TR2023010333A2 - A CYBER SECURITY SYSTEM THAT PROTECTS THE BRAIN OF VEHICLES FROM CYBER ATTACKS - Google Patents

Abstract

It is related to the cyber security system (10) to enable the access authorization to an electronic system (500) whose access is desired to be protected. Accordingly, its innovation consists of a control end (150) connected to the electronic system (500) to control the said electronic system (500), a processor unit connected to the said control end (150), to which the processor unit is associated to read and write data and user keys. and a cyber security module (100) having a memory unit (120) in which user authorizations corresponding to these user keys are stored and a communication unit (140) suitable for communicating with a mobile terminal; It will perform a facial recognition-based authentication via a server (300) with the image it receives from the said image capture unit (210), and if the authentication is successful, it will send a user key to the said cyber security module, which has previously been paired with the device. comprising a user terminal (200) having a terminal processor unit (230) arranged to send (100); If the user key received by the said processor unit of the cyber security module (100) from the said user terminal (200) matches the user keys in the memory unit (120), by activating the user authority corresponding to the user key with which the match occurs; It is configured to send the commands received from the user terminal (200) to the electronic system (500) within the user authority. Figure 1

Description

DESCRIPTION A CYBER SECURITY TECHNICAL FIELD THAT PROTECTS THE BRAIN OF VEHICLES FROM CYBER ATTACKS The invention relates to a cyber security system to enable the activation of access authorization to an electronic system whose access is desired to be protected. BACKGROUND ART Security systems are the integration of technological devices and tools designed to protect individuals and commercial areas, as well as information and other valuable assets, from unauthorized access, theft and various potential threats. The purpose of these systems is to detect possible risks early, take preventive measures against these risks and react quickly when necessary. Security systems in the technical field are quite diverse. These systems also include access control systems. Access Permission Devices are electronic or mechanical devices used to control and limit access to a specific area, information or device. These devices allow or block access when a person or system requests it, within the specified rules or conditions. Access permission devices are often used in physical security systems (door locks, turnstiles, etc.) and information technology security systems (encryption, authentication, etc.). These devices are used to prevent unauthorized access, protect privacy, and ensure the security of certain assets or information. These systems are used to ensure the security of a physical environment, such as controlling doors and regulating access permissions, from homes to offices, from hospitals to multi-storey buildings. These systems are usually integrated into areas we want to protect, for example a door control mechanism. This necessitates that such operations be carried out by an expert person when assembling the device or removing it from one system and adding it to another, in order to prevent physical or technical damage such as incorrect installation or incompatibility. This leads to extra costs and labor requirements. In addition, cyber security of vehicles has become vitally important today with the spread of digital technologies. In this context, it aims to keep this security at the highest level by using access control systems and granting only authorized users or applications access to important components and data in the vehicle. Such systems are built into the on-board computer system (ECU) so that it can restrict access to the on-board network system (e.g. CAN bus). However, since most of these technologies are designed as an electronic card integrated with the central unit of the vehicle, they are faced with various difficulties such as installation, maintenance and high cost. As a result, all the problems mentioned above have made it necessary to make an innovation in the relevant technical field. BRIEF DESCRIPTION OF THE INVENTION The present invention relates to a cyber security system to eliminate the above-mentioned disadvantages and bring new advantages to the relevant technical field. One purpose of the invention is to provide a cyber security system that protects electronic control systems against cyber attacks. Another aim of the invention is to introduce a cyber security system that increases the cyber security level of vehicles by monitoring the CAN lines directed to the vehicle brain. Another purpose of the invention is to present a cyber security module that is suitable for various environments, offers simple installation and does not cause incompatibility with existing electronic control systems. In order to achieve all the purposes mentioned above and that will emerge from the detailed explanation below, the present invention is a cyber security system to enable the activation of access authority to an electronic system whose access is desired to be protected. Accordingly, a control end connected to the electronic system to control the said electronic system, a processor unit connected to the said control end, a memory unit to which the processor unit is associated to read and write data and where the user keys and user authorizations corresponding to these user keys are stored, and a comprising a cyber security module with a communication unit suitable for communicating with the mobile terminal; It has a terminal processor unit arranged to perform a facial recognition-based authentication through a server with the image received from the said image capture unit and to send a user key to the said cyber security module, where the device matching process has been previously performed, if the authentication is successful. comprising the user terminal; If the user key received by the said processor unit of the cyber security module from the said user terminal matches the user keys in the memory unit, by activating the user authority corresponding to the user key in which the match occurs; It is configured to send the commands received from the user terminal to the electronic system within the user's authority. Thus, while only authorized persons can access an electronic system to which access is required to be protected, with authentication methods based on facial recognition, the cyber security level of these electronic systems is also increased. The feature of a possible embodiment of the invention is that the said electronic system is a vehicle control system. Thus, vehicles are protected against cyber security attacks. The feature of another possible embodiment of the invention is that said cyber security module includes a body and a pairing mark provided on said body, in which information regarding a device pairing process is embedded; If the terminal processor unit receives the image of the matching sign through the image capture unit, it is configured to detect the information contained in the matching sign and to perform the device matching process with the cyber security module according to the information in question. The feature of another possible embodiment of the invention is that the said matching sign is a QR code. The feature of another possible embodiment of the invention is that the user terminal is configured to save the registration information received from the electronic system into a registration memory. This ensures that basic information about the electronic system is stored. The feature of another possible embodiment of the invention is that the said registration memory is provided on the server or in the user terminal. Thus, the information stored in the electronic system is analyzed and a report is prepared about the operation of the system. The feature of another possible embodiment of the invention is that the said control end is suitable for connection to vehicle CAN lines. The feature of another possible embodiment of the invention is that the said control end is designed to connect and control each CAN line of the vehicle independently. Thus, CAN lines directed to the vehicle's brain are independently protected against cyber threats. This increases the cyber security level of the vehicle. BRIEF DESCRIPTION OF THE FIGURE A representative view of the cyber security system is given in Figure 1. A schematic view of the cyber security system is given in Figure 2. DETAILED DESCRIPTION OF THE INVENTION In this detailed description, the cyber security system (10) that is the subject of the invention is only for a better understanding of the subject and will not create any limiting effect. It is explained with examples. Referring to Figure 1, this invention is a cyber security system (10) to enable access authorization to an electronic system (500) whose access must be protected. This cyber security system (10) is essentially an electronic system (500) whose access must be protected. 500) includes an electrically connectable cyber security module (100), a server (300) that controls authentication and authorization control, and a user terminal (200) that sends an access request to the cyber security module (100) with the authentication received from the server. A communication network (400) is provided between the server (200) and the server (300). Said electronic system (500) can be used as a vehicle control system, a door control system, etc. It can be any system whose access is desired to be protected, such as In a possible embodiment of the relevant system, a matching signal (130) is provided in the cyber security module (100). The match mark ensures the matching of the cyber security module (100) and the user terminal (200). The match mark (130) is scanned through the user terminal carrying the access permission holder's credentials and the credentials are transmitted to the cyber security module. This cyber security module, which contains user identification information, is connected to the electronic system intended to protect access via electrical cables. The electronic system to be protected here may be the "CAN" lines of a vehicle. The system to be protected can be a door that controls access to an area, any system of the vehicle, etc. It can be any system. This match mark 130 may be a QR code. Referring to Figure 2, the defined cyber security system (10) is the cyber security module (100), which has the capacity to connect electrically to an electronic system (500) and can establish a connection using a control end in the electronic environment, this cyber security module (100). ) consists of a user terminal (200) that requests access and a server (300) that carries out authentication and authorization processes. By establishing a wireless communication protocol between the relevant cyber security module (100) and the user terminal (200), the access request is transmitted and the digital key created by the user terminal (200) is transferred to the cyber security module (100). When access to the protected electronic system (500) is requested through the cyber security module (100), the image capture module in the user terminal (200) captures the instant facial image of the user. These captured facial images are verified with the authentication module located on a server (300). If the authentication processes are successful, a digital key related to the user is accessed in the user terminal (200). The digital key in question can be created by a key generation module or provided by the server (300). This generated digital key is transmitted to the cyber security module (100). The cyber security module (100) checks whether the transmitted digital key is compatible with the predefined digital key within itself, and if compatibility is achieved, it grants access to the user. The cyber security module (100) checks whether the transmitted digital key is compatible with the predefined digital key within itself, and if compatibility is achieved, it grants access to the user. The relevant processor unit checks whether the digital key transmitted to the cyber security module (100) is compatible with the predefined digital key within itself, and if it is compatible, it grants access to the user. This processor may be the "ESP32" microcontroller. The processor unit (110) is associated with the specified memory unit (120). The memory unit 120 includes a combination of memory that can store data both permanently and temporarily. The specified communication unit (140) is a wireless communication module that transmits data between the cyber security module (100) and the user terminal (200). This wireless communication module can be a WiFi or Bluetooth. The structure of the specified control end (150) is suitable for connection to the CAN lines of the vehicle and is designed to connect and control each CAN line of the vehicle independently. The mentioned user terminal; (200) includes an image capture unit (210), an interface containing user information, a terminal processor unit (230), a terminal communication unit (240) and a registration memory (250) that stores the registration information received from the electronic system (500). The user information provided here may include the user's identity information, driver's license document information and facial images. Registration information is; It includes any information obtained by the sensors of the controlled system, such as odometer information, engine status and CAN line information. The image capture unit (210) in question may be a camera located on the user terminal (200). The user terminal (200) is a smart mobile phone, a computer, a tablet, a smartphone, etc. it could be. The terminal processor unit (230) is a processor module located in the server (300) and performs facial recognition and authentication processes. This processor module can be one of the processors such as a microprocessor, CPU, GPU. The terminal communication unit (240) may be a wireless communication module that performs wireless data exchange between the cyber security module (100) and the user terminal (200). In a possible implementation of the invention, a registration memory (250) that enables the loss of the registration information received from the electronic system (500) may be provided in the electronic system (500). The QR code matching technique and facial recognition-based authentication method mentioned above are known in the technical literature; Descriptions of these methods are presented below. QR code matching technique is a method in which the information they contain is matched, verified or transmitted by scanning QR codes between two or more items using QR (Quick Response) codes. Facial recognition-based authentication method is a method that confirms the identity of the individual by detecting the individual's facial details through a camera and matching this information with a database. The scope of protection of the invention is specified in the attached claims and cannot be limited to what is explained in this detailed description for exemplary purposes. Because it is clear that a person skilled in the art can produce similar structures in the light of what is explained above, without deviating from the main theme of the invention. TR

Claims (1)

1.STEMS . It is a cyber security system (10) that enables the activation of access authorization to an electronic system (500) whose access is desired to be protected; A control end (150) connected to the electronic system (500) in a way to control the said electronic system (500), a processor unit connected to the said control end (150), a processor unit associated with reading and writing data and user keys and these user keys. comprising a cyber security module (100) having a memory unit (120) in which the corresponding user authorizations are stored and a communication unit (140) suitable for communicating with a mobile terminal; It will perform a facial recognition-based authentication via a server (300) with the image it receives from the said image capture unit (210), and if the authentication is successful, it will send a user key to the said cyber security module, which has previously been paired with the device. comprising a user terminal (200) having a terminal processing unit (230) arranged to send (100); If the user key received by the said processor unit of the cyber security module (100) from the said user terminal (200) matches the user keys in the memory unit (120), by activating the user authority corresponding to the user key with which the match occurs; It is configured to send the commands received from the user terminal (200) to the electronic system (500) within the user authority. . It is a cyber security system (10) according to claim 1 and its feature is; The said electronic system (500) is a vehicle control system. . It is a cyber security system (10) according to claim 1 and its feature is; said cyber security module (100) includes a body (105) and a pairing mark provided on said body (105) in which information regarding a device pairing process is embedded; If the terminal processor unit (230) receives the image of the matching signal through the image capture unit (210), it is configured to detect the information contained in the matching signal and to perform the device matching process with the cyber security module (100) according to the said information. It is a cyber security system (10) according to claim 1 and its feature is; The said matching sign (130) is a QR code. It is a cyber security system (10) according to claim 1 and its feature is; The user terminal (200) is configured to save the registration information received from the electronic system (500) into a registration memory (250). It is a cyber security system (10) according to claim 5 and its feature is; The said registration memory (250) is provided on the server (300) or the user terminal (200). It is a cyber security system (10) according to claim 2 and its feature is; The said control end (150) is suitable for connection to vehicle CAN lines. It is a cyber security system (10) according to claim 7 and its feature is; The said control end (150) is designed to connect and control each CAN line of the vehicle independently. TR