is set by a designer according to the actual situation. For example, the fifth test information may include information of a test case used when the test system tests the target vehicle. And the tester selects or manually adds a test case meeting the test requirement of the target vehicle in the fifth test information.
Optionally, the third test information includes: the data analysis file is used for analyzing vehicle bus data of the target vehicle; a data diagnostic file for diagnosing vehicle bus data of the target vehicle; and the parameter configuration information is used for configuring file parameters of the data analysis file and the data diagnosis file.
Optionally, in step S2, determining the task to be tested of the target vehicle according to the set of information to be tested further includes the following method steps:
s21, determining a candidate test script according to the test case corresponding to the fifth test information;
s22, according to the third test case, carrying out configuration adjustment on the candidate test script to determine a target test script;
and S23, determining a task to be tested of the target vehicle based on the fourth test information and the target test script.
As in step S21, the candidate test script may be a script automatically generated by the test system according to the test case selected by the tester in the fifth test information to determine the target test script.
According to the invention, when the test system generates the candidate test script, the problem of whether the selection of the test case for generating the candidate test information is suitable and accurate is involved in the process, and aiming at the problem, the fifth test information is configured in the information to be tested in a centralized manner and comprises the test cases of different vehicle types and different application scenes, so that a tester can select the suitable and accurate test case according to the test requirement to solve the problem.
As described above in the hardware implementation process of step S21, the tester may automatically generate the candidate test script through the selected test case in the fifth test information.
As described above, in the software implementation process of step S21, the tester can select the test case adapted to the target vehicle in the fifth test information through the test case management function in the test system. And the test system automatically generates a candidate test script according to the test case selected by the tester.
As described above in step S22, the target test script may be a script that is automatically generated by the test system to determine the task to be tested of the target vehicle by performing configuration adjustment on the candidate test information according to the parameter configuration information selected by the tester in the third test information.
In the invention, when the test system generates the target test script, the problem that whether the parameter configuration information in the third test information is matched with the target vehicle is involved in the process, and aiming at the problem, the application enables a tester to select the parameter configuration information matched with the target vehicle according to the test requirement by configuring the parameter configuration information of different vehicle types and different application scenes in the third test information.
As described above, in the hardware implementation process of step S22, the tester may automatically perform configuration adjustment on the candidate test script through the parameter configuration information selected from the third test information, so as to generate the target test script.
As described above, in the software implementation process of step S22, the tester can perform configuration adjustment on the candidate test script through the test case management function in the test system according to the parameter configuration information selected by the tester in the parameter configuration function, so as to obtain the target test script. And parameter configuration information, which is used for selecting the parameter configuration information matched with the target vehicle from the third test information through a parameter configuration function for a tester.
As in step S23, the test system generates a task to be tested of the target vehicle based on the test time information and the target test script selected by the tester in the fourth test information.
According to the method and the device, when the test system generates the task to be tested of the target vehicle, the problem whether the selection of the test time information in the fourth test information is matched with the test requirement or not is involved in the process, and aiming at the problem, the method and the device enable a tester to select the test time information meeting the test requirement from the fourth test information by configuring information such as the number of test rounds, the test time and the test place in the fourth test information.
As mentioned above, the hardware implementation process of step S23 is that the tester can automatically generate the task to be tested of the target vehicle according to the target test script through the test time information selected from the fourth test information.
As described above, in the software implementation process of step S23, the tester can automatically generate the task to be tested of the target vehicle through the test case management function in the test system, by using the test time information selected by the tester in the test plan management function, in combination with the target test script. And testing time information, wherein a tester can select the testing time information meeting the testing requirement from the fourth testing information through a testing plan management function.
Optionally, the tasks to be tested include:
the method comprises the steps of performing a flooding attack test, wherein the flooding attack test is used for determining that a first message is sent on a vehicle-mounted bus of a target vehicle, and the first message is used for increasing the load rate of the vehicle-mounted bus;
the fuzzy test is used for determining that a second message is sent on the vehicle-mounted bus of the target vehicle, wherein the second message is a message with a message identifier not belonging to the predefined set of the target vehicle;
the message abnormity test is used for determining that a third message is sent on a vehicle-mounted bus of the target vehicle, wherein the third message is a message of which the message identification belongs to a predefined set and the content of the message is different from that of the predefined set;
the signal abnormity test is used for determining that a fourth message is sent on a vehicle-mounted bus of the target vehicle, wherein the fourth message is a message of which the message identification belongs to a predefined set and the content of a signal corresponding to the message is different from that of the predefined set;
the message replay test is used for determining that the existing message is collected and completely replayed on the vehicle-mounted bus of the target vehicle;
the message tampering test is used for determining that the existing message is collected, modified and forwarded on a vehicle-mounted bus of a target vehicle;
the diagnostic anomaly test is used for determining that a fifth message is sent on a vehicle-mounted bus of the target vehicle, wherein the fifth message is a diagnostic request message with different message identifications;
and a diagnostic state anomaly test for determining that a diagnostic request is made on the on-board bus in the target vehicle-started state.
The flood attack test CAN be used for sending a large number of first messages to the CAN bus of the target vehicle for the test system through the CAN bus transceiver device of the target vehicle, so that the CAN bus load rate of the target vehicle in a short time is greatly improved. The test system CAN be accessed to the CAN bus transceiver of the target vehicle through the test controller.
The number of the first messages sent by the test system to the CAN bus of the target vehicle is determined by a designer according to test requirements. For example, the flood attack test for the target vehicle CAN bus requires that a large number of first messages are sent, so that the load rate of the target vehicle CAN bus within ten minutes reaches more than 80%. And the tester selects a test case meeting the requirement from the fifth test information of the information set to be tested according to the requirement. The testing personnel can select the relevant information of the testing requirements in the testing system, and the testing system inquires the test cases meeting the testing requirements according to the selection information of the testing personnel on the testing requirements so as to be selected by the testing personnel. For example, in the test case management function of the test system, a tester selects the load rate of the CAN bus of the target vehicle to be more than or equal to 80%; and in the test plan management function of the test system, selecting the flood attack test time to be ten minutes. And the test system inquires the test cases meeting the test requirements for the tester to select according to the ten-minute flood range attack test time selected by the tester and the target vehicle CAN bus load rate which is more than or equal to 80 percent. The testing system can update the information set to be tested in a networking mode or manually update the information set to be tested so as to meet various testing requirements on the target vehicle.
The fuzzy test CAN be implemented by sending a certain number of second messages to the CAN bus of the target vehicle through the CAN bus transceiver of the target vehicle for the test system. The number of the second messages sent to the CAN bus of the target vehicle by the test system is determined by a designer according to the test requirement. The message abnormality test may be that the test system sends a certain number of third messages to the CAN bus of the target vehicle through the CAN bus transceiver device of the target vehicle. The third message may be a message whose message period and length in the message content do not conform to the definition. The number of the third messages sent by the test system to the CAN bus of the target vehicle is determined by a designer according to the test requirement.
The signal abnormality test may be that the test system sends a certain number of fourth messages to the CAN bus of the target vehicle through the CAN bus transceiver device of the target vehicle. The fourth message may be a message whose message signal content is not defined according to the message signal content. The quantity of the fourth messages sent to the CAN bus of the target vehicle by the test system is determined by a designer according to the test requirement.
The message replay test CAN be used for collecting transmitted messages on the CAN bus of the target vehicle and replaying the collected messages for the test system through the CAN bus transceiver of the target vehicle. The number of message replays is determined by the designer according to the test requirements.
The message tampering test CAN be implemented by collecting a transmitted message on the CAN bus of the target vehicle for the test system through the CAN bus transceiver of the target vehicle, modifying the collected message, and forwarding the modified message to other nodes on the CAN bus of the target vehicle. For example, the test system collects a message related to a car light signal through the CAN bus transceiver of the target vehicle, changes the content of the car light signal in the message from off to on, and forwards the modified message to a car light control device node on the CAN bus of the target vehicle. The message content and the tampering frequency tampered in the message tampering test are determined by a designer according to the test requirements.
The above diagnostic anomaly test may be performed by sending a certain number of fifth messages to the CAN bus of the target vehicle through the CAN bus transceiver device of the target vehicle for the test system. The number of the fifth messages sent by the test system to the CAN bus of the target vehicle is determined by a designer according to test requirements.
The diagnosis state abnormality test may be a test system that sends a diagnosis request to a CAN bus of a target vehicle through a CAN bus transceiver device of the target vehicle in a state where the target vehicle is started. The type and number of diagnostic requests sent by the test system to the target vehicle are determined by the designer according to the test requirements.
Optionally, in step S3, executing the task to be tested on the target vehicle, and obtaining the target execution result further includes the following method steps:
step S31, carrying out a flooding attack test on the target vehicle to obtain a first execution result;
step S32, carrying out fuzzy test on the target vehicle to obtain a second execution result;
step S33, carrying out message abnormity test on the target vehicle to obtain a third execution result;
step S34, performing signal abnormity test on the target vehicle to obtain a fourth execution result;
step S35, carrying out message replay test on the target vehicle to obtain a fifth execution result;
step S36, carrying out message tampering test on the target vehicle to obtain a sixth execution result;
step S37, performing a diagnosis abnormity test on the target vehicle to obtain a seventh execution result;
step S38, carrying out diagnosis state abnormity test on the target vehicle to obtain an eighth execution result;
and step S39, determining a target execution result according to the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result and the eighth execution result.
As in step S31, the first execution result is to implement the flood attack test on the target vehicle for the test system, collect response data of the target vehicle to the flood attack test, and generate the first execution result according to the response data. And the first execution result represents whether the target vehicle detects the flood attack. The process of obtaining the first execution result is that the test system implements the flood range attack test on the target vehicle, collects the response data of the target vehicle to the flood range attack test and generates the first execution result.
According to the method, when a test system carries out a flood attack test on a target vehicle and generates a first execution result, the problem that whether the test requirement is met and whether the invasion degree of the target vehicle can be flexibly adjusted along with the change of the test requirement or not by sending a first message and the number of first messages sent to the target vehicle by the invasion behavior when the test system carries out the flood attack on the target vehicle is involved in the process. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S31, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when the intrusion behavior to be executed has the flood attack, the test controller executes the flood attack on the target vehicle. And the bus collecting tool collects response data of the target vehicle to the flood attack and sends the collected response data to the testing machine. The test machine obtains a first execution result whether the target vehicle detects the flood attack or not by analyzing response data of the target vehicle to the flood attack.
As described above, in the software implementation process of step S31, the tester can execute the flood attack test in the task to be tested through the test execution function in the test system to obtain the first execution result.
As shown in step S32, the second execution result is to implement the fuzzy test on the target vehicle for the test system, collect response data of the target vehicle to the fuzzy test, and generate a second execution result according to the response data. And a second execution result indicating whether the target vehicle detects a fuzzy attack. And the process of obtaining the second execution result is that the test system implements the fuzzy test on the target vehicle, collects the response data of the target vehicle to the fuzzy test and generates the second execution result.
According to the method, when the test system carries out the fuzzy test on the target vehicle and generates a second execution result, the problem that when the test system carries out the fuzzy attack on the target vehicle, the invasion degree of the target vehicle is flexibly adjusted along with the change of the test requirement or not by the second message number sent to the target vehicle by the invasion behavior and the second message sent is solved. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S32 is, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when fuzzy attack exists in the intrusion behaviors to be executed, the test controller executes the fuzzy attack on the target vehicle. The bus collection tool collects response data of the target vehicle to the fuzzy attack and sends the collected response data to the testing machine. The test machine obtains a second execution result whether the target vehicle detects the fuzzy attack or not by analyzing the response data of the target vehicle to the fuzzy attack.
As described above, the software implementation process of step S32 is that, in the test system, the tester can execute the fuzzy test in the task to be tested through the test execution function, so as to obtain a second execution result.
As in step S33, the third execution result is to implement the message exception test on the target vehicle for the test system, collect response data of the target vehicle to the message exception test, and generate the third execution result according to the response data. And the third execution result represents whether the target vehicle detects the abnormal attack of the message. And the process of obtaining the third execution result is that the test system implements message abnormity test on the target vehicle, collects response data of the target vehicle to the message abnormity test and generates the third execution result.
In the invention, when the test system performs the message anomaly test on the target vehicle and generates a third execution result, the process relates to the problem that when the test system performs the message anomaly attack on the target vehicle, the intrusion behavior sends the third message number to the target vehicle and sends the third message to enable the intrusion degree of the target vehicle to be flexibly adjusted according to the test requirement and the change of the test requirement. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S33, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the tester, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when the message abnormal attack exists in the intrusion behavior to be executed, the test controller executes the message abnormal attack on the target vehicle. And the bus acquisition tool collects response data of the target vehicle to the abnormal message attack and sends the collected response data to the test machine. The test machine obtains a third execution result whether the target vehicle detects the message abnormal attack or not by analyzing the response data of the target vehicle to the message abnormal attack.
As described above, in the software implementation process of step S33, the tester can execute the message exception test in the task to be tested through the test execution function in the test system, so as to obtain a third execution result.
As shown in step S34, the fourth execution result is to implement the signal abnormality test on the target vehicle by the test system, collect response data of the target vehicle to the signal abnormality test, and generate the fourth execution result according to the response data. And a fourth execution result indicating whether the target vehicle detects a signal abnormality attack. And the process of obtaining the fourth execution result is that the test system performs a signal abnormity test on the target vehicle, collects response data of the target vehicle to the signal abnormity test and generates the fourth execution result.
In the invention, when the test system performs a signal anomaly test on a target vehicle and generates a fourth execution result, the process relates to the problem that when the test system performs a signal anomaly attack on the target vehicle, the intrusion behavior sends fourth messages to the target vehicle and sends the fourth messages to enable the intrusion degree of the target vehicle to be flexibly adjusted according to the test requirement and the change of the test requirement. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S34 is, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when the signal abnormity attack exists in the intrusion behavior to be executed, the test controller executes the signal abnormity attack on the target vehicle. And the bus acquisition tool collects response data of the target vehicle to the signal abnormal attack and sends the collected response data to the testing machine. The test machine obtains a fourth execution result whether the target vehicle detects the signal abnormal attack or not by analyzing the response data of the target vehicle to the signal abnormal attack.
As described above, in the software implementation process of step S34, the tester can execute the signal abnormality test in the task to be tested through the test execution function in the test system, so as to obtain a fourth execution result.
As in step S35, the fifth execution result is to implement the message replay test on the target vehicle for the test system, collect response data of the target vehicle to the message replay test, and generate the fifth execution result according to the response data. And a fifth execution result, which indicates whether the target vehicle detects the message replay attack. And the process of obtaining the fifth execution result is that the test system implements message replay test on the target vehicle, collects response data of the target vehicle to the message replay test and generates the fifth execution result.
In the invention, when the test system carries out message replay test on the target vehicle and generates a fifth execution result, the process relates to the problem that when the test system carries out message replay attack on the target vehicle, the frequency of replaying the collected message to the target vehicle by the invasion behavior, the type of the collected replay message, the invasion degree of the target vehicle, whether the test requirement is met or not and whether the test requirement can be flexibly adjusted along with the change of the test requirement or not. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As for the hardware implementation process in step S35, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when the message replay attack exists in the intrusion behavior to be executed, the test controller executes the message replay attack on the target vehicle. And the bus collection tool collects response data of the target vehicle to the message replay attack and sends the collected response data to the test machine. The test machine obtains a fifth execution result whether the target vehicle detects the message replay attack or not by analyzing the response data of the target vehicle to the message replay attack.
As described above, in the step S35, the software implementation process is that, in the test system, the tester can execute the message replay test in the task to be tested through the test execution function, so as to obtain the fifth execution result.
As in step S36, the sixth execution result is to implement the message tamper test on the target vehicle for the test system, collect response data of the target vehicle to the message tamper test, and generate the sixth execution result according to the response data. And a sixth execution result which indicates whether the target vehicle detects the message tampering attack. The process of obtaining the sixth execution result is that the test system implements the message tampering test on the target vehicle, and collects the response data of the target vehicle to the message tampering test to generate the sixth execution result.
In the invention, when the test system carries out message tampering test on the target vehicle and generates a sixth execution result, the process relates to the problems that when the test system carries out message tampering attack on the target vehicle, the intrusion behavior modifies which type of message to the target vehicle, forwards the modified message to which node of the target vehicle and enables the intrusion degree of the target vehicle to meet the test requirement and whether the intrusion degree can be flexibly adjusted along with the change of the test requirement. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S36 is, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when the message tampering attack exists in the intrusion behavior to be executed, the test controller executes the message tampering attack on the target vehicle. And the bus acquisition tool collects response data of the target vehicle to the message tampering attack and sends the collected response data to the test machine. The test machine obtains a sixth execution result of whether the target vehicle detects the message tampering attack or not by analyzing the response data of the target vehicle to the message tampering attack.
As described above, in the software implementation process of step S36, the tester can execute the message tampering test in the task to be tested in the test system through the test execution function, so as to obtain a sixth execution result.
As in step S37, the seventh execution result is to perform the diagnostic abnormality test on the target vehicle for the test system, collect response data of the target vehicle to the diagnostic abnormality test, and generate the seventh execution result according to the response data. A seventh execution result indicating whether the target vehicle detects the diagnostic anomalous attack. The process of obtaining the seventh execution result is that the test system performs the diagnostic anomaly test on the target vehicle, collects response data of the target vehicle to the diagnostic anomaly test, and generates the seventh execution result.
According to the method, when the test system performs the abnormal diagnosis test on the target vehicle and generates a seventh execution result, the problem that when the test system performs the abnormal diagnosis attack on the target vehicle, the intrusion behavior sends the fifth message number to the target vehicle and sends the fifth message to enable the intrusion degree of the target vehicle to be flexibly adjusted according to the test requirement and the change of the test requirement is solved. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S37, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when the diagnosis abnormal attack exists in the intrusion behavior to be executed, the test controller executes the diagnosis abnormal attack on the target vehicle. The bus collection tool collects response data of the target vehicle to the diagnosis of the abnormal attack and sends the collected response data to the testing machine. The test machine obtains a seventh execution result whether the target vehicle detects the diagnosis abnormal attack or not by analyzing the response data of the target vehicle to the diagnosis abnormal attack.
As described above, in the software implementation process of step S37, the tester can execute the diagnostic abnormal test in the task to be tested through the test execution function in the test system, so as to obtain a seventh execution result.
As described above in step S38, as the eighth execution result, the test system performs the diagnostic status abnormality test on the target vehicle, collects response data of the target vehicle to the diagnostic status abnormality test, and generates the eighth execution result based on the response data. An eighth execution result indicating whether the target vehicle detects the diagnostic state abnormality attack. The process of obtaining the eighth execution result is that the test system performs the diagnostic state anomaly test on the target vehicle, collects response data of the target vehicle to the diagnostic state anomaly test, and generates the eighth execution result.
In the invention, when the test system performs the diagnosis state abnormity test on the target vehicle and generates an eighth execution result, the process relates to the problem that when the test system performs the diagnosis state abnormity attack on the target vehicle, the type of the diagnosis request, the frequency of the diagnosis request and the invasion degree of the target vehicle are sent to the target vehicle, whether the test requirement is met or not and whether the flexible adjustment can be carried out along with the change of the test requirement or not. The test cases in the fifth test information can be updated in a networking mode, so that the adaptability of the test requirements of the target vehicle is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S38, the test controller obtains the task to be tested corresponding to the test instruction by analyzing the test instruction sent by the test machine, and further analyzes the task to be tested to obtain the intrusion behavior to be executed corresponding to the task to be tested. And when the diagnostic state abnormal attack exists in the intrusion behavior to be executed, the test controller executes the diagnostic state abnormal attack on the target vehicle. And the bus acquisition tool collects response data of the target vehicle to the abnormal attack of the diagnosis state and sends the collected response data to the testing machine. The test machine obtains an eighth execution result of whether the target vehicle detects the abnormal attack in the diagnosis state by analyzing response data of the target vehicle to the abnormal attack in the diagnosis state.
As described above, in the software implementation process of step S38, the tester can execute the diagnostic state anomaly test in the task to be tested through the test execution function in the test system, so as to obtain the eighth execution result.
As shown in step S39, the test system obtains the target execution result through analysis and integration according to the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result, and the eighth execution result.
As described above in the hardware implementation process of step S39, the tester obtains the target execution result through analysis and integration according to the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result, and the eighth execution result.
As described above in the software implementation process of step S39, the tester may execute the task to be tested through the test execution function in the test system, and obtain the target execution result by analyzing and integrating the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result, and the eighth execution result after the task to be tested is executed.
Optionally, in step S4, generating an intrusion detection test report of the target vehicle based on the target execution result further includes the following method steps:
step S41, analyzing the target execution result by using a preset test analysis strategy to obtain an analysis result;
and step S42, generating an intrusion detection test report of the target vehicle according to the target execution result and the analysis result.
As in step S41, the preset analysis policy may be a policy that a tester selects or uploads in advance in the test system to analyze the target execution result. And presetting an analysis strategy, namely the analysis rule in the step S4. And the analysis result is a result generated by analyzing the target execution result by the test system according to a preset analysis strategy. And the process of obtaining the analysis result is that the tester analyzes the target execution result according to a preset analysis strategy configured in advance to obtain the analysis result.
In the invention, when the test system analyzes the target execution result by using the preset test analysis strategy, the problem that whether the selection of the preset test analysis strategy meets the analysis requirement or not so as to carry out accurate analysis is involved in the process. The preset test analysis strategy can be updated in a networking mode, so that the adaptability of the analysis requirement on the target execution result is improved, and the target vehicle can be tested more accurately.
As the hardware implementation process in step S41 is, the test machine analyzes the target execution result according to the preset test analysis policy to obtain an analysis result.
As the software implementation process in step S41 is that, in the test system, the tester can select a preset test analysis policy adapted to the analysis requirement through the test report generation function, or manually add the preset test analysis policy. And the test report generation function can update the preset test analysis strategy in a networking way so as to improve the adaptability to the analysis requirement.
As in step S42 above, the intrusion detection test report may be a report for evaluating the intrusion detection capability of the target vehicle. The process of obtaining the intrusion detection test report is that the test system analyzes and integrates according to the target execution result and the analysis result to generate the intrusion detection test report of the target vehicle. And specific rules for generating the intrusion detection test report are set by a designer according to actual conditions.
As the hardware implementation process of step S42 is that the tester generates an intrusion detection test report of the target vehicle based on the target execution result and the analysis result.
As described above, in the step S42, the software implementation process is that, in the test system, the tester can obtain the intrusion detection test report of the target vehicle through the test report generating function.
Fig. 2 is a schematic diagram of an alternative vehicle intrusion detection testing process for a remote attack application scenario according to an embodiment of the present invention, and as shown in fig. 2, the process includes the following steps:
step T1, determining name information of a tester based on a user management function;
step T2, determining vehicle information based on a vehicle type management function;
t3, determining parameter information required by the vehicle intrusion detection test based on the parameter configuration function;
t4, determining relevant information such as testing time and the like based on the testing plan management function;
t5, determining a test case meeting the test requirement based on the test case management function;
step T6, vehicle intrusion detection testing is executed based on the testing execution function, and a testing result is obtained;
and step T7, generating a test report based on the test report generating function.
As in the step T1, the tester selects or inputs the name of the tester from the first test information of the information set to be tested based on the user management function.
As in the step T2, the tester selects or inputs the vehicle type information of the vehicle to be tested from the second test information of the information set to be tested based on the vehicle type management function. The vehicle to be tested is the target vehicle.
As in the step T3, the tester selects or manually adds the parameter configuration information corresponding to the vehicle to be tested from the third test information of the information set to be tested based on the parameter configuration function. The parameter configuration information includes: the data analysis file is used for analyzing vehicle bus data of the vehicle to be tested; the data diagnosis file is used for diagnosing vehicle bus data of the vehicle to be tested; and the parameter configuration information is used for configuring file parameters of the data analysis file and the data diagnosis file.
As in the above step T4, the tester selects or inputs the test time information related to the vehicle to be tested from the fourth test information of the information set to be tested based on the test plan management function. The test time information includes: the test start time, the test end time, the number of test rounds, and the like.
As in the step T5, the tester selects or manually adds the test case meeting the remote attack test requirement from the fifth test information of the information set to be tested based on the test case management function. The selected test case can carry out a flood attack test, a message abnormity test, a message replay test and a message tampering test on the vehicle to be tested.
In step T6, based on the test execution function, the tester performs the flood attack test, the message anomaly test, the message replay test, and the message tamper test on the vehicle to be tested according to the test data selected in step T1, step T2, step T3, step T4, and step T5, and generates a test result. The test result, namely the target execution result, indicates whether the tested vehicle detects the flood attack, the message abnormal attack, the message replay attack and the message tampering attack.
In step T7, the tester analyzes the test result according to a preset analysis strategy based on the test report generation function, so as to obtain a test report. And (4) a test report comprising the detection capability analysis of the tested vehicle on each aggressive behavior. A preset analysis strategy is the preset test analysis strategy, and a test report is the intrusion detection test report.
Fig. 3 is a block diagram of an alternative vehicle intrusion detection testing device according to an embodiment of the present invention, and as shown in fig. 3, the vehicle intrusion detection testing device 300 includes:
the acquisition module 301 acquires an information set to be tested corresponding to a target vehicle, wherein the information set to be tested is used for determining test data of intrusion detection testing of the target vehicle;
the determining module 302 is configured to determine a task to be tested of the target vehicle according to the information set to be tested, where the task to be tested is used to determine an intrusion behavior to be executed on the target vehicle;
the testing module 303 executes a task to be tested on the target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects an intrusion behavior;
and the reporting module 304 generates an intrusion detection test report of the target vehicle based on the target execution result.
Optionally, in the vehicle intrusion detection testing apparatus 300, the information set to be tested includes: the first test information is used for determining user identity information corresponding to the target vehicle; second test information for determining vehicle information of the target vehicle; the third test information is used for determining parameter configuration information corresponding to the vehicle-mounted bus of the target vehicle; the fourth test information is used for determining the test time of the target vehicle for carrying out the intrusion detection test; and the fifth test information is used for determining a test case for the target vehicle to carry out the intrusion detection test.
Alternatively, in the vehicle intrusion detection testing device 300, the third test information includes: the data analysis file is used for analyzing vehicle bus data of the target vehicle; a data diagnostic file for diagnosing vehicle bus data of the target vehicle; and the parameter configuration information is used for configuring file parameters of the data analysis file and the data diagnosis file.
Optionally, the determining module 302 is further configured to: determining a candidate test script according to the test case corresponding to the fifth test information; according to the third test information, carrying out configuration adjustment on the candidate test scripts to determine a target test script; and determining a task to be tested of the target vehicle based on the fourth test information and the target test script.
Alternatively, in the vehicle intrusion detection testing device 300, the task to be tested includes: the method comprises the steps of carrying out a flooding attack test, wherein the flooding attack test is used for determining that a first message is sent on a vehicle-mounted bus of a target vehicle, and the first message is used for increasing the load rate of the vehicle-mounted bus; the fuzzy test is used for determining that a second message is sent on the vehicle-mounted bus of the target vehicle, wherein the second message is a message with a message identifier not belonging to the predefined set of the target vehicle; the message abnormity test is used for determining that a third message is sent on the vehicle-mounted bus of the target vehicle, wherein the third message is a message of which the message identifier belongs to the predefined set and the message content is different from the predefined set content; the signal abnormity test is used for determining that a fourth message is sent on a vehicle-mounted bus of the target vehicle, wherein the fourth message is a message of which the message identification belongs to the predefined set and the content of the signal corresponding to the message is different from that of the predefined set; the message replay test is used for determining that the existing message is collected and completely replayed on the vehicle-mounted bus of the target vehicle; the message tampering test is used for determining that the existing message is collected, modified and forwarded on a vehicle-mounted bus of a target vehicle; the diagnostic anomaly test is used for determining that a fifth message is sent on the vehicle-mounted bus of the target vehicle, wherein the fifth message is a diagnostic request message with a plurality of message identifications being different; and a diagnostic state exception test for determining that a diagnostic request is made on the vehicle bus in the target vehicle launch state.
Optionally, the testing module 303 is further configured to: carrying out a flooding attack test on a target vehicle to obtain a first execution result; carrying out fuzzy test on the target vehicle to obtain a second execution result; performing message abnormity test on the target vehicle to obtain a third execution result; performing signal abnormity test on the target vehicle to obtain a fourth execution result; carrying out message replay test on the target vehicle to obtain a fifth execution result; performing message tampering test on the target vehicle to obtain a sixth execution result; performing a diagnosis abnormity test on the target vehicle to obtain a seventh execution result; performing a diagnosis state abnormity test on the target vehicle to obtain an eighth execution result; and determining a target execution result according to the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result and the eighth execution result.
Optionally, the reporting module 304 is further configured to: analyzing the target execution result by using a preset test analysis strategy to obtain an analysis result; and generating an intrusion detection test report of the target vehicle according to the target execution result and the analysis result. An embodiment of the present invention further provides a non-volatile storage medium storing a computer program, wherein the computer program is configured to perform the steps in any of the above embodiments when executed.
Alternatively, in the present embodiment, the above-mentioned nonvolatile storage medium may be configured to store a computer program for executing the steps of:
p1, acquiring an information set to be tested corresponding to a target vehicle, wherein the information set to be tested is used for determining test data of the target vehicle for intrusion detection test;
p2, determining a task to be tested of the target vehicle according to the information set to be tested, wherein the task to be tested is used for determining an intrusion behavior to be executed on the target vehicle;
p3, executing the task to be tested on the target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects an intrusion behavior;
and P4, generating an intrusion detection test report of the target vehicle based on the target execution result.
Embodiments of the present application also provide a vehicle that includes an onboard memory and an onboard processor. The onboard memory has a computer program stored therein and the onboard processor is arranged to run the computer program. The computer program, when executed by an onboard processor, implements the steps of any of the method embodiments described above.
Optionally, in this embodiment, the onboard processor may be configured to execute the following steps by a computer program:
p1, acquiring an information set to be tested corresponding to a target vehicle, wherein the information set to be tested is used for determining test data of the target vehicle for intrusion detection test;
p2, determining a task to be tested of the target vehicle according to the information set to be tested, wherein the task to be tested is used for determining an intrusion behavior to be executed on the target vehicle;
p3, executing the task to be tested on the target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects an intrusion behavior;
and P4, generating an intrusion detection test report of the target vehicle based on the target execution result.
The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages and disadvantages of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technical content can be implemented in other manners. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (10)
1. A vehicle intrusion detection testing method, comprising:
acquiring a to-be-tested information set corresponding to a target vehicle, wherein the to-be-tested information set is used for determining test data of an intrusion detection test of the target vehicle;
determining a task to be tested of the target vehicle according to the information set to be tested, wherein the task to be tested is used for determining an intrusion behavior to be executed on the target vehicle;
executing the task to be tested on the target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects the intrusion behavior;
and generating an intrusion detection test report of the target vehicle based on the target execution result.
2. The method of claim 1,
the first test information is used for determining user identity information corresponding to the target vehicle;
second test information for determining vehicle information of the target vehicle;
the third test information is used for determining parameter configuration information corresponding to the vehicle-mounted bus of the target vehicle;
the fourth test information is used for determining the test time of the target vehicle for carrying out the intrusion detection test;
and the fifth test information is used for determining a test case for the target vehicle to carry out the intrusion detection test.
3. The method of claim 2, wherein the third test information comprises:
the data analysis file is used for analyzing the vehicle bus data of the target vehicle;
a data diagnostic file for diagnosing vehicle bus data of the target vehicle;
and the parameter configuration information is used for configuring the file parameters of the data analysis file and the data diagnosis file.
4. The method of claim 2, wherein determining the task to be tested of the target vehicle from the set of information to be tested comprises:
determining a candidate test script according to the test case corresponding to the fifth test information;
according to the third test information, carrying out configuration adjustment on the candidate test script to determine a target test script;
and determining a task to be tested of the target vehicle based on the fourth test information and the target test script.
5. The method of claim 1, wherein the task to be tested comprises:
the flooding attack test is used for determining that a first message is sent on a vehicle-mounted bus of the target vehicle, wherein the first message is used for increasing the load rate of the vehicle-mounted bus;
the fuzzy test is used for determining that a second message is sent on the vehicle-mounted bus of the target vehicle, wherein the second message is a message with a message identifier not belonging to the predefined set of the target vehicle;
the message abnormity test is used for determining that a third message is sent on the vehicle-mounted bus of the target vehicle, wherein the third message is a message with a message identifier belonging to the predefined set and with a message content different from that of the predefined set;
the signal abnormity test is used for determining that a fourth message is sent on a vehicle-mounted bus of the target vehicle, wherein the fourth message is a message with a message identifier belonging to the predefined set and the corresponding signal content of the message being different from the predefined set content;
a message replay test for determining the collection and complete replay of an existing message on the vehicle-mounted bus of the target vehicle;
the message tampering test is used for determining that the existing message is collected, modified and forwarded on the vehicle-mounted bus of the target vehicle;
the diagnostic anomaly test is used for determining that a fifth message is sent on a vehicle-mounted bus of the target vehicle, wherein the fifth message is a diagnostic request message with a plurality of message identifiers being different;
and the diagnosis state abnormity test is used for determining that a diagnosis request is carried out on the vehicle-mounted bus in the starting state of the target vehicle.
6. The method of claim 5, wherein performing the task to be tested on the target vehicle, resulting in the target performance result comprises:
performing the flooding attack test on the target vehicle to obtain a first execution result;
carrying out the fuzzy test on the target vehicle to obtain a second execution result;
performing the message abnormity test on the target vehicle to obtain a third execution result;
performing the signal abnormity test on the target vehicle to obtain a fourth execution result;
carrying out the message replay test on the target vehicle to obtain a fifth execution result;
performing the message tampering test on the target vehicle to obtain a sixth execution result;
performing the abnormal diagnosis test on the target vehicle to obtain a seventh execution result;
performing the diagnosis state abnormity test on the target vehicle to obtain an eighth execution result;
determining the target execution result according to the first execution result, the second execution result, the third execution result, the fourth execution result, the fifth execution result, the sixth execution result, the seventh execution result, and the eighth execution result.
7. The method of claim 1, wherein generating an intrusion detection test report for the target vehicle based on the target execution results comprises:
analyzing the target execution result by using a preset test analysis strategy to obtain an analysis result;
and generating an intrusion detection test report of the target vehicle according to the target execution result and the analysis result.
8. A vehicle intrusion detection testing device, comprising:
the system comprises an acquisition module, a detection module and a processing module, wherein the acquisition module is used for acquiring an information set to be tested corresponding to a target vehicle, and the information set to be tested is used for determining test data of the target vehicle for intrusion detection test;
the determining module is used for determining a task to be tested of the target vehicle according to the information set to be tested, wherein the task to be tested is used for determining an intrusion behavior to be executed on the target vehicle;
the testing module is used for executing the task to be tested on the target vehicle to obtain a target execution result, wherein the target execution result is used for determining whether the target vehicle detects the intrusion behavior;
and the reporting module is used for generating an intrusion detection test report of the target vehicle based on the target execution result.
9. A non-volatile storage medium, wherein a computer program is stored in the storage medium, wherein the computer program is arranged to execute the vehicle intrusion detection testing method according to any one of claims 1 to 7 when running.
10. A vehicle comprising an on-board memory and an on-board processor, wherein the on-board memory has stored therein a computer program, the on-board processor being arranged to run the computer program to perform the vehicle intrusion detection testing method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210816550.5A CN115378639A (en) | 2022-07-12 | 2022-07-12 | Vehicle intrusion detection test method and device, storage medium and vehicle |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210816550.5A CN115378639A (en) | 2022-07-12 | 2022-07-12 | Vehicle intrusion detection test method and device, storage medium and vehicle |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115378639A true CN115378639A (en) | 2022-11-22 |
Family
ID=84062507
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210816550.5A Pending CN115378639A (en) | 2022-07-12 | 2022-07-12 | Vehicle intrusion detection test method and device, storage medium and vehicle |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115378639A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116366492A (en) * | 2023-03-01 | 2023-06-30 | 腾讯科技(深圳)有限公司 | Defensive verification method, device, equipment and storage medium |
| CN116401157A (en) * | 2023-03-29 | 2023-07-07 | 中国铁道科学研究院集团有限公司 | Test evaluation method and system for perimeter intrusion detection equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107666476A (en) * | 2017-05-25 | 2018-02-06 | 国家计算机网络与信息安全管理中心 | A kind of CAN risk checking method and device |
| CN110191019A (en) * | 2019-05-28 | 2019-08-30 | 北京百度网讯科技有限公司 | Test method, device, computer equipment and the storage medium of vehicle CAN bus |
| CN110912764A (en) * | 2019-08-01 | 2020-03-24 | 中国第一汽车股份有限公司 | Test method, system, equipment and storage medium |
| CN111552597A (en) * | 2020-03-27 | 2020-08-18 | 深圳开源互联网安全技术有限公司 | Automobile CAN bus network safety test system and method |
| CN111770069A (en) * | 2020-06-17 | 2020-10-13 | 北京航空航天大学 | Vehicle-mounted network simulation data set generation method based on intrusion attack |
| CN113556335A (en) * | 2021-07-19 | 2021-10-26 | 中国第一汽车股份有限公司 | Vehicle-mounted bus safety testing method and system |
| CN114157492A (en) * | 2021-12-02 | 2022-03-08 | 北京天融信网络安全技术有限公司 | CAN bus intrusion detection method and device |
-
2022
- 2022-07-12 CN CN202210816550.5A patent/CN115378639A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107666476A (en) * | 2017-05-25 | 2018-02-06 | 国家计算机网络与信息安全管理中心 | A kind of CAN risk checking method and device |
| CN110191019A (en) * | 2019-05-28 | 2019-08-30 | 北京百度网讯科技有限公司 | Test method, device, computer equipment and the storage medium of vehicle CAN bus |
| CN110912764A (en) * | 2019-08-01 | 2020-03-24 | 中国第一汽车股份有限公司 | Test method, system, equipment and storage medium |
| CN111552597A (en) * | 2020-03-27 | 2020-08-18 | 深圳开源互联网安全技术有限公司 | Automobile CAN bus network safety test system and method |
| CN111770069A (en) * | 2020-06-17 | 2020-10-13 | 北京航空航天大学 | Vehicle-mounted network simulation data set generation method based on intrusion attack |
| CN113556335A (en) * | 2021-07-19 | 2021-10-26 | 中国第一汽车股份有限公司 | Vehicle-mounted bus safety testing method and system |
| CN114157492A (en) * | 2021-12-02 | 2022-03-08 | 北京天融信网络安全技术有限公司 | CAN bus intrusion detection method and device |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116366492A (en) * | 2023-03-01 | 2023-06-30 | 腾讯科技(深圳)有限公司 | Defensive verification method, device, equipment and storage medium |
| CN116401157A (en) * | 2023-03-29 | 2023-07-07 | 中国铁道科学研究院集团有限公司 | Test evaluation method and system for perimeter intrusion detection equipment |
| CN116401157B (en) * | 2023-03-29 | 2024-04-02 | 中国铁道科学研究院集团有限公司 | Test evaluation method and system for perimeter intrusion detection equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115378639A (en) | Vehicle intrusion detection test method and device, storage medium and vehicle | |
| CN110191018B (en) | Abnormity monitoring method and device for vehicle CAN bus and computer equipment | |
| US8676432B2 (en) | Fault prediction framework using temporal data mining | |
| CN106844217A (en) | Control to applying bury method and device, readable storage medium storing program for executing a little | |
| CN107483283B (en) | Communication reliability test method and device | |
| CN112165528B (en) | Vehicle event and management method, system and storage medium of event file data thereof | |
| CN111123223A (en) | General development platform, management system and method for radar health management | |
| CN112285586A (en) | BMS test method, device and system, simulation test equipment and storage medium | |
| CN109802842A (en) | The generation method and relevant device of applied topology | |
| CN113556335A (en) | Vehicle-mounted bus safety testing method and system | |
| CN111857103B (en) | Vehicle diagnosis method, device, equipment and storage medium | |
| CN112255548B (en) | Battery management system test method and system thereof | |
| CN112816933A (en) | Maintenance diagnosis method and system for electric energy meter terminal | |
| Fiadino et al. | Rcatool-a framework for detecting and diagnosing anomalies in cellular networks | |
| US10310840B2 (en) | Computer system, method of managing transmission of software with computer system, program therefor, and recording medium | |
| CN116405412A (en) | Method and system for verifying validity of server cluster | |
| CN113672501B (en) | Parking lot service testing method and device | |
| CN110995500A (en) | Node log management and control method, system and related components | |
| CN117579387B (en) | Automobile network security management method, system, equipment and medium | |
| CN117709774A (en) | Real operation evaluation method, system, electronic equipment and medium for network target range | |
| CN115022085B (en) | Node isolation method and device based on cloud primary scene and electronic equipment | |
| CN113746688B (en) | Method and device for updating anomaly detection model and computing equipment | |
| CN115987376B (en) | Method and device for testing performance of radio frequency equipment in earth station | |
| CN117762709A (en) | Testing method and device for central computing unit and electronic equipment | |
| Tagliente et al. | Condition Based Maintenance+ Data Collection and Offloading |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |