公开(公告)号：US20230247038A1

公开(公告)日：2023-08-03

申请号：US18150898

申请日：2023-01-06

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： TOMOYUKI HAGA ,  HIDEKI MATSUSHIMA ,  MANABU MAEDA ,  YOSHIHIRO UJIIE ,  TAKESHI KISHIKAWA ,  JUNICHI TSURUMI ,  JUN ANZAI

IPC: H04L9/40 ,  H04L12/40 ,  G07C5/08 ,  H04W4/44 ,  H04W4/40 ,  H04L67/12

CPC classification number: H04L63/1425 ,  G07C5/0808 ,  H04L12/40 ,  H04L63/1441 ,  H04L67/12 ,  H04W4/40 ,  H04W4/44 ,  H04L2012/40273 ,  H04W4/08

Abstract: An anomaly detection server is provided. The anomaly detection server is a server for counteracting an anomalous frame transmitted on an on-board network of a single vehicle. The anomaly detection server acquires information about multiple frames received on one or multiple on-board networks of one or multiple vehicles, including the single vehicle. The anomaly detection server, acting as an assessment unit that, based on the information about the multiple frames and information about a frame received on the on-board network of the single vehicle after the acquisition of the information about the multiple frames, assesses an anomaly level of the frame received on the on-board network of the single vehicle.

公开(公告)号：US20190140778A1

公开(公告)日：2019-05-09

申请号：US16237327

申请日：2018-12-31

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： TAKESHI KISHIKAWA ,  TATSUMI OBA ,  MANABU MAEDA

IPC: H04L1/00 ,  H04L1/16 ,  H04L1/24 ,  G06K9/62 ,  G07C5/08

Abstract: An information processing method performed by an information processing system including a storage device to process a plurality of data frames flowing in an in-vehicle network including at least one electronic control unit includes a receiving step of sequentially receiving a plurality of data frames flowing in the in-vehicle network, a frame collection step of recording, in a reception log held in the storage device, reception interval information indicating reception intervals between the plurality of data frames as frame information, a feature acquisition step of acquiring, from the reception interval information, a feature relating to distribution of the reception intervals between the plurality of data frames, and an unauthorized data presence determination step of determining the presence/absence of an unauthorized data frame among the plurality of data frames.

公开(公告)号：US20190116157A1

公开(公告)日：2019-04-18

申请号：US16229528

申请日：2018-12-21

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： TAKESHI KISHIKAWA ,  MANABU MAEDA ,  TOMOYUKI HAGA

IPC: H04L29/06 ,  G06F21/64 ,  H04L12/40

Abstract: An information processing method of processing data frames flowing over an onboard network includes a frame collecting step of obtaining, from each of received data frames, a payload included in the data frame and configured of at least one field, and recording in a reception log as one record, and a field extracting step of calculating, regarding each of a plurality of payload splitting pattern candidates indicating different regions within payloads of the plurality of data frames, one or more features relating to time-sequence change of values of the payload in the region, from the plurality of records, selecting a payload splitting pattern indicating a region of a field within the payload, based on the features, and outputting field extracting results indicating the region indicated by the selected payload splitting pattern candidate, and a category of the field based on the features.

公开(公告)号：US20180152341A1

公开(公告)日：2018-05-31

申请号：US15878787

申请日：2018-01-24

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： MANABU MAEDA ,  HIDEKI MATSUSHIMA ,  TOMOYUKI HAGA ,  YOSHIHIRO UJIIE ,  TAKESHI KISHIKAWA

IPC: H04L12/24 ,  H04L12/40 ,  H04L12/66

CPC classification number: H04L41/082 ,  B60R16/02 ,  B60R16/023 ,  G06F8/654 ,  G06F8/71 ,  G06F11/00 ,  G06F11/3664 ,  G06F11/3668 ,  G06F11/3696 ,  H04L12/40013 ,  H04L12/40169 ,  H04L12/4625 ,  H04L12/66 ,  H04L2012/40273

Abstract: A gateway connected to a bus used for communication by a plurality of ECUs provided on-board a vehicle is provided with: an external communication unit that receives, from a server external to the vehicle, firmware update information that includes updated firmware for one ECU from among the plurality of ECUs; an ECU information acquiring unit that acquires system configuration information indicating the type of each of the plurality of ECUs connected to the bus; and a FW update processing unit that performs a controlling operation to update firmware of the relevant ECU based on the updated firmware, after an operation verification of the updated firmware is performed using an ECU of each type indicated by the system configuration information.

公开(公告)号：US20170111357A1

公开(公告)日：2017-04-20

申请号：US15391901

申请日：2016-12-28

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： YUJI UNAGAMI ,  MANABU MAEDA ,  HIDEKI MATSUSHIMA

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/06

CPC classification number: H04L63/0869 ,  G06F21/445 ,  G06F2221/2107 ,  G06F2221/2151 ,  H04L9/0631 ,  H04L9/0637 ,  H04L9/0833 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/3242 ,  H04L9/3263 ,  H04L9/3273 ,  H04L63/0428

Abstract: A controller and a first device perform mutual authentication, create a group key, and share the group key, and the first device is set as a reference device. Thereafter, at a group key update timing when the controller and the reference device update the group key to an updated group key, the controller and a second device, which is not the reference device, perform mutual authentication, and the updated group key is also shared by the second device. Further, encrypted data is generated by encrypting transmission data by using the group key, a MAC (Message Authentication Code) is generated from the transmission data, a header, a transmission source address, and a transmission destination address, and a message that includes the encrypted data, the header, the transmission source address, the transmission destination address, and the MAC is broadcast.

公开(公告)号：US20190082016A1

公开(公告)日：2019-03-14

申请号：US16188330

申请日：2018-11-13

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： TAKAMITSU SASAKI ,  TOMOYUKI HAGA ,  MANABU MAEDA ,  HIDEKI MATSUSHIMA

IPC: H04L29/08 ,  H04L12/24 ,  H04L12/40 ,  H04L29/06

Abstract: A hub is connected to first and second networks where first-type and second-type frames are transmitted following first and second communication protocols. The hub sequentially receives each of the first-type and second-type frames, and stores data in first and second reception buffers. If the destination of data stored in the first and second reception buffers is the first network, the hub stores the data in a first transmission buffer. If the destination is the second network, the hub stores the data in a second transmission buffer. If the first transmission buffer is a priority transmission buffer, the hub transmits first yet-to-be-transmitted data in the first transmission buffer with priority. If the second transmission buffer is the priority transmission buffer, the hub transmits second yet-to-be-transmitted data in the second transmission buffer with priority.

公开(公告)号：US20160294855A1

公开(公告)日：2016-10-06

申请号：US15183398

申请日：2016-06-15

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： MANABU MAEDA ,  HIDEKI MATSUSHIMA ,  TOMOYUKI HAGA ,  YUJI UNAGAMI ,  YOSHIHIRO UJIIE ,  TAKESHI KISHIKAWA

IPC: H04L29/06 ,  H04L29/08 ,  B60R16/023

CPC classification number: H04L63/1416 ,  B60R16/0231 ,  H04L63/1425 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: A fraud sensing method for use in an in-vehicle network system including a plurality of electronic control units that communicate with each other via a bus includes detecting that a state of a vehicle satisfies a predetermined condition, and switching, upon detecting that the state of the vehicle satisfies the predetermined condition, an operation mode of a fraud-sensing electronic control unit connected to the bus between a first mode in which a first type of sensing process for sensing a fraudulent message in the bus is performed and a second mode in which the first type of sensing process is not performed.

Abstract translation: 一种用于车载网络系统的欺诈感测方法，包括经由总线彼此通信的多个电子控制单元，包括检测车辆的状态满足预定条件，并且在检测到车辆的状态 车辆满足预定条件，在执行用于感测总线中的欺诈性消息的第一类型的感测处理执行的第一模式之间连接到总线的欺诈感测电子控制单元的操作模式和其中 不执行第一类感测处理。

公开(公告)号：US20160205194A1

公开(公告)日：2016-07-14

申请号：US15076650

申请日：2016-03-22

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： TAKESHI KISHIKAWA ,  HIDEKI MATSUSHIMA ,  TOMOYUKI HAGA ,  MANABU MAEDA ,  YUJI UNAGAMI ,  YOSHIHIRO UJIIE

IPC: H04L29/08 ,  H04L29/06 ,  B60R16/023

CPC classification number: H04L67/12 ,  B60R16/023 ,  H04L9/3242 ,  H04L9/3297 ,  H04L63/08 ,  H04L63/10 ,  H04L63/12 ,  H04L63/20 ,  H04L2209/84

Abstract: A fraud detection method for use in an in-vehicle network system including a plurality of electronic control units that communicate with one another via a bus in accordance with Controller Area Network (CAN) protocol is provided. The method includes receiving at least one data frame sent to the bus, verifying a specific identifier in the received data frame only if the received data frame does not follow a predetermined rule regarding a transmission period and a state of a vehicle having the in-vehicle network system mounted therein is a predetermined state, detecting the received data frame as an authenticated data frame if the verification is successful, and detecting the received data frame as a fraudulent data frame if the verification fails.

Abstract translation: 提供了一种用于车载网络系统中的欺诈检测方法，该系统包括根据控制器局域网（CAN）协议经由总线相互通信的多个电子控制单元。 该方法包括接收发送到总线的至少一个数据帧，仅在接收到的数据帧不遵循关于传输周期的预定规则和具有车载车辆的状态时验证接收到的数据帧中的特定标识符 安装在其中的网络系统是预定状态，如果验证成功则检测接收到的数据帧作为认证数据帧，如果验证失败，则检测接收到的数据帧为欺诈数据帧。

公开(公告)号：US20190149562A1

公开(公告)日：2019-05-16

申请号：US16244162

申请日：2019-01-10

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： MANABU MAEDA ,  TAKESHI KISHIKAWA ,  DAISUKE KUNIMUNE

IPC: H04L29/06 ,  H04L12/40 ,  G06N20/00 ,  G06N7/00

Abstract: A reference message deciding method used in unauthorized communication detection. The deciding method includes: identifying, from information relating to an attack message on the onboard network system, a communication pattern indicating features related to change in data values or communication timing of an attack message; determining whether or not a message sent out onto the network matches a communication pattern identified in the identifying; and deciding a reference message used in determining whether or not the message sent out is an attack message, using determination results of the determining.

公开(公告)号：US20180316680A1

公开(公告)日：2018-11-01

申请号：US16031079

申请日：2018-07-10

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： TAKESHI KISHIKAWA ,  MANABU MAEDA ,  TOHRU WAKABAYASHI ,  TOSHIHISA NAKANO ,  HIDEKI MATSUSHIMA

IPC: H04L29/06 ,  B60R16/023 ,  H04L12/40

CPC classification number: H04L63/10 ,  B60R16/0231 ,  H04L12/40 ,  H04L12/40104 ,  H04L63/1425 ,  H04L67/12 ,  H04L67/125 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: An unauthorized control suppression method for use in a network system is provided. The network system includes a plurality of electronic controllers that exchange, via a communication channel, a plurality of frames The plurality of frames includes at least one control frame that instructs predetermined control to an object of control. The method receives, sequentially, the plurality of frames from the communication channel, and determines whether the predetermined control, instructed by the control frame received in the receiving, is to be suppressed, based on a set of frames received in the receiving. The set of frames is received in the receiving within a predetermined period preceding a time of reception of the control frame.