GB2592924A - Method for detecting a fraud device in a communication network of a vehicle - Google Patents
Method for detecting a fraud device in a communication network of a vehicle Download PDFInfo
- Publication number
- GB2592924A GB2592924A GB2003429.4A GB202003429A GB2592924A GB 2592924 A GB2592924 A GB 2592924A GB 202003429 A GB202003429 A GB 202003429A GB 2592924 A GB2592924 A GB 2592924A
- Authority
- GB
- United Kingdom
- Prior art keywords
- vehicle
- data
- computing device
- fraud
- communication network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/85—Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/40—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
- H04W4/48—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication
Abstract
The invention relates to a method for detecting a fraud device in a communication network of a vehicle, the method comprising providing, by an electronic computing device of the vehicle, control data via the communication network, the control data being configured to change an operation mode of at least one component of the vehicle. Moreover, a fraud detection action is performed by the electronic computing device. In the fraud detection action, the electronic computing device stops to provide the control data and begins to provide detection data via the communication network, the detection data being configured to change an operation status of the component, the operation status being different from the operation mode.
Description
METHOD FOR DETECTING A FRAUD DEVICE IN A COMMUNICATION NETWORK OF
A VEHICLE
FIELD OF THE INVENTION
[0001] The invention relates to a method for detecting a fraud device in a communication network of a vehicle.
BACKGROUND INFORMATION
[0002] US 2016/0294855 Al shows a fraud sensing method for use in an in-vehicle network system, the in-vehicle network system including a plurality of first electronic control units that communicate with each other via one or more buses.
[0003] US 2018/0152472 Al shows an invalidity detection electronic control unit connected to a bus used by a plurality of electronic control units to communicate with one another in accordance with a controller area network (CAN) protocol.
[0004] US 2017/0341605 Al or US 10214164 show respectively a system for providing security to an in-vehicle communication network.
[0005] JP 2018081349 A shows a fortification detection system with improved security against illegal codes.
[0006] Moreover, KR 101966345 A shows a method for detecting a controller area network (CAN) communication-based bypass attack.
SUMMARY OF THE INVENTION
[0007] It is an object of the presented invention to provide a method so that, in a vehicle, a particularly high protection against tampering can be realized.
[0008] This object is solved by a method having the features of patent claim 1. Advantageous embodiments with expedient developments of the invention are indicated in the other patent claims.
[0009] The invention relates to a method for detecting a fraud device in a communication network of a vehicle. In the method, an electronic computing device of the vehicle provides, in particular during a time span, control data via the communication network, wherein the control data is configured to change an operation mode of at least one component of the vehicle. Preferably, the electronic computing device and the component are separate components or devices and spaced apart from each other. Furthermore, in the method, the electronic computing device performs a fraud detection action in which the electronic computing device stops to provide the control data and begins to provide detection data via the communication network. The detection data is configured to change an operation status of the component, wherein the operation status is different from said operation mode. Moreover, in the fraud detection action, the electronic computing device receives, via the communication network and in response to or after providing the detection data, response data indicative of an operation mode of the component. Furthermore, in the fraud detection action the electronic computing device compares the response data with expected data. For example, the expected data can be stored in a memory, in particular in an electronic memory of the electronic computing device. Additionally, in the fraud detection action, the electronic computing device detects a fraud device in the communication network on the basis of a deviation of the response data from the expected data.
[0010] The idea behind the invention is such that if no fraud device is present in the communication network, the control data changes the operation mode for which the control data is configured, and the detection data does change the operation status for which the detection data is configured. Thus, the response data indicates the actually changed operation mode or operation status respectively. However, if a fraud device is present in the communication network, the response data might not relate to the actual operation mode of the component since, for example, the response data is provided and/or influenced by the fraud device such that the fraud device, by providing and/or influencing the response data, wants to have the electronic computing device assume that there is no fraud device present in the communication network. By enabling the electronic computing device to assume there is no fraud device present in the communication network, the electronic computing device may assume the component works properly although the control data and the detection data do not actually cause or change the operation mode and the operation status respectively. In said example, the electronic computing device provides the respective data, the component is not actually controlled by the electronic computing device, but by the fraud device which, on one hand, controls the component instead of the electronic computing device and, on the other hand, wants the electronic computing device to assume that the component is controlled by the electronic computing device (i.e. by said respective data).
[0011] Such a fraud device can be detected by the method according to the present invention, since, by performing the fraud detection action, the electronic computing device switches from providing the control data to providing the detection data. This switch is not expected by the fraud device, so that the fraud device provides the same response data both when the electronic computing device provides a control data and when the electronic computing device provides the detection data. However, the response data as a response to the control data must be different from the response data as a response to the detection data since the operation status is different from the operation mode. Since, however, the response data might not vary when switching from providing the control data to providing the detection data, the method according to the present invention can detect the fraud device by comparing the response data with the expected data. For example, the expected data is data which should be received when the detection data actually changes the operation status. However, if the fraud device is present in the communication network such that the detection data does not actually cause the operation status, the response data differs from the expected data such that the fraud device or the existence of a fraud device in the communication network can be detected.
[0012] Over the years, technological advancements have resulted in many significant benefits for both societies at large and for customers or users of vehicles. Advanced engine after treatment systems have allowed engine manufacturers to meet unprecedented tail pipe out emissions levels while improving fuel economy. Safety has been improved with the advent of visual and radar systems that have been integrated. Standardization of digital communications has allowed for increased competition, unimaginable flexibility for manufacturers, and a variety of new opportunities in the industry.
[0013] However, systems of vehicles may be tampered with for a variety of reasons including economic reasons and performance enhancements. Systems may be defined in broad scope such as vehicle, power train, engine, transmission, anti-lock braking, various types of cruise control systems (e.g. adaptive cruise control, predictive cruise control, etc.), engine after treatment systems, etc. Tampering with such systems may result in emissions exceedance, for example emulators of exhaust gas after treatment systems (ATS), loss of vehicle control, exceedance of speed limits along with many other potential consequences.
[0014] The invention should allow to identify when tampering is occurring for a broad spectrum of applications and all types of tampering. The method according to the present invention is particularly aimed at devices (i.e. fraud devices) that are modifying system functionalities and sending false information over one or more digital communication links, with the express purpose of deceiving the actual or original system of the vehicle into believing everything (e.g. components and/or systems of the vehicle) is working properly, in particular as intended by the manufacturers.
[0015] The method according to the present invention is particularly based on the premise that devices used for hostile purposes will both assume that a system of a vehicle will always maintain continued normal operation, and in order to remain undetected, will try to represent the system of the vehicle in a continued normal operation. Normal operation may be defined as a designed response of the control system under current operating conditions. Attackers may record data on the system digital communication link for the purpose of replaying to insinuate a normal system response after they have employed their attack. For example, after treatment emulators have been used to broadcast "false" data representing normal system performance in order to deceive the system and its devices on the network.
[0016] A solution to this problem is, according to the present invention, to randomly generate a control system override which is also referred to as an intrusive action or said fraud detection action having a measurable response which, in particular if a fraud device is not present in the network and thus the detection data does actually change the operation status, are actually indicated by the response data. When the intrusive action is taken, a deviation in data shall be expected. Said deviation is a difference or deviation of the response data when switching from providing the control data to providing the detection data (i.e. when starting the fraud detection data). A malicious device (i.e. a fraud device), will be unaware of the system response changes and therefore be unable to compensate by modifying the data it is broadcasting. A failure to see a measurable change, in addition to having taken an intrusive action that generated a measurable change, will indicate the presence of a hostile fraud device and appropriate actions may be taken. Appropriate actions may include notifications of the detection of a fraud or hostile device, pre-determined reactions, such as, for example vehicle speed limit, torque and/or speed limits, etc. [0017] The approach according to the present invention is to create a system anomaly or variation or demand for a response and monitor the response of the system. Basically, an intrusive action is taken in which a measureable outcome can be or should be detected, in particular if the fraud device is not present in the network and the component is actually controlled by the electronic computing device. Ideally, the timing of said intrusive action is generated randomly and there is some method of indicating this intrusive action taking place in case the anomalous behavior requires explanation, for example behavior occurred during an in-use emission test or while the vehicle is in a service shop, etc. [0018] System anomalies or variations or demands for a response (i.e. the fraud detection action) may include, but are not limited to: - Presenting a challenge to other electronic control units in or on the network (seed-key) - Actuating a device that has a measurable change, for example exhaust gas recirculation valve (EGR valve) and monitor nitrogen oxide emissions (NOx emissions), inject fuel and monitor torque, etc. - Sending a command to another electronic control unit (ECU) to perform an action.
[0019] One may also monitor other ECUs accumulators and one may check if the data makes sense and/or support all of the required data. In other words, according to the present invention, some type of variation relating to an operation of the component and/or
S
to data changing respective operations of the component is generated, wherein said variations can be identified. Such a variation can include, for example, to stop an injection of reducing agent configured to reduce nitrogen oxides in an exhaust gas of a combustion engine of the vehicle, wherein said reducing agent is also referred to as a diesel exhaust fluid (DEF). Moreover, said variation or intrusive action can comprise, for example, opening and/or closing an actuator and/or sending digital communication and/or possibly asking a system of the vehicle for a response. The method according to the present invention is applicable where an electronic control unit is used such as, for example, on-vehicle, tool interaction, etc. Preferably, the intrusive action should be taken randomly within a given time period and/or when a specific operating condition occurs.
[0020] Preferably, the intrusive action is such that the intrusive action does not excessively impact emissions of the vehicle. Preferably, a method should be provided, the method being configured to indicate when the intrusive action is occurring that may impact emissions in case it were to occur during an in-use emissions test.
BRIEF DESCRIPTION OF THE DRAWINGS
[0021] Further advantages, features, and details of the invention derive from the following description of preferred embodiments as well as from the drawings. The features and feature combinations previously mentioned in the description as well as the features and feature combinations mentioned in the following description of the figures and/or shown in the figures alone can be employed but only in the respective indicated combination but also in any other combination or taking alone without leaving the scope of the invention.
[0022] The only figure shows a flow diagram for illustrating a method according to the present invention.
DETAILED DESCRIPTION
[0023] In the following, a method for detecting a fraud device in the communication network of a vehicle will be described. For example, the vehicle is a motor vehicle such as, for example, a passenger vehicle. Moreover, for example, the vehicle comprises an original system the vehicle has been equipped with by the original manufacturer of the vehicle. A fraud device, which is also referred to as a hostile device, is a device or component which is not part of the original system and is installed with malicious intent. In particular, the original manufacturer does not wish the fraud device to be part of the vehicle's system since the fraud device may tamper with the original system which may lead to personal harm or injury, illegal operation of certified vehicle (e.g. allow emissions exceedance, allow vehicle speed limit exceedance, etc...), or cause excessive wear of components on the vehicle. Thus, it is desirable to detect whether or not a fraud device is present in the system, in particular on the communication network.
[0024] For example, in a first step Si of the method, a random intrusive event (RIE) generator determines when an intrusive action shall occur. The intrusive action is also referred to as a fraud detection action which shall detect whether or not a fraud device is present in the system, in particular in the network. For example, the random intrusive event generator is part of the original system. For example, the original system can comprise an electronic computing device which may comprise the random intrusive event generator. For example, the random intrusive event generator is a module of said electronic computing device. For example, a fraud detection action may comprise measuring a response due to said intrusive action to detect a fraud device. In an embodiment, an intrusive action may comprise presenting a challenge to other electronic control units in a vehicle network (e.g. seed key), actuating a device that has a measurable change (e.g. exhaust gas recirculation valve and monitoring nitrogen oxide emissions, injecting fuel and monitoring torque, etc.), and/or sending a command to another electronic control unit (ECU) to perform an action.
[0025] In a second step S2 of the method, the RIE generator generates at least one request for at least one or a plurality of intrusive actions which are also referred to as intrusive events. Preferably, the RIE generator generates said request on the basis of the following constraints: - Limitmjn < Frequency < Liman.
- Operational requirements (based on function) (e.g. engine speed, range, exhaust gas temperature, etc.)
S
[0026] Said frequency is a frequency for performing the intrusive action, in particular within a time span which can be, for example, predetermined. Moreover, for example, limitmin is a minimum threshold, wherein limitmax is a maximum threshold so that the frequency for performing the intrusive action (i.e. the fraud detection action) is greater than the minimum threshold and lower than the maximum threshold. Preferably, the frequency for performing the fraud detection and/or times at which the fraud detection action is performed are determined by the electronic computing device, in particular by a RIE generator, on a random basis (i.e. randomly). For example, the RIE generator provides the request, which, for example is received by at least one further device or module of the original system, in particular of the electronic computing device. After the request provided by the RIE generator has been received and all required operating conditions are met, the intrusive action shall be or is taken in a third step S3 of the method. For example, the intrusive action comprises that a DEF dosing is stopped. In other words, for example, the intrusive action comprises that the computing device stops to provide control data and begins to provide detection data. The control data is configured to cause an operation mode of at least one component of the system, the component being an original component of the original system. For example, the operation mode comprises that the component introduces a reducing agent in an exhaust gas of an internal combustion engine of the vehicle. The detection data is configured to cause an operation status of said component, the operation status being different from the operation mode. For example, the operation status comprises that the component refrains from introducing the reducing agent into the exhaust gas. In other words, in the fraud detection action, the detection data is provided, wherein the detection data is configured to control the component in such a way that the component stops to introduce the reducing agent into the exhaust gas of the internal combustion engine of the vehicle. In a fourth step S4, the system is monitored for a response, in particular for an expected response which should happen if no fraud device is part of the system. In an additional embodiment, when the RIE is active, the ECU conducting the RIE may have an internal method of indicating the RIE is active and may log activation times; therefore, the cause of the anomaly may be verified.
[0027] For example, the electronic computing device of the vehicle provides the control data via the communication network during a time span. The control data is configured to change said operation mode of said component of the vehicle. For example, said operation mode comprises that the component introduces or injects the reducing agent into the exhaust gas of the internal combustion engine. In other words, for example, the control data is configured to cause the component to introduce the reducing agent into the exhaust gas.
[0028] By performing the fraud detection action, the system, in particular the electronic computing device stops to provide said control data and begins to provide said detection data via the communication network. The detection data is configured to change said operation status of the component, the operation status being different from said operation mode. In the present example, the detection data is configured to cause the component to stop introducing the reducing agent into the exhaust gas. If no fraud device is present in the system, in particular in the communication network, the component will actually stop introducing the reducing agent into the exhaust gas which results in a certain response of the system, the response being indicative of having stopped introducing the reducing agent into the exhaust gas. Thus, for example, if the response monitored in the fourth step S4 shows that the injection of the reducing agent into the exhaust gas has actually stopped, it can be determined by the electronic computing device that no fraud device is present in the system. However, if the response monitored in the fourth step S4 is not indicative of having stopped the injection of the reducing agent, it can be determined that a fraud device is present in the system. For example, the response is characterized by response data which is received by the electronic computing device. For example, the response data is provided by a further, original component of the original system, the original further component being, for example, a sensor. For example, by stopping to provide the control data and beginning to provide the detection data, the response should change. If the response does not change, it can be detected that a fraud device having the system assume that no fraud device is present in the network is actually present in the network.
[0029] In a fifth step S5 of the method, the response monitored in the fourth step S4, (i.e. said response data) is compared with expected data (i.e. with an expected response). If the monitored response matches the expected response, for example, the RIE generator is reset in a sixth step S6 and the method starts with the first step Si again. However, if the monitored response does not match the expected response (i.e. if a deviation of the monitored response (response data) from the expected response (expected data) is detected), a fraud device (i.e. tampering) is detected in a seventh step S7. For example, an external response is delayed to prevent adversaries from determining detection.
[0030] If, for example, a fraud device is detected, at least one or a plurality of applicable actions is taken in an eighth step S8 of the method. For example, an applicable action may comprise but is not limited to: - Log diagnostic code (optionally silent code) - Modification of vehicle performance - Notification of authorities and/or manufacturers Reference List Si first step S2 second step S3 third step S4 fourth step fifth step 86 sixth step 87 seventh step 88 eighth step
Claims (8)
- CLAIMS1. A method for detecting a fraud device in a communication network of a vehicle, the method comprising: providing, by an electronic computing device of the vehicle, control data via the communication network, the control data being configured to change an operation mode of at least one component of the vehicle; and performing, by the electronic computing device of the vehicle, a fraud detection action in which the electronic computing device: o stops to provide the control data and begins to provide detection data via the communication network, the detection data being configured to change an operation status of the component, the operation status being different from the operation mode; o receives, via the communication network and in response to providing the detection data, response data indicative of an operation mode of the component; o compares the response data with expected data; and o detects a fraud device on the basis of a deviation of the response data from the expected data.
- 2. The method according to claim 1, wherein times at which the fraud detection action is performed are determined by the electronic computing device on a random basis.
- 3. The method according to claim 1 or 2, wherein a frequency for performing the fraud detection action during a time span is determined by the electronic computing device on a random basis.
- 4. The method according to any one of the preceding claims, wherein the component is a dosing device for introducing a reducing agent into an exhaust gas of an internal combustion engine of the vehicle.
- 5. The method according to any one of the preceding claims, wherein the detection data is provided by an electronic control unit of the electronic computing device.
- 6. The method according to claim 5, wherein the component is a second electronic control unit configured to control at least one device of the vehicle, the electronic control units being separate and spaced apart from each other.
- 7. The method according to claim 5 or 6, wherein the electronic computing device generates an intrusive action through the control data configured to change an operation mode of at least one component of the vehicle.
- 8. The method according to claim 7, wherein the intrusive action may comprise one of presenting a challenge to at least one electronic control unit in the communication network, actuating at least one device of the vehicle, and sending a command to at least one electronic control unit in the communication network to perform an action.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB2003429.4A GB2592924A (en) | 2020-03-10 | 2020-03-10 | Method for detecting a fraud device in a communication network of a vehicle |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB2003429.4A GB2592924A (en) | 2020-03-10 | 2020-03-10 | Method for detecting a fraud device in a communication network of a vehicle |
Publications (2)
Publication Number | Publication Date |
---|---|
GB202003429D0 GB202003429D0 (en) | 2020-04-22 |
GB2592924A true GB2592924A (en) | 2021-09-15 |
Family
ID=70278391
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB2003429.4A Withdrawn GB2592924A (en) | 2020-03-10 | 2020-03-10 | Method for detecting a fraud device in a communication network of a vehicle |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2592924A (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120330530A1 (en) * | 2009-12-22 | 2012-12-27 | Andras Montvay | Method and device for carrying out an onboard diagnosis |
US20130024066A1 (en) * | 2011-05-27 | 2013-01-24 | Systech International, Llc | Fraud detection in an obd inspection system |
US20160294855A1 (en) | 2014-04-17 | 2016-10-06 | Panasonic Intellectual Property Corporation Of America | Method for sensing fraudulent frames transmitted to in-vehicle network |
US20170341605A1 (en) | 2014-01-06 | 2017-11-30 | Argus Cyber Security Ltd. | Watchman hub |
JP2018081349A (en) | 2016-11-14 | 2018-05-24 | 日本電信電話株式会社 | Falsification detection system, verification ecu, ecu to be verified, program |
US20180152472A1 (en) | 2015-09-29 | 2018-05-31 | Panasonic Intellectual Property Corporation Of America | Invalidity detection electronic control unit, in-vehicle network system, and communication method |
US20180229739A1 (en) * | 2017-02-16 | 2018-08-16 | Panasonic Intellectual Property Management Co., Ltd. | Monitoring apparatus, communication system, vehicle, monitoring method, and non-transitory storage medium |
US20180367554A1 (en) * | 2017-06-20 | 2018-12-20 | International Business Machines Corporation | Real-time active threat validation mechanism for vehicles |
KR101966345B1 (en) | 2017-06-30 | 2019-04-08 | 주식회사 페스카로 | Method and System for detecting bypass hacking attacks based on the CAN protocol |
-
2020
- 2020-03-10 GB GB2003429.4A patent/GB2592924A/en not_active Withdrawn
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120330530A1 (en) * | 2009-12-22 | 2012-12-27 | Andras Montvay | Method and device for carrying out an onboard diagnosis |
US20130024066A1 (en) * | 2011-05-27 | 2013-01-24 | Systech International, Llc | Fraud detection in an obd inspection system |
US20170341605A1 (en) | 2014-01-06 | 2017-11-30 | Argus Cyber Security Ltd. | Watchman hub |
US10214164B2 (en) | 2014-01-06 | 2019-02-26 | Argus Cyber Security Ltd. | Watchman hub |
US20160294855A1 (en) | 2014-04-17 | 2016-10-06 | Panasonic Intellectual Property Corporation Of America | Method for sensing fraudulent frames transmitted to in-vehicle network |
US20180152472A1 (en) | 2015-09-29 | 2018-05-31 | Panasonic Intellectual Property Corporation Of America | Invalidity detection electronic control unit, in-vehicle network system, and communication method |
JP2018081349A (en) | 2016-11-14 | 2018-05-24 | 日本電信電話株式会社 | Falsification detection system, verification ecu, ecu to be verified, program |
US20180229739A1 (en) * | 2017-02-16 | 2018-08-16 | Panasonic Intellectual Property Management Co., Ltd. | Monitoring apparatus, communication system, vehicle, monitoring method, and non-transitory storage medium |
US20180367554A1 (en) * | 2017-06-20 | 2018-12-20 | International Business Machines Corporation | Real-time active threat validation mechanism for vehicles |
KR101966345B1 (en) | 2017-06-30 | 2019-04-08 | 주식회사 페스카로 | Method and System for detecting bypass hacking attacks based on the CAN protocol |
Also Published As
Publication number | Publication date |
---|---|
GB202003429D0 (en) | 2020-04-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6232873B1 (en) | Method and apparatus for signalling theft for a motor vehicle | |
JP5990263B2 (en) | Method for monitoring SCR exhaust gas aftertreatment system mounted on vehicle | |
US20240010163A1 (en) | Vehicle remote control system | |
US5739761A (en) | Vehicular controller | |
CN109344609B (en) | TCU module, TCU system and protection method | |
CN102116241B (en) | Method for diagnosing accidental fire of gasoline engine | |
US6018944A (en) | System and method for monitoring a catalytic converter using adaptable indicator threshold | |
GB2389627A (en) | Diagnosing i.c. engine EGR valve performance | |
WO2019159615A1 (en) | Vehicle monitoring system | |
US20030139873A1 (en) | Method for the functional diagnosis of an exhaust recycling system on an internal combustion engine | |
US8164214B2 (en) | Vehicle control apparatus having function for preventing erroneous operation due to delay in activation of other vehicle control apparatus | |
GB2592924A (en) | Method for detecting a fraud device in a communication network of a vehicle | |
JP2008037194A (en) | Device for determining trouble of on-vehicle equipment | |
CN113217208B (en) | Three-way catalytic converter protection method and device, vehicle and storage medium | |
CN108104967B (en) | Vehicle-mounted control device | |
Takahashi et al. | Automotive security on abnormal vehicle behavior using only fabricated informative can messages | |
JP3146957B2 (en) | Vehicle control device | |
Nan et al. | Research on improvement and experiment for cyber security of automotive electronic and electrical architecture | |
Ring et al. | Plausibility Checks in Electronic Control Units to Enhance Safety and Security | |
JP2006224892A (en) | Electronic control device for vehicle | |
Maggi | A vulnerability in modern automotive standards and how we exploited it | |
KR100581421B1 (en) | On Board Diagnosis Method for Diesel Fuel Injection Equipment | |
CN113147963B (en) | ECU online anti-theft method, system, storage medium and ECU | |
US20220360992A1 (en) | Control system | |
Kalyanasundaram et al. | Practical approaches for detecting dos attacks on can network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) | ||
732E | Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977) |
Free format text: REGISTERED BETWEEN 20221201 AND 20221207 |