JP2018081349A - Falsification detection system, verification ecu, ecu to be verified, program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a falsification detection system with improved security against illegal codes.SOLUTION: A verification server comprises a storage unit that stores all contents stored in a main storage unit of an ECU to be verified, a calculation unit for generating a random number and an expected value, and an out-of-vehicle WAN communication unit for transmitting the random number and the expected value to a verification ECU. The verification ECU comprises the out-of-vehicle WAN communication unit, and a verification unit for transmitting the random number to the ECU to be verified to receive a response from the ECU to be verified to compare the expected value with the response for verification. The ECU to be verified comprises an on-vehicle LAN communication unit for receiving the random number from the verification ECU and transmits a response to the verification ECU, a main storage unit in which all the free areas are padded with random numbers, and a response generation unit for generating a response.SELECTED DRAWING: Figure 3

Description

  The present invention relates to a falsification detection system, a verification ECU, an ECU to be verified, and a program for other ECUs in the vehicle to detect falsification of software of an ECU that controls each function of an automobile or the like.

  Modern automobiles electronically control each function from the original functions such as engine behavior and steering angle operation to information systems such as navigation and external communication using a number of microcomputers called Electric Control Units (ECUs). An in-vehicle network system that realizes higher-level control is constructed by communication between ECUs. The number of ECUs installed in one vehicle and the total code amount of software continue to increase, and there is a risk of shipment with bugs and vulnerabilities remaining in the ECU software.

  In addition, a system called a connected car is being realized in order to realize advanced services such as update of map data and automatic driving. In a connected car, a network inside and outside the automobile cooperates using data communication of a communication carrier network, short-range wireless communication, or the like. Conventionally, threats that can lead to unauthorized operations such as replacement of ECUs in the aftermarket and addition of devices that are unexpected for automobile manufacturers have been pointed out in the in-vehicle network. In addition to this, it has been pointed out that threats of remote execution of illegal control commands and software tampering that have exploited software bugs and vulnerabilities due to the above-mentioned connected car implementation.

  In order to improve the safety and convenience of connected cars, ECU software update function (remote reprogramming) by wireless distribution that smoothly corrects or improves bugs and vulnerabilities in ECU software is being studied. If remote reprogramming is realized, even if a large-scale software recall occurs, there is no need to rewrite the software by connecting dedicated devices one by one to the car. However, the remote reprogramming function itself can also be exploited by attackers. For this reason, establishment of a technique (configuration certification) that guarantees the completeness of the configuration of the in-vehicle network by the entire ECU in the vehicle is required. Threats to the in-vehicle network configuration include falsification of ECU software, replacement with physical contact, exclusion, and addition. If a trail of configuration proof can be easily confirmed from an appropriate organization outside the vehicle against these attacks, it is possible to detect a cyber attack on a connected car early and detect a failure.

  Among the configuration certifications, a technique for detecting a state in which the ECU software has been falsified, that is, falsification of the in-vehicle system has been studied (for example, Non-Patent Technology 1). Non-Patent Document 1 discloses an authentication and key sharing method between a verification ECU that incorporates a tamper-resistant device and a verification ECU that does not have tamper-resistance. Note that having tamper resistance refers to a state in which physical measures are taken so that the internal structure and stored data of a physical device are not analyzed by a third party, or are not analyzed nondestructively.

  In Non-Patent Document 1, the verification ECU stores software data of the ECU to be verified in order to calculate the expected value of the response. Then, the verified ECU inputs the software data stored in its own main storage unit to the checksum function Indisputable Code Execution (ICE) and the cryptographic hash function, and generates a response. The function ICE refers not only to the software data in the main memory unit but also to the values of the CPU program counter and status register, so that the data is not rewritten to another address position in the main memory unit as well as the software data tampering. Can be verified.

  Specifically, the function ICE uses not only the calculation result but also the calculation time and response time for the function ICE for falsification detection. The calculation time / response time required for the function ICE is used to check whether an illegal operation is performed by malware or the like.

  It is assumed that malware intended to authenticate authentication has been written in the verified ECU. In this case, if all the software data that is the original data of the main storage unit is left in the ECU to be verified, the malware can calculate the correct calculation result of the function ICE. The malware tries to dive into falsification detection by returning the correct calculation result calculated by itself to the verification ECU.

  However, if the execution code of ICE is optimized according to the CPU architecture and realized with the minimum number of CPU cycles, the malware calculates the function ICE and takes extra CPU cycles to disguise the values of the program counter and status register. Cost. If the verification ECU can detect this difference in calculation time, it is possible to detect a counterfeit due to malware. Therefore, it is necessary to appropriately design a response time limit considering the implementation of the minimum number of cycles of ICE and the delay of the communication path.

Debojyoti Bhattacharya, Sriram Subramanian Neelakantan, Jamshid Shokrollahi, Hans Loehr: “Bootstrapping trust in automotive networks with different types of ECUs”, 14th escar Europe-The world's leading Automotive Cyber Security conference, November 16-17, 2014

  FIG. 1 shows one of the problems of the prior art. As shown in the figure, in the prior art, only the area in the main storage unit where the regular software is stored is set as the verification range. For this reason, when an illegal code is stored in an empty area of the main storage unit (shaded portion in the figure), it may not be detected by the conventional technology, or the cost required for verification may become large. Even if the verification range is formally set to the entire main storage unit, there is a possibility that the malicious code cannot be detected by the conventional technology. For example, as shown in the figure, an illegal code is stored in a free area, and the free area is a fixed value such as “00”, “11”, “ff”, or a bad pseudo-random number with simple regularity. If it is monotonically padded, the illegal code reproduces the state of the free area when it does not exist, reproduces the normal state of the entire main memory, and then reproduces the entire main memory that has been reproduced. In some cases, the verification result can be falsely verified by generating a necessary response.

  Therefore, an object of the present invention is to provide a falsification detection system with improved safety against illegal codes.

  The tampering detection system of the present invention includes a verification server, a verification ECU, and a verified ECU.

  The verification server generates a random number and a storage unit that stores all the stored contents in the main storage unit of the ECU to be verified, and divides the area in which the stored contents are stored based on the generated random number into a plurality of areas, A calculation unit that generates an expected value from a result of a predetermined calculation on the area of the vehicle, and an out-of-vehicle WAN communication unit that transmits a random number and the expected value to the verification ECU.

  The verification ECU transmits the random number and the expected value generated by the verification server to the outside-vehicle WAN communication unit, the random number generated by the verification server to the verified ECU, receives the response from the verified ECU, and receives the expected value and the response. A verification unit for comparing and verifying is included.

  The ECU to be verified includes a main storage unit that pads all the empty areas with random numbers, an in-vehicle LAN communication unit that receives a random number generated by the verification server from the verification ECU, and transmits a response to the verification ECU, and a verification server generates A main memory section is divided into a plurality of areas based on the random numbers, and a response generation section that generates a response from the result of a predetermined calculation for each area is included.

  According to the falsification detection system of the present invention, safety against illegal codes is improved.

The figure which illustrates one of the problems in a prior art. The figure explaining the verification range in this invention, and the state of a main memory part. 1 is a block diagram illustrating a configuration of a falsification detection system according to a first embodiment. FIG. 3 is a block diagram illustrating a configuration of a verification server according to the first embodiment. FIG. 2 is a block diagram illustrating a configuration of a verification ECU according to the first embodiment. FIG. 2 is a block diagram illustrating a configuration of an ECU to be verified according to the first embodiment. The sequence diagram which shows operation | movement of the verification server and verification ECU of Example 1. FIG. FIG. 3 is a sequence diagram illustrating operations of a verification ECU and a verification target ECU according to the first embodiment. FIG. 3 is a block diagram illustrating a configuration of a random number generation unit of the verification server according to the first embodiment. 6 is a flowchart illustrating an operation of a random number generation unit of the verification server according to the first embodiment. FIG. 3 is a block diagram illustrating a configuration of an expected value generation unit of the verification server according to the first embodiment. 6 is a flowchart illustrating an operation of an expected value generation unit of the verification server according to the first embodiment. FIG. 3 is a block diagram illustrating a configuration of a response generation unit of the ECU to be verified according to the first embodiment. 6 is a flowchart illustrating an operation of a response generation unit of the ECU to be verified according to the first embodiment. 7 is a code example of processing executed by the falsification detection system according to the first embodiment. 7 is a code example of an RDH function executed by an expected value generation unit according to the first embodiment. 7 is a code example of an RDH function executed by the response generation unit according to the first embodiment. The block diagram which shows the structure of the tampering detection system of Example 2. FIG. The block diagram which shows the structure of verification ECU of Example 2, and to-be-verified ECU. FIG. 6 is a sequence diagram illustrating operations of a verification ECU and a verification target ECU according to a second embodiment. 10 is a code example of processing executed by the falsification detection system according to the second embodiment.

  Hereinafter, embodiments of the present invention will be described in detail. In addition, the same number is attached | subjected to the structure part which has the same function, and duplication description is abbreviate | omitted.

<Comparison of Example and Conventional Technology>
With reference to FIG. 2, the verification range and the state of the main memory in the embodiment are compared with those of the prior art (FIG. 1). As shown in the figure, in the following embodiment, writing of an illegal code in a free area is detected by setting the entire main storage unit 133 (233) of the ECU 13 (23) to be verified as a verification range. Specifically, in the manufacturing process or the like, all empty areas of the main storage unit 133 (233) are padded with random numbers in advance, and the entire storage area of the main storage unit 133 (233) including the software and random numbers is set as the verification range. . The random number to be padded is preferably a pseudo-random number that has a uniform appearance probability to the extent that it is difficult to reproduce it with an illegal code, and is sufficiently ensured with irregularity (independence) and aperiodicity. In another expression, it is preferable to use a pseudo-random number satisfying a predetermined appearance probability condition, a predetermined independence condition, and a predetermined periodicity condition as a padded random number. It is more preferable to use a natural random number generated from a natural phenomenon as the padded random number.

  In the present invention, a random number generator and a hash function are used for verification in order to enable implementation in a unified manner without depending on the CPU. Note that, by extending the verification area to the entire main storage unit, most of the processing time of the ECU 13 (23) to be verified is devoted to hash value calculation (response generation) for the verification challenge. We want to reduce the amount of data input to the hash function as much as possible in order to reduce the calculation time. Therefore, pre-computation attacks (attack that stores a large number of responses before the challenge is generated and stores them in advance and returns response A corresponding to challenge A) and replay attacks (stores responses for tampering detection performed previously) In addition, when the same challenge A is received, the data value input to the hash function is only the data in the main storage unit while having resistance to an attack that transmits the corresponding response A stored) The response generation was devised.

<Attack assumed in the embodiment>
Next, an attacker assumed in the following embodiment will be described. Assume the following objectives and abilities as an attacker. An attacker would like to execute malicious arbitrary code by rewriting the software of the ECU 13 (23) to be verified. For this reason, the purpose of this is to avoid the detection of tampering by the verification ECU 12 (22), or to forge a correct response to the challenge and cause the verification to be wrong. The attacker has the following abilities, all of which are equivalent to the conventional technology.
1) Know the physical characteristics of the ECU 13 (23) to be verified (CPU clock period, memory capacity, etc.).
2) Know software data (commands, data, secret key, etc.) stored in the ECU 13 (23) to be verified.
3) The software of an arbitrary number of verified ECUs 13 (23) can be freely altered.
4) Devices (PCs and ECUs) other than the regular ECU cannot be physically added to the in-vehicle network.
5) The non-volatile memory of the regular ECU cannot be replaced with a memory having a larger capacity than the regular memory.

  The configuration of the falsification detection system 1 according to the first embodiment will be described below with reference to FIG. As shown in FIG. 3, the falsification detection system 1 according to the present embodiment includes a verification server 11, a verification ECU 12, and a plurality of verification target ECUs 13-1, 13-2,. Only two ECUs 13 to be verified are shown in the figure (the ECU 13-1 to be verified and the ECU 13-2 to be verified). However, the number is not particularly limited, and the number varies depending on the specification of the automobile. In the following description, when the branch number is not displayed as the verified ECU 13, the corresponding description is assumed to be common to all the verified ECUs of the present embodiment.

  The verification server 11 and the verification ECU 12 can communicate with each other by, for example, an external WAN. The verification server 11 and the verification ECU 12 are wirelessly or wiredly connected via a secure communication path that is not subject to wiretapping or tampering by a third party. Conventional technology may be used to secure a safe communication path. For example, in the case of wireless communication, WPA2 and TLC (RFC5246) may be combined appropriately. For this reason, a communication method for establishing a safe communication path needs to be implemented in the communication unit with the verification ECU 12 on the verification server 11 side and the communication unit with the verification server 11 on the verification ECU 12 side.

  In this embodiment, the verification ECU 12 and the verified ECU 13 are both installed in the vehicle of the automobile, and the verification ECU 12 and the verified ECU 13 can communicate with each other via, for example, an in-vehicle LAN. The in-vehicle LAN is shown as bus-type connection wiring simulating an in-vehicle network protocol CAN (Controller Area Network) used for communication between ECUs in a modern in-vehicle system. The communication method between the verification ECU 12 and the ECU to be verified 13 of the present embodiment is not limited to a bus-type in-vehicle system configured by CAN. However, it is desirable that communication between the verification ECU 12 and the ECU 13 to be verified can be performed directly. In other words, in the in-vehicle LAN according to the present embodiment, it is preferable not to adopt a network topology in which a verification message from the verification ECU 12 cannot reach the target ECU 13 without passing through another ECU 13 to be verified. In a modern in-vehicle system, a sub-network may be constructed by a plurality of CANs. For this reason, it is desirable that the function of the verification ECU 12 is performed by the gateway ECU connected to all the CAN sub-networks.

Hereinafter, the configuration of the verification server 11 of this embodiment will be described with reference to FIG. As shown in the figure, the verification server 11 of this embodiment includes a storage unit 111, a calculation unit 112, and an out-of-vehicle WAN communication unit 113. The storage unit 111 includes a verified ECU main storage unit 1111, a random number / expected value storage unit 1112, and a verification result storage unit 1113. The calculation unit 112 includes a random number generation unit 1121, an expected value generation unit 1122, and a verification result confirmation unit 1123. As a premise, it is assumed that each function in the verification server 11 is guaranteed to be secure.
Verifyed ECU main storage unit 1111: The verification server 11 has a verified ECU main storage unit 1111 that is an area that stores all the storage contents (software and random number data described later) of the main storage unit 133 of the verified ECU 13. Naturally, the to-be-verified ECU main storage unit 1111 stores legitimate software and random numbers that have not been tampered with by a third party.
Random number / expected value storage unit 1112: has a function of storing a random number and an expected value, which will be described later.
Verification result storage unit 1113: has a function of storing a verification result described later.
Random number generation unit 1121 has a function of generating a random number (used as a verification challenge).
Expected value generation unit 1122: has a function of generating an expected value used for verifying the integrity of the verified ECU 13 based on the generated random number and the verified ECU main storage unit 1111. Specifically, the expected value generation unit 1122 divides an area (stored ECU main storage unit 1111) in which the storage content in the storage unit 111 is stored based on the generated random number into a plurality of areas, An expected value is generated from the result of a predetermined operation on the area. Details of the operation of the expected value generation unit 1122 will be described later.
Verification result confirmation unit 1123: has a function of confirming the verification result and determining whether to take some countermeasures according to the result.
Outside-vehicle WAN communication unit 113: has a function of transmitting the above random number and expected value to the verification ECU 12, and a function of receiving a verification result from the verification ECU 12. As described above, the conventional technique for establishing safe communication with the verification ECU 12 is implemented in the outside-vehicle WAN communication unit 113.

Hereinafter, the configuration of the verification ECU 12 of this embodiment will be described with reference to FIG. As shown in the figure, the verification ECU 12 of this embodiment includes an out-of-vehicle WAN communication unit 121, a hardware security module 122, and a verification unit 123. The hardware security module 122 includes a random number / expected value storage unit 1221 and a verification result storage unit 1222. The verification unit 123 includes a response verification unit 1231 and an in-vehicle LAN communication unit 1232.
Outside-vehicle WAN communication unit 121: has a function of receiving a random number (challenge) and an expected value from the verification server 11, and a function of transmitting a verification result to the verification server 11. As described above, the conventional technique for establishing safe communication with the verification server 11 is implemented in the external WAN communication unit 121.
Random number / expected value storage unit 1221: It has a function of storing a random number and an expected value received from the verification server 11.
Verification result storage unit 1222: has a function of storing a response verification result.
Response verification unit 1231: has a function of verifying whether the expected value received from the verification server 11 matches the response received from the ECU 13 to be verified.
In-vehicle LAN communication unit 1232: has a function of transmitting a random number (challenge) to the ECU 13 to be verified and a function of receiving a response from the ECU 13 to be verified.

  In order to make it difficult to tamper the random number, the expected value, and the verification result, the random number / expected value storage unit 1221 and the verification result storage unit 1222 of the verification ECU 12 are hardware security modules (HSM) or devices having tamper resistance equivalent to HSM. It is desirable to be realized by. In addition, when the verification ECU 12 is falsified, it is desirable to verify the integrity of the verification ECU 12 itself by a technique such as secure boot using HSM so that an invalid verification result can be transmitted to the verification server 11. .

Hereinafter, the configuration of the ECU 13 to be verified according to this embodiment will be described with reference to FIG. As shown in the figure, the verified ECU 13 of this embodiment includes an in-vehicle LAN communication unit 131, a response generation unit 132, and a main storage unit 133.
In-vehicle LAN communication unit 131: has a function of receiving a random number (challenge) from the verification ECU 12 and a function of transmitting a response to the verification ECU 12.
Response generation unit 132: has a function of generating a response using the received random number (challenge) and data in the main storage unit 133. Specifically, the response generation unit 132 divides the main storage unit 133 into a plurality of areas based on the random numbers generated by the verification server 11, and generates a response from the result of a predetermined calculation for each area. Details of the operation of the response generation unit 132 will be described later.
Main storage unit 133: has a function of storing its own software (commands, data) and random numbers. The main storage unit 133 can be realized by an EEPROM or a flash memory. As described above, it is assumed that all free areas of the main storage unit 133 are previously padded with high-quality random numbers.

  Hereinafter, the operations of the verification server 11 and the verification ECU 12 of this embodiment will be described with reference to FIG. First, the random number generation unit 1121 of the verification server 11 generates a random number (challenge) at an arbitrary timing in advance (S1121). Details of the random number generation operation will be described later with reference to FIGS.

  Similarly, the expected value generation unit 1122 of the verification server 11 generates an expected value corresponding to the random number at an arbitrary timing in advance (S1122). Details of the expected value generation operation will be described later with reference to FIGS. 11 and 12.

  Next, the external WAN communication unit 113 of the verification server 11 transmits a session start request for performing verification to the verification ECU 12 of the vehicle to be verified (S113A). The outside-vehicle WAN communication unit 121 of the verification ECU 12 receives a session start request from the verification server 11 (S121A).

  Next, the out-of-vehicle WAN communication unit 113 of the verification server 11 and the out-of-vehicle WAN communication unit 121 of the verification ECU 12 execute a handshake according to any conventional technique to establish a safe communication path (S113B, S121B).

  After establishing a safe communication path, the external WAN communication unit 113 of the verification server 11 transmits a random number (challenge) and an expected value to the verification ECU 12 (S113C). The outside-vehicle WAN communication unit 121 of the verification ECU 12 receives a random number (challenge) and an expected value from the verification server 11 (S121C).

  The outside WAN communication unit 121 of the verification ECU 12 stores a random number (challenge) and an expected value, and then transmits a reception confirmation notification to the verification server 11 (S121D). The outside-vehicle WAN communication unit 113 of the verification server 11 receives the reception confirmation notification from the verification ECU 12 (S113D).

  The verification unit 123 of the verification ECU 12 starts a session with the verified ECU 13 (S123). Details of step S123 will be described later with reference to FIG. Simultaneously with the start of the session, the outside-vehicle WAN communication unit 121 of the verification ECU 12 transmits a verification start notification to the verification server 11 (S121E). The outside-vehicle WAN communication unit 113 of the verification server 11 receives the verification start notification from the verification ECU 12 (S113E).

  The verification ECU 12 may start the verification in step S123 at an arbitrary timing. However, in consideration of safety during traveling, the verification in step S123 is performed when the vehicle is stopped or when the ignition is turned on, that is, before the vehicle travels. Is preferable.

  The outside-vehicle WAN communication unit 121 of the verification ECU 12 transmits a verification result notification that notifies the verification result of step S123 to the verification server 11 (S121F). The off-vehicle WAN communication unit 113 of the verification server 11 receives the verification result notification from the verification ECU 12 (S113F).

  The verification result confirmation unit 1123 of the verification server 11 stores the verification result received from the verification ECU 12 in the verification result storage unit 1113 and determines whether or not any countermeasure should be executed (S1123). When an unauthorized ECU is detected, various countermeasures are conceivable, such as sending a notification to the owner of the vehicle, or sending an instruction to safely stop the driving of the vehicle via the verification ECU 12. If the time taken from the verification start time to the verification result notification time is much longer than expected even though the connection between the verification server 11 and the verification ECU 12 is good, the verification result confirmation unit 1123 It may be assumed that a certain act has been performed. In this case, the verification result confirmation unit 1123 may determine that the verification result is invalid even if there is no problem in the verification result. After confirming the integrity of the ECU 12 to be verified, the WAN communication unit 113 outside the verification server 11 transmits a session end notification to the verification ECU 12 (S113G). The outside-vehicle WAN communication unit 121 of the verification ECU 12 receives a session end notification from the verification server 11 (S121G).

  Hereinafter, the operations of the verification ECU 12 and the ECU 13 to be verified will be described with reference to FIG. First, the in-vehicle LAN communication unit 1232 of the verification ECU 12 transmits a verification start request to the ECU 13 to be verified (S1232A). The in-vehicle LAN communication unit 131 of the ECU 13 to be verified receives the verification start request from the verification ECU 12 (S131A).

  Next, the in-vehicle LAN communication unit 1232 of the verification ECU 12 transmits a random number (challenge) to the verified ECU 13 (S1232B). The in-vehicle LAN communication unit 131 of the ECU 13 to be verified receives a random number (challenge) from the verification ECU 12 (S131B).

  The response generation unit 132 of the ECU 13 to be verified generates a response to the verification ECU 12 using the received random number (challenge) and its own main storage unit 133 (S132). Details of the response generation operation will be described later with reference to FIGS.

  Next, the in-vehicle LAN communication unit 131 of the ECU 13 to be verified transmits the generated response to the verification ECU 12 (S131C). The in-vehicle LAN communication unit 1232 of the verification ECU 12 receives a response from the verified ECU 13 (S1232C).

  The response verification unit 1231 of the verification ECU 12 verifies whether the response received from the verified ECU 13 matches the expected value. If the response and the expected value match, the verification target ECU 13 to be verified is stored as a normal state, and if not, the verification result is stored as an illegal state (S1231). If the time from the random number (challenge) transmission time to the response reception time exceeds a predetermined threshold, the response verification unit 1231 assumes that an illegal action has been performed and there is a problem with the verification result. Even if it does not exist, it may be determined to be an unauthorized state (S1231).

  After completing the verification in step S1231, the in-vehicle LAN communication unit 1232 of the verification ECU 12 transmits a session end notification to the verified ECU 13 (1232D). The in-vehicle LAN communication unit 131 of the ECU 13 to be verified receives a session end notification from the verification ECU 12 (S131D).

  Hereinafter, the configuration of the random number generation unit 1121 provided in the verification server 11 of this embodiment will be described with reference to FIG. As shown in the figure, the random number generation unit 1121 of the present embodiment includes a first random number generation unit 11211, a second random number generation unit 11212, and a random number concatenation unit 11213.

  Hereinafter, the operation of the random number generation unit 1121 described above will be described with reference to FIG. The first random number generator 11211 generates a first random number (S11211). The second random number generator 11212 generates a second random number (S11212). The random number concatenation unit 11213 concatenates the first random number and the second random number to generate a third random number (S11213). The third random number is used to generate an expected value in the verification server 11 and is used to generate a response in the verified ECU 13. Details of the operation of the random number generation unit 1121 will be described later with reference to FIG.

  Hereinafter, the configuration of the expected value generation unit 1122 provided in the verification server 11 of this embodiment will be described with reference to FIG. As shown in the figure, the expected value generation unit 1122 of this embodiment includes a random number adjustment unit 11221, a first generation value calculation unit 11222, a second generation value calculation unit 11223, and a first partial generation value acquisition unit 11224. And a second partial generation value acquisition unit 11225 and a partial generation value connection unit 11226.

  First, the random number adjustment unit 11221 starts from the last address number of the main storage unit (that is, the ECU main storage unit 1111 to be verified) in which either the first random number, the second random number, or both are reproduced in the storage unit 111. If it is larger, the mod of the corresponding random number is calculated, and the calculation result is set as a new first random number and second random number (S11221A). By executing step S11221A, both of the two random numbers become smaller than the last address number of the main storage unit reproduced in the storage unit 111.

  Next, the random number adjustment unit 11221 exchanges the definition of the random number according to the magnitude relationship between the first random number and the second random number (S11221B). Specifically, the definition exchange is not performed when the second random number is larger than the first random number, and is defined when the second random number is smaller than the first random number. And after the step S11221B is finished, the first random number is adjusted to be smaller than the second random number.

  Next, the first generated value calculation unit 11222 stores stored contents from the address number corresponding to the first random number to the address number corresponding to the second random number among the stored contents of the verified ECU main storage unit 1111 of the storage unit 111. Is calculated as the verification-side first generated value (S11222).

  Next, the second generated value calculation unit 11223 stores the hash value of the stored content that was not used for the calculation of the verification-side first generated value among the stored contents of the verified ECU main storage unit 1111 of the storage unit 111. 2 is calculated as a generated value (S11223).

  Next, the first partial generation value acquisition unit 11224 extracts a predetermined bit (for example, 32 bits) from the verification-side first generation value, and acquires the verification-side first partial generation value (S11224).

  Next, the second partial generation value acquisition unit 11225 extracts a predetermined bit (for example, 32 bits) from the verification-side second generation value, and acquires the verification-side second partial generation value (S11225).

  Next, the partial generation value connecting unit 11226 connects the verification side first partial generation value and the verification side second partial generation value to generate an expected value (S11226).

  The response is generated in the same procedure as the expected value. Accordingly, the response generation unit 132 of the ECU 13 to be verified has the same configuration as the above-described expected value generation unit 1122 and performs the same operation. Hereinafter, with reference to FIG. 13, the structure of the response generation part 132 with which the to-be-verified ECU13 of a present Example is provided is demonstrated.

  As shown in the figure, the response generation unit 132 of this embodiment includes a random number adjustment unit 1321, a first generation value calculation unit 1322, a second generation value calculation unit 1323, and a first partial generation value acquisition unit 1324. The second partial generation value acquisition unit 1325 and the partial generation value connection unit 1326 are included.

  Hereinafter, the operation of the response generation unit 132 will be described with reference to FIG. First, the random number adjustment unit 1321 performs the adjustment of the first random number and the second random number in the same manner as Steps S11221A and S11221B (S1321A and S1321B).

  Next, the first generated value calculation unit 1322 stores the hash value of the stored content from the address number corresponding to the first random number to the address number corresponding to the second random number among the stored contents of the main storage unit 133. The first generated value is calculated (S1322).

  Next, the second generated value calculation unit 1323 calculates the hash value of the storage content that has not been used for the calculation of the verification target first generation value among the storage contents of the main storage unit 133 as the verification target second generation value. (S1323).

  Next, the first partial generation value acquisition unit 1324 extracts a predetermined bit (for example, 32 bits) from the verification target first generation value, and acquires the verification target first partial generation value (S1324).

  Next, the second partial generation value acquiring unit 1325 extracts a predetermined bit (for example, 32 bits) from the second verification value to be verified and acquires the second partial generation value to be verified (S1325).

  Next, the partial generation value connecting unit 1326 connects the verified first partial generation value and the verified second partial generation value to generate a response (S1326).

  Hereinafter, the above-described operation will be described again in accordance with the description of the code examples in FIGS. 15, 16, and 17. Since the payload length of one message is 64 bits at maximum, the code example shown in FIG. 15 can be obtained by applying the above-described series of operations to the CAN. FIGS. 16 and 17 are code examples of a Randomly Dimidiated Hash (RDH) function for calculating a hash value, and are codes corresponding to steps S11221 (S1321), S11222 (S1322), and S11223 (S1323) described above. is there. The RDH function is not a function that has been conventionally used for general purposes, but is a function created to realize the operation of the falsification detection system 1 of the present embodiment.

In the first line of FIG. 15, S (verification server 11) generates a 32-bit first random number r ₀ and a 32-bit second random number r ₁ (steps S11211 and S11212 described above).

In the second line of the figure, S (validation server 11) is connected to the first random number _{r 0} the second random number _{r 1} to produce a third random number r (the aforementioned step S11213).

In the third line of the figure, S (verification server 11) computes the RDH function using the third random number r and the stored content memory _p of the ECU main storage unit 1111 to be verified, and the verification side first generated value exp ₀ and the verification side second generation value exp ₁ are calculated (steps S11221, S11222, and S11223 described above).

In the fourth line of the figure, S (verification server 11) extracts 32 bits from the verification-side first generation value exp ₀ and the verification-side second generation value exp ₁ to verify the verification-side first partial generation value exp. ' ₀ and the verification-side second partial generation value exp' ₁ are acquired (steps S11224 and S11225 described above).

In the fifth line of FIG. 5, S (verification server 11) concatenates the verification-side first partial generation value exp ′ ₀ and the verification-side second partial generation value exp ′ ₁ to generate an expected value Expected Value ( Step S11226 described above.

  In the sixth line of the figure, S (verification server 11) transmits a third random number r and an expected value Expected Value to V (verification ECU 12) (step S113C described above).

  In the seventh line of FIG. 8, V (verification ECU 12) transmits the third random number r to P (verified ECU 13) (step S1232B described above).

In line 8 of FIG., V (verification ECU 12) records the transmission time current time of the third random number r to _{T 1.} This operation may be executed by the in-vehicle LAN communication unit 1232, for example. In this case, the operation on the eighth line is executed as part of step S1232B described above.

In the ninth line of the figure, P (verified ECU 13) calculates the RDH function using the third random number r and the stored content memory _p of the main memory 133, and the verified first generated value res ₀ The second generation value res ₁ to be verified is calculated (steps S1321, S1322, and S1323 described above).

In the 10th line of the figure, the P (verified ECU 13) extracts 32 bits from the _first verified value res ₀ to be verified and the second generated value res ₁ to be verified and extracts the first part to be verified. The generation value res ′ ₀ and the second partial generation value res ′ ₁ to be verified are acquired (steps S1324 and S1325 described above).

In the eleventh line of the figure, P (verified ECU 13) generates a response Res by connecting the verified first partial generated value res ′ ₀ and the verified second partial generated value res ′ ₁ ( Step S1326 described above.

  In the twelfth line of the figure, P (verified ECU 13) transmits a response Res to V (verification ECU 12) (step S131C described above).

In line 13 in FIG, V (verification ECU 12) records the reception time current time response Res to _{T 2.} This operation may be executed by the in-vehicle LAN communication unit 1232, for example. In this case, the operation on the thirteenth row is executed as part of step S1232C described above.

In line 14 in FIG, V (verification ECU 12), the difference of _{T 2} and _{T 1} is verifying whether is equal to or less than the threshold allowed A time.

  In the 15th line in the figure, when the result of the verification in the 14th line is incorrect, V (verification ECU 12) interrupts the process.

  In the 16th line of the figure, V (verification ECU 12) verifies whether the response Res is equal to the expected value Expected Value.

  In the 17th line of the figure, V (verification ECU 12) stores the verification result of the 16th line of the figure.

  The operations from the 14th line to the 17th line may be executed by the response verification unit 1231, for example. In this case, the operations on the 14th to 17th lines are executed as a part of the above-described step S1231.

  FIG. 16 is a code example of the RDH function executed by the expected value generation unit 1122. The input to the RDH function is defined in the first line of FIG. As input of the RDH function, a third random number r and a memory content memory in the main memory 133 of the ECU 13 to be verified are defined.

In the second line of the figure, the output from the RDH function is defined. As the output of the RDH function, a verification-side first generation value exp ₀ and a verification-side second generation value exp ₁ having a hash function length len (Hash (•)) to be used are defined.

In the third to fourth lines in the figure, the meanings of characters used in the code example in the figure are defined. addr _start is used to mean the first address number of the main storage unit. addr _end is used to mean the last address number of the main storage unit. mem _{[a, b]} is used to mean the stored contents from address number a to address number b in the main memory.

In the fifth line of FIG. 5, S (verification server 11) determines that the main storage unit (that is, the target random number r ₀ , the second random number r ₁ , or both are reproduced in the storage unit 111). If it is larger than the last address number addr _{end of the} verification ECU main memory unit 1111), the mod of the corresponding random number is calculated (r ₀ , r ₁ mod addr _end ), and the calculation result is set as a new first random number r ₀ , second The random number is r ₁ (step S11221A described above).

In the sixth line of the figure, S (verification server 11) executes definition exchange when the second random number r ₁ is smaller than the first random number r ₀ (step S11221B described above). .

In the seventh line of FIG. 8, S (verification server 11) obtains the hash value of the stored content mem _{[r0, r1]} from the address number corresponding to the first random number r ₀ to the address number corresponding to the second random number r _1. Is calculated as the verification-side first generated value exp ₀ (step S11222 described above).

In the seventh line of the figure, S (verification server 11) stores the storage contents that are not used in the calculation of the verification-side first generated value exp ₀ , that is,

Is calculated as the verification-side second generated value exp ₁ (step S11223 described above).

FIG. 17 shows a code example of the RDH function executed by the response generation unit 132, which is the same as FIG. Specifically, in FIG. 17, the execution subject of the RDH function is P (verified ECU 13), and in FIG. 16, the verification-side first generated value exp ₀ and the verification-side second generated value exp ₁ are set. 17 are replaced by the _first verified value res ₀ to be verified and the second generated value res ₁ to be verified in FIG.

  As described above, the RDH function is a function that divides the entire main storage unit into two at random address positions according to random numbers and calculates the hash value of each area. In order to shorten the input length for the hash function and shorten the calculation time, the random number was not used as an input to the hash function, but was used for specifying the address of the main memory.

<Effect>
As described above, the falsification detection system 1 according to the present embodiment can detect falsification of the entire main storage unit. Moreover, according to the falsification detection system 1 of the present embodiment, it is practically difficult to use a pre-calculation / replay attack as a means for forging a response. Specifically, in the present embodiment, since the challenge is a random number, pre-calculation is difficult from the viewpoint of calculation time. In addition, it is difficult to store the calculation result from the viewpoint of the capacity of the main storage unit of the ECU.

  Further, the function ICE used in Non-Patent Document 1 has a vulnerability that it does not consider the carry of the most significant bit when updating the value using addition. The falsification detection system 1 of the present embodiment overcomes this vulnerability.

  Further, the function ICE used in Non-Patent Document 1 has a weak point that applicable platforms are limited. The falsification detection system 1 of the present embodiment overcomes the above-mentioned weaknesses because the algorithm used for verification is realized using only functions that do not depend on the CPU architecture.

  Further, the function ICE used in Non-Patent Document 1 needs to be optimized in accordance with the CPU architecture and realized with the minimum number of CPU cycles. If the above is realized for all the CPUs, there is a weak point that the design cost becomes enormous. The falsification detection system 1 of the present embodiment overcomes this weak point.

  Hereinafter, with reference to FIG. 18, the falsification detection system 2 of Example 2 which incorporated the function of the verification server in the verification ECU will be described. This embodiment is an effective configuration example when it is desired to detect falsification in an environment where frequent connection establishment with a verification server is difficult.

  The tampering detection system 2 according to the present embodiment includes a verification server 21, a verification ECU 22, and a plurality of ECUs 23-1, 23-2,. The number of ECUs 23 to be verified is not particularly limited as in the first embodiment, and the number varies depending on the specifications of the automobile. In the following description, when the branch number is not displayed as the verified ECU 23, the corresponding description is assumed to be common to all the verified ECUs of the present embodiment.

  Hereinafter, the configuration of the verification ECU 22 and the verification ECU 23 of this embodiment will be described with reference to FIG. As shown in the figure, the verification ECU 22 of this embodiment includes a storage unit 211, a calculation unit 212, a communication unit 213, a hardware security module 222, and a verification unit 223. The ECU to be verified 23 according to the present embodiment includes a communication unit 231, a response generation unit 232, and a main storage unit 233.

  Hereinafter, the operations of the verification ECU 22 and the ECU to be verified 23 of this embodiment will be described with reference to FIGS. The storage unit 211 stores in advance all the storage contents of the main storage unit of the ECU to be verified (S211). Although step S211 is shown in FIG. 20 for the sake of convenience, it is actually an operation performed in the past rather than the operation described later. The main storage unit 233 previously pads all the empty areas with random numbers (S233). Although step S233 is also shown in FIG. 20 for the sake of convenience, the operation is actually performed in the past (for example, a manufacturing process) rather than the operation described later.

  The communication unit 213 transmits a random number (S213A, the third line in FIG. 21). The communication unit 231 receives a random number (S231A, the third line in FIG. 21).

  The response generation unit 232 divides the main storage unit 233 into a plurality of areas based on the received random numbers, and generates a response from a predetermined calculation result for each area (S232, lines 5 to 7 in FIG. 21). The communication unit 231 transmits a response (S231B, the eighth line in FIG. 21). The communication unit 213 receives the response (S213B, the eighth line in FIG. 21).

  Based on the transmitted random number, the calculation unit 212 divides the area in which the storage content of the storage unit 211 is stored into a plurality of areas, and generates an expected value from the result of a predetermined calculation for each area (S212, 12th line in FIG. 21). The verification unit 223 compares the expected value with the response for verification (S223, lines 12 to 13 in FIG. 21).

  If the verification ECU 22 is called a first verification server and the verification server 21 is called a second verification server, in this embodiment, each function of the first verification server, in particular, the main storage unit 233 of the ECU 23 to be verified is rewritten illegally. It is desirable to implement some kind of protection measures so that there is no such thing. For example, the protection measure may be realized by periodically verifying whether the functions of the storage unit and the calculation unit of the first verification server and the second verification server match.

  According to the falsification detection system 2 of the present embodiment, the same effects as those of the first embodiment can be obtained even in an environment in which frequent connection establishment with the verification server is difficult.

<Supplementary note>
The apparatus of the present invention includes, for example, a single hardware entity as an input unit to which a keyboard or the like can be connected, an output unit to which a liquid crystal display or the like can be connected, and a communication device (for example, a communication cable) capable of communicating outside the hardware entity. Can be connected to a communication unit, a CPU (Central Processing Unit, may include a cache memory or a register), a RAM or ROM that is a memory, an external storage device that is a hard disk, and an input unit, an output unit, or a communication unit thereof , A CPU, a RAM, a ROM, and a bus connected so that data can be exchanged between the external storage devices. If necessary, the hardware entity may be provided with a device (drive) that can read and write a recording medium such as a CD-ROM. A physical entity having such hardware resources includes a general-purpose computer.

  The external storage device of the hardware entity stores a program necessary for realizing the above functions and data necessary for processing the program (not limited to the external storage device, for example, reading a program) It may be stored in a ROM that is a dedicated storage device). Data obtained by the processing of these programs is appropriately stored in a RAM or an external storage device.

  In the hardware entity, each program stored in an external storage device (or ROM or the like) and data necessary for processing each program are read into a memory as necessary, and are interpreted and executed by a CPU as appropriate. . As a result, the CPU realizes a predetermined function (respective component requirements expressed as the above-described unit, unit, etc.).

  The present invention is not limited to the above-described embodiment, and can be appropriately changed without departing from the spirit of the present invention. In addition, the processing described in the above embodiment may be executed not only in time series according to the order of description but also in parallel or individually as required by the processing capability of the apparatus that executes the processing. .

  As described above, when the processing functions in the hardware entity (the apparatus of the present invention) described in the above embodiments are realized by a computer, the processing contents of the functions that the hardware entity should have are described by a program. Then, by executing this program on a computer, the processing functions in the hardware entity are realized on the computer.

  The program describing the processing contents can be recorded on a computer-readable recording medium. As the computer-readable recording medium, for example, any recording medium such as a magnetic recording device, an optical disk, a magneto-optical recording medium, and a semiconductor memory may be used. Specifically, for example, as a magnetic recording device, a hard disk device, a flexible disk, a magnetic tape or the like, and as an optical disk, a DVD (Digital Versatile Disc), a DVD-RAM (Random Access Memory), a CD-ROM (Compact Disc Read Only). Memory), CD-R (Recordable) / RW (ReWritable), etc., magneto-optical recording medium, MO (Magneto-Optical disc), etc., semiconductor memory, EEP-ROM (Electronically Erasable and Programmable-Read Only Memory), etc. Can be used.

  The program is distributed by selling, transferring, or lending a portable recording medium such as a DVD or CD-ROM in which the program is recorded. Furthermore, the program may be distributed by storing the program in a storage device of the server computer and transferring the program from the server computer to another computer via a network.

  A computer that executes such a program first stores, for example, a program recorded on a portable recording medium or a program transferred from a server computer in its own storage device. When executing the process, the computer reads a program stored in its own recording medium and executes a process according to the read program. As another execution form of the program, the computer may directly read the program from a portable recording medium and execute processing according to the program, and the program is transferred from the server computer to the computer. Each time, the processing according to the received program may be executed sequentially. Also, the program is not transferred from the server computer to the computer, and the above-described processing is executed by a so-called ASP (Application Service Provider) type service that realizes the processing function only by the execution instruction and result acquisition. It is good. Note that the program in this embodiment includes information that is used for processing by an electronic computer and that conforms to the program (data that is not a direct command to the computer but has a property that defines the processing of the computer).

  In this embodiment, a hardware entity is configured by executing a predetermined program on a computer. However, at least a part of these processing contents may be realized by hardware.

Claims (8)

A tamper detection system including a verification server, a verification ECU, and a verification ECU,
The verification server
A storage unit that stores all the stored contents in the main storage unit of the ECU to be verified;
A calculation unit that generates a random number, divides an area in which the storage content in the storage unit is stored based on the generated random number into a plurality of areas, and generates an expected value from a result of a predetermined calculation for each area When,
The verification ECU includes an external WAN communication unit that transmits the random number and the expected value,
The verification ECU
An external WAN communication unit that receives the random number and the expected value generated by the verification server;
A verification unit that transmits the random number generated by the verification server to the ECU to be verified, receives a response from the ECU to be verified, and compares the expected value with the response;
The ECU to be verified is
An in-vehicle LAN communication unit that receives the random number generated by the verification server from the verification ECU and transmits the response to the verification ECU;
A main memory unit that padded all the empty areas with random numbers;
An alteration detection system including a response generation unit that divides the main storage unit into a plurality of areas based on the random numbers generated by the verification server and generates the response from a result of a predetermined calculation for each area. The falsification detection system according to claim 1,
The calculator is
A random number generator for generating a first random number and a second random number;
Among the stored contents of the storage unit, a hash value of the stored contents from an address number corresponding to the first random number to an address number corresponding to the second random number is calculated as a verification-side first generated value, and the verification The hash value of the stored content that was not used in the calculation of the first generation value on the side is calculated as the second generation value on the verification side, and predetermined bits of each of the first generation value on the verification side and the second generation value on the verification side are extracted Then, the verification side first partial generation value and the verification side second partial generation value are acquired, and the verification side first partial generation value and the verification side second partial generation value are connected to generate an expected value. Part
The response generator is
Of the stored contents of the main storage unit, the hash value of the stored contents from the address number corresponding to the first random number to the address number corresponding to the second random number is calculated as a first generation value to be verified, The hash value of the stored content that was not used for the calculation of the verification target first generation value is calculated as the verification target second generation value, and the verification target first generation value and the verification target second generation value are calculated. Each predetermined bit is extracted to obtain the first partial generated value to be verified and the second partial generated value to be verified, and the first partial generated value to be verified and the second partial generated value to be verified are connected. Tamper detection system that generates responses. A falsification detection system including a verification ECU and a verified ECU,
The verification ECU
A storage unit that stores all the stored contents in the main storage unit of the ECU to be verified;
A communication unit that sends random numbers and receives responses;
A calculation unit that divides an area in which the stored content in the storage unit is stored based on the transmitted random number into a plurality of areas, and generates an expected value from a result of a predetermined calculation for each area;
A verification unit that compares and compares the expected value and the response;
The ECU to be verified is
A communication unit that receives the random number transmitted by the verification ECU and transmits the response;
A main memory unit that padded all the empty areas with random numbers;
An alteration detection system including a response generation unit that divides the main storage unit into a plurality of regions based on the received random number and generates the response from a result of a predetermined calculation for each region. The falsification detection system according to claim 3,
The random number transmitted by the verification ECU is a third random number obtained by concatenating the first random number and the second random number,
The calculator is
Among the stored contents of the storage unit, a hash value of the stored contents from an address number corresponding to the first random number to an address number corresponding to the second random number is calculated as a verification-side first generated value, and the verification The hash value of the stored content that was not used in the calculation of the first generation value on the side is calculated as the second generation value on the verification side, and predetermined bits of each of the first generation value on the verification side and the second generation value on the verification side are extracted Obtaining a verification-side first partial generation value and a verification-side second partial generation value, concatenating the verification-side first partial generation value and the verification-side second partial generation value, and generating an expected value,
The response generator is
Of the stored contents of the main storage unit, the hash value of the stored contents from the address number corresponding to the first random number to the address number corresponding to the second random number is calculated as a first generation value to be verified, The hash value of the stored content that was not used for the calculation of the verification target first generation value is calculated as the verification target second generation value, and the verification target first generation value and the verification target second generation value are calculated. Each predetermined bit is extracted to obtain the first partial generated value to be verified and the second partial generated value to be verified, and the first partial generated value to be verified and the second partial generated value to be verified are connected. Tamper detection system that generates responses. A verification ECU for verifying the ECU to be verified,
A calculation unit that generates an expected value of the entire main storage unit of the ECU to be verified, in which all the empty areas are padded with random numbers;
Comparing the expected value and the response acquired from the ECU to be verified, including a verification unit that verifies the entire main storage unit,
The verification ECU, wherein the random number is a random number that satisfies a predetermined condition for appearance probability, a predetermined independence condition, and a predetermined periodicity condition. A verification ECU according to claim 5,
A storage unit storing all the storage contents in the main storage unit;
A communication unit that transmits a random number to the ECU to be verified and receives the response from the ECU to be verified;
The calculator is
A verification ECU that divides an area in which the stored content in the storage unit is stored based on the transmitted random number into a plurality of areas and generates the expected value from a result of a predetermined calculation for each area. An ECU to be verified, which is a padding of all the empty areas in the main storage unit with random numbers, and the random numbers satisfy a predetermined condition of appearance probability, a predetermined independence condition, and a predetermined periodicity condition.   The program which makes a computer function as verification ECU of Claim 5 or 6.

Images