JP6242455B1 - Wireless communication device for vehicle - Google Patents

Abstract

A vehicular wireless communication apparatus that prevents impersonation of a vehicle and transmission of fake message information is obtained. An ID appearance frequency counting means for counting an appearance frequency of each ID attached to each data packet of the in-vehicle network and an appearance frequency of each ID counted by the ID appearance frequency counting means. Is not impersonated by impersonation determining means 502, 503 and impersonation determining means for determining whether impersonation is based on whether or not it matches a pattern of appearance frequency of each ID in a preset vehicle. Only when it is determined that the transmission means 108 transmits a message. [Selection] Figure 2

Description

  The present invention relates to a vehicular radio communication apparatus connected to an in-vehicle network, and more particularly to a vehicular radio communication apparatus capable of preventing message transmission pretending to be a vehicle.

With the progress of information processing technology in recent years, a traffic safety system and a platooning system using wireless communication between vehicles or between a vehicle and a roadside device are being actively studied.
For example, the location information and travel direction of surrounding vehicles transmitted from surrounding vehicles using wireless communication are used to determine whether there is a contact risk. If there is a contact risk, the driver is notified or the steering is automatically performed. In addition, a system has been proposed that performs an avoidance operation by operating a brake or an accelerator.

  In a system using such inter-vehicle communication, road-to-vehicle communication, etc., there is a concern of being attacked by impersonating a vehicle and transmitting false information. For example, if fake information that induces an operation that does not match the original situation for driving the communication partner vehicle is transmitted, the function of the traffic safety system is degraded.

  To prevent an attacker from impersonating a vehicle and sending a message, based on the vehicle behavior information history, it is determined whether or not the history matches the vehicle behavior, and a message is sent only if it matches. Thus, a wireless communication device that prevents transmission of spoofed data has been proposed. (See Patent Document 1)

Japanese Patent Laying-Open No. 2015-139011

  In the wireless communication device of Patent Document 1, it is exemplified that an acceleration sensor, a speed sensor, a position information acquisition unit, and a gyro sensor mounted on a vehicle are used as vehicle behavior information acquisition unit. Some vehicles are not. When mounted on such a vehicle, it is necessary to separately provide vehicle behavior information acquisition means, which causes a problem of increasing the cost of the entire system.

  The present invention has been made to solve the above-described problems, and is a vehicle wireless communication device capable of preventing message transmission pretending to be a vehicle even in a vehicle not equipped with vehicle behavior information acquisition means. Is intended to provide.

The vehicular wireless communication apparatus according to the present invention is connected to an in-vehicle network and is counted by an ID appearance frequency counting unit that counts an appearance frequency of each ID attached to each data packet of the in-vehicle network, and an ID appearance frequency counting unit. By the impersonation determination means and the impersonation determination means that determine whether or not the appearance frequency of each ID matches the pattern of the appearance frequency of each ID in the installed vehicle set in advance. A transmission means for transmitting a message only when it is determined not to be impersonation, and the impersonation determination means includes a matching parameter table storing a plurality of appearance frequency patterns of each ID, and each time a data packet is input. The ID appearance frequency counted by the ID appearance frequency counting means is set in the matching parameter table. And a matching determination processing unit that determines whether the pattern matches the pattern, and the matching parameter table includes the most frequently received ID, the second most frequently received ID, the second most frequently received ID, and the most frequently occurring. A plurality of maximum values and minimum values of the reception number ratio of ID and next frequent ID are recorded as patterns .

  According to the present invention, even in a vehicle not equipped with vehicle behavior information acquisition means, if the wireless communication device is connected to the in-vehicle network, the vehicle wireless communication device having a function of preventing spoofed message transmission can be inexpensively provided. Can be configured.

It is a block diagram which shows the radio | wireless communication apparatus for vehicles concerning Embodiment 1 of this invention. It is the schematic of the CAN * ID appearance frequency matching determination part which comprises some vehicle radio | wireless communication apparatuses concerning Embodiment 1 of this invention. It is a figure which shows the example of a judgment algorithm of ID appearance frequency matching judgment of the radio | wireless communication apparatus for vehicles concerning Embodiment 1 of this invention.

Embodiment 1 FIG.
A vehicular radio communication apparatus according to Embodiment 1 of the present invention will be described below with reference to FIGS.
FIG. 1 is a block diagram showing the vehicular wireless communication apparatus of the first embodiment, and is a block diagram showing an example applied to an emergency brake warning system.

  The emergency brake warning system transmits the brake pressure information of the preceding vehicle to the succeeding vehicle. When the brake is stepped on the preceding vehicle and the brake pressure rises, the brake information of the preceding vehicle received by the succeeding vehicle is detected by the preceding vehicle. This system alerts the driver and alerts the driver that a sudden brake has been applied.

In FIG. 1, FIG. 1 (a) is a diagram showing the positional relationship of the vehicle during operation of the emergency brake warning system, FIG. 1 (b) is a configuration diagram of a wireless communication device (transmission side) of the preceding vehicle, These respectively show the block diagram of the radio | wireless communication apparatus (reception side) of a following vehicle.
In FIG. 1A, the right side is a preceding vehicle (transmission side) 1, the left side is a subsequent vehicle (reception side) 2, and the wireless communication devices of both vehicles 1 and 2 are connected by an in-vehicle network.

  In the wireless communication device (transmission side) 10 of the preceding vehicle 1 shown in FIG. 1 (b), the output of the brake pressure sensor 101 is input to the ECU 102. The ECU 102 outputs a packet including the detection value of the brake pressure sensor to the CAN bus 103. When the message transmission unit 104 is connected to the CAN bus 103 and receives a packet including the detection value of the brake pressure sensor from the CAN bus 103, the message transmission unit 104 extracts the detection value of the brake pressure sensor from the packet, and uses the extracted detection value of the brake pressure sensor. A data packet to be transmitted to the following vehicle 2 is generated and output to the CAN / ID appearance frequency matching determination unit 105.

  The CAN / ID appearance frequency matching determination unit 105 is connected to the CAN bus 103, counts the appearance frequency of each ID of a packet flowing through the CAN bus 103, and the appearance frequency of each ID is a preset value of each ID in the mounted vehicle. It is determined whether or not the pattern matches the appearance frequency pattern, and only when the pattern matches, the data packet to be transmitted to the following vehicle 2 input from the message transmission unit 104 is output to the encryption unit 106. A method of determining whether or not the CAN / ID appearance frequency matching determination unit 105 matches the appearance frequency pattern of each ID will be described later.

  The encryption unit 106 uses the key information input from the key storage unit 107 to add signature information to the data packet to be transmitted to the succeeding vehicle 2 and encrypts it to output to the wireless communication unit 108. The wireless communication unit 108 transmits the encrypted data packet to be transmitted to the subsequent vehicle 2 to the subsequent vehicle 2. Accordingly, the wireless communication unit 108 functions as a transmission unit that transmits a message only when the CAN / ID appearance frequency matching determination unit 105 determines that it is not impersonation.

  In the wireless communication device (reception side) 20 of the following vehicle 2 shown in FIG. 1C, when the wireless communication unit 201 receives the encrypted data packet together with the signature information added by the preceding vehicle 1, the decryption unit 202 is received. Output to. The decryption unit 202 decrypts the data packet received from the preceding vehicle 1 using the key information input from the key storage unit 203 and verifies the signature, and if the signature is correct, the decryption data packet is transmitted to the message reception unit 204. Output to.

  The message reception unit 204 extracts the detection value of the brake pressure sensor of the preceding vehicle 1 from the packet input from the decoding unit 202, and generates a data packet to be transmitted to the CAN bus 205 from the extracted detection value of the brake pressure sensor. To the CAN bus 205. When the detected value of the brake pressure sensor of the preceding vehicle 1 is received from the CAN bus 205, when the detected value of the brake pressure sensor of the preceding vehicle 1 is larger than a predetermined value, the ECU 206 performs a sudden braking. It is determined that it has been applied, and an HMI (Human Interface) 207 alerts and warns the driver.

Next, the determination algorithm of the CAN / ID appearance frequency matching determination unit 105 will be described with reference to FIG. FIG. 2 is a diagram illustrating a configuration example of the CAN / ID appearance frequency matching determination unit 105.
FIG. 2A is a processing block diagram of the CAN / ID appearance frequency matching determination unit 105. The ID appearance frequency count table 501 counts the number of received ID numbers each time a packet is received from the CAN bus 103. FIG. 2B is an example of a count table in which the ID appearance frequency count table 501 counts the number of received ID numbers. The received ID and the number of times of reception are recorded and counted.

If the ID of the packet received from the CAN bus 103 is recorded in the ID appearance frequency count table 501, the received number of the corresponding ID is counted up. If not, the received ID is newly registered in the count table. The number of newly received IDs is set to 1.
Therefore, the ID appearance frequency count table 501 functions as an ID appearance frequency counting unit that counts the appearance frequency of each ID attached to each data packet of the in-vehicle network.

  Each time a data packet is input from the message transmission unit 104 shown in FIG. 1, the matching determination processing unit 502 changes the appearance frequency of the ID counted in the ID appearance frequency count table 501 to the pattern set in the matching parameter table 503. It is determined whether they match, and if they match, a data packet is output to the encryption unit 106 shown in FIG.

  Accordingly, the matching determination processing unit 502 and the matching parameter table 503 are configured such that the appearance frequency of each ID counted in the ID appearance frequency count table (ID appearance frequency counting means) 501 is the preset appearance frequency of each ID in the mounted vehicle. It functions as an impersonation judging means for judging whether or not impersonation is based on whether or not the pattern matches.

  FIG. 3 is a diagram illustrating a determination algorithm example of the matching determination processing unit 502. The matching parameter table 503 includes a maximum value and a minimum value that are assumed for the most frequently received ID having the highest number of receptions, the second frequent ID having the second highest number of receptions, and the ratio of the reception numbers of the most frequent ID and the next frequent ID. The value is recorded as a pattern. As shown in FIG. 3A, a plurality of patterns (1 to n) are prepared, and if the pattern matches any of the patterns, it is determined that the pattern matches.

Details of the determination algorithm of the matching determination processing unit 502 will be described with reference to the processing flowchart of FIG.
The process shown in the process flow of FIG. 3B is started each time a data packet is input to the matching determination processing unit 502. In step S1, the most frequent ID and its reception number, the next frequent ID and its reception number are read from the ID appearance frequency count table 501, and the ratio of the most frequent ID reception number and the next frequent ID reception number is determined from the read reception number. calculate.

  Next, in step S2, in order to select the pattern recorded in the matching parameter table 503 in order from the beginning, the index of the matching parameter is set to the first. Subsequently, in step S3, it is determined whether the most frequent ID read in step S1 matches the matching parameter selected by the index, and if it matches, the process proceeds to step S4. In step S4, it is determined whether the next frequent ID read in step S1 matches the matching parameter selected by the index, and if it matches, the process proceeds to step S5. In step S5, it is determined whether or not the reception number ratio calculated in step S1 is less than or equal to the maximum reception number ratio value of the matching parameter selected by the index, and in the following case, the process proceeds to step S6. In step S6, it is determined whether the reception number ratio calculated in step S1 is equal to or greater than the reception value ratio minimum value of the matching parameter selected by the index, and in the case above, the process proceeds to step S7.

  That is, in step S3 to step S6, it is determined whether the ratio of the most frequent ID, the next frequent ID read in step S1, and the calculated reception number matches the matching parameter selected by the index. If YES in step S7, the flow advances to step S7 to output a data packet to be transmitted to the following vehicle.

On the other hand, in step S3 to step S6, if any one of the matching parameters selected by the index does not match (NO), the process proceeds to step S8. In step S8, the index of the matching parameter is incremented, and in step S3 to step S6, the comparison with the next matching parameter pattern is performed in the same manner as described above.
Step S9 confirms whether all matching parameters have been determined. If the number of tables in which matching parameter indexes are set is exceeded (YES), data is branched from the decision branch process and transmitted to the following vehicle. The process ends without outputting the packet.

  As described above, the first embodiment of the present invention transmits a message only when the appearance frequency of each ID attached to each data packet of the in-vehicle network matches the pattern of the appearance frequency of each ID in the mounted vehicle. Therefore, even if the vehicle behavior information acquisition means is not installed, a wireless communication device having an anti-spoofing function can be provided if an on-vehicle network is installed. Can be configured at low cost.

Embodiment 2. FIG.
In the first embodiment, the plurality of matching patterns recorded in the matching parameter table 503 are switched in order from the first, and it is determined whether the pattern of the appearance frequency of the ID matches the matching pattern. According to the second aspect of the invention, the matching pattern, which is the pattern of the appearance frequency of the ID in the mounted vehicle, may be switched and changed depending on the elapsed time from the time of starting the power source of the in-vehicle wireless communication device.
According to this configuration, it is difficult to imitate the in-vehicle network, so that a system with higher epidemiological properties can be configured against an attack by imitation of the in-vehicle network.

Embodiment 3 FIG.
The matching parameter table 503 of the impersonation determination means counts the appearance frequency of each ID in the mounted vehicle from the ID appearance frequency count table 501 when setting up the wireless communication device in the vehicle, and counts the most frequently occurring ID, the next It is good also as a structure which sets a setting value from the ratio of frequent ID and the calculated reception number, and sets the appearance frequency pattern of each ID in the said mounted vehicle.
According to this configuration, it is not necessary to set an ID appearance frequency pattern for each vehicle type by registering the ID appearance frequency pattern at the time of mounting on the vehicle, so that the mounting property on the vehicle can be improved.

  Although the embodiments of the present invention have been described above, the present invention is not limited to the embodiments, and various design changes can be made. Within the scope of the present invention, each embodiment is described. These embodiments can be freely combined, and each embodiment can be modified or omitted as appropriate.

  In addition to the emergency brake warning system, the vehicle wireless communication device of the present invention collects information from each vehicle by a traffic center, etc., grasps the traffic conditions and climate in each region, and feeds back this information to each vehicle. It can be used for information guidance systems.

1: preceding vehicle (transmission side), 2: following vehicle (reception side), 10: wireless communication device (transmission side), 20: wireless communication device (reception side), 103: CAN bus, 104: message transmission unit, 105 : CAN / ID appearance frequency matching determination unit,
106: encryption unit 107: key storage unit 108: wireless communication unit (transmission means) 201: wireless communication unit 202: decryption unit 203: key storage unit 204: message reception unit
501: ID appearance frequency count table (ID appearance frequency counting means),
502: Matching determination processing unit (spoofing determination means)
503: Matching parameter table (spoofing determination means)

Claims (3)

ID appearance frequency counting means for counting the appearance frequency of each ID attached to each data packet of the in-vehicle network connected to the in-vehicle network, and the appearance frequency of each ID counted by the ID appearance frequency counting means in advance When it is determined by the impersonation determination means that determines whether or not the impersonation is based on whether or not the appearance frequency pattern of each ID in the mounted vehicle is set, and the impersonation determination means determines that it is not impersonation Only with a transmission means for sending a message,
The impersonation determining means includes a matching parameter table storing a plurality of appearance frequency patterns of each ID and an ID appearance frequency counted by the ID appearance frequency counting means every time a data packet is input to the matching parameter table. A matching determination processing unit that determines whether the pattern matches a set pattern, and the matching parameter table includes a first most frequently received ID and a second most frequently received next frequent ID, and A vehicular wireless communication apparatus , wherein a plurality of maximum values and minimum values of a reception number ratio of the most frequent ID and the next frequent ID are recorded as a pattern . The vehicular wireless communication apparatus according to claim 1, wherein the impersonation determination unit changes a pattern of appearance frequency of each ID according to an elapsed time from the time of power-on of the communication apparatus. The spoofing determination unit, when setting up the communication device in the vehicle, counts the occurrence frequency of each ID in the equipped vehicle, according to claim 1 which is adapted to set the pattern of the appearance frequency of each ID in the vehicle equipped with Vehicle wireless communication device.

Images