公开(公告)号：US20170361808A1

公开(公告)日：2017-12-21

申请号：US15636007

申请日：2017-06-28

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Tomoyuki HAGA ,  Hideki MATSUSHIMA ,  Manabu MAEDA ,  Yuji UNAGAMI ,  Yoshihiro UJIIE ,  Takeshi KISHIKAWA

IPC: B60R25/30 ,  H04L9/08 ,  H04L29/08 ,  H04L9/32

CPC classification number: B60R25/307 ,  B60R2325/108 ,  H04L9/0891 ,  H04L9/3242 ,  H04L67/12 ,  H04L2209/84

Abstract: An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), via a bus includes receiving a data frame transmitted on the bus, and generating a first MAC by using a MAC key and a value of a counter that counts a number of times a data frame having added thereto a MAC is transmitted. The method also includes performing verification that the data frame received has added thereto the generated first MAC and incrementing a number of error occurrences when the verification has failed for the data frame, the data frame including a predetermined message ID. When the number of error occurrences exceeds a predetermined threshold, a process associated in advance with the predetermined message ID is executed.

公开(公告)号：US20240364727A1

公开(公告)日：2024-10-31

申请号：US18766200

申请日：2024-07-08

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takahiro ADACHI ,  Yoshihiro UJIIE ,  Takeshi KISHIKAWA

IPC: H04L9/40

CPC classification number: H04L63/1425

Abstract: An anomaly detection device detects an anomaly in an in-vehicle network system including two or more electronic control units and one or more networks and includes: ECU attribute storage in which attributes of the two or more electronic control units each of which has been set for a corresponding one of the two or more electronic control units are stored; a communicator that transmits and receives a message on the one or more networks; and an anomaly detector that detects anomalous communication by using an attribute of a message source electronic control unit or an attribute of a message destination electronic control unit among the attributes stored in the ECU attribute storage. The attribute stored in the ECU attribute storage indicates the function of the electronic control unit including the attribute or the type of information that is handled by the electronic control unit including the attribute.

公开(公告)号：US20240323205A1

公开(公告)日：2024-09-26

申请号：US18733358

申请日：2024-06-04

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takeshi KISHIKAWA ,  Takamitsu SASAKI

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/1433

Abstract: A monitoring server of an in-vehicle control network system includes a threat information generator that obtains first threat information pertaining to a threat that has occurred in a vehicle of a first vehicle type, a threat information abstractor that generates abstracted threat information by deleting information specific to the first vehicle type from the first threat information, and a display that outputs second threat information generated based on the abstracted threat information and including a risk value indicating a risk level of the threat to a second vehicle type different from the first vehicle type.

公开(公告)号：US20240236115A1

公开(公告)日：2024-07-11

申请号：US18584704

申请日：2024-02-22

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yoshihiro UJIIE ,  Jun ANZAI ,  Yoshihiko KITAMURA ,  Masato TANABE ,  Hideki MATSUSHIMA ,  Tomoyuki HAGA ,  Takeshi KISHIKAWA ,  Ryota SUGIYAMA

IPC: H04L9/40 ,  B60R16/023 ,  H04L12/40 ,  H04L67/12

CPC classification number: H04L63/123 ,  B60R16/023 ,  H04L12/40 ,  H04L63/08 ,  H04L63/102 ,  H04L63/20 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: An electronic control unit is connected to a network in an in-vehicle network system. The electronic control unit includes a first control circuit that operates on a first operating system and a second control circuit that operates on a second operating system. The first control circuit is connected to the network via the second control circuit. The second control circuit performs a first determination process on frames to determine conformity of the frames with a first rule. Upon determining that the frames conform to the first rule, the second control circuit transmits contents of the frames to the first control circuit. The first control circuit performs a second determination process on the contents of the frames to determine conformity with a second rule. The second rule is different from the first rule.

公开(公告)号：US20240086290A1

公开(公告)日：2024-03-14

申请号：US18519690

申请日：2023-11-27

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Ryo HIRANO ,  Yoshihiro UJIIE ,  Takeshi KISHIKAWA ,  Tomoyuki HAGA ,  Jun ANZAI ,  Yoshiharu IMAMOTO

IPC: G06F11/30 ,  B60W50/04

CPC classification number: G06F11/301 ,  B60W50/04

Abstract: A monitoring device includes three or more monitors each monitoring, as a monitoring target, at least one of software and a communication log. The three or more monitors include a first monitor operating with a first execution privilege, a second monitor operating with a second execution privilege having a reliability level lower than the first execution privilege, and a third monitor operating with a third execution privilege having a reliability level that is the same as the second execution privilege or that is lower than the second execution privilege. The first monitor monitors software of the second monitor, and at least one of the first monitor or the second monitor monitors software of the third monitor.

公开(公告)号：US20230370480A1

公开(公告)日：2023-11-16

申请号：US18225957

申请日：2023-07-25

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Manabu MAEDA ,  Takeshi KISHIKAWA ,  Daisuke KUNIMUNE

IPC: H04L9/40 ,  H04L12/40 ,  G06N20/00 ,  B60R16/023

CPC classification number: H04L63/1416 ,  H04L12/40 ,  G06N7/01 ,  G06N20/00 ,  H04L2012/40215 ,  B60R16/023

Abstract: A reference message determining method is used in unauthorized communication detection in an onboard network system that is executed by an information processing system including at least one memory. The onboard network system including a network and one or more electronic control units connected to the network. The method includes executing unauthorized activity detection for determining whether or not a message received from the network is an attack message. A message that could not be determined to be unauthorized is regarded as a gray message. The method also includes determining whether or not the gray message is unauthorized again at a predetermined timing. In a case where the gray message is determined to be an attack message in the unauthorized-activity-detection executing operation, a communication pattern is identified based on information relating to the gray message and information relating to the plurality of the received messages previously determined as unauthorized.

公开(公告)号：US20230205181A1

公开(公告)日：2023-06-29

申请号：US18112311

申请日：2023-02-21

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takeshi KISHIKAWA ,  Yoshihiro UJIIE ,  Ryo HIRANO

IPC: G05B19/4155 ,  G05D1/00

CPC classification number: G05B19/4155 ,  G05D1/0038 ,  G05D1/0061 ,  G05B2219/50391

Abstract: A control mode switching apparatus switches a control mode of a robot. The control mode includes at least two of a remote control mode, a manual control mode, and an autonomous control mode. The control mode switching apparatus includes: an anomaly detector that, based on a communication message on a control network in the robot and the control mode, obtains a detection result of at least one anomaly among a user anomaly caused by user control, a robot anomaly caused by the control network, an operating environment anomaly caused by an operating environment of the robot, and an application anomaly caused by an application; and a switcher that calculates, for each type of anomaly detected, a score indicating a likelihood that the type is a cause of the anomaly in the robot, and switches the control mode based on the score calculated.

公开(公告)号：US20210385244A1

公开(公告)日：2021-12-09

申请号：US17406474

申请日：2021-08-19

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takeshi KISHIKAWA ,  Hideki MATSUSHIMA ,  Tomoyuki HAGA ,  Manabu MAEDA ,  Takamitsu SASAKI

IPC: H04L29/06 ,  B60R16/023 ,  G07C5/00

Abstract: A gateway that notifies a fraud detection server located outside a vehicle of information about an in-vehicle network system including an in-vehicle network includes: a priority determiner that determines a priority using at least one of: a state of the vehicle including the in-vehicle network system; an identifier of a message communicated on the in-vehicle network; and a result of fraud detection performed on the message; a frame transmitter-receiver that transmits and receives the message communicated on the in-vehicle network; a frame interpreter that extracts information about the in-vehicle network based on the message received by the frame transmitter-receiver; and a frame uploader that notifies the fraud detection server of notification information including the priority and the information about the in-vehicle network.

公开(公告)号：US20210273966A1

公开(公告)日：2021-09-02

申请号：US17322371

申请日：2021-05-17

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takamitsu SASAKI ,  Tomoyuki HAGA ,  Daiki TANAKA ,  Makoto YAMADA ,  Hisashi KASHIMA ,  Takeshi KISHIKAWA

IPC: H04L29/06 ,  H04L12/40

Abstract: In an anomaly detection method that determines whether each frame in observation data constituted by a collection of frames sent and received over a communication network system is anomalous, a difference between a data distribution of a feature amount extracted from the frame in the observation data and a data distribution for a collection of frames sent and received over the communication network system, obtained at a different timing from the observation data, is calculated. A frame having a feature amount for which the difference is predetermined value or higher is determined to be an anomalous frame. An anomaly contribution level of feature amounts extracted from the frame determined to be an anomalous frame is calculated, and an anomalous payload part, which is at least one part of the payload corresponding to the feature amount for which the anomaly contribution level is at least the predetermined value, is output.

公开(公告)号：US20210051090A1

公开(公告)日：2021-02-18

申请号：US17089277

申请日：2020-11-04

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takeshi KISHIKAWA ,  Yoshihiro UJIIE ,  Ryo HIRANO

IPC: H04L12/755 ,  H04L12/717 ,  H04L12/44 ,  H04L12/40 ,  H04L12/46

Abstract: A secure star coupler in a communication network adopting a time-triggered protocol based on a time slot include: transceivers each of which is connected to one of branches and transmits and receives signals; a routing table holder that holds a predetermined rule indicating a correspondence between a time slot and a branch; and a router that routes a signal received from a first branch to another branch unless a no-transfer condition is satisfied. The no-transfer condition includes a condition that the predetermined rule is not followed by the first branch and a condition that routing of a signal received from a second branch different from the first branch has started in the time slot.