CN116668334A - Test system - Google Patents

Test system Download PDF

Info

Publication number
CN116668334A
CN116668334A CN202310560919.5A CN202310560919A CN116668334A CN 116668334 A CN116668334 A CN 116668334A CN 202310560919 A CN202310560919 A CN 202310560919A CN 116668334 A CN116668334 A CN 116668334A
Authority
CN
China
Prior art keywords
message
test
information
mac
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310560919.5A
Other languages
Chinese (zh)
Inventor
许莉立
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingwei Hirain Tech Co Ltd
Original Assignee
Beijing Jingwei Hirain Tech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingwei Hirain Tech Co Ltd filed Critical Beijing Jingwei Hirain Tech Co Ltd
Priority to CN202310560919.5A priority Critical patent/CN116668334A/en
Publication of CN116668334A publication Critical patent/CN116668334A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Environmental & Geological Engineering (AREA)
  • Testing And Monitoring For Control Systems (AREA)

Abstract

The embodiment of the application provides a test system, which comprises: the test system is connected with the tested controller, the tested controller is configured with a data safety protection mechanism, and the test system comprises: the message construction module is used for constructing a first message, wherein the first message comprises a normal message or an abnormal message, and sending the first message to the test module; the message configuration module is used for configuring the message information of the first message and sending the message information of the first message to the test module; the test module is used for sending a first message and message information of the first message to the tested controller; the report generation module is used for receiving the message feedback information sent by the controlled controller and generating a first test report based on the message feedback information. According to the embodiment of the application, the testing efficiency of the controller is improved, and the testing accuracy of the controller is improved.

Description

Test system
Technical Field
The application belongs to the technical field of vehicles, and particularly relates to a testing system.
Background
The board-side encryption communication (Security Onboard Communication, secOC) mechanism is a data security protection mechanism commonly used by controllers. As vehicle-mounted data are more and more threatened along with the rapid development of vehicle network technology, people pay more and more attention to the safety of the vehicle-mounted data, so that a controller provided with a data safety protection mechanism needs to be tested to ensure the safety of related data in the controller.
However, in the prior art, a controller configured with a SecOC mechanism is generally connected to test software, and related test scripts are written in the test software to test the SecOC mechanism deployed inside the controller, so as to obtain test data. However, since the test script is manually written and the test software needs to manually judge after outputting the test data, it is concluded that the test efficiency is lower and the test accuracy is lower when the controller configured with the SecOC mechanism is tested.
Disclosure of Invention
The embodiment of the application provides a test system, which not only improves the test efficiency lower, but also improves the test accuracy when a controller configured with a SecOC mechanism is tested.
In a first aspect, an embodiment of the present application provides a test system, including: the test system is connected with the tested controller, the tested controller is configured with a data safety protection mechanism, and the test system comprises:
the message construction module is used for constructing a first message, wherein the first message comprises a normal message or an abnormal message, and sending the first message to the test module;
the message configuration module is used for configuring the message information of the first message and sending the message information of the first message to the test module;
the test module is used for sending a first message and message information of the first message to the tested controller;
the report generation module is used for receiving the message feedback information sent by the controlled controller and generating a first test report based on the message feedback information.
In an optional implementation manner of the first aspect, the message information of the first message includes a transmission time, a transmission period and a duration.
In an alternative implementation of the first aspect, the test system comprises:
the message analysis module is used for receiving the second message sent by the controlled controller, analyzing the second message to obtain message information of the second message, wherein the message information of the second message comprises message interception information, and sending the message interception information to the message management module;
the message management module is used for processing the intercepted message to obtain complete message information, checking the complete message information, generating a checking result and sending the checking result to the report generating module;
and the report generation module is used for generating a second test report according to the verification result.
In an optional implementation manner of the first aspect, the message interception information includes a freshness interception value, and the message management module includes:
the freshness management module is used for processing the freshness interception value by using a preset freshness construction method to obtain a freshness value, checking the freshness value and generating a first checking result.
In an optional implementation manner of the first aspect, the message interception information includes a MAC interception value, and the message management module includes:
the freshness management module is used for sending the freshness value to the MAC management module;
processing the MAC interception value by using a preset MAC construction method to obtain an MAC value, and checking the MAC value based on the message information and the freshness value of the second message to obtain a second checking result.
In an optional implementation manner of the first aspect, the second message is a synchronous message, and the message information of the second message further includes a first message identifier;
and the MAC management module is used for processing the first message identifier and the freshness value by utilizing an MAC verification algorithm to obtain a first MAC verification value, and verifying the MAC value based on the first MAC verification value to obtain a second verification result.
In an optional implementation manner of the first aspect, the second message is a secure message, and the second message information includes a first message identifier and a first message content;
and the MAC management module is used for processing the first message identifier, the first message content and the freshness value by using an MAC verification algorithm to obtain a second MAC verification value, and verifying the MAC value based on the second MAC verification value to obtain a second verification result.
In an optional implementation manner of the first aspect, the message configuration module is further configured to configure test information, where the test information is used to test the tested controller.
In an alternative implementation of the first aspect, the test system comprises a freshness value length, a MAC verification algorithm, a MAC length.
In an alternative implementation manner of the first aspect, the data security protection mechanism includes a peer-to-peer encrypted communication SecOC mechanism.
In the embodiment of the application, the test system is connected with the tested controller, and the tested controller is configured with a data safety protection mechanism. In addition, the above-mentioned related test system may include a message construction module, a message configuration module, a test module and a report generation module, based on the structure, the above-mentioned related message construction module may construct a first message and send the first message to the test module, the message configuration module may configure the message information of the first message and send the message information of the first message to the test module, the test module may send the first message and the message information of the first message to the tested controller, the report generation module may receive the message feedback information sent by the tested controller after receiving the first message and the message information of the first message, and generate a first test report based on the message feedback information, so that the tested controller configured with the data security protection mechanism may test whether the message is abnormal, thereby not only improving the test efficiency, but also improving the test accuracy.
Drawings
In order to more clearly illustrate the technical solution of the embodiments of the present application, the drawings that are needed to be used in the embodiments of the present application will be briefly described, and it is possible for a person skilled in the art to obtain other drawings according to these drawings without inventive effort.
FIG. 1 is a schematic diagram of a test system according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of another test system according to an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application will be described in detail below, and in order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described in further detail below with reference to the accompanying drawings and the detailed embodiments. It should be understood that the particular embodiments described herein are meant to be illustrative of the application only and not limiting. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the application by showing examples of the application.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The term "and/or" is herein merely an association relationship describing an associated object, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone.
The board-side encryption communication (Security Onboard Communication, secOC) mechanism is a data security protection mechanism commonly used by controllers. As vehicle-mounted data are more and more threatened along with the rapid development of vehicle network technology, people pay more and more attention to the safety of the vehicle-mounted data, so that a controller provided with a data safety protection mechanism needs to be tested to ensure the safety of related data in the controller.
However, in the prior art, a controller configured with a SecOC mechanism is generally connected to test software, and related test scripts are written in the test software to test the SecOC mechanism deployed inside the controller, so as to obtain test data. However, since the test script is manually written and the test software needs to manually judge after outputting the test data, it is concluded that the test efficiency is lower and the test accuracy is lower when the controller configured with the SecOC mechanism is tested.
In order to solve the above problems, an embodiment of the present application provides a test system, which is connected to a tested controller, and the tested controller is configured with a data security protection mechanism. In addition, the above-mentioned related test system may include a message construction module, a message configuration module, a test module and a report generation module, based on the structure, the above-mentioned related message construction module may construct a first message and send the first message to the test module, the message configuration module may configure the message information of the first message and send the message information of the first message to the test module, the test module may send the first message and the message information of the first message to the tested controller, the report generation module may receive the message feedback information sent by the tested controller after receiving the first message and the message information of the first message, and generate a first test report based on the message feedback information, so that the tested controller configured with the data security protection mechanism may test whether the message is abnormal, thereby not only improving the test efficiency, but also improving the test accuracy.
The test system provided by the embodiment of the application is described in detail below by specific embodiments with reference to the accompanying drawings.
Fig. 1 is a schematic structural diagram of a test system according to an embodiment of the present application.
As shown in fig. 1, the test system 100 is connected to a controller under test 200, and the controller under test 200 is configured with a SecOC mechanism. The test system 100 may include a message construction module 110, a message configuration module 120, a test module 130, and a report generation module 140. Wherein,,
the message construction module 110 is configured to construct a first message, and send the first message to the test module;
the message configuration module 120 is configured to configure message information of the first message, and send the message information of the first message to the test module;
the test module 130 is configured to send a first message and message information of the first message to the to-be-tested controller;
the report generating module 140 is configured to receive the message feedback information sent by the measured controller, and generate a first test report based on the message feedback information.
The first message includes a normal message or an abnormal message. In some embodiments, the message information of the first message may include a transmission time, a transmission period, and a duration, which are not specifically limited herein. In some embodiments, the data security protection mechanism includes a peer-to-peer encrypted communication SecOC mechanism.
In some embodiments, the first packet may be a synchronous packet or a secure packet. Specifically, if the controlled controller is a slave node of the SecOC mechanism, correct and abnormal synchronous messages need to be sent to the controlled controller respectively to verify whether the controlled controller can correctly verify that the synchronous messages belong to abnormal messages or normal messages; if the measured controller is used as a receiving node of the SecOC mechanism, correct and abnormal safety messages are required to be sent to the measured to verify whether the measured controller can correctly receive the verification safety messages, and the verification safety messages belong to normal messages or abnormal messages.
Specifically, the above-mentioned message construction module may construct a first message and send the first message to the test module, the message configuration module may configure the message information of the first message and send the message information of the first message to the test module, the test module may send the first message and the message information of the first message to the tested controller, and after receiving the first message and the message information of the first message, the tested controller may verify the first message to determine whether the received first message is a normal message or an abnormal message, and send message feedback information to the report generation module, and the report generation module may receive the message feedback information and generate the first test report based on the message feedback information.
It should be noted that, when the measured controller verifies the first message, the message content, the freshness value and the MAC value of the first message may be verified, which is not limited herein. It should be further noted that, in the process of constructing the message, the message construction module needs to acquire the freshness value and the MAC value configured by the test system, and construct the message corresponding to the freshness value and the MAC value based on the acquired freshness value and MAC value.
In the embodiment of the application, the test system is connected with the tested controller, and the tested controller is configured with a data safety protection mechanism. In addition, the above-mentioned related test system may include a message construction module, a message configuration module, a test module and a report generation module, based on the structure, the above-mentioned related message construction module may construct a first message and send the first message to the test module, the message configuration module may configure the message information of the first message and send the message information of the first message to the test module, the test module may send the first message and the message information of the first message to the tested controller, the report generation module may receive the message feedback information sent by the tested controller after receiving the first message and the message information of the first message, and generate a first test report based on the message feedback information, so that the tested controller configured with the data security protection mechanism may test whether the message is abnormal, thereby not only improving the test efficiency, but also improving the test accuracy.
In order to more precisely describe the test system provided in the embodiment of the present application, as shown in fig. 2, the test system 100 related to the foregoing may include a message parsing module 101, a message management module 102, a message construction module 103 (corresponding to the message construction module 110 in fig. 1), a message configuration module 104 (corresponding to the message configuration module 120 in fig. 1), a test module 105 (corresponding to the test module 130 in fig. 1), and a report generation module 106 (corresponding to the message generation module 140 in fig. 1).
It should be noted that, the message management module 102 includes a freshness management module 1022 and a MAC management module 1021. The above-mentioned message parsing module 101 is connected to the freshness management module 1022 and the MAC management module 1021, respectively; the freshness management module 1022 is connected to the MAC management module 1021 and the message construction module 103, respectively; the MAC management module 1021 is connected with the message construction module 103 and the test module 105 respectively; the above-mentioned message construction module 103 is connected to the message configuration module 104, the message configuration module 104 is connected to the test module 105, and the test module 105 is connected to the report generation module 105.
Based on this, in one embodiment, the test system 100 related to the above may further include:
the message parsing module 101 is configured to receive a second message sent by the controlled device, parse the second message, obtain message information of the second message, where the message information of the second message includes message interception information, and send the message interception information to the message management module;
the message management module 102 is configured to process the intercepted message to obtain complete message information, verify the complete message information, generate a verification result, and send the verification result to the report generation module;
and the report generating module 106 is configured to generate a second test report according to the verification result.
Specifically, the test system may further include a message parsing module, a message management module and a report generating module, based on the structure of the test system, where the message parsing module in the test system may receive the second message sent by the tested controller and parse the second message to obtain message information of the second message, and because the message information of the second message only includes message interception information, the message parsing module may send the message interception information to the message management module, so that the message management module may process the message interception information after receiving the message interception information, obtain message complete information corresponding to the message interception information, and further may verify the message complete information to generate a verification result, and send the verification result to the report generating module for generating the second test report based on the verification result. The second message may be a synchronous message or a secure message, which is not limited herein.
In this embodiment, since the above-mentioned test system may further include a message parsing module, a message management module, and a report generation module, based on the structure of the test system, the message interception information may be obtained based on the parsing of the message sent from the tested controller, so as to obtain the complete message information, and check and generate a test report, thereby implementing the test of the tested controller configured with the data security protection mechanism, and further improving the test efficiency and the test accuracy.
Based on this, in one embodiment, the above-mentioned message interception information may include a freshness interception value, and the message management module 102 includes:
the freshness management module 1022 is configured to process the freshness interception value by using a preset freshness construction method to obtain a freshness value, and verify the freshness value to generate a first verification result.
It should be noted that, the freshness value may be used to indicate that the content of the message is a freshness value, and the freshness interception value may be a part of the freshness value. For example, the freshness value may be 16 bytes, and the freshness interception value may be two bytes, which is not excessively limited herein.
In some embodiments, the above-mentioned method for constructing the preset freshness may be an algorithm preset in actual situations or experience.
Specifically, the message interception information may include a freshness interception value, and the message management module may include a freshness management module. Based on the above, the freshness management module can process the freshness interception value by using a preset freshness construction method to obtain a freshness value, and further can verify the freshness value to generate a first verification result
In this embodiment, the message interception information may include a freshness interception value, and the message management module may include a freshness management module. Based on the method, the testing system can verify the freshness value of the message sent by the tested controller, so that the tested controller provided with the data safety protection mechanism is tested, the testing efficiency is improved, and the testing accuracy is improved.
In another embodiment, the message interception information may include a MAC interception value, based on which the message management module 102 includes:
a freshness management module 1022 for sending the freshness value to the MAC management module;
the MAC management module 1021 is configured to process the MAC interception value by using a preset MAC construction method to obtain a MAC value, and verify the MAC value based on the message information and the freshness value of the second message to obtain a second verification result.
The MAC value may be a physical address of the controlled controller on the network, and has uniqueness. And the MAC cut-off value is a part of the cut-off in the MAC value. The preset MAC construction method referred to above may be an algorithm preset in actual situations or experience.
Specifically, since the related message interception information may include a MAC interception value, and the related message management module may include a MAC management module and a freshness management module. Based on the above, the freshness value of the second message can be sent to the MAC management module by the freshness management module, the MAC management module can process the MAC interception value by using a preset MAC construction method to obtain the MAC value, and further can verify the MAC value based on the message information and the freshness value of the second message to obtain a second verification result
In this embodiment, the message interception information may include a MAC interception value, and the message management module may include a MAC management module and a freshness management module. Based on the method, the test system can verify the MAC value of the message sent by the tested controller, so that the tested controller provided with the data security protection mechanism is tested, the test efficiency is improved, and the test accuracy is improved.
Based on this, in one embodiment, if the second message is a synchronous message, the message information of the second message further includes the first message identifier;
the MAC management module 1021 is configured to process the first packet identifier and the freshness value by using a MAC verification algorithm to obtain a first MAC verification value, and verify the MAC value based on the first MAC verification value to obtain a second verification result.
Specifically, since the second message may be a synchronous message, the message information of the second message may include the first message identifier, based on this, the MAC management module may process the first message identifier and the freshness value by using a MAC verification algorithm to obtain a first MAC verification value, and verify the MAC value based on the first MAC verification value to obtain a second verification result. The MAC verification algorithm may be preconfigured in the test system, and is not specifically limited herein.
In this embodiment, the test of the tested controller configured with the data security protection mechanism may be implemented under the condition that the second message is a synchronous message and the message information of the second message may include the first message identifier, thereby not only improving the test efficiency but also improving the test accuracy.
In another embodiment, the second message is a secure message, and the second message information includes a first message identifier and a first message content;
the MAC management module 1021 is configured to process the first packet identifier, the first packet content, and the freshness value by using a MAC verification algorithm to obtain a second MAC verification value, and verify the MAC value based on the second MAC verification value to obtain a second verification result.
Specifically, the second message may be a secure message, so the message information of the second message may include the first message identifier and the first message content. Based on the above, the MAC management module may process the first packet identifier, the first packet content and the freshness value by using a MAC verification algorithm to obtain a second MAC verification value, and further may verify the MAC value based on the second MAC verification value to obtain a second verification result.
In this embodiment, the test of the tested controller configured with the data security protection mechanism may be implemented when the second message is a security message, and the message information of the second message includes the first message identifier and the first message content, thereby improving the test efficiency and the test accuracy.
In order to describe the test system provided in the embodiments of the present application more accurately and fully, in one embodiment, the message configuration module 104 is further configured to configure test information, where the test information is used to test the tested controller.
In some embodiments, the test information includes a freshness value length, a MAC verification algorithm, a MAC length. In addition, the test information may further include a key, which is not specifically limited herein.
In addition, it should be noted that, the test system provided by the embodiment of the application can also realize the stability test of the tested controller configured with the SecOC mechanism. Specifically, a large number of correct or abnormal synchronous messages and safety messages are constructed through a SecOC test system for a long time or under the bus peak load of the tested controller and sent to the tested controller, and meanwhile, the SecOC test system receives message feedback information of the tested controller on the large number of normal or abnormal synchronous messages and safety messages and generates a test report.
Based on the test system provided by the embodiment of the application, the blank of the SecOC test is filled. And the automatic precise control of the starting, continuous and interruption time and the like of the SecOC message receiving and transmitting realizes the tests of the controller SecOC mechanism safety message and the synchronous message construction, receiving and verifying, message processing capacity, freshness value management, mechanism stability and the like, and automatically generates a test report. The test device has the advantages of high test efficiency and good controllability, and can realize automatic test at a control end through a program.
It should be understood that the application is not limited to the particular arrangements and instrumentality described above and shown in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present application are not limited to the specific steps described and shown, and those skilled in the art can make various changes, modifications and additions, or change the order between steps, after appreciating the spirit of the present application.
The functional blocks shown in the above block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the application are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links through data requests carried in carrier waves. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this disclosure describe some methods or systems based on a series of steps or devices. However, the present application is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, or may be performed in a different order from the order in the embodiments, or several steps may be performed simultaneously.
Aspects of the present disclosure are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable electronic control unit ("ecu") upgrading apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable electronic control unit upgrading apparatus, enable the implementation of the functions/acts specified in the flowchart and/or block diagram block or blocks. Such a processor may be, but is not limited to being, a general purpose processor, a special purpose processor, an application specific processor, or a field programmable logic circuit. It will also be understood that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware which performs the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In the foregoing, only the specific embodiments of the present application are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present application is not limited thereto, and any equivalent modifications or substitutions can be easily made by those skilled in the art within the technical scope of the present application, and they should be included in the scope of the present application.

Claims (10)

1. A test system, wherein the test system is coupled to a controller under test, the controller under test configured with a data security protection mechanism, the test system comprising:
the message construction module is used for constructing a first message, wherein the first message comprises a normal message or an abnormal message, and the first message is sent to the test module;
the message configuration module is used for configuring the message information of the first message and sending the message information of the first message to the test module;
the test module is used for sending the first message and the message information of the first message to the tested controller;
and the report generation module is used for receiving the message feedback information sent by the controlled controller and generating a first test report based on the message feedback information.
2. The test system of claim 1, wherein the message information of the first message includes a transmission time, a transmission period, and a duration.
3. The test system of claim 1, wherein the test system comprises:
the message analysis module is used for receiving the second message sent by the controlled controller, analyzing the second message to obtain message information of the second message, wherein the message information of the second message comprises message interception information, and sending the message interception information to the message management module;
the message management module is used for processing the message interception information to obtain message complete information, checking the message complete information to generate a checking result, and sending the checking result to the report generation module;
and the report generating module is used for generating a second test report according to the verification result.
4. The test system of claim 3, wherein the message intercept information includes a freshness intercept value, the message management module comprising:
the freshness management module is used for processing the freshness interception value by using a preset freshness construction method to obtain a freshness value, checking the freshness value and generating a first checking result.
5. The test system of claim 4, wherein the message intercept information includes a MAC intercept value, and wherein the message management module includes:
the freshness management module is used for sending the freshness value to the MAC management module;
the MAC management module is used for processing the MAC interception value by using a preset MAC construction method to obtain an MAC value, and checking the MAC value based on the message information of the second message and the freshness value to obtain a second checking result.
6. The test system of claim 5, wherein the second message is a synchronous message, and wherein the message information of the second message further comprises the first message identifier;
the MAC management module is used for processing the first message identifier and the freshness value by utilizing an MAC verification algorithm to obtain a first MAC verification value, and verifying the MAC value based on the first MAC verification value to obtain a second verification result.
7. The test system of claim 5, wherein the second message is a secure message, and wherein the message information of the second message includes a first message identifier and a first message content;
the MAC management module is used for processing the first message identifier, the first message content and the freshness value by using an MAC verification algorithm to obtain a second MAC verification value, and verifying the MAC value based on the second MAC verification value to obtain a second verification result.
8. The test system of claim 1, wherein the message configuration module is further configured to configure test information, the test information being used to test the controller under test.
9. The test system of claim 8, the test information comprising a freshness value length, a MAC validation algorithm, a MAC length.
10. The system of claim 1, wherein the data security protection mechanism comprises a peer-to-peer encrypted communication SecOC mechanism.
CN202310560919.5A 2023-05-18 2023-05-18 Test system Pending CN116668334A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310560919.5A CN116668334A (en) 2023-05-18 2023-05-18 Test system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310560919.5A CN116668334A (en) 2023-05-18 2023-05-18 Test system

Publications (1)

Publication Number Publication Date
CN116668334A true CN116668334A (en) 2023-08-29

Family

ID=87719875

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310560919.5A Pending CN116668334A (en) 2023-05-18 2023-05-18 Test system

Country Status (1)

Country Link
CN (1) CN116668334A (en)

Similar Documents

Publication Publication Date Title
US10255428B2 (en) Apparatus and method for testing normality of shared data
CN103152400B (en) The method, system and the cloud server that log in is carried out by mobile terminal
CN113342371B (en) Internet of things equipment upgrading system
CN109634258B (en) Bus message checking method, device and system for hardware-in-loop test
CN106998281B (en) Data updating processing method and device, gateway controller and automobile
CN110955899B (en) Safety test method, device, test equipment and medium
KR100981465B1 (en) Method and device for secure access protocol conformance testing on authentication service entity
CN111949288A (en) Intelligent element remote upgrading method and system based on vehicle-mounted Ethernet
US20180310173A1 (en) Information processing apparatus, information processing system, and information processing method
CN106485140A (en) A kind of upgrade method of electric energy meter and upgrade-system
CN113900682A (en) System software upgrading method, device, equipment and computer storage medium
CN111585970A (en) Token verification method and device
CN113381911A (en) Test method, device, equipment and storage medium
CN113556335A (en) Vehicle-mounted bus safety testing method and system
CN111065090A (en) Method for establishing network connection and wireless routing equipment
KR20140144203A (en) Communication device and communication method
JP2020513182A (en) V2X communication system
CN116668334A (en) Test system
CN116866914A (en) Method, device, storage medium and system for testing communication security of Internet of vehicles
CN112219416A (en) Techniques for authenticating data transmitted over a cellular network
JP6992309B2 (en) Transmitter, receiver, and communication method
EP3343972B1 (en) Wireless data concentrator systems and methods
CN107483296B (en) Optical fiber transmission rate testing method and system
CN111212396B (en) Vehicle system and method for vehicle-to-outside information interaction (V2X) communication
CN117527516A (en) CAN fault injection method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination