KR20170055648A - Security communication device - Google Patents

Security communication device Download PDF

Info

Publication number
KR20170055648A
KR20170055648A KR1020150158565A KR20150158565A KR20170055648A KR 20170055648 A KR20170055648 A KR 20170055648A KR 1020150158565 A KR1020150158565 A KR 1020150158565A KR 20150158565 A KR20150158565 A KR 20150158565A KR 20170055648 A KR20170055648 A KR 20170055648A
Authority
KR
South Korea
Prior art keywords
otp
ecus
transmission
unit
communication
Prior art date
Application number
KR1020150158565A
Other languages
Korean (ko)
Inventor
정균태
Original Assignee
주식회사 미래테크놀로지
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 미래테크놀로지 filed Critical 주식회사 미래테크놀로지
Priority to KR1020150158565A priority Critical patent/KR20170055648A/en
Publication of KR20170055648A publication Critical patent/KR20170055648A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/40273Bus for use in transportation systems the transportation system being a vehicle

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present invention relates to a security communication apparatus for an internal network of an automobile, and more particularly, to a security communication apparatus for an internal network of an automobile, which comprises a plurality of ECUs connected to an internal network and communicating with each other by encrypting communication data using an OTP number ECUs communicate with each other via the internal network as a relay function that acts as a relay, ECUs mounted inside the vehicle to communicate with each other by using time-synchronized OTP number to encrypt the security by significantly improving the hacking The present invention relates to a security communication device for an internal network of an automobile, which can prevent malfunctioning of electric parts mounted on the vehicle by means of the self-running operation, and further improve the running stability during an autonomous driving operation.

Description

A security communication device of a vehicle internal network

The present invention relates to a security communication apparatus for an internal network of an automobile, and more particularly, to a security communication apparatus for an internal network of an automobile, which comprises a plurality of ECUs connected to an internal network and communicating with each other by encrypting communication data using an OTP number ECUs communicate with each other via the internal network as a relay function that acts as a relay, ECUs mounted inside the vehicle to communicate with each other by using time-synchronized OTP number to encrypt the security by significantly improving the hacking The present invention relates to a security communication device for an internal network of an automobile, which can prevent malfunctioning of electric parts mounted on the vehicle by means of the self-running operation, and further improve the running stability during an autonomous driving operation.

Recently, due to the changes in the automotive industry environment, the share of electronic components (hereinafter referred to as "electronic components") among components and systems in a vehicle is increasing, and the importance of software is also increasing. And communication between ECUs (Electronic Control Units) through a distributed network inside the vehicle, various functions and services are provided. Therefore, the importance of automotive functional safety is emphasized, and ISO 26262, an international standard for vehicle design considering functional safety, has been established. The automotive safety function improves the reliability of the product by reducing the failure rate of the electric parts of the vehicle, improves the safety of the driver through fault diagnosis and safety mechanism, and improves the availability of the vehicle through the product design process and maintenance system. And so on.

Furthermore, automobiles use information and communication technology to communicate with each other within the vehicle, between the vehicle (V2I), between the vehicle and the surrounding vehicle (V2V), and between the vehicle and the driver's smartphone To provide various services through the Internet. By introducing network communication to vehicles and vehicle parts, it will be possible to carry out community driving and autonomous driving, which are getting more attention in recent years.

However, these increases in electrical component and software footprints, and the provision of services by connectivity, may expose them to security risks.

For example, the creation of intentional errors in electrical components or software by security attacks can undermine the availability and safety guaranteed by functional safety.

However, ISO 26262 only analyzes risks by considering systematic design errors and random failures, and does not take into account the risks of security attacks, such as malfunctioning of vehicles or vehicle parts caused by malicious code or hacking.

1 is a view showing an internal network of an automobile having an autonomous driving function.

Four ECUs 1 to 4 are roughly arranged in the interior of the vehicle, and each of the ECUs 1 to 4 is configured to control a power train zone, a traveling environment sensing zone, a safeguard zone, and an electric component zone.

The powertrain zone includes an engine control, a transmission, a vehicle stability control, a brake control, a steering control, and a failure diagnosis, and the ECU 1 controls elements of the powertrain zone.

The traveling environment sensing zone includes sensor information, driving condition information, map information, GPS information, and failure diagnosis, and the ECU 2 provides information obtained in the traveling environment sensing zone to the peripheral device.

The safeguard zone includes door lock control, airbag control, seat belt control, and trouble diagnosis, and the ECU 3 controls components of the safeguard zone.

The electric parts zone includes light control, seat control, air conditioner control, heater control, and remote diagnosis, and the ECU 4 controls each component of the electric component zone.

The autonomous drive control unit 5 acquires information necessary for autonomous travel from each of the ECUs 1 to 4 and transmits control commands to the ECUs 1 to 4 for controlling the respective components using the learned information, So as to control autonomous travel.

In order to perform such autonomous travel, each of the ECUs 1 to 4, including the autonomous drive control unit 5, must freely communicate control information with each other in the internal network.

Usually, the internal network of the vehicle uses the CAN protocol, and communication between the vehicle and the external device is performed using the V2X communication technology.

However, since the conventional security and authentication functions are not provided for the communication in the internal network of the automobile, there is a problem that the self-driving of the vehicle is not normally performed due to the intrusion of the external hacker in the autonomous driving function, .

In order to solve the above problems, according to the present invention, there is provided a communication system including a plurality of ECUs connected to an internal network and communicating with each other by encrypting communication data using an OTP number in an intercommunication through an internal network, The communication between the ECUs mounted inside the automobile is encrypted by using the time synchronous OTP number, so that the security is greatly improved, so that the electric vehicle mounted on the vehicle by the hacking The present invention aims to provide a security communication device for an internal network of a vehicle which can prevent malfunctioning of parts and further improve the stability of driving during an autonomous driving operation.

According to an aspect of the present invention,

A plurality of ECUs connected by an internal network and communicating with each other by encrypting and decrypting communication data by using an OTP number when mutual communication is performed via an internal network;

A security relay unit that acts as a relay when the ECUs communicate with each other through an internal network; And a control unit.

According to the present invention, communication between ECUs mounted in a vehicle is encrypted using a time synchronous OTP number, so that security is greatly improved, so that electric parts mounted on the vehicle are not caused to malfunction due to hacking It is possible to expect an effect that the running stability can be further increased during the autonomous running operation.

1 is a view showing an internal network of a conventional automobile.
2 is a block diagram illustrating a secure communication device of the present invention.
3 is a view showing a configuration of a main part of the present invention;
4 is a flow chart showing the control process of the present invention.

Hereinafter, preferred embodiments of the present invention will be described with reference to the accompanying drawings.

According to the above drawings,

A plurality of ECUs (1-4) connected by an internal network and communicating with each other by encrypting and decrypting communication data by using an OTP number when mutual communication is performed via an internal network;

A security relay unit 10 that acts as a relay in communication between the ECUs 1 through 4 via an internal network; And a control unit.

In addition, the ECUs 1 through 4 generate different time synchronization type OTP numbers as different secret keys to encrypt and decrypt communication data.

The security relay unit 10 stores the secret key for the OTP used by each of the ECUs 1 to 4 and receives the transmission side communication data in the relay operation and transmits the OTP number Decrypts the communication data, generates an OTP number using the secret key of the reception-side ECUs 1 to 4, encrypts the decrypted communication data, and transmits the decrypted communication data to the reception-side ECUs 1 to 4 for relay.

The ECUs 1 to 4

An OTP module 300 for generating a time synchronous OTP number by using a unique secret key and current time information;

An encryption unit (100) for encrypting transmission data with the OTP number generated by the OTP module (300);

A decoding unit (200) for decoding received data into an OTP number generated by the OTP module (300);

And a control unit.

The security relaying unit 10

An OTP module that stores all the secret keys used by the respective ECUs 1 to 4 and generates a transmission OTP number and a reception OTP number by using a different secret key used by the transmission side ECU and the reception side ECU in the relay operation, (13);

A decoding unit (12) for decoding the transmission data transmitted from the transmission side ECU into a transmission OTP number generated by the OTP module (13);

An encryption unit (11) for encrypting the communication data decrypted by the decryption unit (12) with a reception OTP number generated by the OTP module (13); And a control unit.

The autonomous drive control unit 5 controls the respective components based on various types of travel related information provided by the respective ECUs 1 to 4 so that the autonomous drive control unit 5 can perform autonomous travel. Can also be wirelessly communicated.

2 schematically shows a secure communication device of the present invention.

At least four ECUs 1 to 4 are provided in the vehicle, and a larger number of ECUs may be installed depending on the type of vehicle.

An autonomous running control unit 5 is provided for the autonomous running function of the automobile and the configuration of each component of the automobile such as an engine, a steering apparatus, a transmission, etc. is controlled by the control operation of the autonomous running control unit 5 Elements are controlled to drive.

The autonomic driving control unit 5 controls the driving based on the driving information sensed by various sensors constituting the driving environment sensing zone.

The ECUs 1 to 4 connected to the internal network in the case of the autonomous running function or the general running are operated while exchanging information while communicating with each other. In the present invention, however, the ECUs 1 to 4 can secure the mutual communication .

To this end, a security relay unit 10 is provided for relaying security so that each of the ECUs 1 to 4 communicates with each other. The ECUs 1 to 4 generate time-synchronized OTP numbers when they communicate with each other, And the communication data is encrypted by using the generated OTP number so that the security performance can be improved.

Each of the ECUs 1 to 4 includes an encryption unit 100, a decryption unit 200, and an OTP module 300.

The OTP module 300 generates a time-synchronized OTP number by using a unique secret key and current time information. The encryption unit 100 encrypts the transmission data with the OTP number generated in the OTP module 300 And the decryption unit 200 decrypts the received data into the OTP number generated by the OTP module 300.

Even if the OTP module 300 installed in each of the ECUs 1 to 4 generates the time synchronous OTP number using the same secret key, the ECUs 1 to 4 can maintain security The OTP number is generated using another secret key, thereby further improving the security.

When the ECUs 1 to 4 installed in a car want to communicate with other ECUs, the encryption unit 100 encrypts transmission data as an OTP number generated by the OTP module 300 and transmits the encrypted data through the internal network, The decryption unit 200 decrypts the received data through the OTP number generated by the OTP module 300 and restores the received data to the original communication data, thereby improving security performance.

The security relay unit 10 applied to the present invention further includes an encryption unit 11, a decryption unit 12 and an OTP module 13. The OTP module 13 includes a plurality of ECUs 1 to 4 And a function of generating a transmission OTP number and a reception OTP number by using the other secret key used by the transmission-side ECU and the reception-side ECU at the time of the relay operation, and the decryption unit 12 The transmission data transmitted from the transmission side ECU is converted into a transmission OTP number generated by the OTP module 13. The encryption unit 11 transmits the communication data decoded by the decryption unit 12 to the OTP module 13 13) with the received OTP number.

The security relaying unit 10 transmits the encrypted communication data to the receiving-side ECU by the encryption unit 11. [

The secure communication function of the present invention will be described in more detail by way of example when two ECUs (1) and (2) communicate data as shown in FIG. 3 and FIG.

* First Embodiment *

And the ECU 1 transmits the first transmission newspaper to the ECU 2. Fig.

The OTP module 300 first generates OTP1 (OTP number) using the private key and the current time information inherent to the ECU 1, and transmits the OTP1 to the encryption unit 100, Encrypts the first transmission newspaper with the OTP1, and the ECU 1 transmits the first transmission newspaper encrypted with the OTP1 to the security relaying unit 10. [

The transmission paper includes transmission ECU information, reception ECU information, and body data, and encryption and decryption are performed only for body data.

The security relay unit 10 detects the transmission ECU information and the reception ECU information of the first transmission inquiry and provides the detected transmission ECU information to the OTP module 13. The OTP module 13 detects the transmission ECU information and the reception ECU information, To generate a transmission OTP (OTP1) used for encryption of the transmission-side ECU 1 and a reception OTP (OTP2) to be used for decoding of the reception-side ECU 2. [

The decryption unit 12 of the security relay unit 10 decrypts the first transmission newspaper transmitted from the ECU 1 using the transmission OTP (OTP1) generated in the OTP module 13, To OTP (OTP2) and transmits it to the ECU 2.

The OTP module 300 of the ECU 2 generates OTP2 using the secret key inherent to the ECU 2 and the decoding unit 200 of the ECU 2 decodes the received first transmission newspaper into OTP2 .

* Second Embodiment *

And the ECU 2 transmits the second transmission newspaper to the ECU 1. Fig.

The OTP module 300 first generates OTP2 (OTP number) using the private key and current time information inherent to the ECU 2, and transmits the OTP2 (OTP number) Encrypts the second transmission newspaper with OTP2, and the ECU 2 transmits the second transmission newspaper encrypted with OTP2 to the security relaying unit 10. [

When the second transmission newspaper is received, the security relaying unit 10 detects the transmission ECU information and the reception ECU information of the second transmission inquiry and provides it to the OTP module 13. The OTP module 13 transmits the transmission notification ECU information and the reception ECU information to the transmission ECU To generate a transmission OTP (OTP2) used for encryption of the transmission-side ECU 2 and a reception OTP (OTP1) to be used for decoding of the reception-side ECU 1. [

The decryption unit 12 of the security relay unit 10 decrypts the second transmission newspaper transmitted from the ECU 2 by using the transmission OTP (OTP2) generated in the OTP module 13, To OTP (OTP1) and transmits it to the ECU 1. [

The OTP module 300 of the ECU 1 generates OTP2 using the private key inherent to the ECU 1 and the decoding unit 200 of the ECU 1 decodes the received first transmission newspaper into OTP1 .

As described above, the security relay unit 10 stores all of the secret keys possessed by the respective ECUs 1 to 4, and uses the secret keys used in the transmission-side ECU and the reception-side ECU when relaying the communication data, A different OTP number is generated, the received data is decrypted using the OTP number, and the encrypted data is decrypted using another OTP number to perform a relay operation. Thus, a hacker intrudes from outside and is used in any one of the ECUs Even if the secret key is hacked, if the secret key of the other ECU is not known, the hacking objective can not be achieved. Therefore, it is possible to improve the security performance in the communication in the vehicle internal network.

1 to 4: ECU, 5: autonomous drive control unit,
10: Security relay,

Claims (5)

A plurality of ECUs connected by an internal network and communicating with each other by encrypting and decrypting communication data using an OTP number when mutual communication is performed via an internal network;
A security relay unit that acts as a relay when the ECUs communicate with each other through an internal network; And a second communication unit for communicating with the second communication unit.
The method according to claim 1,
Wherein the ECUs generate different time synchronization type OTP numbers as different secret keys to encrypt and decrypt communication data.
The method according to claim 1,
The security relay stores the OTP secret key used by each of the ECUs, receives the transmission side communication data during the relay operation, generates the OTP number using the secret key of the transmitting ECU, decrypts the communication data, Generates an OTP number with the key, encrypts the decrypted communication data, and transmits the decrypted communication data to the receiving-side ECU for relay.
The method according to claim 1,
The ECUs
An OTP module for generating a time synchronous OTP number by using a unique secret key and current time information;
An encryption unit for encrypting the transmission data with the OTP number generated by the OTP module;
A decoding unit for decoding the received data into an OTP number generated by the OTP module;
And a second communication unit for communicating with the second communication unit.
The method according to claim 1,
The security relay
An OTP module that stores all the secret keys used by the respective ECUs and generates a transmission OTP number and a reception OTP number by using a different secret key used by the transmission-side ECU and the reception-side ECU in the relay operation;
A decryption unit for decrypting the transmission data transmitted from the transmission-side ECU into a transmission OTP number generated by the OTP module;
An encryption unit for encrypting the communication data decrypted by the decryption unit with a reception OTP number generated by the OTP module; And a second communication unit for communicating with the second communication unit.
KR1020150158565A 2015-11-12 2015-11-12 Security communication device KR20170055648A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150158565A KR20170055648A (en) 2015-11-12 2015-11-12 Security communication device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150158565A KR20170055648A (en) 2015-11-12 2015-11-12 Security communication device

Publications (1)

Publication Number Publication Date
KR20170055648A true KR20170055648A (en) 2017-05-22

Family

ID=59049920

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150158565A KR20170055648A (en) 2015-11-12 2015-11-12 Security communication device

Country Status (1)

Country Link
KR (1) KR20170055648A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102018216241A1 (en) 2017-09-25 2019-03-28 Hyundai Mobis Co., Ltd. A data communication method and apparatus for a vehicle network
KR20200135775A (en) * 2018-01-29 2020-12-03 나그라비젼 에스에이 Secure communication between electronic control units in the vehicle
WO2024117297A1 (en) * 2022-11-30 2024-06-06 주식회사 시옷 Mass vehicle data collection and secure transmission processing method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102018216241A1 (en) 2017-09-25 2019-03-28 Hyundai Mobis Co., Ltd. A data communication method and apparatus for a vehicle network
KR20200135775A (en) * 2018-01-29 2020-12-03 나그라비젼 에스에이 Secure communication between electronic control units in the vehicle
US11916924B2 (en) 2018-01-29 2024-02-27 Nagravision S.A. Secure communication between in-vehicle electronic control units
WO2024117297A1 (en) * 2022-11-30 2024-06-06 주식회사 시옷 Mass vehicle data collection and secure transmission processing method

Similar Documents

Publication Publication Date Title
CN108698563B (en) Secure smartphone-based access and start authorization system for vehicles
Woo et al. A practical wireless attack on the connected car and security protocol for in-vehicle CAN
EP3297247B1 (en) In-vehicle encrypted networking
EP3348036B1 (en) Unauthorized access event notificaiton for vehicle electronic control units
US20190281052A1 (en) Systems and methods for securing an automotive controller network
CN104429042B (en) Control unit remote-control key pairing based on certificate
JP5643765B2 (en) Control method of vehicle engine system
CN107483393B (en) Communication method, server and communication system of Internet of vehicles
US11924353B2 (en) Control interface for autonomous vehicle
KR20080075801A (en) Secure unit
JP5772692B2 (en) In-vehicle control device authentication system and in-vehicle control device authentication method
KR20170055648A (en) Security communication device
CN102514544A (en) Engine anti-theft system
US11657715B2 (en) Method for providing a safe operation of subsystems within a safety critical system
KR20180045900A (en) Security communication device
US11218309B2 (en) Vehicle communication system and vehicle communication method
US9665707B2 (en) Systems and methods for cyber security of intra-vehicular peripherals powered by wire
KR20180045901A (en) V2X communication system
CN114511949A (en) Biometric authentication type vehicle start with paired sensor and key intrusion detection
CN113783879A (en) Carrier control method, system, carrier, equipment and medium
JP5985845B2 (en) Electronic key registration method
Dagan et al. Vehicle Safe-Mode, Limp-Mode in the Service of Cyber Security
EP3618385B1 (en) Method and arrangement for encoding/decoding a signal at a first and second communication node in a road vehicle
KR20210094405A (en) Secure system using freshness value sync up
TWI535314B (en) Car control regional network system

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E601 Decision to refuse application