GB2592924A - Method for detecting a fraud device in a communication network of a vehicle - Google Patents

Method for detecting a fraud device in a communication network of a vehicle Download PDF

Info

Publication number
GB2592924A
GB2592924A GB2003429.4A GB202003429A GB2592924A GB 2592924 A GB2592924 A GB 2592924A GB 202003429 A GB202003429 A GB 202003429A GB 2592924 A GB2592924 A GB 2592924A
Authority
GB
United Kingdom
Prior art keywords
vehicle
data
computing device
fraud
communication network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB2003429.4A
Other versions
GB202003429D0 (en
Inventor
Hawkins Jeffery
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mercedes Benz Group AG
Original Assignee
Daimler AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Daimler AG filed Critical Daimler AG
Priority to GB2003429.4A priority Critical patent/GB2592924A/en
Publication of GB202003429D0 publication Critical patent/GB202003429D0/en
Publication of GB2592924A publication Critical patent/GB2592924A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Abstract

The invention relates to a method for detecting a fraud device in a communication network of a vehicle, the method comprising providing, by an electronic computing device of the vehicle, control data via the communication network, the control data being configured to change an operation mode of at least one component of the vehicle. Moreover, a fraud detection action is performed by the electronic computing device. In the fraud detection action, the electronic computing device stops to provide the control data and begins to provide detection data via the communication network, the detection data being configured to change an operation status of the component, the operation status being different from the operation mode.

Description

METHOD FOR DETECTING A FRAUD DEVICE IN A COMMUNICATION NETWORK OF
A VEHICLE
FIELD OF THE INVENTION
[0001] The invention relates to a method for detecting a fraud device in a communication network of a vehicle.
BACKGROUND INFORMATION
[0002] US 2016/0294855 Al shows a fraud sensing method for use in an in-vehicle network system, the in-vehicle network system including a plurality of first electronic control units that communicate with each other via one or more buses.
[0003] US 2018/0152472 Al shows an invalidity detection electronic control unit connected to a bus used by a plurality of electronic control units to communicate with one another in accordance with a controller area network (CAN) protocol.
[0004] US 2017/0341605 Al or US 10214164 show respectively a system for providing security to an in-vehicle communication network.
[0005] JP 2018081349 A shows a fortification detection system with improved security against illegal codes.
[0006] Moreover, KR 101966345 A shows a method for detecting a controller area network (CAN) communication-based bypass attack.
SUMMARY OF THE INVENTION
[0007] It is an object of the presented invention to provide a method so that, in a vehicle, a particularly high protection against tampering can be realized.
[0008] This object is solved by a method having the features of patent claim 1. Advantageous embodiments with expedient developments of the invention are indicated in the other patent claims.
[0009] The invention relates to a method for detecting a fraud device in a communication network of a vehicle. In the method, an electronic computing device of the vehicle provides, in particular during a time span, control data via the communication network, wherein the control data is configured to change an operation mode of at least one component of the vehicle. Preferably, the electronic computing device and the component are separate components or devices and spaced apart from each other. Furthermore, in the method, the electronic computing device performs a fraud detection action in which the electronic computing device stops to provide the control data and begins to provide detection data via the communication network. The detection data is configured to change an operation status of the component, wherein the operation status is different from said operation mode. Moreover, in the fraud detection action, the electronic computing device receives, via the communication network and in response to or after providing the detection data, response data indicative of an operation mode of the component. Furthermore, in the fraud detection action the electronic computing device compares the response data with expected data. For example, the expected data can be stored in a memory, in particular in an electronic memory of the electronic computing device. Additionally, in the fraud detection action, the electronic computing device detects a fraud device in the communication network on the basis of a deviation of the response data from the expected data.
[0010] The idea behind the invention is such that if no fraud device is present in the communication network, the control data changes the operation mode for which the control data is configured, and the detection data does change the operation status for which the detection data is configured. Thus, the response data indicates the actually changed operation mode or operation status respectively. However, if a fraud device is present in the communication network, the response data might not relate to the actual operation mode of the component since, for example, the response data is provided and/or influenced by the fraud device such that the fraud device, by providing and/or influencing the response data, wants to have the electronic computing device assume that there is no fraud device present in the communication network. By enabling the electronic computing device to assume there is no fraud device present in the communication network, the electronic computing device may assume the component works properly although the control data and the detection data do not actually cause or change the operation mode and the operation status respectively. In said example, the electronic computing device provides the respective data, the component is not actually controlled by the electronic computing device, but by the fraud device which, on one hand, controls the component instead of the electronic computing device and, on the other hand, wants the electronic computing device to assume that the component is controlled by the electronic computing device (i.e. by said respective data).
[0011] Such a fraud device can be detected by the method according to the present invention, since, by performing the fraud detection action, the electronic computing device switches from providing the control data to providing the detection data. This switch is not expected by the fraud device, so that the fraud device provides the same response data both when the electronic computing device provides a control data and when the electronic computing device provides the detection data. However, the response data as a response to the control data must be different from the response data as a response to the detection data since the operation status is different from the operation mode. Since, however, the response data might not vary when switching from providing the control data to providing the detection data, the method according to the present invention can detect the fraud device by comparing the response data with the expected data. For example, the expected data is data which should be received when the detection data actually changes the operation status. However, if the fraud device is present in the communication network such that the detection data does not actually cause the operation status, the response data differs from the expected data such that the fraud device or the existence of a fraud device in the communication network can be detected.
[0012] Over the years, technological advancements have resulted in many significant benefits for both societies at large and for customers or users of vehicles. Advanced engine after treatment systems have allowed engine manufacturers to meet unprecedented tail pipe out emissions levels while improving fuel economy. Safety has been improved with the advent of visual and radar systems that have been integrated. Standardization of digital communications has allowed for increased competition, unimaginable flexibility for manufacturers, and a variety of new opportunities in the industry.
[0013] However, systems of vehicles may be tampered with for a variety of reasons including economic reasons and performance enhancements. Systems may be defined in broad scope such as vehicle, power train, engine, transmission, anti-lock braking, various types of cruise control systems (e.g. adaptive cruise control, predictive cruise control, etc.), engine after treatment systems, etc. Tampering with such systems may result in emissions exceedance, for example emulators of exhaust gas after treatment systems (ATS), loss of vehicle control, exceedance of speed limits along with many other potential consequences.
[0014] The invention should allow to identify when tampering is occurring for a broad spectrum of applications and all types of tampering. The method according to the present invention is particularly aimed at devices (i.e. fraud devices) that are modifying system functionalities and sending false information over one or more digital communication links, with the express purpose of deceiving the actual or original system of the vehicle into believing everything (e.g. components and/or systems of the vehicle) is working properly, in particular as intended by the manufacturers.
[0015] The method according to the present invention is particularly based on the premise that devices used for hostile purposes will both assume that a system of a vehicle will always maintain continued normal operation, and in order to remain undetected, will try to represent the system of the vehicle in a continued normal operation. Normal operation may be defined as a designed response of the control system under current operating conditions. Attackers may record data on the system digital communication link for the purpose of replaying to insinuate a normal system response after they have employed their attack. For example, after treatment emulators have been used to broadcast "false" data representing normal system performance in order to deceive the system and its devices on the network.
[0016] A solution to this problem is, according to the present invention, to randomly generate a control system override which is also referred to as an intrusive action or said fraud detection action having a measurable response which, in particular if a fraud device is not present in the network and thus the detection data does actually change the operation status, are actually indicated by the response data. When the intrusive action is taken, a deviation in data shall be expected. Said deviation is a difference or deviation of the response data when switching from providing the control data to providing the detection data (i.e. when starting the fraud detection data). A malicious device (i.e. a fraud device), will be unaware of the system response changes and therefore be unable to compensate by modifying the data it is broadcasting. A failure to see a measurable change, in addition to having taken an intrusive action that generated a measurable change, will indicate the presence of a hostile fraud device and appropriate actions may be taken. Appropriate actions may include notifications of the detection of a fraud or hostile device, pre-determined reactions, such as, for example vehicle speed limit, torque and/or speed limits, etc. [0017] The approach according to the present invention is to create a system anomaly or variation or demand for a response and monitor the response of the system. Basically, an intrusive action is taken in which a measureable outcome can be or should be detected, in particular if the fraud device is not present in the network and the component is actually controlled by the electronic computing device. Ideally, the timing of said intrusive action is generated randomly and there is some method of indicating this intrusive action taking place in case the anomalous behavior requires explanation, for example behavior occurred during an in-use emission test or while the vehicle is in a service shop, etc. [0018] System anomalies or variations or demands for a response (i.e. the fraud detection action) may include, but are not limited to: - Presenting a challenge to other electronic control units in or on the network (seed-key) - Actuating a device that has a measurable change, for example exhaust gas recirculation valve (EGR valve) and monitor nitrogen oxide emissions (NOx emissions), inject fuel and monitor torque, etc. - Sending a command to another electronic control unit (ECU) to perform an action.
[0019] One may also monitor other ECUs accumulators and one may check if the data makes sense and/or support all of the required data. In other words, according to the present invention, some type of variation relating to an operation of the component and/or
S
to data changing respective operations of the component is generated, wherein said variations can be identified. Such a variation can include, for example, to stop an injection of reducing agent configured to reduce nitrogen oxides in an exhaust gas of a combustion engine of the vehicle, wherein said reducing agent is also referred to as a diesel exhaust fluid (DEF). Moreover, said variation or intrusive action can comprise, for example, opening and/or closing an actuator and/or sending digital communication and/or possibly asking a system of the vehicle for a response. The method according to the present invention is applicable where an electronic control unit is used such as, for example, on-vehicle, tool interaction, etc. Preferably, the intrusive action should be taken randomly within a given time period and/or when a specific operating condition occurs.
[0020] Preferably, the intrusive action is such that the intrusive action does not excessively impact emissions of the vehicle. Preferably, a method should be provided, the method being configured to indicate when the intrusive action is occurring that may impact emissions in case it were to occur during an in-use emissions test.
BRIEF DESCRIPTION OF THE DRAWINGS
[0021] Further advantages, features, and details of the invention derive from the following description of preferred embodiments as well as from the drawings. The features and feature combinations previously mentioned in the description as well as the features and feature combinations mentioned in the following description of the figures and/or shown in the figures alone can be employed but only in the respective indicated combination but also in any other combination or taking alone without leaving the scope of the invention.
[0022] The only figure shows a flow diagram for illustrating a method according to the present invention.
DETAILED DESCRIPTION
[0023] In the following, a method for detecting a fraud device in the communication network of a vehicle will be described. For example, the vehicle is a motor vehicle such as, for example, a passenger vehicle. Moreover, for example, the vehicle comprises an original system the vehicle has been equipped with by the original manufacturer of the vehicle. A fraud device, which is also referred to as a hostile device, is a device or component which is not part of the original system and is installed with malicious intent. In particular, the original manufacturer does not wish the fraud device to be part of the vehicle's system since the fraud device may tamper with the original system which may lead to personal harm or injury, illegal operation of certified vehicle (e.g. allow emissions exceedance, allow vehicle speed limit exceedance, etc...), or cause excessive wear of components on the vehicle. Thus, it is desirable to detect whether or not a fraud device is present in the system, in particular on the communication network.
[0024] For example, in a first step Si of the method, a random intrusive event (RIE) generator determines when an intrusive action shall occur. The intrusive action is also referred to as a fraud detection action which shall detect whether or not a fraud device is present in the system, in particular in the network. For example, the random intrusive event generator is part of the original system. For example, the original system can comprise an electronic computing device which may comprise the random intrusive event generator. For example, the random intrusive event generator is a module of said electronic computing device. For example, a fraud detection action may comprise measuring a response due to said intrusive action to detect a fraud device. In an embodiment, an intrusive action may comprise presenting a challenge to other electronic control units in a vehicle network (e.g. seed key), actuating a device that has a measurable change (e.g. exhaust gas recirculation valve and monitoring nitrogen oxide emissions, injecting fuel and monitoring torque, etc.), and/or sending a command to another electronic control unit (ECU) to perform an action.
[0025] In a second step S2 of the method, the RIE generator generates at least one request for at least one or a plurality of intrusive actions which are also referred to as intrusive events. Preferably, the RIE generator generates said request on the basis of the following constraints: - Limitmjn < Frequency < Liman.
- Operational requirements (based on function) (e.g. engine speed, range, exhaust gas temperature, etc.)
S
[0026] Said frequency is a frequency for performing the intrusive action, in particular within a time span which can be, for example, predetermined. Moreover, for example, limitmin is a minimum threshold, wherein limitmax is a maximum threshold so that the frequency for performing the intrusive action (i.e. the fraud detection action) is greater than the minimum threshold and lower than the maximum threshold. Preferably, the frequency for performing the fraud detection and/or times at which the fraud detection action is performed are determined by the electronic computing device, in particular by a RIE generator, on a random basis (i.e. randomly). For example, the RIE generator provides the request, which, for example is received by at least one further device or module of the original system, in particular of the electronic computing device. After the request provided by the RIE generator has been received and all required operating conditions are met, the intrusive action shall be or is taken in a third step S3 of the method. For example, the intrusive action comprises that a DEF dosing is stopped. In other words, for example, the intrusive action comprises that the computing device stops to provide control data and begins to provide detection data. The control data is configured to cause an operation mode of at least one component of the system, the component being an original component of the original system. For example, the operation mode comprises that the component introduces a reducing agent in an exhaust gas of an internal combustion engine of the vehicle. The detection data is configured to cause an operation status of said component, the operation status being different from the operation mode. For example, the operation status comprises that the component refrains from introducing the reducing agent into the exhaust gas. In other words, in the fraud detection action, the detection data is provided, wherein the detection data is configured to control the component in such a way that the component stops to introduce the reducing agent into the exhaust gas of the internal combustion engine of the vehicle. In a fourth step S4, the system is monitored for a response, in particular for an expected response which should happen if no fraud device is part of the system. In an additional embodiment, when the RIE is active, the ECU conducting the RIE may have an internal method of indicating the RIE is active and may log activation times; therefore, the cause of the anomaly may be verified.
[0027] For example, the electronic computing device of the vehicle provides the control data via the communication network during a time span. The control data is configured to change said operation mode of said component of the vehicle. For example, said operation mode comprises that the component introduces or injects the reducing agent into the exhaust gas of the internal combustion engine. In other words, for example, the control data is configured to cause the component to introduce the reducing agent into the exhaust gas.
[0028] By performing the fraud detection action, the system, in particular the electronic computing device stops to provide said control data and begins to provide said detection data via the communication network. The detection data is configured to change said operation status of the component, the operation status being different from said operation mode. In the present example, the detection data is configured to cause the component to stop introducing the reducing agent into the exhaust gas. If no fraud device is present in the system, in particular in the communication network, the component will actually stop introducing the reducing agent into the exhaust gas which results in a certain response of the system, the response being indicative of having stopped introducing the reducing agent into the exhaust gas. Thus, for example, if the response monitored in the fourth step S4 shows that the injection of the reducing agent into the exhaust gas has actually stopped, it can be determined by the electronic computing device that no fraud device is present in the system. However, if the response monitored in the fourth step S4 is not indicative of having stopped the injection of the reducing agent, it can be determined that a fraud device is present in the system. For example, the response is characterized by response data which is received by the electronic computing device. For example, the response data is provided by a further, original component of the original system, the original further component being, for example, a sensor. For example, by stopping to provide the control data and beginning to provide the detection data, the response should change. If the response does not change, it can be detected that a fraud device having the system assume that no fraud device is present in the network is actually present in the network.
[0029] In a fifth step S5 of the method, the response monitored in the fourth step S4, (i.e. said response data) is compared with expected data (i.e. with an expected response). If the monitored response matches the expected response, for example, the RIE generator is reset in a sixth step S6 and the method starts with the first step Si again. However, if the monitored response does not match the expected response (i.e. if a deviation of the monitored response (response data) from the expected response (expected data) is detected), a fraud device (i.e. tampering) is detected in a seventh step S7. For example, an external response is delayed to prevent adversaries from determining detection.
[0030] If, for example, a fraud device is detected, at least one or a plurality of applicable actions is taken in an eighth step S8 of the method. For example, an applicable action may comprise but is not limited to: - Log diagnostic code (optionally silent code) - Modification of vehicle performance - Notification of authorities and/or manufacturers Reference List Si first step S2 second step S3 third step S4 fourth step fifth step 86 sixth step 87 seventh step 88 eighth step

Claims (8)

  1. CLAIMS1. A method for detecting a fraud device in a communication network of a vehicle, the method comprising: providing, by an electronic computing device of the vehicle, control data via the communication network, the control data being configured to change an operation mode of at least one component of the vehicle; and performing, by the electronic computing device of the vehicle, a fraud detection action in which the electronic computing device: o stops to provide the control data and begins to provide detection data via the communication network, the detection data being configured to change an operation status of the component, the operation status being different from the operation mode; o receives, via the communication network and in response to providing the detection data, response data indicative of an operation mode of the component; o compares the response data with expected data; and o detects a fraud device on the basis of a deviation of the response data from the expected data.
  2. 2. The method according to claim 1, wherein times at which the fraud detection action is performed are determined by the electronic computing device on a random basis.
  3. 3. The method according to claim 1 or 2, wherein a frequency for performing the fraud detection action during a time span is determined by the electronic computing device on a random basis.
  4. 4. The method according to any one of the preceding claims, wherein the component is a dosing device for introducing a reducing agent into an exhaust gas of an internal combustion engine of the vehicle.
  5. 5. The method according to any one of the preceding claims, wherein the detection data is provided by an electronic control unit of the electronic computing device.
  6. 6. The method according to claim 5, wherein the component is a second electronic control unit configured to control at least one device of the vehicle, the electronic control units being separate and spaced apart from each other.
  7. 7. The method according to claim 5 or 6, wherein the electronic computing device generates an intrusive action through the control data configured to change an operation mode of at least one component of the vehicle.
  8. 8. The method according to claim 7, wherein the intrusive action may comprise one of presenting a challenge to at least one electronic control unit in the communication network, actuating at least one device of the vehicle, and sending a command to at least one electronic control unit in the communication network to perform an action.
GB2003429.4A 2020-03-10 2020-03-10 Method for detecting a fraud device in a communication network of a vehicle Withdrawn GB2592924A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB2003429.4A GB2592924A (en) 2020-03-10 2020-03-10 Method for detecting a fraud device in a communication network of a vehicle

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB2003429.4A GB2592924A (en) 2020-03-10 2020-03-10 Method for detecting a fraud device in a communication network of a vehicle

Publications (2)

Publication Number Publication Date
GB202003429D0 GB202003429D0 (en) 2020-04-22
GB2592924A true GB2592924A (en) 2021-09-15

Family

ID=70278391

Family Applications (1)

Application Number Title Priority Date Filing Date
GB2003429.4A Withdrawn GB2592924A (en) 2020-03-10 2020-03-10 Method for detecting a fraud device in a communication network of a vehicle

Country Status (1)

Country Link
GB (1) GB2592924A (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120330530A1 (en) * 2009-12-22 2012-12-27 Andras Montvay Method and device for carrying out an onboard diagnosis
US20130024066A1 (en) * 2011-05-27 2013-01-24 Systech International, Llc Fraud detection in an obd inspection system
US20160294855A1 (en) 2014-04-17 2016-10-06 Panasonic Intellectual Property Corporation Of America Method for sensing fraudulent frames transmitted to in-vehicle network
US20170341605A1 (en) 2014-01-06 2017-11-30 Argus Cyber Security Ltd. Watchman hub
JP2018081349A (en) 2016-11-14 2018-05-24 日本電信電話株式会社 Falsification detection system, verification ecu, ecu to be verified, program
US20180152472A1 (en) 2015-09-29 2018-05-31 Panasonic Intellectual Property Corporation Of America Invalidity detection electronic control unit, in-vehicle network system, and communication method
US20180229739A1 (en) * 2017-02-16 2018-08-16 Panasonic Intellectual Property Management Co., Ltd. Monitoring apparatus, communication system, vehicle, monitoring method, and non-transitory storage medium
US20180367554A1 (en) * 2017-06-20 2018-12-20 International Business Machines Corporation Real-time active threat validation mechanism for vehicles
KR101966345B1 (en) 2017-06-30 2019-04-08 주식회사 페스카로 Method and System for detecting bypass hacking attacks based on the CAN protocol

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120330530A1 (en) * 2009-12-22 2012-12-27 Andras Montvay Method and device for carrying out an onboard diagnosis
US20130024066A1 (en) * 2011-05-27 2013-01-24 Systech International, Llc Fraud detection in an obd inspection system
US20170341605A1 (en) 2014-01-06 2017-11-30 Argus Cyber Security Ltd. Watchman hub
US10214164B2 (en) 2014-01-06 2019-02-26 Argus Cyber Security Ltd. Watchman hub
US20160294855A1 (en) 2014-04-17 2016-10-06 Panasonic Intellectual Property Corporation Of America Method for sensing fraudulent frames transmitted to in-vehicle network
US20180152472A1 (en) 2015-09-29 2018-05-31 Panasonic Intellectual Property Corporation Of America Invalidity detection electronic control unit, in-vehicle network system, and communication method
JP2018081349A (en) 2016-11-14 2018-05-24 日本電信電話株式会社 Falsification detection system, verification ecu, ecu to be verified, program
US20180229739A1 (en) * 2017-02-16 2018-08-16 Panasonic Intellectual Property Management Co., Ltd. Monitoring apparatus, communication system, vehicle, monitoring method, and non-transitory storage medium
US20180367554A1 (en) * 2017-06-20 2018-12-20 International Business Machines Corporation Real-time active threat validation mechanism for vehicles
KR101966345B1 (en) 2017-06-30 2019-04-08 주식회사 페스카로 Method and System for detecting bypass hacking attacks based on the CAN protocol

Also Published As

Publication number Publication date
GB202003429D0 (en) 2020-04-22

Similar Documents

Publication Publication Date Title
US6232873B1 (en) Method and apparatus for signalling theft for a motor vehicle
JP5990263B2 (en) Method for monitoring SCR exhaust gas aftertreatment system mounted on vehicle
US20240010163A1 (en) Vehicle remote control system
US5739761A (en) Vehicular controller
CN109344609B (en) TCU module, TCU system and protection method
CN102116241B (en) Method for diagnosing accidental fire of gasoline engine
US6018944A (en) System and method for monitoring a catalytic converter using adaptable indicator threshold
GB2389627A (en) Diagnosing i.c. engine EGR valve performance
WO2019159615A1 (en) Vehicle monitoring system
US20030139873A1 (en) Method for the functional diagnosis of an exhaust recycling system on an internal combustion engine
US8164214B2 (en) Vehicle control apparatus having function for preventing erroneous operation due to delay in activation of other vehicle control apparatus
GB2592924A (en) Method for detecting a fraud device in a communication network of a vehicle
JP2008037194A (en) Device for determining trouble of on-vehicle equipment
CN113217208B (en) Three-way catalytic converter protection method and device, vehicle and storage medium
CN108104967B (en) Vehicle-mounted control device
Takahashi et al. Automotive security on abnormal vehicle behavior using only fabricated informative can messages
JP3146957B2 (en) Vehicle control device
Nan et al. Research on improvement and experiment for cyber security of automotive electronic and electrical architecture
Ring et al. Plausibility Checks in Electronic Control Units to Enhance Safety and Security
JP2006224892A (en) Electronic control device for vehicle
Maggi A vulnerability in modern automotive standards and how we exploited it
KR100581421B1 (en) On Board Diagnosis Method for Diesel Fuel Injection Equipment
CN113147963B (en) ECU online anti-theft method, system, storage medium and ECU
US20220360992A1 (en) Control system
Kalyanasundaram et al. Practical approaches for detecting dos attacks on can network

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)
732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)

Free format text: REGISTERED BETWEEN 20221201 AND 20221207