KR101675223B1 - Watchdog, security system and method for watchdog - Google Patents

Watchdog, security system and method for watchdog Download PDF

Info

Publication number
KR101675223B1
KR101675223B1 KR1020150044746A KR20150044746A KR101675223B1 KR 101675223 B1 KR101675223 B1 KR 101675223B1 KR 1020150044746 A KR1020150044746 A KR 1020150044746A KR 20150044746 A KR20150044746 A KR 20150044746A KR 101675223 B1 KR101675223 B1 KR 101675223B1
Authority
KR
South Korea
Prior art keywords
time password
encryption
security
vehicle
watchdog
Prior art date
Application number
KR1020150044746A
Other languages
Korean (ko)
Other versions
KR20160117731A (en
Inventor
박광민
안희중
Original Assignee
현대오토에버 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 현대오토에버 주식회사 filed Critical 현대오토에버 주식회사
Priority to KR1020150044746A priority Critical patent/KR101675223B1/en
Publication of KR20160117731A publication Critical patent/KR20160117731A/en
Application granted granted Critical
Publication of KR101675223B1 publication Critical patent/KR101675223B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0751Error or fault detection not based on redundancy
    • G06F11/0754Error or fault detection not based on redundancy by exceeding limits
    • G06F11/0757Error or fault detection not based on redundancy by exceeding limits by exceeding a time limit, i.e. time-out, e.g. watchdogs
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R16/00Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for
    • B60R16/02Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • B60R2016/02

Abstract

The present invention relates to a watchdog device, a watchdog security system, and a security method thereof, the watchdog device comprising: a vehicle-side one-time password generator for generating a one-time password; A vehicle-side encryption unit that randomly selects one of a plurality of encryption methods to encrypt authorization request data including a one-time password; A vehicle-side decoding unit that decrypts data received from an external device in accordance with a one-time password, the data being encrypted by a randomly selected encryption method among a plurality of encryption methods; And a security control unit for transmitting authentication request data encrypted by the vehicle side encryption unit to an external device to request connection to an external device and controlling authentication of connection with an external device using data received from the external device. Accordingly, when the watchdog device accesses an external device for updating or modifying software, it is possible to prevent access to an unauthorized external device through use of a one-time password, a multi-stage encryption process, and a multi- Therefore, it is possible to prevent damage to human life and property caused by failure of the watchdog device to be hacked to control the ECU.

Description

TECHNICAL FIELD [0001] The present invention relates to a watchdog device, a watchdog security system,

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a watchdog device, a watchdog security system, and a security method thereof, and more particularly, to a watchdog device and a security method thereof, in which when a watchdog device accesses an external device for updating or correcting software, , A watchdog device, a watchdog security system, and a security method for preventing access to an unauthenticated external device through a multi-step authentication process.

An ECU (Electronic Control Unit) is a control device having a function of controlling and managing a main assembly of a vehicle. In the vehicle, a plurality of ECUs are installed according to an assembly to control each assembly.

The multi-core ECU in the ECU includes an ECU core that performs functions of controlling and managing the assembly, a PCP (Peripheral Control Processor) core for monitoring and evaluating the functional defects of the ECU core, It may include a poison device.

Generally, a watchdog device is present inside a vehicle and a safety hierarchical monitoring system of a watchdog device developed based on the ISO26262 development methodology is disclosed. Since the safety hierarchical monitoring system is disclosed, it is possible to hack source code level in the ECU by using deodorization, reverse engineering, and eavesdropping. Hacking of the software of the watchdog device as well as the application of the ECU core or PCP core is also possible.

However, when the software of the watchdog device is hacked in this manner, the integrity of the ECU application source code can not be guaranteed because the watchdog device can not properly control the source code of the ECU. That is, since a problem occurs in the watchdog device itself, the ECU can not perform the function of controlling the ECU, so that it is impossible to control the defects of the ECU, thereby causing damage to persons and property due to malfunction of the ECU.

The present invention can prevent access to an unauthorized external device through the use of a one-time password, a multi-step encryption process, and a multi-step authentication process when the watchdog device accesses an external device for updating or modifying software , A watchdog device, a watchdog security system, and a security method for preventing hacking of the watchdog device from various angles.

The above object is achieved by an electronic control unit (ECU), which is connected to an external device to update or modify software; A vehicle-side one-time password generator for generating a one-time password; A vehicle-side encryption unit that randomly selects one of a plurality of encryption methods to encrypt authorization request data including the one-time password; A vehicle-side decoding unit, which is encrypted by a randomly selected encryption method among the plurality of encryption methods and decrypts data received from the external device corresponding to the one-time password; And requesting a connection to the external apparatus by transmitting the approval request data encrypted by the vehicle-side encryption unit to the external apparatus, and performing connection authentication with the external apparatus using the approval confirmation data received from the external apparatus And a security control unit for controlling the watchdog unit.

The above object is achieved by a watchdog security system comprising a watchdog device for controlling an electronic control unit (ECU) and an external device for providing a service for updating or modifying the software of the watchdog device, A vehicle-side one-time password generator for generating a one-time password; a vehicle-side encryption unit for randomly selecting one of a plurality of encryption methods to encrypt approval request data including the vehicle-side one-time password; To the external device to request a connection and to control connection authentication with the external device using data received from the external device; A server side encryption unit for encrypting a response time password generated by a request from the watchdog unit by randomly selecting one of a plurality of encryption methods; A server side decryption unit for decrypting the data encrypted in the watchdog device, a device side control unit for comparing the data provided from the watchdog device with the data stored in the device, The security system of the present invention can be achieved by a watchdog security system.

The above object is achieved by a security method for accessing an external device for updating or modifying a software of a watchdog device controlling an electronic control unit (ECU), the security method comprising: a generation step of generating a first one-time password in the watchdog device; Encrypting authorization request data including the first one-time password by randomly selecting one of a plurality of encryption methods; A request step of transmitting the encrypted approval request data to the external device to request a connection; And an authentication step of controlling connection authentication with the external device by comparing the approval confirmation data with data held by the external device in the external device. .

In this watchdog security system, when the watchdog device is connected to an external device, the authenticity of the external device is determined using the match of the one-time password between the watchdog device and the external device, and a plurality of encryption computation functions and a plurality of encryption algorithms By randomly selecting and encrypting the data, hacking can be prevented in multiple steps. In addition, when the external device continuously transmits an incompatible one-time password to the watchdog device, the software-update input / output function related code is deleted when the number of discrepancies reaches a certain number of times, By deleting the code related to the input / output function, it is possible to prevent hacking at the source. Accordingly, it is possible to prevent damage to persons and property that may occur when the watchdog device is hacked and the ECU can not be controlled.

1 is a configuration diagram of a watchdog security system according to the present invention;
FIG. 2 is a block diagram of the configuration of the watchdog apparatus of FIG. 1,
Fig. 3 is a block diagram of the vehicle-side encryption unit of Fig. 2,
FIG. 4 is a block diagram of the external device of FIG. 1,
Fig. 5 is a block diagram of the configuration of the wireless communication terminal of Fig. 1,
6A and 6B are flowcharts illustrating a process of securely connecting a watchdog device to an external device in the watchdog security system according to the present invention;
7 is a flowchart illustrating a method for preventing access to an unauthorized external device in a watchdog security system according to the present invention.

Hereinafter, some embodiments of the present invention will be described in detail with reference to exemplary drawings. It should be noted that, in adding reference numerals to the constituent elements of the drawings, the same constituent elements are denoted by the same reference symbols as possible even if they are shown in different drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.

In describing the components of the present invention, terms such as first, second, A, B, (a), and (b) may be used. These terms are intended to distinguish the constituent elements from other constituent elements, and the terms do not limit the nature, order or order of the constituent elements. When a component is described as being "connected", "coupled", or "connected" to another component, the component may be directly connected to or connected to the other component, It should be understood that an element may be "connected," "coupled," or "connected."

1 is a configuration diagram of a watchdog security system according to the present invention.

The watchdog security system according to the present invention authenticates the external device 100 through a security check process of encrypting and transmitting a one-time password when the external device 100 is connected to update or modify an application installed in the watchdog , You can secure the watchdog.

The watchdog security system includes an external device 100 for updating or modifying an application installed in the watchdog device 10, a watchdog device for monitoring and diagnosing the operation of the ECU and authenticating the connection between the external device 100 And a wireless communication terminal 200 connected to the watchdog device 10 through a high-speed communication bus and for wireless communication with the external device 100. [

As shown in FIG. 2, the watchdog device 10 can be installed independently in the ECU. The watchdog device 10 includes a supervisor module 20 for monitoring the normal operation of the ECU, And a security module 30 for supporting a secure connection with an external device 100 supporting an update or modification of an application.

The supervisor module 20 can perform ECU core integrity check, diagnostic test of the ECU subsystem, task monitoring of the ECU core, and the like.

For the ECU core integrity check, the supervisor module 20 can perform a query response with the ECU core. The supervisor module 20 performs a query request to the ECU core and can determine that the ECU core is normal if a response to the query is provided from the ECU core in a preset service window. At this time, the supervisor module reads the seed number received from the ECU core when a query is requested and returns a 32-bit result.

For diagnostic testing of the ECU subsystem, the supervisor module 20 injects an intentional error into each subsystem and uses the response of each subsystem to diagnose the failure of each subsystem. The ECU subsystem may include a register in the ECU, an internal bus, an interrupt, a trap system, and the like. The supervisor module 20 determines that each subsystem operates normally when an event such as an interrupt, a trap, or a callback occurs at the time of intentional error injection into each subsystem, , It can be determined that an abnormality has occurred in each subsystem.

The task monitoring of the ECU core is a task for verifying whether execution time and task flow scheduling are appropriate for the tasks performed by the ECU core. The supervisor module 20 calculates execution budget time for each task of the ECU core It is possible to perform task monitoring of the ECU core by presetting, inspecting the start sequence, confirming whether the OS for the vehicle is operating normally, or the like.

The security module 30 performs the process of authenticating the external device 100 accessing the watchdog device 10 for updating or modifying the watchdog software so that the software of the watchdog device 10 Thereby ensuring integrity.

The security module 30 may include a vehicle side one-time password generator 35, a vehicle side encryption unit 40, a vehicle side decryption unit 45, and a security control unit 50.

The vehicle-side one-time password generator 35 can generate a one-time password for connecting to the external device 100 when the external device 100 is connected and the software is updated. Generally, the vehicle-side one-time password generator 35 can generate a valid one-time password using a pre-assigned inherent secret key and time. That is, the vehicle-side one-time password generator 35 uses a time as a seed value together with a unique secret key, and applies a secret key and time to the encryption algorithm and the OTP generation algorithm to generate a six-digit secret code.

At this time, in order to generate the same one-time password as that of the watchdog device 10 in the external device 100, the server-side one-time password generator 111 of the external device 100 is also connected to the vehicle- The same secret key as the secret key 35 must be stored. That is, the secret key stored in the vehicle-side one-time password generator 35 of the watch dog device 10 and the secret key stored in the server-side one-time password generator 111 of the external device 100 must be the same, The same one-time password can be generated in the watchdog device 10. [

The vehicle-side one-time password generator 35 can generate two one-time passwords twice in order to access the external device 100. If the two one-time passwords are the first one-time password and the second one-time password, the vehicle-side one-time password generator 35 generates the first one-time password when the watchdog device 10 connects to the external device 100, If a response signal for the first one-time password is provided at the device 100, a second one-time password may be generated.

The vehicle side encryption unit 40 is capable of encrypting information provided to the external device 100 by using a plurality of encryption computation functions and a plurality of encryption algorithms, The encryption algorithm has a stored algorithm library. The vehicle side encryption unit 40 can double-encrypt information using one of a plurality of encryption operation functions stored in the operation library and one of a plurality of encryption algorithms stored in the algorithm library.

The vehicle-side encryption unit 40 stores a plurality of cryptographic computation functions using an encryption code and an operator, and the vehicle-side encryption unit 40 includes a plurality of encryption / One of a plurality of cryptographic computation functions is randomly selected to encrypt the information.

The encryption code included in the encryption operation function is previously tabulated and stored in the vehicle side encryption unit 40. [ The encryption code can be generated according to the length of the password corresponding to the one-time password for encryption or the ID of the watchdog device 10 registered in the external device 100. For example, if the one-time password or the password of the watchdog device 10 is six digits, the encryption code may be generated as shown in Table 1 below.

Hex Encryption Code Binary Encryption Code One 123456 0001 0010 0011 0100 0101 0110 2 A12345 1010 0001 0010 0011 0100 0101 3 AB1234 1010 1011 0001 0010 0011 0100 4 ABC123 1010 < / RTI > 5 D12345 1101 0001 0010 0011 0100 0101 6 DE1234 1101 1110 0001 0010 0011 0100 7 DEF123 1101 1110 1111 0001 0010 8 654321 0110 0101 0100 0011 0010 0001 9 A65432 1010 0110 0101 0100 0011 0010 10 AB6543 1010 1011 0110 0101 0100 0011

The length of the encryption code can be changed according to the designer, and can be formed to have a length corresponding to the length of the one-time password. However, the length of the encryption code need not be the same as the one-time password or the password length of the watchdog device 10. [

On the other hand, commonly used operators include logical operators such as XOR, OR, NOR, AND, NAND, and NOT, and arithmetic operators such as +, -, × and ÷. have.

The vehicle side encryption unit 40 may generate an encryption operation function in real time using the encryption code and the operator shown in Table 1 or may generate a plurality of encryption operation functions by pairing the encryption code and the operator in advance, It goes without saying that one can be selected and used.

For example, when the vehicle side encryption unit 40 generates an encryption operation function in real time, it can randomly select 8 encryption codes 654321 and select the logical operator XOR to generate an encryption operation function.

If the one-time password is 584263 and converted into a binary number, the following operation result can be calculated according to the encryption operation function.

Encryption code 0110 0101 0100 0011 0010 0001

One-time password 0101 1000 0100 0010 0110 0011

----------------------------------------------

XOR operation result 0011 1101 0000 0001 0100 0010

Accordingly, when the operation result is changed to hexadecimal, 3D0142 is obtained.

The vehicle side encryption unit 40 may perform the primary encryption process using the encryption computation function and then perform the secondary encryption process using the plurality of encryption algorithms. As the plurality of encryption algorithms, asymmetric encryption algorithms and symmetric encryption algorithms widely used at present can be used. The vehicle-side encryption unit 40 can use a random encryption algorithm for each encryption, use one encryption algorithm have.

In this embodiment, the use of the asymmetric key algorithm in the vehicle-side encryption unit 40 will be described as an example, but the scope of the present invention is not limited thereto.

When the asymmetric key algorithm is used, the external device 100 and the watchdog device 10 must have a public key of the external device 100, and the external device 100 has a private key unique to the external device 100 Must have. The vehicle side encryption unit 40 of the watchdog device 10 encrypts information using the public key of the external device 100 and the external device 100 encrypts the information using the secret key corresponding to the public key, The device 10 can decrypt the encrypted information.

The vehicle side encryption unit 40 of the watch dog device 10 performs a primary encryption process using an encryption computation function and re-encrypts the encrypted information in the primary encryption process using the public key of the external device 100 A second encryption process is performed.

On the other hand, the vehicle-side one-time password generator 35 generates a first one-time password and a second one-time password. When requesting authentication to the external device 100, the vehicle-side one-time password generator 35 sets the ID and password of the watchdog device 10, And transmits a second one-time password to the external device 100 when the external device 100 receives a response thereto.

Accordingly, when requesting authentication to the external device 100, the vehicle side encryption unit 40 first encrypts the ID and password of the watch dog device 10 and the first one-time password using the encryption calculation function, 100) by using an encryption algorithm using the public key of the public key. Likewise, the vehicle side encryption unit 40 first encrypts the second one-time password using the encryption operation function, and then encrypts the second one-time password using the encryption algorithm.

On the other hand, in the above-described embodiment, in the vehicle-side encryption unit 40, when encrypting the ID and password of the watch dog device 10 and the first one-time password, a primary encryption process using an encryption calculation function, It is needless to say that the ID and password of the watchdog device 10 and the first one-time password may be encrypted using only the encryption algorithm.

When the ID and password of the watchdog device 10 and the first one-time password are encrypted using only the encryption algorithm, the vehicle-side encryption unit 40 encrypts the ID and password of the encrypted watchdog device 10, the first one- It is possible to grasp the cryptographic computation function used in the external apparatus 100 by decoding the corresponding information if the information is transmitted to the external apparatus 100 and the encrypted information is provided in the external apparatus 100 in response thereto. Accordingly, the vehicle-side encryption unit 40 first encrypts the second one-time password using the encryption computation function used in the external apparatus 100, selects one of the plurality of encryption algorithms, encrypts the second one-time password can do.

If the second one-time password is encrypted using the encryption operation function used in the external device 100 and transmitted to the external device 100, since the external device 100 already knows the encryption operation function, The password can be decrypted. In the case of the asymmetric encryption algorithm, the vehicle side encryption unit 40 of the watch dog device 10 encrypts the public key of the external device 100 using the public key of the external device 100, It is possible to easily decrypt secondary encryption.

The vehicle-side decoding unit 45 can decode the information provided from the external device 100 in an encrypted form. When providing information to the watchdog device 10, the external device 100 first encrypts and transmits the information using an encryption calculation function. At this time, the information provided by the external device 100 is a response first one-time password generated by the external device 100 with respect to the first one-time password provided by the watch dog device 10. [ Since the vehicle-side decoding unit 45 has information on a plurality of cryptographic computation functions used by the vehicle-side encryption unit 40, the information provided from the external apparatus 100 is input to each cryptographic computation function to decrypt the information .

That is, when the first one-time password is provided from the external device 100, the vehicle-side decoding unit 45 has a decryption function that can find the first one-time password using the encryption code and the operator as follows. For example, if the first one-time password is 584263 and XORed with the encryption code 8, the watchdog device 10 is provided with 3D0142. At this time, since the first one-time password received from the external device 100 is regarded as the first one-time password 584263 transmitted to the watchdog device 10, the vehicle-side decryption unit 45 uses the encryption code and the operator Can be found.

First one-time password 0101 1000 0100 0010 0110 0011

Encryption code XXXX XXXX XXXX XXXX XXXX XXXX

___________________________________________________________

Encrypted first one-time password 0011 1101 0000 0001 0100 0010

When the operator decides to select XOR as the operator in the vehicle side decoding unit 45, 0110 0101 0100 0011 0010 0001 is calculated by the encryption code, and the vehicle side decoding unit 45 determines that the encryption code is the 8th encryption code Find out. Accordingly, the vehicle-side decoding unit 45 can transmit the information that the encryption code is 8 and the operator is XOR to the vehicle-side encryption unit 40. [ On the other hand, when attempting to decrypt the operator by using OR, AND, etc., the encrypted code calculated by the decryption does not belong to the encrypted code list, so that the vehicle side decryption unit 45 can easily grasp the operator.

The security control unit 50 is connected to the external device 100 to update or modify the software of the watchdog device 10. The security control unit 50 includes a vehicle side one-time password generator 35, a vehicle side encryption unit 40, The user can control the connection authentication process with the external device 100 by controlling the operation of the external device.

When the security control unit 50 is connected to the external device 100, the vehicle-side one-time password generator 35 is operated to generate the first one-time password, and the ID and password of the watchdog device 10, The password is provided to the vehicle side encryption unit 40 so as to be encrypted. If the vehicle-side encryption unit 40 encrypts the ID and password of the watchdog device 10 and the first one-time password through two encryption operation functions and encryption algorithms, or encrypts only with the encryption algorithm, the encrypted watchdog device 10 and the first one-time password to the external device 100 to request approval.

If the external device 100 encrypts and provides the response first time password in response to an approval request from the watchdog device 10, the security control unit 50 transmits the encrypted response first one-time password to the vehicle side decryption unit 45, . When the vehicle-side decryption unit 45 decrypts the response first one-time password to grasp the encryption code and the operator, the security control unit 50 controls the vehicle-side one-time password generator 35 to generate the second one-time password .

Then, the security control unit 50 transmits the second one-time password to the vehicle side encryption unit 40 so as to be encrypted. At this time, in the vehicle side encryption unit 40, the second one-time password is firstly encrypted using the encryption code and the operator identified by the vehicle side decryption unit 45, and one of the encryption algorithms is randomly selected, And may transmit the encrypted second one-time password to the external device 100. [ When the external device 100 confirms the second one-time password and approves the right to download data for updating or modifying the software from the external device 100 to the watchdog device 10, The downloading of data from the storage unit 100 to the watchdog apparatus 10 can be started.

Meanwhile, the security control unit 50 disconnects the high-speed communication bus connecting the wireless communication terminal 200 and the watch dog device 10 repeatedly when transmitting / receiving data with the external device 100 during the connection authentication process It is possible to delete the code related to the input / output function for updating the software.

That is, when the response first one-time password provided from the external device 100 is different from the first one-time password generated by the watch dog device 10, the security control unit 50 regenerates the first one-time password a predetermined number of times And can be repeatedly transmitted to the external device 100. [ If the number of times that the regenerated first one-time password is inconsistent with the regenerated first one-time password exceeds a preset number, the security control unit 50 can delete the code related to the input / output function supporting the software update.

The security control unit 50 continuously transmits a connection confirmation request signal to confirm connection with the wireless communication terminal 200 and provides a connection confirmation signal from the wireless communication terminal 200 in response to the connection confirmation request signal Can receive. Here, the connection confirmation request signaling connection confirmation signal can use the Heart Bit signal.

If the security control unit 50 transmits the connection confirmation request signal but does not receive the connection confirmation signal, it can determine that the high-speed communication bus line is disconnected and the connection with the wireless communication terminal 200 is disconnected. For example, it can be determined that the connection with the wireless communication terminal 200 is forcibly disconnected from the outside and the unauthorized device is connected. Accordingly, the security control unit 50 can delete the code related to the input / output function supporting the software update and correction.

When the security controller 50 repeatedly transmits the erroneous first one-time password in the external device 100 or the communication with the wireless communication terminal 200 is disconnected, the code related to the input / output function supporting the software update and correction It is possible to detect that the unauthorized external device 100 tries to make a connection, and to prevent the unauthorized external device 100 from changing the software of the watchdog device 10 by originally blocking it.

The external device 100 is an apparatus for updating and modifying the software of the watchdog device 10 and includes a security server 110 for authenticating connection with the watchdog device 10, a vehicle database 120, a software database 125, An apparatus-side control unit 130, and a wireless communication unit 135. [

The security server 110 may include a server side one-time password generator 111, a server side encryption unit 113, and a server side decryption unit 115.

The server-side one-time password generator 111, like the vehicle-side one-time password generator 35, can generate a valid one-time password using a pre-assigned unique secret key and time, To generate the one-time password, the same secret key as the vehicle-side one-time password generator 35 is stored.

The server-side one-time password generator 111, like the vehicle-side one-time password generator 35, can generate two one-time passwords.

When the watchdog device 10 generates the first one-time password and transmits it to the external device 100, the server-side one-time password generator 111 can generate the response first one-time password in response thereto. At this time, since the time is synchronized with the vehicle-side one-time password generator 35, the same one-time password can be generated on both sides. That is, the first one-time password and the response first one-time password are the same. Thus, when the response first one-time password generated by the server-side one-time password generator 111 is transmitted to the watch dog device 10, the watch dog device 10 compares the first one-time password with the response first one-time password It is judged whether or not they are the same.

In addition, the server-side one-time password generator 111 can generate a response second one-time password corresponding to the second one-time password when the second one-time password is transmitted from the watch dog device 10. Accordingly, the device-side control unit 130 compares the second one-time password from the watchdog unit 10 with the response second one-time password to determine whether they are the same or not.

The server-side encryption unit 113 can encrypt information provided to the watchdog apparatus 10 by using a plurality of cryptographic computation functions. The server-side encryption unit 113 can encrypt one of the response first one-time passwords by randomly selecting one of the plurality of encryption operation functions.

The server-side encryption unit 113 stores a plurality of encryption operation functions using an encryption code and an operator, and the server-side encryption unit 113 stores a plurality of encryption operation functions One of the functions is randomly selected to encrypt the information.

As the encryption code included in the encryption operation function, the same encryption code as that of the vehicle side encryption unit 40 is used, and an encryption code as illustrated in Table 1 can be used. The encryption code may be generated in the same length as the response first one-time password generated by the server-side one-time password generator 111, or may be generated in another length.

Operators can use logical operators such as XOR, OR, NOR, AND, NAND, NOT, and arithmetic operators such as +, -, ×, ÷.

The server-side encryption unit 113 may generate the encryption operation function in real time using the encryption code and the operator, generate a plurality of encryption operation functions by pairing the encryption code and the operator in advance, Of course, can be used.

The server side decryption unit 115 can decrypt the information provided from the watchdog device 10 and determine whether the information provided from the watchdog device 10 is encrypted through the primary encryption process or the secondary encryption process So that a different decoding process can be performed.

If the encrypted information is encrypted only through the second encryption process, that is, if only the encryption algorithm is used for encryption, the information is decrypted using a decryption algorithm corresponding to the encryption algorithm.

When the watchdog device 10 is connected to the external device 100, the watchdog device 10 encrypts an ID, a password, and a first one-time password for connection to the external device 100 and supplies the encrypted ID and password to the external device 100 At this time, the watchdog device 10 encrypts the information using only the encryption algorithm and transmits the encrypted information to the external device 100. Accordingly, the server-side decryption unit 115 decrypts the information using the ID and password of the watch dog device 10 and the decryption algorithm corresponding to the encryption algorithm used for encrypting the first one-time password. At this time, the server-side decryption unit 115 has a plurality of decryption algorithms for decrypting a plurality of encryption algorithms used in the vehicle-side encryption unit 40. [ Since the server side decryption unit 115 can not know which of the plurality of encryption algorithms the ID and password of the watch dog device 10 and the first one-time password are encrypted, it is possible to apply each decryption algorithm one by one, It attempts to decrypt the ID and password of the poison device 10 and the first one-time password.

For example, when the asymmetric key algorithm is used, the vehicle side encryption unit 40 performs encryption using the public key of the external device 100, and the server side decryption unit 115 encrypts And has the secret key of the external device 100 for decrypting one information. Accordingly, the server-side decryption unit 115 decrypts the ID and password of the watchdog device 10 encrypted and provided from the watchdog device 10 using the secret key of the external device 100, and decrypts the first one-time password .

If the encrypted information is passed through both the primary encryption process and the secondary encryption process, the server-side decryption unit 115 decrypts the information encrypted by the encryption algorithm function, the information encrypted with the encryption algorithm Can be decoded using all of the decryption algorithms for decrypting the information. At this time, the server-side decoding unit 115 can perform decoding in the order of decoding first using a decoding algorithm, and decoding using a decoding function, as opposed to an encrypted process.

The server side decryption unit 115 can decrypt the second one-time password using the decryption algorithm and the decryption function when the second one-time password is provided from the watchdog device 10 in an encrypted form. At this time, the server-side decryption unit 115 has information about the encryption operation function and the encryption algorithm which encrypt the second one-time password. When the server-side encryption unit 113 encrypts the response first one-time password and transmits it to the watchdog unit 10, the watchdog unit 10 decrypts the encrypted response first one-time password, And encrypts the second one-time password using the same encryption computation function and encryption algorithm and transmits the second one-time password to the external device 100. [ In other words, the server-side decryption unit 115 decrypts the second one-time password using the decryption function and the decryption algorithm corresponding to the encryption algorithm used for encrypting the response first one-time password in the server-side encryption unit 113, can do.

The vehicle database 120 stores information on vehicles registered in order to update or modify the software of the watchdog device 10 by connecting to the external device 100. [ The vehicle information includes vehicle history such as vehicle ID, password, vehicle model name, vehicle owner name, and update history information including the date and contents of the software update or modification of the watchdog device 10 can do.

The software of the watchdog device 10 is stored in the software database 125 according to the version. The update part and the file of the part to be modified are separately stored according to the version and date of the software.

The device-side control unit 130 receives the approval request data from the watchdog device 10 when the watchdog device 10 is connected, checks the approval request data, and updates or corrects the software in the watchdog device 10 It is possible to control the process of approving the connection to the external device 100. [

When the watchdog device 10 accesses the security server 110 and encrypts and transmits the authorization request data including the ID, the password and the first one-time password, the device-side control unit 130 transmits the authentication request data to the server- To allow the authorization request data to be decrypted. Then, it is determined whether information on the vehicle corresponding to the ID and the password of the decrypted watchdog device 10 exists in the vehicle database 120. If there is information on the vehicle, the server side one- (111) is operated to generate a response first one-time password. Then, the first one-time password provided by the watch dog device 10 is compared with the response first one-time password to determine whether they are the same.

If both are the same, the device-side control unit 130 provides the response first one-time password to the encryption unit so that the response first one-time password is encrypted using the encryption operation function and the encryption algorithm. On the other hand, if they are not the same, the device-side control unit 130 provides a message to the watchdog apparatus 10 to reject the connection.

The device-side control unit 130 encrypts and transmits the second one-time password in the watchdog device 10 having received the response first one-time password, and transmits the second one-time password to the server-side decryption unit 115 for decryption. Then, the device-side control unit 130 activates the server-side one-time password generator 111 to generate a response second one-time password, compares the second one-time password and the response second one-time password, and determines whether the two are identical .

If both are the same, the device-side control unit 130 connects to the external device 100 with the watchdog device 10 and provides an acknowledgment message to the watchdog device 10 that the software can be updated and modified, If not, the device-side control unit 130 provides a message to the watchdog apparatus 10 to reject the approval.

When the software update and modification of the watchdog device 10 are approved, the device-side control unit 130 transmits the software stored in the software database 125 to the watchdog device 10 at the request of the watchdog device 10 .

The wireless communication unit 135 wirelessly communicates with the wireless communication terminal 200 to transmit and receive information to and from the watchdog device 10 and can support various wireless communication methods such as Bluetooth, Wi-Fi, WLAN, Zigbee, and WiBro.

The wireless communication terminal 200 is a device that supports wireless communication between the watchdog device 10 and the external device 100 and includes a vehicle port 205, a wireless communication module 215, a terminal control unit 210, . ≪ / RTI >

One end of the communication line 150 for communication using the high-speed communication bus is connected to the vehicle-side port 205, and the watch dog device 10 is connected to the other end of the communication line 150. Here, the high-speed communication bus can use a high-speed CAN (Control Area Network) communication bus, a FlexRay communication bus, and a LIN (Local Interconnect Network).

The wireless communication module 215 is used to transmit and receive information to / from the external device 100 using a wireless communication method and can support various wireless communication methods such as Bluetooth, Wi-Fi, WLAN, Zigbee, and WiBro.

The terminal control unit 210 transmits information from the watchdog device 10 provided through the vehicle port 205 to the external device 100 via the wireless communication unit 135 and receives information through the wireless communication unit 135 Side port 205 to the watchdog device 10. [0064] The vehicle-side port 205 is connected to the vehicle-

Although the above embodiment has been described by way of example in which the watchdog device 10 wirelessly connects to the external device 100 using the wireless communication terminal 200 and the high-speed communication bus, the OBD (On Board Diagnosis) The external device 100 and the watchdog device 10 may be connected through a cable.

A process of securely connecting the watchdog device 10 to the external device 100 in the watchdog security system with such a configuration will now be described with reference to FIGS. 6 (a) and 6 (b).

The security control section 50 of the watch dog device 10 operates the vehicle side one-time password generator 35 to generate a first one-time password to access the external device 100 from the watchdog device 10 (S600 ). Then, the security control unit 50 activates the vehicle-side encryption unit 40 so that the ID and password of the watchdog device 10, and the first one-time password are secondarily encrypted using a randomly selected encryption algorithm (S605 ). When the encryption is completed, the security controller 50 transmits the ID and password of the encrypted watchdog device 10 and the first one-time password to the external device 100 through the wireless communication terminal 200 (S610).

Upon receiving the ID and password of the watchdog device 10 encrypted by the watchdog device 10 and the first one-time password, the external device 100 activates and decrypts the server-side decryption unit 115 (S615). At this time, the server-side decryption unit 115 decrypts the ID, the password and the first one-time password of the watch dog device 10 by applying a plurality of encryption algorithms.

Upon completion of the decryption, the device-side control unit 130 checks whether the ID and the password of the watch dog device 10 are present in the vehicle database 120 (S620). If the ID and password of the watchdog device 10 are not present in the vehicle database 120 as a result of the check, a connection rejection message is generated and transmitted to the watchdog device 10 (S625). On the other hand, if the ID and password of the watchdog device 10 are present in the vehicle database 120, the device-side control unit 130 operates the server-side one-time password generator 111 to generate a response first The one-time password is generated (S630). Then, the response first one-time password is compared with the first one-time password provided from the watchdog device 10 to determine whether they are the same (S635).

If both are not the same, the device-side control unit 130 generates a connection rejection message and transmits it to the watchdog device 10 (S640). If both are identical, the device-side control unit 130 operates the server-side encryption unit 113 to encrypt the response first one-time password (S645), and transmits the encrypted response first one-time password to the watchdog apparatus 10 (S650). At this time, the server-side encryption unit 113 randomly selects an encryption operation function from the operation library and encrypts the response first one-time password.

The security control unit 50 of the watchdog apparatus 10 operates the vehicle-side decoding unit 45 to decode the response first one-time password (S655). At this time, the vehicle-side decoding unit 45 decodes the response first one-time password using a decoding function for decoding the encryption calculation function. When the decryption is completed, the security controller 50 compares the first one-time password and the first one-time password to determine whether they are the same (S660).

If both are not the same, the security control unit 50 repeats steps S600 to S660 (S665). If the number of repetitions exceeds the preset number of times (S667), the security control unit 50 deletes the code related to the software update input / output function (S669).

If they are the same, the security control unit 50 activates the vehicle-side one-time password generator 35 to generate a second one-time password (S670), activates the vehicle-side encryption unit 40 and encrypts the second one-time password (S675). At this time, the vehicle side encryption unit 40 encrypts the second one-time password using the encryption operation function used for encrypting the response first one-time password and the randomly selected encryption algorithm. Then, the security control unit 50 transmits the encrypted second one-time password to the external device 100 (S680).

The device-side control unit 130 of the external device 100 operates the device-side decryption unit to decrypt the encrypted second one-time password (S685), and operates the one-time password generator to generate a response second one-time password (S690). Then, the device-side control unit 130 compares the second one-time password and the response second one-time password to determine whether they are the same (S695). If the two are different, the device-side control unit 130 generates a connection rejection message and transmits the connection rejection message to the watchdog device 10 (S700). On the other hand, if they are the same, the device-side control unit 130 generates an authorization acknowledgment message for approving the right to download the software to be updated or modified by accessing the external device 100 by the watchdog device 10 (S705 , And transmits the generated permission grant message to the watchdog device 10 (S710). The watchdog device 10 receiving the permission acknowledgment message can access the external device 100 and download software to be updated or modified.

7 is a flowchart illustrating a method for preventing access to an unauthorized external device 100 in a watchdog security system according to the present invention.

The present watch dog device 10 and the wireless communication terminal 200 periodically or continuously transmit and receive signals to confirm the connection. The watchdog device 10 transmits a connection confirmation request signal for requesting confirmation of connection to the wireless communication terminal 200. The wireless communication terminal 200 transmits a connection confirmation signal to the watch dog device 10).

The security control unit 50 of the watchdog device 10 transmits a connection confirmation request signal (S750), and if the connection confirmation signal is not received from the wireless communication terminal 200 within a predetermined time (S755-N ), The code relating to the input / output function for software update is deleted (S760).

As described above, in this watchdog security system, when the watchdog device 10 is connected to the external device 100, using the one-time password, whether the one-time password generated between the watchdog device and the external device coincides with each other, It is possible to prevent hacking in multiple steps by judging authenticity and randomly selecting and using a plurality of encryption computation functions and a plurality of encryption algorithms. In addition, when the external device continuously transmits different one-time passwords, the input / output function related code for software update is deleted when the predetermined number of times is reached, and the input / output function related code for software update is deleted even when the wireless communication terminal is removed. Hacking can be prevented at the source. Accordingly, it is possible to prevent damage to persons and property that may occur when the watchdog device is hacked and the ECU can not be controlled.

The standard content or standard documents referred to in the above-mentioned embodiments constitute a part of this specification, for the sake of simplicity of description of the specification. Therefore, it is to be understood that the content of the above standard content and portions of the standard documents are added to or contained in the scope of the present invention.

The foregoing description is merely illustrative of the technical idea of the present invention, and various changes and modifications may be made by those skilled in the art without departing from the essential characteristics of the present invention. Therefore, the embodiments disclosed in the present invention are intended to illustrate rather than limit the scope of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.

10: Watchdog device 20: Supervisor module
30: Security module 35: Vehicle side one-time password generator
40: vehicle side encryption unit 45: vehicle side decoding unit
50: security control unit 100: external device
110: security server 111: server side one-time password generator
113: server-side encryption unit 115: server-side decryption unit
120: vehicle database 125: software database
130: apparatus-side control unit 135: wireless communication unit
200: wireless communication terminal 205:
210: terminal control unit 215: wireless communication module

Claims (28)

A supervisor module for monitoring and diagnosing an ECU (Electronic Control Unit) for controlling the configuration of the vehicle; And
And a security module for performing security authentication for updating or modifying the supervisor module software,
The security module includes:
A vehicle-side one-time password generator for generating a one-time password,
A vehicle side encryption unit for encrypting approval request data including the one-time password,
A vehicle-side decryption unit for decrypting authorization confirmation data including a response signal for the one-time password,
A security control unit for transmitting the approval request data encrypted in the vehicle side encryption unit to the security server and controlling the security authentication for the updater or modification of the supervisor module software using the approval confirmation data received from the security server, Wherein the watchdog device comprises: The method according to claim 1,
The vehicle side encryption unit performs a primary encryption process of encrypting data by selecting one of a plurality of encryption algorithm functions and a secondary encryption process of encrypting data by selecting one of a plurality of encryption algorithms; And performs encryption by applying at least one of the primary encryption process and the secondary encryption process according to the data. 3. The method of claim 2,
Wherein the encryption computation function includes a plurality of predetermined encryption codes and an operator; Wherein the vehicle-side encryption unit computes data with one of the plurality of encryption codes. The method of claim 3,
Wherein the plurality of cryptographic computation functions are comprised of mutually different cryptographic codes and operators. 5. The method of claim 4,
Wherein the operator uses one of a logical operator of XOR, OR, NOR, AND NAND and one of arithmetic operators of +, -, x, ÷, and so on. 3. The method of claim 2,
Wherein the encryption algorithm comprises a plurality of asymmetric key algorithms for encrypting data using a public key of the security server. 3. The method of claim 2,
Wherein the vehicle side decoding unit includes a plurality of decryption functions for decrypting data encrypted by the plurality of encryption computation functions and a plurality of decryption algorithms for decrypting the data encrypted by the plurality of encryption algorithms Watchdog device. The method according to claim 1,
The security control unit includes:
Transmitting the approval request data including the first one-time password encrypted in the vehicle-side encryption unit to the security server using a randomly selected encryption algorithm among the plurality of encryption algorithms, Decrypting the response first one-time password by operating the vehicle-side decoding unit when the corresponding response first one-time password is encrypted, and determining whether the response first one-time password matches the first one-time password A featured watchdog device. 9. The method of claim 8,
The security control unit includes:
If the first one-time password is equal to the response first one-time password, the second one-time password is generated so that the vehicle-side encryption unit encrypts the second one-time password and transmits the second one-time password to the security server Device. 10. The method of claim 9,
Wherein the vehicle-side encryption unit first encrypts the second one-time password using the encryption operation function used for encrypting the response first one-time password in the security server, and selects one of the plurality of encryption algorithms, Wherein the one-time password is secondarily encrypted. 9. The method of claim 8,
Wherein the vehicle-side decoding unit attempts to decrypt the response first one-time password by applying the plurality of encryption calculation functions one by one. 9. The method of claim 8,
The security control unit regenerates the first one-time password by a predetermined number of times and repeatedly transmits the first one-time password to the security server when the response first one-time password is different from the first one-time password, And deletes the input / output-related source code for supporting the update of the software when the number of times that the generated response first one-time password is inconsistent exceeds the predetermined number of times. The method according to claim 1,
Further comprising: a wireless communication terminal for wireless connection with an external device;
Wherein the security control unit transmits a connection confirmation request signal for checking the connection status to the wireless communication terminal through the high speed communication bus line and if the connection confirmation signal for responding to the connection confirmation request signal is not received within a predetermined time, And deletes the input / output-related source code supporting the update of the software. A watchdog device including a supervisor module for monitoring and diagnosing an electronic control unit (ECU) for controlling the configuration of the vehicle and a security module for performing security authentication for updating and correcting the supervisor module software; CLAIMS What is claimed is: 1. A watchdog security system comprising a security server for providing security authentication for a software update or modification operation of a device,
The security module of the watchdog device comprises:
A vehicle-side one-time password generator for generating a one-time password; a vehicle-side encryption unit for randomly selecting one of a plurality of encryption methods to encrypt approval request data including the vehicle-side one-time password; And a security controller for requesting a connection to the security server to request a connection and controlling security authentication for updating or modifying the supervisor module software using authorization confirmation data received from the security server;
The security server includes:
A server side encrypting unit for encrypting a response one-time password generated in response to a request from the watchdog unit by randomly selecting one of a plurality of encryption methods; And a device-side control unit for deciding security authentication of the watchdog device by comparing data stored in the data provided from the watchdog device with data stored in the device, Watchdog security system. 15. The method of claim 14,
The server side one-time password generator is synchronized in time with the same secret key as the vehicle-side one-time password generator under the control of the device-side control unit, and when the first one-time password is received from the watch dog device, Generates a one-time password, and generates a response second one-time password when a second one-time password is received from the watchdog device. 15. The method of claim 14,
Wherein the server side encryption unit encrypts the response one-time password using one of a plurality of encryption codes set in advance and a plurality of encryption operation functions including an operator. 15. The method of claim 14,
Wherein the server side decoding unit includes a plurality of decryption functions for decrypting the data encrypted by the plurality of encryption operation functions and a plurality of decryption algorithms for decrypting data encrypted by a randomly selected encryption algorithm among the plurality of encryption algorithms Wherein the watchdog security system comprises: 15. The method of claim 14,
Wherein the server side decryption unit decrypts the approval request data including the first one-time password provided from the watchdog device by using one of the plurality of decryption algorithms. 15. The method of claim 14,
Wherein the server-side encryption unit encrypts the content using one of a plurality of predetermined encryption codes and a plurality of encryption operation functions including an operator. 16. The method of claim 15,
Side control unit compares the first one-time password with the response first one-time password to determine whether or not they are the same and rejects connection of the watchdog device when the two are different. . 16. The method of claim 15,
Side control unit compares the second one-time password with the response second one-time password to determine whether or not they are the same, and when both are different, refuses connection of the watchdog device . A security method for a watchdog device including a supervisor module for monitoring and diagnosing an electronic control unit (ECU) for controlling the configuration of a vehicle and a security module for performing security authentication for updating or modifying the supervisor module software ,
A generating step of generating a first one-time password in the security module;
Encrypting authorization request data including the first one-time password by randomly selecting one of a plurality of encryption methods;
A request step of transmitting the encrypted approval request data to a security server to request authentication; And
And an authentication step of controlling security authentication for an updater or modification of the supervisor module software using approval confirmation data received from the security server. 23. The method of claim 22,
Wherein the encrypting step is a step of encrypting the approval request data including the first one-time password using a randomly selected public key among a plurality of public keys of the security server. 23. The method of claim 22,
Wherein the authentication step comprises:
Receiving at the security server a response first one-time password generated and encrypted corresponding to the first one-time password;
Decrypting the response first one-time password;
Determining whether the response first one-time password matches the first one-time password;
And disconnecting the connection with the security server if the response first one-time password and the first one-time password do not match. 25. The method of claim 24,
Wherein the authentication step comprises:
Generating a second one-time password if the response first one-time password matches the first one-time password;
Encrypting the second one-time password using one of a plurality of predetermined encryption codes and a plurality of encryption operation functions including an operator;
Encrypting the second one-time password using a randomly selected public key among a plurality of public keys of the security server;
And transmitting the second one-time password encrypted to the security server. delete 26. The method of claim 25,
If the response first one-time password is different from the first one-time password, regenerating the first one-time password a predetermined number of times and repeatedly transmitting the first one-time password to the security server; And
When the number of times that the first one-time password generated for the regenerated first one-time password is inconsistent exceeds the predetermined number, deleting the input-output-related source code for supporting the update of the software A method of securing a watchdog device. 23. The method of claim 22,
Transmitting a connection confirmation request signal for checking a connection status to a wireless communication terminal for wireless connection with an external device; And
And deleting the input / output-related source code supporting the update of the software if a connection confirmation signal responding to the connection confirmation request signal is not received within a predetermined time.
KR1020150044746A 2015-03-31 2015-03-31 Watchdog, security system and method for watchdog KR101675223B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150044746A KR101675223B1 (en) 2015-03-31 2015-03-31 Watchdog, security system and method for watchdog

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150044746A KR101675223B1 (en) 2015-03-31 2015-03-31 Watchdog, security system and method for watchdog

Publications (2)

Publication Number Publication Date
KR20160117731A KR20160117731A (en) 2016-10-11
KR101675223B1 true KR101675223B1 (en) 2016-11-11

Family

ID=57161943

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150044746A KR101675223B1 (en) 2015-03-31 2015-03-31 Watchdog, security system and method for watchdog

Country Status (1)

Country Link
KR (1) KR101675223B1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180045901A (en) * 2016-10-25 2018-05-08 주식회사 미래테크놀로지 V2X communication system
KR20180045900A (en) * 2016-10-25 2018-05-08 주식회사 미래테크놀로지 Security communication device
KR102002517B1 (en) * 2017-06-30 2019-07-22 주식회사 페스카로 Method and system for configuration of ecu security
KR102479036B1 (en) * 2022-07-29 2022-12-16 강원식 Method and System for Providing OTP to Integrated Emergency Broadcasting System

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013026964A (en) 2011-07-25 2013-02-04 Denso Corp Information update device for vehicle and information update method for vehicle
KR101350715B1 (en) 2012-07-09 2014-01-15 에스케이플래닛 주식회사 One time code authentication system using multiple networks and method thereof
JP2014514203A (en) 2011-03-29 2014-06-19 ボルボ ラストバグナー アーベー Safe repair data package

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101367621B1 (en) * 2012-06-28 2014-02-28 삼성에스디에스 주식회사 System and method for authentication based on one-time password

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014514203A (en) 2011-03-29 2014-06-19 ボルボ ラストバグナー アーベー Safe repair data package
JP2013026964A (en) 2011-07-25 2013-02-04 Denso Corp Information update device for vehicle and information update method for vehicle
KR101350715B1 (en) 2012-07-09 2014-01-15 에스케이플래닛 주식회사 One time code authentication system using multiple networks and method thereof

Also Published As

Publication number Publication date
KR20160117731A (en) 2016-10-11

Similar Documents

Publication Publication Date Title
CN106658493B (en) Key management method, device and system
CN103685214B (en) Safety access method for vehicle electronic control unit
CN109257374B (en) Security control method and device and computer equipment
CN111131313B (en) Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile
KR20190083336A (en) Security provisioning and management of devices
JP6731887B2 (en) Maintenance system and maintenance method
CN108616504B (en) Sensor node identity authentication system and method based on Internet of things
KR101675223B1 (en) Watchdog, security system and method for watchdog
CN106034123A (en) Authentication method, application system server and client
CN109714171B (en) Safety protection method, device, equipment and medium
CN108482308B (en) Electric vehicle safety control method and device, storage medium and electric vehicle
US20230237193A1 (en) Security processor configured to authenticate user and authorize user for user data and computing system including the same
US7213267B2 (en) Method of protecting a microcomputer system against manipulation of data stored in a storage assembly of the microcomputer system
CN112153646A (en) Authentication method, equipment and system
CN111901303A (en) Device authentication method and apparatus, storage medium, and electronic apparatus
CN113055340B (en) Authentication method and equipment
CN113766450A (en) Vehicle virtual key sharing method, mobile terminal, server and vehicle
CN112446982A (en) Method, device, computer readable medium and equipment for controlling intelligent lock
GB2582180A (en) Distributed authentication
JP2023102696A (en) Communication device, vehicle, communication method and program
JP2023084378A (en) Authentication system, server, on-vehicle device, authentication method, and authentication program
CN112702304A (en) Vehicle information verification method and device and automobile
CN110972141B (en) Information verification method and device, electronic equipment and readable storage medium
CN117251836B (en) Method, device, equipment and storage medium for logging in baseboard management controller
KR102411797B1 (en) Hardware-based vehicle cyber security system

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20191002

Year of fee payment: 4