WO2022085863A1 - Can 버스 물리 계층에서 해킹된 노드의 대처 방법, can 버스에서 노드 id 자동 설정을 통한 물리 계층 보안 방법, 이를 수행하기 위한 기록 매체 및 시스템 - Google Patents
Can 버스 물리 계층에서 해킹된 노드의 대처 방법, can 버스에서 노드 id 자동 설정을 통한 물리 계층 보안 방법, 이를 수행하기 위한 기록 매체 및 시스템 Download PDFInfo
- Publication number
- WO2022085863A1 WO2022085863A1 PCT/KR2020/019184 KR2020019184W WO2022085863A1 WO 2022085863 A1 WO2022085863 A1 WO 2022085863A1 KR 2020019184 W KR2020019184 W KR 2020019184W WO 2022085863 A1 WO2022085863 A1 WO 2022085863A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- node
- bus
- nid
- physical layer
- setting
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 89
- 238000001514 detection method Methods 0.000 claims abstract description 23
- 230000000903 blocking effect Effects 0.000 claims abstract description 6
- 230000010485 coping Effects 0.000 claims description 32
- 238000004891 communication Methods 0.000 claims description 29
- 230000008569 process Effects 0.000 claims description 19
- 230000005540 biological transmission Effects 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 6
- 230000008859 change Effects 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 16
- 238000004088 simulation Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 6
- 230000007257 malfunction Effects 0.000 description 4
- 230000002411 adverse Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L12/40052—High-speed IEEE 1394 serial bus
- H04L12/40104—Security; Encryption; Content protection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
Definitions
- the present invention relates to a method of coping with a hacked node in the CAN bus physical layer, a physical layer security method through automatic node ID setting in the CAN bus, and a recording medium and system for performing the same, and more particularly, to a malicious attack on the CAN bus.
- the intrusion detection system increments the error counter of the internal attack node and separates it from the bus to prevent malicious attacks. It relates to physical layer security technology that distinguishes.
- ECUs Electronic Control Units
- CAN Controller Area Network
- One of the characteristics of the CAN bus is that the addresses of nodes participating in communication do not exist. This has many advantages such as simultaneous transmission and multiple transmission, but at the same time provides security vulnerabilities.
- the nodes connected to the CAN bus do not have addresses, so one of the nodes participating in the communication is hacked by a hacker and a malicious data frame There is a difficulty in identifying which electronic control device is the problem even if it is transmitted.
- a hacked node can overload the CAN bus by sending malicious data frames, malfunction other nodes, or steal other normal nodes, which can be a great risk to user safety. Therefore, it is necessary to prepare for an accident by identifying malicious nodes occurring on the CAN bus and responding quickly.
- ECU Electronic Control Unit
- CAN Controller Area Network
- Patent Document 1 JP 4232603 B2
- Patent Document 2 KR 10-1332339 B1
- Patent Document 3 KR 10-2009-0065260 A
- an object of the present invention is to provide a coping method of a node hacked in the CAN bus physical layer so that it can respond immediately to various attack scenarios.
- Another object of the present invention is to provide a recording medium in which a computer program for performing a method of coping with a hacked node in the CAN bus physical layer is recorded.
- Another object of the present invention is to provide a system for performing a coping method of a hacked node in the CAN bus physical layer.
- Another object of the present invention is to provide a physical layer security method through automatic node ID setting on a CAN bus in such a way that a unique ID is automatically assigned to an individual node every time it boots.
- Another object of the present invention is to provide a recording medium in which a computer program for performing a physical layer security method through automatic node ID setting on the CAN bus is recorded.
- Another object of the present invention is to provide an apparatus for performing a physical layer security method through automatic node ID setting on the CAN bus.
- a method for dealing with a node hacked in the CAN bus physical layer is a unique ID that is different for a plurality of nodes connected to a CAN (Controller Area Network) bus line.
- setting a Node ID (NID) determining an error frame when at least one of a node using a forged NID, a node using another NID, and a node using a non-existent NID is found; increasing counts of Transmit Error Counter (TEC) and Receive Error Counter (REC) of a transmitting node and a receiving node whenever the error frame is generated; and blocking a node having a TEC or REC greater than a set threshold by bus-off (off).
- TEC Transmit Error Counter
- REC Receive Error Counter
- a node with an impersonated NID may detect hacking.
- an Intrusion Detection System an intrusion detection system detects hacking when a node using another NID or a node using a non-existent NID is found.
- the step of setting the NID, which is a different unique ID, for each of the plurality of nodes connected to the CAN bus line may include setting the lower 4 bits of the message ID area to the NID value when transmitting the data frame. there is.
- the step of increasing the counts of TECs and RECs of the transmitting node and the receiving node each time the error frame is generated includes: when the error frame is generated, the TEC of the transmitting node is incremented by 8; In the case of a node, the REC of the node that generated the first error frame can be increased by 8, and the REC of other nodes can be increased by 1.
- the method of dealing with a node hacked in the CAN bus physical layer may further include: decrementing the counts of TECs and RECs of the transmitting node and the receiving node whenever a message is successfully transmitted. there is.
- the step of blocking a node in which the TEC or REC becomes greater than a set threshold by bus-off may separate the node when the TEC or REC of the node becomes greater than 256.
- a computer program for performing a method for coping with a hacked node in the CAN bus physical layer is recorded.
- a system for coping with a hacked node in a CAN bus physical layer is connected to a CAN (Controller Area Network) bus line and NID (Node) which is a different unique ID, respectively.
- CAN Controller Area Network
- NID Node
- ID is set for a plurality of nodes; an Intrusion Detection System (IDS) that analyzes the contents of a data frame loaded on the CAN bus line to determine whether a node has been hacked; Each time the error frame is generated, the TEC (Transmit Error Counter) and REC (Receive Error Counter) counts of the sending node and the receiving node are incremented, and whenever a message is successfully transmitted, the TEC and REC of the sending node and the receiving node counter to decrement the count of; and a Node Expulsion System (NES) that is mounted on the plurality of nodes and the IDS, respectively, and blocks a node having a TEC or REC greater than a set threshold by bus-off.
- IDS Intrusion Detection System
- the NES of the node to which the impersonated NID is set may detect hacking.
- the NES of the IDS can detect hacking there is.
- the NID of each node may be set in the lower 4 bits of the message ID area when transmitting a data frame.
- the physical layer security method through automatic node ID setting in the CAN bus starts a clock count and reaches a threshold when nodes connected to a controller area network (CAN) bus line are booted up. transmitting a data frame by setting a Temporary ID (TID) upon arrival; Nodes that detect a recessive signal during clock count operation or that detect a recessive signal before completing clock count and generating a Tx (Transmitter) signal have NID (Node ID), which is a unique ID of each node that appears on the bus saving the; setting the TID of the node receiving the Ack signal transmitted from the IDS transmitting the data frame with the TID set as the NID; and when the CAN bus enters the idle (IDLE) state, the clock count starts again, and when the clock count reaches the set value, the TID is set to a value obtained by adding 1 to the last NID displayed on the bus line, and the data frame is transmitted.
- TID Temporary ID
- Tx Transmitter
- the method may further include notifying the nodes that the NID setting is complete and the nodes starting communication.
- the set NID can be transmitted by writing the set NID in the lower 4 bits of the message ID area when transmitting the data frame.
- the physical layer security method through automatic node ID setting in the CAN bus when nodes with the same NID transmit different data at the same time, when transmitting a data frame, a data field bit error occurs in the ; if a bit error occurs, storing at which bit of the data field the error occurs; and determining that the same NID is set without transmitting an error frame and changing the NID when a bit error continuously occurs in the same place for a preset number of times.
- a node that does not transmit data transmits Arbitration field RTR data. generating an error in the process of receiving; when a node transmits a data frame, a node that does not transmit data continuously checks whether its NID appears on a CAN bus a preset number of times; and determining that the same NID is set and changing the own NID when the own NID continuously appears for a preset number of times.
- the step of storing NID (Node ID), which is a unique ID of each node different from each other appearing on the bus, initializes a clock count and waiting for the communication to end; may further include.
- the threshold value of the clock count may be set to 16'hFFFF.
- a computer program for performing a physical layer security method through automatic node ID setting on the CAN bus is recorded.
- the nodes connected to the CAN (Controller Area Network) bus line are booted up.
- the TID Temporal ID
- the data frame is transmitted
- the TID of the node receiving the Ack signal transmitted from the IDS that transmitted the data frame with the TID set is set to a different TID.
- an automatic ID setting unit that sets each node's unique ID, NID (Node ID); an NID storage unit for detecting a recessive signal during a clock count operation or storing NIDs of nodes that have detected a recessive signal before completing a clock count and generating a Tx (Transmitter) signal; State machine that starts clock counting again when the CAN bus enters idle (IDLE) state, sets TID to the NID last displayed on the bus line plus 1 when clock count reaches the set value, and transmits a data frame; and a transmission buffer configured to start communication by transmitting an error frame from the IDS when the NIDs of all nodes connected to the bus line are set to notify each node that the NID setting is complete.
- NID Node ID
- NID storage unit for detecting a recessive signal during a clock count operation or storing NIDs of nodes that have detected a recessive signal before completing a clock count and generating a Tx (Transmitter) signal
- the physical layer security device through automatic node ID setting in the CAN bus is implemented on a CAN controller, and when nodes with the same NID transmit different data at the same time, it is possible to transmit a data frame.
- a bit error occurs in the data field, it stores the number of bits in the data field where the error occurs. If it is determined that the same NID has been set without transmitting, the NID is changed, and one of the nodes with the same NID configured transmits data.
- a node that does not transmit data checks whether its NID continuously appears a preset number of times on the CAN bus, and if its own NID appears consecutively a preset number of times, the same NID is You can determine that it has been set and change your own NID.
- the intrusion detection system increments the error counter of the internal attack node and separates it from the bus to prevent malicious attacks.
- NID Node ID
- IDS Intrusion Detection System
- CAN Controller Area Network
- NID Node ID
- FIG. 1 is a block diagram of a system for coping with a hacked node in a CAN bus physical layer according to an embodiment of the present invention.
- FIG. 2 is a table showing a data range that can be transmitted according to the MID and DLC of the node to which the NID is set in FIG. 1 .
- FIG. 3 is a diagram showing a state change of a node according to TEC and REC.
- FIG. 4 is a view showing a process of coping with a general attack according to the present invention.
- FIG. 5 is a diagram showing a process of coping with a spoofing attack according to the present invention.
- FIG. 6 is a flowchart of a coping method of a node hacked in a CAN bus physical layer according to an embodiment of the present invention.
- FIG. 7 is a diagram showing a simulation waveform of an operation to cope with a general attack according to the present invention.
- FIG. 8 is a diagram showing a simulation waveform of an operation to cope with a spoofing attack according to the present invention.
- FIG. 9 is a block diagram of a physical layer security device through automatic node ID setting on a CAN bus according to an embodiment of the present invention.
- FIG. 10 is a diagram illustrating a process of automatically setting an NID according to the present invention.
- FIG. 11 is a diagram for explaining a case in which nodes to which the same NID is set simultaneously transmit data according to the present invention.
- FIG. 12 is a diagram for explaining a process in which a bit error occurs in the data field in the case of FIG. 11 .
- 13 is a diagram for explaining a case in which one of the nodes to which the same NID is set transmits data according to the present invention.
- FIG. 14 is a diagram for explaining a process in which a bit error occurs in the arbitration field in the case of FIG. 13 .
- 15 is a table showing a range of data that can be transmitted according to the MID and DLC of the node to which the NID is set in the present invention.
- 16 is a diagram for explaining a process in which the IDS copes with an attack in the present invention.
- 17 is a flowchart of a physical layer security method through automatic node ID setting in a CAN bus according to an embodiment of the present invention.
- FIG. 18 is a diagram showing a simulation result of a process in which a unique ID of a node is automatically assigned while the CAN bus is booted.
- 19 is a diagram showing a simulation result of a coping operation against a CAN bus internal attack.
- FIG. 1 is a block diagram of a system for coping with a hacked node in a CAN bus physical layer according to an embodiment of the present invention.
- FIG. 2 is a table showing a data range that can be transmitted according to the MID and DLC of the node to which the NID is set in FIG. 1 .
- CAN Controller Area Network
- the intrusion detection system increases the error counter of the internal attack node.
- a technique to prevent malicious attacks by separating them from the bus.
- a CAN controller equipped with the technique proposed in the present invention can be implemented using Verilog HDL.
- the system 1 includes a plurality of nodes (Node A, B, C, D) connected to a CAN bus line, an Intrusion Detection System (IDS), a counter (not shown) and an NES ( Node Expulsion System).
- Node A, B, C, D nodes connected to a CAN bus line
- IDS Intrusion Detection System
- NES Node Expulsion System
- Nodes A, B, C, and D are connected to a controller area network (CAN) bus line, and a unique ID (NID) that is different from each other is set.
- CAN controller area network
- NID unique ID
- NID Node ID
- the NID acts as a fingerprint, so it is possible to know which node is transmitting the data frame.
- the CAN bus according to the present invention additionally connects an Intrusion Detection System (IDS), which is an intrusion detection system.
- IDS Intrusion Detection System
- the range of data that can be transmitted is pre-determined according to MID (Message ID) and DLC (Data Length Code). Set in , and update IDS and nodes in advance.
- MID Message ID
- DLC Data Length Code
- the IDS determines whether the node has been hacked by analyzing the contents of the data frame loaded on the CAN bus line.
- the counter increments the TEC (Transmit Error Counter) and REC (Receive Error Counter) counts of the sending node and the receiving node whenever the error frame is generated, and each time a message is successfully transmitted, the Decrease the count of TEC and REC.
- the NES is mounted on the plurality of nodes and the IDS, respectively, and blocks a node having a TEC or REC greater than a set threshold by bus-off.
- TEC Transmit Error Counter
- REC Receive Error Counter
- any node finds an error, it generates an error frame, at which time the TEC of the transmitting node is increased by 8.
- the REC of the node that first generated the error frame increases by 8
- the REC of the other node increases by 1.
- the TEC and REC of the sending node and the receiving node are each decreased by 1. 3 shows node state changes according to TEC and REC. In the error active state, normal transmission/reception is performed, but when TEC or REC is 128 or higher, the error passive state becomes error-passive, and transmission/reception is somewhat restricted.
- the present invention proposes a technique for preventing a node transmitting a malicious data frame from overloading the bus or attacking other nodes by making the node that transmits a malicious data frame in a bus-off state using this.
- CAN Bus Attack Scenarios There are three main attack scenarios in the CAN bus. After occupying a node, a message pattern can be identified through sniffing, and a malicious data frame can be transmitted through a general attack. may overload the node or cause other nodes to malfunction.
- a spoofing attack that transmits a malicious data frame while pretending to be another node may be performed.
- the attack scenario is as follows.
- sniffing is to identify patterns by looking at messages communicating on the bus using nodes occupied through hacking. No harm is done to the CAN bus at this stage.
- Scenario 2 a normal attack detects a message pattern through sniffing and then sends a malicious data frame using the occupied node.
- Scenario 3 is a spoofing attack.
- the general attack and the spoofing attack are the same in that they transmit a malicious data frame, but the spoofing attack differs in that the occupied node pretends to be another node.
- the Node Expulsion System which is a function to expel a hacked node by sending an error frame, is a function added to the present invention that is not present in a general CAN bus.
- the NES may be implemented by adding a circuit for outputting an error frame to the CAN controller when a specific condition is satisfied.
- the NES is installed in both each node and the IDS.
- the NES attached to the forged node continues to transmit an error frame whenever the node transmits, so the node is blocked from transmitting and the TEC is increased, resulting in a bus-off state.
- the intrusion detection system when a malicious data frame is detected on the CAN bus, the intrusion detection system increases the error counter of the internal attack node and separates it from the bus, thereby preventing malicious attacks.
- FIG. 6 is a flowchart of a coping method of a node hacked in a CAN bus physical layer according to an embodiment of the present invention.
- the coping method of a node hacked in the CAN bus physical layer may proceed in substantially the same configuration as the system 1 of FIG. 1 . Accordingly, the same components as those of the system 1 of FIG. 1 are given the same reference numerals, and repeated descriptions are omitted.
- the coping method of a node hacked in the CAN bus physical layer may be executed by software (application) for coping with a node hacked in the CAN bus physical layer.
- the intrusion detection system increments the error counter of the internal attack node and separates it from the bus to prevent malicious attacks.
- a Node ID which is a unique ID different from each other for a plurality of nodes connected to a controller area network (CAN) bus line.
- NID Node ID
- the lower 4 bits of the message ID area can be set as the NID value.
- step S20 When at least one of a node using a forged NID, a node using a different NID, and a node using a non-existent NID is found, it is determined as an error frame (step S20).
- each node has its own NID set, when a node using a forged NID is found, the impersonated node with the NID set can detect hacking.
- the Intrusion Detection System an intrusion detection system, can detect hacking.
- the TEC Transmit Error Counter
- REC Receiveive Error Counter
- the TEC of the transmitting node may be increased by 8, and in the case of the receiving node, the REC of the node that first generated the error frame may be increased by 8, and the REC of the other node may be increased by 1.
- the counts of the TEC and REC of the sending node and the receiving node may be decremented.
- step S40 When the TEC or REC becomes greater than the set threshold (step S40), the node is blocked by bus-off (step S50). For example, if a node's TEC or REC becomes greater than 256, that node can be detached.
- the intrusion detection system increments the error counter of the internal attack node and separates it from the bus to prevent malicious attacks.
- NID Node ID
- IDS Intrusion Detection System
- CAN Controller Area Network
- NES is installed in the existing CAN controller, designed with Verilog HDL, and simulated with ModelSim.
- the NIDs of the four CAN nodes were set to 4, 8, 16, and 32, and since sniffing does not have an immediate adverse effect, only two types of attacks, a normal attack and a spoofing attack, were simulated.
- the present invention proposes a method capable of coping with various attack scenarios that may occur in the CAN bus by modifying the existing CAN controller.
- Such a method of coping with a node hacked in the CAN bus physical layer may be implemented as an application or implemented in the form of program instructions that may be executed through various computer components and recorded in a computer-readable recording medium.
- the computer-readable recording medium may include program instructions, data files, data structures, etc. alone or in combination.
- the program instructions recorded in the computer-readable recording medium are specially designed and configured for the present invention, and may be known and available to those skilled in the computer software field.
- Examples of the computer-readable recording medium include hard disks, magnetic media such as floppy disks and magnetic tapes, optical recording media such as CD-ROMs and DVDs, and magneto-optical media such as floppy disks. media), and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
- Examples of program instructions include not only machine language codes such as those generated by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like.
- the hardware device may be configured to operate as one or more software modules for carrying out the processing according to the present invention, and vice versa.
- FIG. 9 is a block diagram of a physical layer security device through automatic node ID setting on a CAN bus according to an embodiment of the present invention.
- the physical layer security device (10, hereinafter device) through automatic node ID setting in the CAN bus proposes physical layer security in which a unique ID is automatically assigned to an individual node when the CAN bus is booted.
- the device 10 includes an automatic ID setting unit 110 , an NID storage unit (not shown), a state machine 180 , and a transmission buffer 140 .
- the apparatus 10 of the present invention may implement the proposed technique in a CAN controller using Verilog HDL.
- the CAN controller may be implemented in a CAN system or may be implemented in a node on a CAN bus.
- the device 10 of the present invention may further include at least one of a Clock DivIDer 120 , a Bit Time Logic 130 , a Receive FIFO Buffer 150 , an Acceptance Filter 160 , and a CRC 170 .
- a Clock DivIDer 120 may further include at least one of a Clock DivIDer 120 , a Bit Time Logic 130 , a Receive FIFO Buffer 150 , an Acceptance Filter 160 , and a CRC 170 .
- software for performing physical layer security through automatic node ID setting on a CAN bus may be installed and executed, and the automatic ID setting unit 110, the NID storage unit ( (not shown), the configuration of the state machine 180 and the transmission buffer 140 will be controlled by software for performing physical layer security through automatic node ID setting on the CAN bus running on the device 10 .
- the device 10 may be a separate terminal or a part of a module of the terminal.
- the configuration of the automatic ID setting unit 110 , the NID storage unit (not shown), the state machine 180 , and the transmission buffer 140 may be formed as an integrated module or may be formed of one or more modules. .
- each configuration may be configured as a separate module.
- the device 10 may be mobile or stationary.
- the apparatus 10 may be in the form of a server or an engine, and may be a device, an application, a terminal, a user equipment (UE), a mobile station (MS), or a wireless device. (wireless device), may be called other terms such as a handheld device (handheld device).
- the device 10 may execute or manufacture various software based on an operating system (OS), that is, the system.
- OS operating system
- the operating system is a system program for software to use the hardware of the device, and is a mobile computer operating system such as Android OS, iOS, Windows Mobile OS, Bada OS, Symbian OS, Blackberry OS and Windows series, Linux series, Unix series, It can include all computer operating systems such as MAC, AIX, and HP-UX.
- the present invention copes with a CAN bus attack as shown in FIG. 10 .
- hardware such as an Intrusion Detection System (IDS) and a Node Expulsion System (NES) is used.
- IDS Intrusion Detection System
- NES Node Expulsion System
- the IDS analyzes the contents of the data frame to determine whether the currently transmitting node is a hacked node.
- NES is a block that performs the function of expelling a specific node designated as a hacked node by the IDS from the CAN bus. It is a function not found in the general CAN bus.
- IDS always monitors the CAN bus, and if a node transmits a malicious data frame, it detects that the node has been hacked by analyzing the data content. After that, whenever a hacked node transmits, the NES generates an error frame regardless of data content to block transmission.
- the hacked node continuously increases the transmission error count every time it transmits data, passes the error passive state and goes into a bus-off state, making it impossible to transmit any more.
- unique IDs are assigned to all nodes inside the CAN bus as shown in FIG. 10 .
- the present invention proposes a method of automatically assigning a unique ID to each node when the CAN bus boots.
- the automatic ID setting unit 110 starts a clock count when nodes connected to a controller area network (CAN) bus line are booted up and sets a TID (Temporary ID) when a threshold is reached to create a data frame. send Thereafter, the TID of the node receiving the Ack signal transmitted from the IDS that transmitted the data frame with the TID set is set as a unique ID (NID) of each node.
- TID Temporal ID
- the NID storage unit (not shown) detects a recessive signal during a clock count operation or stores NIDs of nodes that have detected a recessive signal before completing the clock count and generating a Tx (Transmitter) signal.
- the state machine 180 starts clock counting again when the CAN bus enters the idle (IDLE) state.
- the TID is set to a value added by 1 to the last NID displayed on the bus line. Send a data frame.
- the IDS transmits an error frame to notify each node that the NID setting has been completed to start communication.
- NID Node ID
- the method of setting NID uses the point that 'all oscillators have errors.
- Nodes that detect a recessive signal during clock count operation or that detect a recessive signal before generating a Tx (Transmitter) signal after completing clock count are the other nodes using the CAN bus first. It initializes, waits for communication to end, and remembers the NID that appears on the bus.
- the IDS that has transmitted the TID-set data frame sends an Ack signal.
- the node that receives the Ack signal from the IDS sets the TID to the NID.
- the clock count starts again.
- the clock count reaches the set value, the TID is set to the last NID displayed on the bus plus 1, and the data frame is transmitted.
- the IDS sends an error frame to notify each node that the NID setting is complete, and the nodes start communication.
- the CAN bus when the CAN bus boots up, it sets a unique ID for each node based on a clock count. As shown in FIG. 2 , all nodes start counting clocks as soon as they are booted. Since there is a deviation in the clock oscillator circuit, when the clock count of a node first reaches 16'hFFFF, at that moment, the ID of the node is set to 1 and the data frame is transmitted.
- the set address is set as a unique ID.
- the clock count is initialized and the clock count is increased. At this time, each node stores the number of initialization times of the clock count.
- the clock starts counting again, and when the clock count reaches 16'hFFFF, the clock count initialization count is calculated by adding 1 to it.
- the calculated value is converted into a unique ID set to
- the other nodes have their clock counts initialized
- 2 and the other nodes also reset their clock counts. In this way, the addresses of all nodes connected to the bus are set.
- nodes with the same unique ID transmit data at the same time, there are cases where the same data is transmitted and there are cases where different data are transmitted.
- the reason for determining that the same NID is set because a bit error occurs at the same position in the data field three consecutive times is as follows.
- the probability of bit errors due to noise or CAN bus problems is However, the probability of a bit error at the same place in the data field three consecutive times is because it is very small.
- the TEC of a normal node may be increased unnecessarily.
- node 1 when one of the nodes set with the same unique ID transmits data, a node that does not transmit data 2 generates an error in the process of receiving the Arbitration field RTR data. Looking at the process in which an error occurs in the arbitration field, as shown in FIG. 14 , node 1 transmits an error frame and increases REC because its NID appears on the CAN bus even though it is not in a transmitting state.
- node 4 Since node 4, which is transmitting data, has received an error frame, the TEC increases and node 4 transmits the data frame again when it enters the bus idle (IDLE) state. In addition, an error is generated while node 1 receives the arbitration field RTR data again.
- IDLE bus idle
- the NID acts as a fingerprint, so you can know which node is transmitting the data frame.
- IDS Intrusion Detection System
- MID Message ID
- DLC Data Length Code
- 16 is a process of coping with an attack in which a hacked node overloads the CAN bus or malfunctions another node by transmitting a malicious data frame.
- 17 is a flowchart of a physical layer security method through automatic node ID setting in a CAN bus according to an embodiment of the present invention.
- the physical layer security method through automatic node ID setting in the CAN bus may proceed in substantially the same configuration as the device 10 of FIG. 9 . Accordingly, the same components as those of the device 10 of FIG. 9 are given the same reference numerals, and repeated descriptions are omitted.
- the physical layer security method through automatic node ID setting in the CAN bus may be executed by software (application) for performing physical layer security through automatic node ID setting in the CAN bus.
- the present invention proposes a physical layer security that automatically assigns a unique ID to an individual node when the CAN bus is booted.
- a threshold value eg, 16'hFFFF
- TID Temporal ID
- Nodes that detect a recessive signal during clock count operation or that detect a recessive signal before completing clock count and generating a Tx (Transmitter) signal have NID (Node ID), which is a unique ID of each node that appears on the bus is stored (step S200).
- the node initializes the clock count and waits for the communication to end.
- the set NID can be transmitted by writing the set NID in the lower 4 bits of the message ID area when transmitting the data frame.
- the TID of the node receiving the Ack signal transmitted from the IDS transmitting the data frame with the TID set is set as the NID (step S300).
- the clock count starts again.
- the TID is set to the last NID displayed on the bus line plus 1, and the data frame is transmitted (step S400). ).
- step S100 to S400 When the above steps (steps S100 to S400) are repeatedly performed to set the NIDs of all nodes connected to the bus line, the IDS transmits an error frame to notify each node that the NID setting is complete, and the nodes start communication. (Step S500).
- a node that does not transmit data When one of the nodes to which the same NID is configured transmits data, a node that does not transmit data generates an error in the process of receiving the Arbitration field RTR data.
- a node that does not transmit data continuously checks whether its NID appears on the CAN bus a preset number of times (eg, 3 times). When one's own NID continuously appears for a preset number of times, it is determined that the same NID has been set and the own NID is changed.
- NES was added to the existing CAN controller and implemented using Verilog HDL, and simulation was performed with ModelSim provided by IDEC (IC Design Education Center).
- 18 is a simulation result of automatically assigning a unique address to a node while the CAN bus is booted. At first boot starts and each node increments the clock count.
- the first auto_con2 node whose clock count is 16'hFFFF is given a unique ID of 1, and the auto_con1 node and the auto_con3 node initialize the clock count while the Rx signal is detected as recessive during the clock count.
- the auto_con1 and auto_con3 nodes memorize the number of clock count initialization times (1 at this point).
- an error frame is generated to increase the TEC of the node. This operation is performed whenever an internal attack node with ID 4 transmits a data frame, and the TEC of that node continues to increase, eventually passing the error passive state and entering the bus-off state.
- each node is distinguished by automatically assigning a unique ID to each node whenever booting from the CAN bus. Since the present invention allocates NID (Node ID), which is a unique ID, every time it boots, it can be easily applied regardless of replacement of parts, and the number of bits of the unique ID can be greatly reduced.
- NID Node ID
- Such a physical layer security method through automatic node ID setting in the CAN bus may be implemented as an application or implemented in the form of a program command that may be executed through various computer components and recorded in a computer-readable recording medium.
- the computer-readable recording medium may include program instructions, data files, data structures, etc. alone or in combination.
- the program instructions recorded in the computer-readable recording medium are specially designed and configured for the present invention, and may be known and available to those skilled in the computer software field.
- Examples of the computer-readable recording medium include hard disks, magnetic media such as floppy disks and magnetic tapes, optical recording media such as CD-ROMs and DVDs, and magneto-optical media such as floppy disks. media), and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
- Examples of program instructions include not only machine language codes such as those generated by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like.
- the hardware device may be configured to operate as one or more software modules for carrying out the processing according to the present invention, and vice versa.
- CAN Controller Area Network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims (22)
- CAN(Controller Area Network) 버스 라인에 연결된 다수의 노드들에 대해 각각 서로 다른 고유 ID인 NID(Node ID)를 설정하는 단계;위조된 NID를 사용하는 노드, 다른 NID를 사용하는 노드 및 존재하지 않는 NID를 사용하는 노드 중 적어도 하나가 발견되는 경우 에러 프레임으로 판단하는 단계;상기 에러 프레임이 발생될 때마다 송신 노드와 수신 노드의 TEC(Transmit Error Counter)와 REC(Receive Error Counter)의 카운트를 증가시키는 단계; 및TEC 또는 REC이 설정된 임계치 보다 커지는 노드를 버스 오프(off)시켜 차단하는 단계;를 포함하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 방법.
- 제1항에 있어서, 상기 에러 프레임으로 판단하는 단계는,위조된 NID를 사용하는 노드가 발견된 경우 사칭 당한 NID가 설정된 노드가 해킹을 감지하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 방법.
- 제1항에 있어서, 상기 에러 프레임으로 판단하는 단계는,다른 NID를 사용하는 노드 또는 존재하지 않는 NID를 사용하는 노드가 발견된 경우 침입 감지 시스템인 IDS(Intrusion Detection System)가 해킹을 감지하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 방법.
- 제1항에 있어서, 상기 CAN 버스 라인에 연결된 다수의 노드들에 대해 각각 서로 다른 고유 ID인 NID를 설정하는 단계는,데이터 프레임을 송신할 때 메시지 ID 영역 하위 4 비트를 NID 값으로 설정하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 방법.
- 제1항에 있어서, 상기 에러 프레임이 발생될 때마다 송신 노드와 수신 노드의 TEC와 REC의 카운트를 증가시키는 단계는,상기 에러 프레임이 발생되면, 송신 노드의 TEC는 8만큼 증가시키고, 수신 노드의 경우 가장 먼저 에러 프레임을 발생시킨 노드의 REC는 8만큼 증가시키고 다른 노드의 REC는 1만큼 증가시키는, CAN 버스 물리 계층에서 해킹된 노드의 대처 방법.
- 제1항에 있어서,메시지가 성공적으로 전송될 때마다 송신 노드와 수신 노드의 TEC와 REC의 카운트를 감소시키는 단계;를 더 포함하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 방법.
- 제1항에 있어서, 상기 TEC 또는 REC이 설정된 임계치 보다 커지는 노드를 버스 오프(off)시켜 차단하는 단계는,노드의 TEC 또는 REC가 256 보다 커지는 경우 해당 노드를 분리하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 방법.
- 제1항에 따른 상기 CAN 버스 물리 계층에서 해킹된 노드의 대처 방법을 수행하기 위한 컴퓨터 프로그램이 기록된 컴퓨터로 판독 가능한 저장 매체.
- CAN(Controller Area Network) 버스 라인에 연결되고 각각 서로 다른 고유 ID인 NID(Node ID)가 설정된 다수의 노드들;상기 CAN 버스 라인에 로딩되는 데이터 프레임의 내용을 분석하여 해킹당한 노드인지 판단하는 IDS(Intrusion Detection System);상기 에러 프레임이 발생될 때마다 송신 노드와 수신 노드의 TEC(Transmit Error Counter)와 REC(Receive Error Counter)의 카운트를 증가시키고, 메시지가 성공적으로 전송될 때마다 송신 노드와 수신 노드의 TEC와 REC의 카운트를 감소시키는 카운터; 및상기 다수의 노드들 및 IDS에 각각 장착되어, TEC 또는 REC이 설정된 임계치 보다 커지는 노드를 버스 오프(off)시켜 차단하는 NES(Node Expulsion System);를 포함하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 시스템.
- 제9항에 있어서,위조된 NID를 사용하는 노드가 발견된 경우 사칭 당한 NID가 설정된 노드의 NES가 해킹을 감지하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 시스템.
- 제9항에 있어서,다른 NID를 사용하는 노드 또는 존재하지 않는 NID를 사용하는 노드가 발견된 경우 상기 IDS의 NES가 해킹을 감지하는, CAN 버스 물리 계층에서 해킹된 노드의 대처 시스템.
- 제9항에 있어서,각 노드의 NID는 데이터 프레임을 송신할 때 메시지 ID 영역 하위 4 비트에서 설정되는, CAN 버스 물리 계층에서 해킹된 노드의 대처 시스템.
- CAN(Controller Area Network) 버스 라인에 연결된 노드들이 부팅(Boot-up)되는 경우, 클락 카운트를 시작하여 임계치에 도달하면 TID(Temporary ID)를 설정하여 데이터 프레임을 송신하는 단계;클락 카운트 동작 중에 열성(Recessive) 신호를 감지하거나, 클락 카운트를 완료하고 Tx(Transmitter) 신호를 발생시키기 전에 열성 신호를 감지한 노드들은 버스에 나타나는 서로 다른 각 노드의 고유 ID인 NID(Node ID)를 저장하는 단계;TID를 설정한 데이터 프레임을 송신한 IDS로부터 송신된 Ack 신호를 수신한 노드의 TID를 NID로 설정하는 단계; 및CAN 버스가 휴지(IDLE) 상태가 되면 다시 클락 카운트를 시작하여 클락 카운트가 설정한 값에 도달하면 TID를 마지막으로 버스 라인에 나타난 NID에 1만큼 더한 값으로 설정하고 데이터 프레임을 송신하는 단계;를 포함하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법.
- 제13항에 있어서,상기 단계들을 반복적으로 수행하여 버스 라인에 연결된 모든 노드들의 NID를 설정하면, IDS에서 에러 프레임을 송신하여 각 노드들에게 NID 설정이 완료되었음을 알리고 노드들은 통신을 시작하는 단계;를 더 포함하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법.
- 제14항에 있어서,설정한 NID를 데이터 프레임을 송신할 때 메시지 ID 영역 하위 4비트에 설정한 NID를 기재하여 송신하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법.
- 제15항에 있어서,동일한 NID가 설정된 노드들이 동시에 서로 다른 데이터를 송신하는 경우, 데이터 프레임을 송신할 때 데이터 필드(Data field)에서 비트(Bit) 에러가 발생하는 단계;비트(Bit) 에러가 발생하면, 데이터 필드의 몇 번째 비트에서 에러가 발생하는지 저장하는 단계; 및미리 설정된 횟수만큼 연속적으로 같은 자리에서 비트 에러가 발생하는 경우, 에러 프레임을 송신하지 않고 동일한 NID가 설정된 것으로 판단하고 NID를 변경하는 단계;를 더 포함하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법.
- 제15항에 있어서,동일한 NID가 설정된 노드들 중 하나가 데이터를 송신하는 경우, 데이터를 송신하지 않는 노드가 Arbitration field RTR 데이터를 수신하는 과정에서 에러를 발생시키는 단계;노드가 데이터 프레임을 송신할 때 데이터를 송신하지 않는 노드가 자신의 NID가 CAN 버스 상에 미리 설정된 횟수만큼 연속적으로 나타나는지 체크하는 단계; 및자신의 NID가 미리 설정된 횟수만큼 연속적으로 나타나는 경우, 동일한 NID가 설정된 것으로 판단하고 자신의 NID를 변경하는 단계;를 더 포함하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법.
- 제13항에 있어서, 상기 버스에 나타나는 서로 다른 각 노드의 고유 ID인 NID(Node ID)를 저장하는 단계는,클락 카운트를 초기화하고 통신이 끝나는 것을 기다리는 단계;를 더 포함하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법.
- 제13항에 있어서, 상기 TID(Temporary ID)를 설정하여 데이터 프레임을 송신하는 단계는,상기 클락 카운트의 임계치는 16’hFFFF로 설정하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법.
- 제13항에 따른 상기 CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 방법을 수행하기 위한 컴퓨터 프로그램이 기록된 컴퓨터로 판독 가능한 저장 매체.
- CAN(Controller Area Network) 버스 라인에 연결된 노드들이 부팅(Boot-up)되는 경우, 클락 카운트를 시작하여 임계치에 도달하면 TID(Temporary ID)를 설정하여 데이터 프레임을 송신하고, TID를 설정한 데이터 프레임을 송신한 IDS로부터 송신된 Ack 신호를 수신한 노드의 TID를 서로 다른 각 노드의 고유 ID인 NID(Node ID)로 설정하는 자동 ID 설정부;클락 카운트 동작 중에 열성(Recessive) 신호를 감지하거나, 클락 카운트를 완료하고 Tx(Transmitter) 신호를 발생시키기 전에 열성 신호를 감지한 노드들의 NID를 저장하는 NID 저장부;CAN 버스가 휴지(IDLE) 상태가 되면 다시 클락 카운트를 시작하여 클락 카운트가 설정한 값에 도달하면 TID를 마지막으로 버스 라인에 나타난 NID에 1만큼 더한 값으로 설정하고 데이터 프레임을 송신하는 상태 머신; 및버스 라인에 연결된 모든 노드들의 NID를 설정하면, IDS에서 에러 프레임을 송신하여 각 노드들에게 NID 설정이 완료되었음을 알려서 통신을 시작하도록 하는 전송 버퍼;를 포함하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 장치.
- 제21항에 있어서,상기 CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 장치는, CAN 컨트롤러 상에 구현되고, 동일한 NID가 설정된 노드들이 동시에 서로 다른 데이터를 송신하는 경우, 데이터 프레임을 송신할 때 데이터 필드(Data field)에서 비트(Bit) 에러가 발생하면, 데이터 필드의 몇 번째 비트에서 에러가 발생하는지 저장하고, 미리 설정된 횟수만큼 연속적으로 같은 자리에서 비트 에러가 발생하는 경우, 에러 프레임을 송신하지 않고 동일한 NID가 설정된 것으로 판단하고 NID를 변경하고,동일한 NID가 설정된 노드들 중 하나가 데이터를 송신하는 경우, 데이터를 송신하지 않는 노드가 Arbitration field RTR 데이터를 수신하는 과정에서 에러가 발생하면, 노드가 데이터 프레임을 송신할 때 데이터를 송신하지 않는 노드가 자신의 NID가 CAN 버스 상에 미리 설정된 횟수만큼 연속적으로 나타나는지 체크하고, 자신의 NID가 미리 설정된 횟수만큼 연속적으로 나타나는 경우, 동일한 NID가 설정된 것으로 판단하고 자신의 NID를 변경하는, CAN 버스에서 노드 ID 자동 설정을 통한 물리 계층 보안 장치.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP20958813.6A EP4231596A1 (en) | 2020-10-21 | 2020-12-28 | Method for handling hacked node on can bus physical layer, physical layer security method through automatic node id setting on can bus, recording medium for carrying out same, and system |
US18/032,473 US20240031404A1 (en) | 2020-10-21 | 2020-12-28 | Counterattack method against hacked node in can bus physical layer, physical layer security method with can bus node id auto-setting, and recording medium and system for performing the method |
JP2023524176A JP2023547833A (ja) | 2020-10-21 | 2020-12-28 | Canバス物理層でハッキングされたノードの対処方法、canバスでノードid自動設定を通じての物理層セキュリティ方法、これを遂行するための記録媒体およびシステム |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2020-0136471 | 2020-10-21 | ||
KR10-2020-0136473 | 2020-10-21 | ||
KR1020200136473A KR102456506B1 (ko) | 2020-10-21 | 2020-10-21 | Can 버스 물리 계층에서 해킹된 노드의 대처 방법, 이를 수행하기 위한 기록 매체 및 시스템 |
KR1020200136471A KR102423504B1 (ko) | 2020-10-21 | 2020-10-21 | Can 버스에서 노드 id 자동 설정을 통한 물리 계층 보안 방법, 이를 수행하기 위한 기록 매체 및 장치 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022085863A1 true WO2022085863A1 (ko) | 2022-04-28 |
Family
ID=81290583
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2020/019184 WO2022085863A1 (ko) | 2020-10-21 | 2020-12-28 | Can 버스 물리 계층에서 해킹된 노드의 대처 방법, can 버스에서 노드 id 자동 설정을 통한 물리 계층 보안 방법, 이를 수행하기 위한 기록 매체 및 시스템 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20240031404A1 (ko) |
EP (1) | EP4231596A1 (ko) |
JP (1) | JP2023547833A (ko) |
WO (1) | WO2022085863A1 (ko) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116700110A (zh) * | 2023-06-30 | 2023-09-05 | 中汽院新能源科技有限公司 | 基于多模块划分的分布式驱动新能源汽车控制方法 |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4232603B2 (ja) | 2003-10-24 | 2009-03-04 | 富士ゼロックス株式会社 | 通信システム、制御装置、canバス接続ノード、canバス通信方法、及び、プログラム |
KR20090065260A (ko) | 2007-12-17 | 2009-06-22 | 한국전자통신연구원 | Ip 기반 시스템과 wsn 노드와의 연동을 위한 고유식별자를 이용한 주소 변환 시스템 및 방법 |
KR101332339B1 (ko) | 2012-11-08 | 2013-11-22 | 재단법인대구경북과학기술원 | Can 시스템에서 데이터를 전송하는 방법 |
KR101714770B1 (ko) * | 2015-12-14 | 2017-03-09 | 현대오트론 주식회사 | Can 통신 시스템의 id 동적 할당 방법, 및 can 통신 시스템 |
KR20190003112A (ko) * | 2017-06-30 | 2019-01-09 | 주식회사 페스카로 | Can 통신 기반 우회 공격 탐지 방법 및 시스템 |
KR20190014391A (ko) * | 2017-08-02 | 2019-02-12 | 한국전자통신연구원 | Hmac 기반의 동적 can id 생성 및 운용 장치, 및 그 방법 |
KR20200021297A (ko) * | 2018-08-20 | 2020-02-28 | (주)에이치씨인포 | 비정상 can 데이터 탐지 시스템 및 방법 |
-
2020
- 2020-12-28 WO PCT/KR2020/019184 patent/WO2022085863A1/ko active Application Filing
- 2020-12-28 US US18/032,473 patent/US20240031404A1/en active Pending
- 2020-12-28 JP JP2023524176A patent/JP2023547833A/ja active Pending
- 2020-12-28 EP EP20958813.6A patent/EP4231596A1/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4232603B2 (ja) | 2003-10-24 | 2009-03-04 | 富士ゼロックス株式会社 | 通信システム、制御装置、canバス接続ノード、canバス通信方法、及び、プログラム |
KR20090065260A (ko) | 2007-12-17 | 2009-06-22 | 한국전자통신연구원 | Ip 기반 시스템과 wsn 노드와의 연동을 위한 고유식별자를 이용한 주소 변환 시스템 및 방법 |
KR101332339B1 (ko) | 2012-11-08 | 2013-11-22 | 재단법인대구경북과학기술원 | Can 시스템에서 데이터를 전송하는 방법 |
KR101714770B1 (ko) * | 2015-12-14 | 2017-03-09 | 현대오트론 주식회사 | Can 통신 시스템의 id 동적 할당 방법, 및 can 통신 시스템 |
KR20190003112A (ko) * | 2017-06-30 | 2019-01-09 | 주식회사 페스카로 | Can 통신 기반 우회 공격 탐지 방법 및 시스템 |
KR20190014391A (ko) * | 2017-08-02 | 2019-02-12 | 한국전자통신연구원 | Hmac 기반의 동적 can id 생성 및 운용 장치, 및 그 방법 |
KR20200021297A (ko) * | 2018-08-20 | 2020-02-28 | (주)에이치씨인포 | 비정상 can 데이터 탐지 시스템 및 방법 |
Non-Patent Citations (1)
Title |
---|
KANG TAE-WOOK, JONG-BAE LEE, SEONGSOO LEE : "Counterattack Method against Hacked Node in CAN Bus Physical Layer", JOURNAL OF IKEEE, vol. 23, no. 4, 1 December 2019 (2019-12-01), pages 1469 - 1472, XP055924434, ISSN: 2288-243X, DOI: 10.7471/ikeee.2019.23.4.1469 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116700110A (zh) * | 2023-06-30 | 2023-09-05 | 中汽院新能源科技有限公司 | 基于多模块划分的分布式驱动新能源汽车控制方法 |
CN116700110B (zh) * | 2023-06-30 | 2024-03-26 | 中汽院新能源科技有限公司 | 基于多模块划分的分布式驱动新能源汽车控制方法 |
Also Published As
Publication number | Publication date |
---|---|
EP4231596A1 (en) | 2023-08-23 |
US20240031404A1 (en) | 2024-01-25 |
JP2023547833A (ja) | 2023-11-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017052303A1 (ko) | 무선통신 시스템에서 네트워크 허브 관리 방법 및 장치 | |
WO2023033586A1 (ko) | Tcp 세션 제어에 기초하여 애플리케이션의 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
WO2018230988A1 (ko) | Can 통신 기반 해킹공격 탐지 방법 및 시스템 | |
WO2009113827A2 (ko) | 충돌 상황에 따라 명령을 재전송하는 rfid 리더 장치 및 그 제어방법 | |
WO2022085863A1 (ko) | Can 버스 물리 계층에서 해킹된 노드의 대처 방법, can 버스에서 노드 id 자동 설정을 통한 물리 계층 보안 방법, 이를 수행하기 위한 기록 매체 및 시스템 | |
WO2023033585A1 (ko) | 분산 게이트웨이 환경에 최적화된 터널링 및 게이트웨이 접속 시스템 및 그에 관한 방법 | |
WO2019235813A1 (en) | Electronic device supporting multiple wireless communication protocols and method therefor | |
WO2017092498A1 (zh) | 一种信息管理方法及用户终端 | |
WO2022019720A1 (ko) | 엣지 플랫폼 네트워크의 가속화 제어 방법 및 이를 사용하는 전자 장치 | |
WO2015157942A1 (zh) | 接入无线网络的装置及方法 | |
WO2015152614A1 (en) | Method of reconnecting master device and slave device | |
WO2014171733A1 (en) | Device and method for performing device to device communication in wireless communication system | |
WO2021049748A1 (en) | Electronic device for receiving data packet in bluetooth network environment and method thereof | |
WO2020180056A1 (ko) | 블루투스 네트워크 환경에서 응답 메시지를 전송하기 위한 전자 장치 및 그에 관한 방법 | |
WO2023085793A1 (ko) | 컨트롤러 기반의 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
WO2020197184A1 (en) | Multicore electronic device and packet processing method thereof | |
WO2020256497A1 (ko) | 블루투스 통신 연결 방법 및 그 전자 장치 | |
WO2023090755A1 (ko) | 가상화 인스턴스의 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
WO2012091528A2 (ko) | 신뢰도 있는 ap를 선택할 수 있는 단말기 및 방법 | |
WO2020197339A1 (en) | Method for processing network packets and electronic device therefor | |
WO2020242111A1 (en) | Electronic device for discovering device and method thereof | |
WO2017090931A1 (ko) | 이벤트 관리 서비스를 제공하는 전자 장치 및 방법 | |
WO2009113826A2 (ko) | 적응형 재전송 대기 시간을 계산하는 rfid 리더 장치 및 그 제어방법 | |
WO2022231304A1 (ko) | 컨트롤러 기반의 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
WO2020122368A1 (ko) | 보안단말기를 이용한 저장장치의 데이터 보안 관리 시스템 및 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20958813 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 18032473 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2023524176 Country of ref document: JP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2020958813 Country of ref document: EP Effective date: 20230517 |