CN117574392A - Safety monitoring method, system, equipment and storage medium for vehicle-mounted system - Google Patents
Safety monitoring method, system, equipment and storage medium for vehicle-mounted system Download PDFInfo
- Publication number
- CN117574392A CN117574392A CN202410057709.9A CN202410057709A CN117574392A CN 117574392 A CN117574392 A CN 117574392A CN 202410057709 A CN202410057709 A CN 202410057709A CN 117574392 A CN117574392 A CN 117574392A
- Authority
- CN
- China
- Prior art keywords
- vehicle
- vulnerability
- database
- vulnerability database
- mounted system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000012544 monitoring process Methods 0.000 title claims abstract description 35
- 238000003860 storage Methods 0.000 title claims abstract description 18
- 238000001514 detection method Methods 0.000 claims abstract description 95
- 230000008439 repair process Effects 0.000 claims description 39
- 238000004590 computer program Methods 0.000 claims description 10
- 230000000694 effects Effects 0.000 abstract description 3
- 230000008569 process Effects 0.000 description 10
- 229920006235 chlorinated polyethylene elastomer Polymers 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 238000004458 analytical method Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000012360 testing method Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000009826 distribution Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000000136 cloud-point extraction Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000007257 malfunction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/23—Updating
- G06F16/2358—Change logging, detection, and notification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application relates to a safety monitoring method, a system, equipment and a storage medium of a vehicle-mounted system, which belong to the technical field of vehicle safety, and the method comprises the steps of obtaining a vulnerability database, wherein the vulnerability database comprises a general vulnerability database and a vehicle-mounted system vulnerability database, and the vehicle-mounted system vulnerability database comprises specific vulnerabilities corresponding to different vehicle-mounted systems; and performing vulnerability detection on the vehicle-mounted system according to the universal vulnerability database and the vehicle-mounted system vulnerability database to obtain detection results. The method and the device have the effect of improving the accuracy of detecting the potential safety hazard of the vehicle-mounted system.
Description
Technical Field
The present disclosure relates to the field of vehicle security technologies, and in particular, to a method, a system, an apparatus, and a storage medium for monitoring vehicle-mounted system security.
Background
With the continuous development of automobile intellectualization and internet technology, the emergence of various intelligent and automatic vehicles is convenient for people to work and live, but a plurality of security threats for the vehicles are also promoted. For example, a programmable or remotely controllable in-vehicle system in a vehicle may become an intrusion channel for illegal intruders, which in turn threatens the life and property security of people.
At present, a general vulnerability detection method is used for detecting vehicles, a general vulnerability scanning technology can be used for various systems, and problems which can be detected are possible problems in all the systems, and differences between a vehicle-mounted system and other systems are not considered. Therefore, the existing vulnerability monitoring method is easy to report missing, and the accuracy rate of detecting the potential safety hazard of the vehicle-mounted system is low.
Disclosure of Invention
In order to solve the problem of low accuracy in detecting potential safety hazards of a vehicle-mounted system, the application provides a safety monitoring method, a system, equipment and a storage medium of the vehicle-mounted system.
In a first aspect of the present application, a method for safety monitoring of an in-vehicle system is provided. The method comprises the following steps:
obtaining a vulnerability database, wherein the vulnerability database comprises a general vulnerability database and a vehicle-mounted system vulnerability database, and the vehicle-mounted system vulnerability database comprises specific vulnerabilities corresponding to different vehicle-mounted systems;
and performing vulnerability detection on the vehicle-mounted system according to the universal vulnerability database and the vehicle-mounted system vulnerability database to obtain detection results.
According to the technical scheme, the two vulnerability libraries of the general vulnerability library and the vehicle-mounted system vulnerability library are used for comprehensively detecting the vehicle-mounted system, so that the accuracy of detection results is improved.
In one possible implementation manner, according to a general vulnerability database and a vehicle-mounted system vulnerability database, performing vulnerability detection on a vehicle-mounted system to obtain a detection result, including:
acquiring a system data list of a vehicle-mounted system, wherein the system data list comprises an electronic control unit model of a vehicle corresponding to the vehicle-mounted system and a system version corresponding to the electronic control unit model;
and respectively comparing the vulnerability information in the universal vulnerability database and the vehicle-mounted system vulnerability database with the data information of the system version according to the system data list to obtain a detection result.
According to the technical scheme, according to the system data list of the vehicle information, the vulnerability information in the two vulnerability libraries is compared with the data information of the system version, so that the vulnerability detection of the vehicle-mounted system is realized, all the systems in the vehicle-mounted system are covered by the vulnerability detection, the integrity of the vulnerability detection of the vehicle-mounted system is improved, and the accuracy of detecting the potential safety hazards of the vehicle-mounted system is further improved.
In one possible implementation, the method further includes:
monitoring vulnerability updating data of a vulnerability database and version updating data of a system version, wherein the vulnerability updating data represents updating conditions of the vulnerability database, and the version updating data represents updating conditions of the system version;
and performing vulnerability detection on the system corresponding to the version updating data according to the vulnerability updating data, the version updating data and the system data list, and updating the detection result.
According to the technical scheme, the updating condition of the vulnerability database or the vehicle system version is timely obtained through real-time monitoring of the vulnerability database and the system version, when the vulnerability database or the system version is updated, the vehicle system is detected again, the detection result corresponding to the vehicle is updated, the latest vulnerability condition of the vehicle can be timely found out and detected in a monitoring mode, a repair plan can be timely made conveniently, and threat of the vulnerability to the safety of the vehicle is reduced.
In one possible implementation, the detection result includes a plurality of vulnerability data, each vulnerability data including a vulnerability number, a vulnerability type, a vulnerability location, and a vulnerability risk level, and the method further includes:
acquiring a digital twin model of a vehicle corresponding to the system version;
and marking the model positions corresponding to the vulnerability positions in the digital twin model according to the vulnerability quantity, the vulnerability type, the vulnerability positions and the vulnerability danger degree.
According to the technical scheme, the vulnerability data in the detection result are marked on the digital twin model of the corresponding vehicle, so that a user, a vehicle manufacturer or a maintenance service provider can intuitively know the vulnerability distribution condition of the vehicle, the vulnerability danger degree and other information, and the reading experience is improved.
In one possible implementation, the method further includes:
the digital twin model includes all parts of the vehicle and associations between the parts, the method further comprising:
judging whether the vulnerability positions have vulnerabilities corresponding to the vulnerability types according to the association relation between the parts, and obtaining vulnerability results;
and (5) according to the vulnerability result, carrying out risk degree assessment on the vehicle to obtain an actual risk level.
According to the technical scheme, the association relation among all parts in the vehicle is obtained through the digital twin model, the vehicle is further detected according to the detected vulnerability position and the vulnerability type, whether the vulnerability corresponding to the vulnerability type exists in the actual vehicle-mounted system is judged, a vulnerability result is obtained, the vehicle is subjected to danger degree assessment according to the vulnerability result, an actual danger level is obtained, the detection result is judged again in a mode of combining with the actual situation of the vehicle, the dangerous situation of the vehicle is re-rated, and the accuracy of vehicle assessment is improved.
In one possible implementation, the method further includes:
generating a vehicle vulnerability list according to detection results of all vehicles;
and ordering the vehicles in the vehicle vulnerability list according to the vulnerability dangerous situation of the vehicles in the vehicle vulnerability list, and generating a repair list.
According to the technical scheme, the vehicles with the loopholes are determined and the vehicle loopholes list is formed by analyzing the detection results of the vehicles, and then the vehicles are ordered according to the loopholes dangerous conditions of the vehicles in the vehicle loopholes list to generate a repair list, so that the repair work of the vehicles can be orderly carried out, and meanwhile, the influence of the loopholes on the safety of the vehicles can be reduced by ordering the vehicles according to the loopholes dangerous conditions.
In one possible implementation, the method further includes:
and when the dangerous situations of the loopholes are lower than the preset dangerous level, classifying according to the areas where the vehicles are in the vehicle loopholes list, and generating a repair list.
In a second aspect of the present application, a safety monitoring system for an in-vehicle system is provided. The system comprises:
the system comprises a vulnerability database acquisition module, a vulnerability database acquisition module and a vulnerability database analysis module, wherein the vulnerability database comprises a general vulnerability database and a vehicle-mounted system vulnerability database, and the vehicle-mounted system vulnerability database comprises specific vulnerabilities corresponding to different vehicle-mounted systems;
the vulnerability detection module is used for carrying out vulnerability detection on the vehicle-mounted system according to the universal vulnerability database and the vehicle-mounted system vulnerability database to obtain detection results.
In a third aspect of the present application, an electronic device is provided. The electronic device includes: a memory and a processor, the memory having stored thereon a computer program, the processor implementing the method as described above when executing the program.
In a fourth aspect of the present application, there is provided a computer readable storage medium having stored thereon a computer program which when executed by a processor implements a method as according to the first aspect of the present application.
In summary, the present application includes at least one of the following beneficial technical effects:
the data information in the system data list is comprehensively detected by using the two vulnerability libraries of the universal vulnerability library and the vehicle-mounted system vulnerability library, so that the accuracy of a detection result is improved;
according to the system data list of the vehicle information, comparing the vulnerability information in the two vulnerability libraries with the data information of the system version to realize vulnerability detection of the vehicle-mounted system, wherein the vulnerability detection covers all systems in the vehicle-mounted system, so that the comprehensiveness of the vulnerability detection of the vehicle-mounted system is improved, and the accuracy of detecting the potential safety hazards of the vehicle-mounted system is further improved;
the system version and the vulnerability database are monitored in real time, so that the updating condition of the vulnerability database or the system version of the vehicle is timely obtained, when the vulnerability database or the system version is updated, the vehicle system is detected again, the detection result corresponding to the vehicle is updated, the latest vulnerability condition of the vehicle can be timely known, a repair plan is made, and the threat of the vulnerability to the safety of the vehicle is reduced;
by marking the vulnerability data in the detection result on the digital twin model of the corresponding vehicle, information such as vulnerability distribution conditions of the vehicle, vulnerability danger degree and the like can be intuitively known, and reading experience is improved.
Drawings
Fig. 1 is a flow chart of a safety monitoring method of an in-vehicle system provided by the application.
Fig. 2 is a flowchart of a safety monitoring method of the vehicle-mounted system provided by the application.
Fig. 3 is a schematic structural diagram of a safety monitoring system of the vehicle-mounted system provided by the application.
Fig. 4 is a schematic structural diagram of an electronic device provided in the present application.
In the figure, 201, a vulnerability library acquisition module; 202. a vulnerability detection module; 301. a CPU; 302. a ROM; 303. a RAM; 304. an I/O interface; 305. an input section; 306. an output section; 307. a storage section; 308. a communication section; 309. a driver; 310. removable media.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
In addition, the term "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In this context, unless otherwise specified, the term "/" generally indicates that the associated object is an "or" relationship.
The firmware software version list refers to a list in which software versions installed on respective Electronic Control Units (ECUs) of the vehicle are recorded. The vehicle firmware software version inventory plays a critical role in the automotive industry. The software version of these electronic control units has a significant impact on the performance and safety of the vehicle.
With the use of vehicles, the software version can also be updated and iterated, and the software on the electronic control unit can have loopholes and potential safety hazards. These vulnerabilities and hazards may lead to security threats such as instability, malfunction, etc. of the vehicle system. Therefore, it is important to detect a vulnerability of a vehicle system.
At present, a general vulnerability detection method is used for detecting the vulnerabilities of the vehicle systems, and is almost suitable for all systems, so that the detection has the problems that special vulnerabilities existing in the vehicle systems and/or all subsystems in the vehicle systems cannot be detected, the detection of the vehicle systems is incomplete, and the detection accuracy is low.
By combining with the vehicle asset data, the method and the device for detecting the loopholes of the vehicle system in the vehicle of different models perform loopholes detection on all subsystems related to the vehicle system, and achieve comprehensive detection on the vehicle system. The vehicle asset data includes a vehicle model, a vehicle model version, part information, and the like. In the traditional vulnerability monitoring method, the vehicle asset data is often ignored, so that the analysis of the influence surfaces of the vehicle and the electronic control unit is incomplete, no risk image of the vehicle type and the vehicle is formed, the safety condition of the vehicle cannot be comprehensively known by a vehicle manufacturer and a maintenance service provider, and no effective measures are taken according to the safety condition of the vehicle to prevent and cope with potential safety risks.
Embodiments of the present application are described in further detail below with reference to the drawings attached hereto.
The safety monitoring method of the vehicle-mounted system provided by the embodiment of the application runs in a cloud server, wherein the cloud server is integrated with cloud vehicle-mounted systems of all vehicles of a vehicle manufacturer, and the cloud vehicle-mounted systems upload the vehicle-mounted systems of actual vehicles to the cloud server for backup, and the cloud vehicle-mounted systems are identical to the vehicle-mounted systems of the actual vehicles. The cloud server is also integrated with digital twin models of all vehicles, and the digital twin models fully utilize data such as physical models, sensor updating, operation histories and the like, integrate simulation processes of multiple disciplines, multiple physical quantities, multiple scales and multiple probabilities, and complete mapping in a virtual space, so that the full life cycle process of corresponding entity equipment is reflected.
The embodiment of the application provides a safety monitoring method of a vehicle-mounted system, and the main flow of the method is described as follows.
As shown in fig. 1:
step S101: a system data list of the vehicle is obtained.
Specifically, the system data list includes an electronic control unit model of the vehicle and a system version corresponding to the electronic control unit model.
When a vehicle manufacturer makes a new vehicle model, a software package is uploaded, and the software package contains the vehicle model of the new vehicle model, the system version corresponding to the vehicle model and information of various parts of the vehicle.
Step S102: and respectively carrying out vulnerability detection on the systems corresponding to the system versions according to the system data list to obtain detection results.
Specifically, a vulnerability database is obtained, wherein the vulnerability database comprises a general vulnerability database and a vehicle-mounted system vulnerability database, the vehicle-mounted system vulnerability database comprises specific vulnerabilities corresponding to different system versions, the general vulnerability database comprises vulnerabilities which can occur in all systems, and the general vulnerability database can detect vulnerabilities of most systems. A generic vulnerability library may also be understood as a vulnerability library that contains all open source vulnerabilities. The vehicle-mounted system vulnerability library consists of vulnerabilities obtained by vehicle manufacturers in the process of testing vehicle systems. It will be appreciated that for safety reasons, vehicle manufacturers test new vehicles as they develop new vehicle systems or manufacture new vehicle models, and various vulnerabilities in the vehicle systems may be discovered during the test, some of which may be unique to that version of the vehicle system.
Further, according to the system data list, data information in the system corresponding to the system version is compared with the common vulnerability database and vulnerability information of the vehicle-mounted system vulnerability database, so that a detection result is obtained. In one particular embodiment, the vulnerability information is a generic platform enumeration (common platform enumeration, CPE), which is a standardized method of describing and identifying the application, operating system, and hardware device classes present in an enterprise computing asset, that provides a standard machine-readable format by which electronic products and platforms can be uniquely encoded. For example, knowing the various subsystems in the vehicle system and the versions of the subsystems, i.e., the information of the installed products, the CPE names are used to identify the various subsystems in the vehicle system, then the CPE corresponding to each system is compared with the CPE in the two vulnerability libraries, and if the CPE corresponding to each system is the same, it is indicated that the system has a corresponding vulnerability in the vulnerability library. The vulnerability library comprises a plurality of vulnerabilities, each vulnerability corresponds to a plurality of CPEs, and the corresponding vulnerabilities of the system corresponding to the CPEs are indicated.
Firstly, performing vulnerability detection on all subsystems in a vehicle system through a system data list, so that comprehensive detection of the vehicle system is realized, and the accuracy of vehicle detection is improved; and secondly, comparing all subsystems in the vehicle system with a general vulnerability database and comparing the general vulnerability database with a vehicle-mounted system vulnerability database. On the basis of detecting the universal loopholes, the loopholes in the vehicle system can be detected, and the accuracy of vehicle detection is further improved.
The safety monitoring method of the vehicle-mounted system further comprises the following steps:
and monitoring vulnerability updating data of the vulnerability database and version updating data of the system version, wherein the vulnerability updating data represents updating conditions of the vulnerability database, and the version updating data represents updating conditions of the system version. And performing vulnerability detection on a system corresponding to the version updating data according to the vulnerability updating data, the version updating data and the system data list, and updating the detection result.
Specifically, after the vehicle test is completed, before the vehicle is sold towards the market, a monitoring program is established for subsystems of the vehicle systems in each vehicle to detect whether the vehicle systems are updated, meanwhile, the updating conditions of the general vulnerability database and the vehicle-mounted system vulnerability database in the vulnerability database are monitored, and when any one of the two vulnerability databases is updated and/or any subsystem in the vehicle systems is updated, a detection task is triggered to detect the vehicle systems again to obtain new detection results and update the detection results. If the vulnerability database is updated, vulnerability detection is needed for all vehicle systems of all vehicles, and if the vulnerability database is not updated, only the vehicle systems of one or more vehicle types are updated, only the updated vehicle systems are subjected to vulnerability detection. It should be noted that, if one subsystem of the vehicle system is updated, it is regarded as the vehicle system is updated, and thus, vulnerability detection needs to be performed on all subsystems in the vehicle system.
In the embodiment of the application, a mode of triggering the vulnerability detection is updated, and in other embodiments, a mode of triggering the vulnerability detection periodically can be adopted, for example, the vulnerability detection is performed again 24 hours after the vulnerability detection is performed, the vulnerability detection process is circulated, and the vulnerability condition in the vehicle system is found in time, so that the latest detection result is obtained. The two triggering modes can be combined, namely, when updating occurs, the vulnerability detection is performed, when the specified period is reached, the vulnerability detection is also performed, the latest detection result is obtained, and the previous detection result is updated to the latest detection result.
After each detection result is obtained, a vulnerability log is created, the situation of each vulnerability detection and the obtained detection result are recorded, and a data basis is provided for later restoration or inquiry.
The detection result obtained after the loophole detection comprises a plurality of loophole data, wherein each loophole data comprises the number of loopholes, the type of the loophole, the position of the loophole and the dangerous degree of the loophole.
The safety monitoring method of the vehicle-mounted system further comprises the following steps:
the digital twin model of the vehicle corresponding to the system version is obtained, and the digital twin model can be simply understood as the data of the corresponding vehicle marked on the three-dimensional model of the vehicle. It will be appreciated that when a vehicle manufacturer manufactures a vehicle, a digital twin model is created for each vehicle to form a library of vehicle models. When the data on the digital twin model is required to be updated, the digital twin model corresponding to the actual vehicle is taken out of the vehicle model library, and then the digital twin model is marked or the data on the digital twin model is updated.
Further, according to the number of the loopholes, the type of the loopholes, the position of the loopholes and the danger degree of the loopholes, the model positions corresponding to the position of the loopholes in the digital twin model are marked. There are a plurality of subsystems of the vehicle system, such as a screen subsystem, a seat subsystem, a window subsystem, etc. The screen subsystem is a system installed on an automobile screen, the seat subsystem can judge whether the safety belt is fastened or not and the adjustment condition of the seat, and the car window subsystem can control the adjustment condition of car windows. Marking the corresponding position of the seat in the digital twin model if the vulnerability appears in the seat system, and similarly marking the corresponding position of the vehicle window in the digital twin model if the vulnerability appears on the vehicle window subsystem; if the vulnerability appears on the screen subsystem, the corresponding position of the screen in the digital twin model is noted. And marking the number of the loopholes, the types of the loopholes and the dangerously degree of the loopholes at the corresponding positions of the digital twin model.
And the distribution condition of the loopholes of the vehicle system and the dangerous condition of the loopholes at different positions are displayed through a digital twin model. The vehicle manufacturer and the maintenance service provider can intuitively and comprehensively know the safety condition of the vehicle, and can timely take corresponding measures according to the condition of the vehicle system to deal with and prevent the existing or potential safety risk.
The safety monitoring method of the vehicle-mounted system further comprises the following steps:
determining the number of models of the electronic control units, the number of vehicle types and the number of vehicles with holes and the number of hole information corresponding to different system versions with holes according to all the digital twin models with marks; and determining an influence analysis report according to the number of models, the number of vehicle models and the number of vehicles of the electronic control units with the loopholes and the number of loopholes information corresponding to different system versions with the loopholes, wherein the influence analysis report is used for reflecting the situations among the loopholes, the models and the system versions of the electronic control units.
It can be understood that the safety monitoring system is set by a vehicle manufacturer when the vehicle leaves the factory, the conditions of the vehicle systems in all vehicles are monitored, then the digital twin models corresponding to the vehicles are marked or updated according to the monitored data, and all marked digital twin models are obtained, so that the conditions of all vehicles, including the vulnerability conditions of all vehicle systems, can be obtained. According to the vulnerability related data on the digital twin model, the number of vulnerabilities existing in different electronic control unit models can be obtained, for example, five electronic control unit models exist, wherein the number of vulnerabilities existing in one electronic control unit model is 2000, the number of electronic control unit models corresponding to the electronic control unit model is two thousand, and the number of electronic control unit models corresponding to other electronic control unit models with vulnerabilities is the same. The number of the loopholes existing in different vehicle types, namely the number of the vehicle types with the loopholes, the number of the vehicles with the loopholes, and the number of the loopholes corresponding to different system versions with the loopholes, namely the number of the loopholes respectively existing in different system versions, can be obtained. The relationship between the electronic control unit model, the vehicle model and the system version and the loopholes can be reflected to a certain extent according to the data on the influence analysis report, for example, the number of loopholes existing in some electronic control unit models is small, the number of loopholes existing in some electronic control unit models is large, and the number of loopholes is large to a certain extent, so that the security of the electronic control unit models is low. The same is true for the vehicle model, system version, etc.
The safety monitoring method of the vehicle-mounted system further comprises the following steps:
the known digital twin model is completely the same as the actual vehicle, so that the association relations among all parts of the vehicle can be obtained from the digital twin model, and whether the vulnerability positions have vulnerabilities corresponding to the vulnerability types or not is judged according to the association relations among the parts, so that a vulnerability result is obtained; and (5) according to the vulnerability result, carrying out risk degree assessment on the vehicle to obtain an actual risk level. For example, a situation that a user does not enter a certain position of the vehicle is found to have a vulnerability without authorization by monitoring results, but in an actual vehicle, the position does not need the user to enter, and the vulnerability results are that the vulnerability does not exist. For another example, if a part has an illegally connected interface, it means that the part has the leak in other systems, but in an actual vehicle, the interface of the part is sealed and cannot be connected with other parts, and the leak results in that the leak does not exist. Judging each vulnerability in the vehicle to obtain a judging result, and carrying out risk assessment on the vehicle according to the judging results of all the vulnerabilities to obtain an actual assessment grade. For example, two thousands of loopholes are detected through the detection result, the risk level is high, but after the loopholes are re-judged through the process, only one hundred loopholes actually exist, and the actual risk level is low.
The association relation among all parts in the vehicle is obtained through the digital twin model, the vehicle is further detected according to the detected vulnerability position and the vulnerability type, whether the vulnerability corresponding to the vulnerability type exists in the actual vehicle-mounted system or not is judged, a vulnerability result is obtained, the vehicle is subjected to dangerous degree assessment according to the vulnerability result, an actual dangerous grade is obtained, the detection result is judged again in a mode of combining with the actual situation of the vehicle, the dangerous situation of the vehicle is re-rated, and the accuracy of vehicle assessment is improved.
The safety monitoring method of the vehicle-mounted system further comprises the following steps:
according to detection results of all vehicles, a vehicle vulnerability list is generated, when a vulnerability exists in the detection results of the vehicles, the vehicles with the vulnerability are added into the vehicle vulnerability list, the vehicle vulnerability list not only comprises basic information of the vehicles but also comprises the vulnerability dangerous condition of the vehicles, the dangerous condition of the vulnerability comprises the dangerous degree of each vulnerability in the vehicles and the total dangerous degree formed by combining all the vulnerabilities together, and according to the vulnerability dangerous condition of the vehicles in the vehicle vulnerability list, the vehicles in the vehicle vulnerability list are ordered, so that a repair list is generated. It can be understood that the higher the total hazard level of the vehicle is, the lower the safety of the vehicle is, and the more timely repair is needed, so that the vehicles in the repair list are repaired in batches by sorting the vehicles in descending order of the total hazard level of the vehicle to obtain the repair list.
Batch repair of vehicles requires test repair of a portion of the vehicles, for example, one hundred vehicles have problems, the system issues repair tasks to ten vehicles, the repair effect of the ten vehicles is expected, and the next time the repair task may be issued to all vehicles. On the other hand, batch repair is to take vehicles with the same protocol as a batch for unified issuing of repair tasks due to different vehicle suppliers and different communication protocols.
The cloud server generates a repair task according to a detection result of the cloud vehicle-mounted system, sends the repair task to the vehicle-mounted system of the actual vehicle, when the repair task is downloaded, namely, the repair is successful, the vehicle-mounted system sends a feedback to the cloud server, the cloud server updates the cloud vehicle-mounted system according to the feedback, and if the repair task is downloaded failure, namely, the repair is not completed, the vehicle-mounted system also sends the feedback to the cloud server, and the cloud server sends the repair task to the vehicle which is not completed again.
The safety monitoring method of the vehicle-mounted system further comprises the following steps:
and when the dangerous situations of the loopholes are lower than the preset dangerous level, classifying according to the areas where the vehicles are in the vehicle loopholes list, and generating a repair list.
It can be understood that when the dangerous situations of the loopholes are lower than the preset dangerous level, the dangerous situations of the vehicle are indicated not to influence the safe running of the vehicle, but potential safety hazards still exist, so that the repair list can be generated by classification according to different areas. After obtaining the repair list, sending repair tasks to the vehicles in the repair list in turn according to the information in the repair list, wherein the repair tasks are realized through Over-the-Air technology (OTA).
Referring to fig. 2, after the batch repair is performed on the vehicle, that is, after the repair is completed on the vehicle, various system versions in the vehicle system are changed, that is, a system data list is changed, after the system data list is changed, vulnerability detection is triggered and a detection result is updated, after the detection result is updated, data in the digital twin model also needs to be adjusted and marked, then a new repair list is generated according to different data on the digital twin model, a repair task is issued according to the new repair list, and batch repair is performed on the vehicle again. The whole process is circularly executed.
An embodiment of the present application provides a safety monitoring system of an in-vehicle system, referring to fig. 3, the safety monitoring system of an in-vehicle system includes:
the vulnerability database acquisition module 201 is configured to acquire a vulnerability database, where the vulnerability database includes a general vulnerability database and a vehicle-mounted system vulnerability database, and the vehicle-mounted system vulnerability database includes specific vulnerabilities corresponding to different vehicle-mounted systems;
the vulnerability detection module 202 is configured to perform vulnerability detection on the vehicle-mounted system according to the general vulnerability database and the vehicle-mounted system vulnerability database, so as to obtain a detection result.
It will be clear to those skilled in the art that, for convenience and brevity of description, reference may be made to the corresponding process in the foregoing method embodiment for the specific working process of the described module, which is not described herein again.
The embodiment of the application discloses electronic equipment. Referring to fig. 4, the electronic apparatus includes a central processing unit (central processing unit, CPU) 301 that can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) 302 or a program loaded from a storage portion 307 into a random access memory (random access memory, RAM) 303. In the RAM 303, various programs and data required for the system operation are also stored. The CPU 301, ROM 302, and RAM 303 are connected to each other by a bus. An input/output (I/O) interface 304 is also connected to the bus.
The following components are connected to the I/O interface 304: an input section 305 including a keyboard, a mouse, and the like; an output section 306 including a Cathode Ray Tube (CRT), a liquid crystal display (liquid crystal display, LCD), and the like, and a speaker, and the like; a storage portion 307 including a hard disk and the like; and a communication section 308 including a network interface card such as a local area network (local area network, LAN) card, a modem, or the like. The communication section 308 performs communication processing via a network such as the internet. A driver 309 is also connected to the I/O interface 304 as needed. A removable medium 310 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed on the drive 309 as needed, so that a computer program read out therefrom is installed into the storage section 307 as needed.
In particular, according to embodiments of the present application, the process described above with reference to flowchart fig. 1 may be implemented as a computer software program. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a machine-readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such embodiments, the computer program may be downloaded and installed from a network via the communication portion 308, and/or installed from the removable media 310. The above-described functions defined in the apparatus of the present application are performed when the computer program is executed by a Central Processing Unit (CPU) 301.
It should be noted that the computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (erasable programmable read only memory, EPROM), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present application, however, a computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, radio Frequency (RF), and the like, or any suitable combination of the foregoing.
The foregoing description is only of the preferred embodiments of the present application and is presented as a description of the principles of the technology being utilized. It will be appreciated by persons skilled in the art that the scope of the application referred to in this application is not limited to the specific combinations of features described above, but it is intended to cover other embodiments in which any combination of features described above or their equivalents is possible without departing from the spirit of the application. Such as the above-mentioned features and the technical features having similar functions (but not limited to) applied for in this application are replaced with each other.
Claims (9)
1. A method for safety monitoring of an in-vehicle system, comprising:
obtaining a vulnerability database, wherein the vulnerability database comprises a general vulnerability database and a vehicle-mounted system vulnerability database, and the vehicle-mounted system vulnerability database comprises specific vulnerabilities corresponding to different vehicle-mounted systems;
performing vulnerability detection on the vehicle-mounted system according to the universal vulnerability database and the vehicle-mounted system vulnerability database to obtain a detection result;
and performing vulnerability detection on the vehicle-mounted system according to the universal vulnerability database and the vehicle-mounted system vulnerability database to obtain a detection result, wherein the detection result comprises:
acquiring a system data list of the vehicle-mounted system, wherein the system data list comprises an electronic control unit model of a vehicle corresponding to the vehicle-mounted system and a system version corresponding to the electronic control unit model;
and respectively comparing the vulnerability information in the universal vulnerability database and the vehicle-mounted system vulnerability database with the data information of the system version according to the system data list to obtain a detection result.
2. The method for safety monitoring of an in-vehicle system according to claim 1, further comprising:
monitoring vulnerability updating data of the vulnerability database and version updating data of the system version, wherein the vulnerability updating data represents updating conditions of the vulnerability database, and the version updating data represents updating conditions of the system version;
and performing vulnerability detection on a system corresponding to the version updating data according to the vulnerability updating data, the version updating data and the system data list, and updating the detection result.
3. The method for monitoring the security of the vehicle-mounted system according to claim 1, wherein the detection result includes a plurality of pieces of vulnerability data, each piece of vulnerability data includes a vulnerability number, a vulnerability type, a vulnerability location and a vulnerability risk level, and the method further includes:
acquiring a digital twin model of a vehicle corresponding to the system version;
and marking model positions corresponding to the vulnerability positions in the digital twin model according to the vulnerability quantity, the vulnerability type, the vulnerability positions and the vulnerability danger degree.
4. A safety monitoring method of an in-vehicle system according to claim 3, wherein,
the digital twin model includes all parts of the vehicle and associations between the parts, the method further comprising:
judging whether the loophole position has loopholes corresponding to the loophole types according to the association relation between the parts, and obtaining a loophole result;
and according to the vulnerability result, carrying out risk degree assessment on the vehicle to obtain an actual risk level.
5. The method for safety monitoring of an in-vehicle system according to claim 1, further comprising:
generating a vehicle vulnerability list according to detection results of all vehicles;
and ordering the vehicles in the vehicle vulnerability list according to the vulnerability dangerous situation of the vehicles in the vehicle vulnerability list, and generating a repair list.
6. The method of claim 5, further comprising:
and when the dangerous situations of the loopholes are lower than the preset dangerous level, classifying according to the areas where the vehicles are in the vehicle loopholes list, and generating a repair list.
7. A safety monitoring system for an in-vehicle system, comprising:
the system comprises a vulnerability database, a vulnerability database acquisition module and a vulnerability database management module, wherein the vulnerability database comprises a general vulnerability database and a vehicle-mounted system vulnerability database, and the vehicle-mounted system vulnerability database comprises specific vulnerabilities corresponding to different vehicle-mounted systems;
the vulnerability detection module is used for carrying out vulnerability detection on the vehicle-mounted system according to the universal vulnerability database and the vehicle-mounted system vulnerability database to obtain detection results; and performing vulnerability detection on the vehicle-mounted system according to the universal vulnerability database and the vehicle-mounted system vulnerability database to obtain a detection result, wherein the detection result comprises: acquiring a system data list of the vehicle-mounted system, wherein the system data list comprises an electronic control unit model of a vehicle corresponding to the vehicle-mounted system and a system version corresponding to the electronic control unit model; and respectively comparing the vulnerability information in the universal vulnerability database and the vehicle-mounted system vulnerability database with the data information of the system version according to the system data list to obtain a detection result.
8. An electronic device comprising a memory and a processor, the memory having stored thereon a computer program capable of being loaded by the processor and performing the method according to any of claims 1 to 6.
9. A computer readable storage medium, characterized in that a computer program is stored which can be loaded by a processor and which performs the method according to any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410057709.9A CN117574392A (en) | 2024-01-16 | 2024-01-16 | Safety monitoring method, system, equipment and storage medium for vehicle-mounted system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410057709.9A CN117574392A (en) | 2024-01-16 | 2024-01-16 | Safety monitoring method, system, equipment and storage medium for vehicle-mounted system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117574392A true CN117574392A (en) | 2024-02-20 |
Family
ID=89886575
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410057709.9A Pending CN117574392A (en) | 2024-01-16 | 2024-01-16 | Safety monitoring method, system, equipment and storage medium for vehicle-mounted system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117574392A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110348218A (en) * | 2019-06-06 | 2019-10-18 | 国家计算机网络与信息安全管理中心 | A kind of loophole test method and device based on vehicle-mounted terminal system |
| CN111614628A (en) * | 2020-04-28 | 2020-09-01 | 上海汽车集团股份有限公司 | Kernel reinforcement system and method, cloud server, client, electronic device and storage medium |
| CN115174241A (en) * | 2022-07-14 | 2022-10-11 | 中汽创智科技有限公司 | Security vulnerability processing method, device, equipment and medium |
| CN115578051A (en) * | 2022-09-08 | 2023-01-06 | 木卫四(北京)科技有限公司 | Vehicle asset management method and device |
-
2024
- 2024-01-16 CN CN202410057709.9A patent/CN117574392A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110348218A (en) * | 2019-06-06 | 2019-10-18 | 国家计算机网络与信息安全管理中心 | A kind of loophole test method and device based on vehicle-mounted terminal system |
| CN111614628A (en) * | 2020-04-28 | 2020-09-01 | 上海汽车集团股份有限公司 | Kernel reinforcement system and method, cloud server, client, electronic device and storage medium |
| CN115174241A (en) * | 2022-07-14 | 2022-10-11 | 中汽创智科技有限公司 | Security vulnerability processing method, device, equipment and medium |
| CN115578051A (en) * | 2022-09-08 | 2023-01-06 | 木卫四(北京)科技有限公司 | Vehicle asset management method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111240994B (en) | Vulnerability processing method and device, electronic equipment and readable storage medium | |
| CN111143202B (en) | Method and system for automatically testing road of automatic driving system | |
| CN112134952B (en) | Vehicle management system and method based on Internet of vehicles, electronic equipment and storage medium | |
| CN107678936B (en) | Business system pre-inspection method, server and computer readable storage medium | |
| AU2014200214A1 (en) | Control system having automatic component software management | |
| KR102304237B1 (en) | compliance management system through automatic diagnosis of infrastructure asset threat and method therefor | |
| CN111371581A (en) | Method, device, equipment and medium for detecting business abnormity of Internet of things card | |
| CN113534772A (en) | Fault code clearing method, electronic device and storage medium | |
| CN113469857A (en) | Data processing method and device, electronic equipment and storage medium | |
| KR102682907B1 (en) | compliance management support system using hierarchical structure and method therefor | |
| CN116208386A (en) | Vulnerability management method, system, electronic equipment and medium for automobile network security | |
| CN114238036A (en) | Method and device for monitoring abnormity of SAAS (software as a service) platform in real time | |
| CN117171366B (en) | Knowledge graph construction method and system for power grid dispatching operation situation | |
| CN117574392A (en) | Safety monitoring method, system, equipment and storage medium for vehicle-mounted system | |
| CN112163813A (en) | Transaction list accounting method for online purchasing | |
| CN115329347A (en) | Prediction method, device and storage medium based on car networking vulnerability data | |
| CN112636954B (en) | Server upgrading method and device | |
| US20170116212A1 (en) | System and method for systematically removing customer personal information from an electronic device | |
| CN114136342A (en) | Mileage tampering judgment method and system | |
| CN114169915A (en) | Method and device for determining price reference value of automobile parts in automobile insurance claim settlement industry | |
| CN112687030A (en) | Vehicle condition information processing method and device | |
| CN116739799B (en) | Vehicle accident loss assessment risk control method, device, electronic equipment and storage medium | |
| CN117436705B (en) | Trade risk analysis method, system and medium | |
| WO2024069877A1 (en) | Evaluation device, company terminal, evaluation system, evaluation method, and recording medium | |
| CN113395260B (en) | Network security verification system and method for civil aircraft airborne information system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |