KR20170055648A - Security communication device - Google Patents
Security communication device Download PDFInfo
- Publication number
- KR20170055648A KR20170055648A KR1020150158565A KR20150158565A KR20170055648A KR 20170055648 A KR20170055648 A KR 20170055648A KR 1020150158565 A KR1020150158565 A KR 1020150158565A KR 20150158565 A KR20150158565 A KR 20150158565A KR 20170055648 A KR20170055648 A KR 20170055648A
- Authority
- KR
- South Korea
- Prior art keywords
- otp
- ecus
- transmission
- unit
- communication
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0872—Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Small-Scale Networks (AREA)
Abstract
The present invention relates to a security communication apparatus for an internal network of an automobile, and more particularly, to a security communication apparatus for an internal network of an automobile, which comprises a plurality of ECUs connected to an internal network and communicating with each other by encrypting communication data using an OTP number ECUs communicate with each other via the internal network as a relay function that acts as a relay, ECUs mounted inside the vehicle to communicate with each other by using time-synchronized OTP number to encrypt the security by significantly improving the hacking The present invention relates to a security communication device for an internal network of an automobile, which can prevent malfunctioning of electric parts mounted on the vehicle by means of the self-running operation, and further improve the running stability during an autonomous driving operation.
Description
The present invention relates to a security communication apparatus for an internal network of an automobile, and more particularly, to a security communication apparatus for an internal network of an automobile, which comprises a plurality of ECUs connected to an internal network and communicating with each other by encrypting communication data using an OTP number ECUs communicate with each other via the internal network as a relay function that acts as a relay, ECUs mounted inside the vehicle to communicate with each other by using time-synchronized OTP number to encrypt the security by significantly improving the hacking The present invention relates to a security communication device for an internal network of an automobile, which can prevent malfunctioning of electric parts mounted on the vehicle by means of the self-running operation, and further improve the running stability during an autonomous driving operation.
Recently, due to the changes in the automotive industry environment, the share of electronic components (hereinafter referred to as "electronic components") among components and systems in a vehicle is increasing, and the importance of software is also increasing. And communication between ECUs (Electronic Control Units) through a distributed network inside the vehicle, various functions and services are provided. Therefore, the importance of automotive functional safety is emphasized, and ISO 26262, an international standard for vehicle design considering functional safety, has been established. The automotive safety function improves the reliability of the product by reducing the failure rate of the electric parts of the vehicle, improves the safety of the driver through fault diagnosis and safety mechanism, and improves the availability of the vehicle through the product design process and maintenance system. And so on.
Furthermore, automobiles use information and communication technology to communicate with each other within the vehicle, between the vehicle (V2I), between the vehicle and the surrounding vehicle (V2V), and between the vehicle and the driver's smartphone To provide various services through the Internet. By introducing network communication to vehicles and vehicle parts, it will be possible to carry out community driving and autonomous driving, which are getting more attention in recent years.
However, these increases in electrical component and software footprints, and the provision of services by connectivity, may expose them to security risks.
For example, the creation of intentional errors in electrical components or software by security attacks can undermine the availability and safety guaranteed by functional safety.
However, ISO 26262 only analyzes risks by considering systematic design errors and random failures, and does not take into account the risks of security attacks, such as malfunctioning of vehicles or vehicle parts caused by malicious code or hacking.
1 is a view showing an internal network of an automobile having an autonomous driving function.
Four
The powertrain zone includes an engine control, a transmission, a vehicle stability control, a brake control, a steering control, and a failure diagnosis, and the
The traveling environment sensing zone includes sensor information, driving condition information, map information, GPS information, and failure diagnosis, and the
The safeguard zone includes door lock control, airbag control, seat belt control, and trouble diagnosis, and the
The electric parts zone includes light control, seat control, air conditioner control, heater control, and remote diagnosis, and the
The autonomous
In order to perform such autonomous travel, each of the
Usually, the internal network of the vehicle uses the CAN protocol, and communication between the vehicle and the external device is performed using the V2X communication technology.
However, since the conventional security and authentication functions are not provided for the communication in the internal network of the automobile, there is a problem that the self-driving of the vehicle is not normally performed due to the intrusion of the external hacker in the autonomous driving function, .
In order to solve the above problems, according to the present invention, there is provided a communication system including a plurality of ECUs connected to an internal network and communicating with each other by encrypting communication data using an OTP number in an intercommunication through an internal network, The communication between the ECUs mounted inside the automobile is encrypted by using the time synchronous OTP number, so that the security is greatly improved, so that the electric vehicle mounted on the vehicle by the hacking The present invention aims to provide a security communication device for an internal network of a vehicle which can prevent malfunctioning of parts and further improve the stability of driving during an autonomous driving operation.
According to an aspect of the present invention,
A plurality of ECUs connected by an internal network and communicating with each other by encrypting and decrypting communication data by using an OTP number when mutual communication is performed via an internal network;
A security relay unit that acts as a relay when the ECUs communicate with each other through an internal network; And a control unit.
According to the present invention, communication between ECUs mounted in a vehicle is encrypted using a time synchronous OTP number, so that security is greatly improved, so that electric parts mounted on the vehicle are not caused to malfunction due to hacking It is possible to expect an effect that the running stability can be further increased during the autonomous running operation.
1 is a view showing an internal network of a conventional automobile.
2 is a block diagram illustrating a secure communication device of the present invention.
3 is a view showing a configuration of a main part of the present invention;
4 is a flow chart showing the control process of the present invention.
Hereinafter, preferred embodiments of the present invention will be described with reference to the accompanying drawings.
According to the above drawings,
A plurality of ECUs (1-4) connected by an internal network and communicating with each other by encrypting and decrypting communication data by using an OTP number when mutual communication is performed via an internal network;
A
In addition, the
The
The
An
An encryption unit (100) for encrypting transmission data with the OTP number generated by the OTP module (300);
A decoding unit (200) for decoding received data into an OTP number generated by the OTP module (300);
And a control unit.
The
An OTP module that stores all the secret keys used by the
A decoding unit (12) for decoding the transmission data transmitted from the transmission side ECU into a transmission OTP number generated by the OTP module (13);
An encryption unit (11) for encrypting the communication data decrypted by the decryption unit (12) with a reception OTP number generated by the OTP module (13); And a control unit.
The autonomous
2 schematically shows a secure communication device of the present invention.
At least four
An autonomous
The autonomic
The
To this end, a
Each of the
The
Even if the
When the
The
The
The secure communication function of the present invention will be described in more detail by way of example when two ECUs (1) and (2) communicate data as shown in FIG. 3 and FIG.
* First Embodiment *
And the
The
The transmission paper includes transmission ECU information, reception ECU information, and body data, and encryption and decryption are performed only for body data.
The
The
The
* Second Embodiment *
And the
The
When the second transmission newspaper is received, the
The
The
As described above, the
1 to 4: ECU, 5: autonomous drive control unit,
10: Security relay,
Claims (5)
A security relay unit that acts as a relay when the ECUs communicate with each other through an internal network; And a second communication unit for communicating with the second communication unit.
Wherein the ECUs generate different time synchronization type OTP numbers as different secret keys to encrypt and decrypt communication data.
The security relay stores the OTP secret key used by each of the ECUs, receives the transmission side communication data during the relay operation, generates the OTP number using the secret key of the transmitting ECU, decrypts the communication data, Generates an OTP number with the key, encrypts the decrypted communication data, and transmits the decrypted communication data to the receiving-side ECU for relay.
The ECUs
An OTP module for generating a time synchronous OTP number by using a unique secret key and current time information;
An encryption unit for encrypting the transmission data with the OTP number generated by the OTP module;
A decoding unit for decoding the received data into an OTP number generated by the OTP module;
And a second communication unit for communicating with the second communication unit.
The security relay
An OTP module that stores all the secret keys used by the respective ECUs and generates a transmission OTP number and a reception OTP number by using a different secret key used by the transmission-side ECU and the reception-side ECU in the relay operation;
A decryption unit for decrypting the transmission data transmitted from the transmission-side ECU into a transmission OTP number generated by the OTP module;
An encryption unit for encrypting the communication data decrypted by the decryption unit with a reception OTP number generated by the OTP module; And a second communication unit for communicating with the second communication unit.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150158565A KR20170055648A (en) | 2015-11-12 | 2015-11-12 | Security communication device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150158565A KR20170055648A (en) | 2015-11-12 | 2015-11-12 | Security communication device |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20170055648A true KR20170055648A (en) | 2017-05-22 |
Family
ID=59049920
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150158565A KR20170055648A (en) | 2015-11-12 | 2015-11-12 | Security communication device |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20170055648A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102018216241A1 (en) | 2017-09-25 | 2019-03-28 | Hyundai Mobis Co., Ltd. | A data communication method and apparatus for a vehicle network |
KR20200135775A (en) * | 2018-01-29 | 2020-12-03 | 나그라비젼 에스에이 | Secure communication between electronic control units in the vehicle |
WO2024117297A1 (en) * | 2022-11-30 | 2024-06-06 | 주식회사 시옷 | Mass vehicle data collection and secure transmission processing method |
-
2015
- 2015-11-12 KR KR1020150158565A patent/KR20170055648A/en not_active Application Discontinuation
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102018216241A1 (en) | 2017-09-25 | 2019-03-28 | Hyundai Mobis Co., Ltd. | A data communication method and apparatus for a vehicle network |
KR20200135775A (en) * | 2018-01-29 | 2020-12-03 | 나그라비젼 에스에이 | Secure communication between electronic control units in the vehicle |
US11916924B2 (en) | 2018-01-29 | 2024-02-27 | Nagravision S.A. | Secure communication between in-vehicle electronic control units |
WO2024117297A1 (en) * | 2022-11-30 | 2024-06-06 | 주식회사 시옷 | Mass vehicle data collection and secure transmission processing method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108698563B (en) | Secure smartphone-based access and start authorization system for vehicles | |
Woo et al. | A practical wireless attack on the connected car and security protocol for in-vehicle CAN | |
EP3297247B1 (en) | In-vehicle encrypted networking | |
EP3348036B1 (en) | Unauthorized access event notificaiton for vehicle electronic control units | |
US20190281052A1 (en) | Systems and methods for securing an automotive controller network | |
CN104429042B (en) | Control unit remote-control key pairing based on certificate | |
JP5643765B2 (en) | Control method of vehicle engine system | |
CN107483393B (en) | Communication method, server and communication system of Internet of vehicles | |
US11924353B2 (en) | Control interface for autonomous vehicle | |
KR20080075801A (en) | Secure unit | |
JP5772692B2 (en) | In-vehicle control device authentication system and in-vehicle control device authentication method | |
KR20170055648A (en) | Security communication device | |
CN102514544A (en) | Engine anti-theft system | |
US11657715B2 (en) | Method for providing a safe operation of subsystems within a safety critical system | |
KR20180045900A (en) | Security communication device | |
US11218309B2 (en) | Vehicle communication system and vehicle communication method | |
US9665707B2 (en) | Systems and methods for cyber security of intra-vehicular peripherals powered by wire | |
KR20180045901A (en) | V2X communication system | |
CN114511949A (en) | Biometric authentication type vehicle start with paired sensor and key intrusion detection | |
CN113783879A (en) | Carrier control method, system, carrier, equipment and medium | |
JP5985845B2 (en) | Electronic key registration method | |
Dagan et al. | Vehicle Safe-Mode, Limp-Mode in the Service of Cyber Security | |
EP3618385B1 (en) | Method and arrangement for encoding/decoding a signal at a first and second communication node in a road vehicle | |
KR20210094405A (en) | Secure system using freshness value sync up | |
TWI535314B (en) | Car control regional network system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |