公开(公告)号：US20250039212A1

公开(公告)日：2025-01-30

申请号：US18917154

申请日：2024-10-16

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Manabu MAEDA ,  Takeshi KISHIKAWA ,  Daisuke KUNIMUNE

IPC: H04L9/40 ,  H04L12/40

Abstract: A fraud detection method includes: determining whether a period of a message repeatedly transmitted in an in-vehicle network is anomalous; detecting whether arbitration occurs when the message is transmitted in the in-vehicle network; and determining that the message is an anomalous message, in the case where the period of the message is anomalous and no arbitration occurs when the message is transmitted in the in-vehicle network.

公开(公告)号：US20240086541A1

公开(公告)日：2024-03-14

申请号：US18515925

申请日：2023-11-21

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takeshi KISHIKAWA ,  Ryo HIRANO ,  Yoshihiro UJIIE

IPC: G06F21/57 ,  G06F21/64

CPC classification number: G06F21/57 ,  G06F21/64 ,  G06F2221/033

Abstract: An integrity verification device, in which software is executed by one of one or more electronic control units connected to an in-vehicle network system, includes: a verification schedule determiner that determines a verification timing at which to verify the integrity of the software; an integrity verifier that, for the software, determines, at the verification timing determined for the software, whether first integrity information, that is information for verifying the integrity of the software and that corresponds to at least part of the software corresponding to a verification scope, matches second integrity information, that is information calculated from at least part of the software at the verification timing, and determines that the integrity of the software is ensured when the first integrity information and the second integrity information match; and a verification priority determiner that determines a verification priority that affects determining of the verification timing or the verification scope.

公开(公告)号：US20240064169A1

公开(公告)日：2024-02-22

申请号：US18384553

申请日：2023-10-27

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takeshi KISHIKAWA ,  Hideki MATSUSHIMA ,  Tomoyuki HAGA ,  Manabu MAEDA ,  Takamitsu SASAKI

IPC: H04L9/40 ,  B60R16/023 ,  G07C5/00

CPC classification number: H04L63/1441 ,  B60R16/023 ,  G07C5/008 ,  H04L63/062 ,  H04L63/1416

Abstract: A gateway that notifies a fraud detection server located outside a vehicle of information about an in-vehicle network system including an in-vehicle network includes: a priority determiner that determines a priority using at least one of: a state of the vehicle including the in-vehicle network system; an identifier of a message communicated on the in-vehicle network; and a result of fraud detection performed on the message; a frame transmitter-receiver that transmits and receives the message communicated on the in-vehicle network; a frame interpreter that extracts information about the in-vehicle network based on the message received by the frame transmitter-receiver; and a frame uploader that notifies the fraud detection server of notification information including the priority and the information about the in-vehicle network.

公开(公告)号：US20240053977A1

公开(公告)日：2024-02-15

申请号：US18495971

申请日：2023-10-27

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yoshihiro UJIIE ,  Hideki MATSUSHIMA ,  Jun ANZAI ,  Toshihisa NAKANO ,  Tomoyuki HAGA ,  Manabu MAEDA ,  Takeshi KISHIKAWA

IPC: G06F8/65 ,  G06F8/654 ,  B60R16/02 ,  B60R16/023 ,  G06F11/00 ,  G06F11/14 ,  H04L12/40 ,  H04L12/46

CPC classification number: G06F8/65 ,  G06F8/654 ,  B60R16/02 ,  B60R16/023 ,  G06F11/00 ,  G06F11/1433 ,  H04L12/40006 ,  H04L12/4625 ,  H04W4/48

Abstract: A gateway device is connected to a plurality of electronic controllers on-board a vehicle. The gateway device acquires firmware update information, which includes at least a part of updated firmware to be applied to a first electronic controller, patch data, and information indicating where to apply the patch data. When the gateway device determines that the first electronic controller does not include a firmware cache for performing a pre-update firmware cache operation, the gateway device executes a proxy process. In this regard, the gateway device requests the first electronic controller to transmit boot ROM data to the gateway device, merges the patch data and existing firmware to create updated boot ROM data with updated firmware, and transmits the updated boot ROM data to the first electronic controller that updates the boot ROM data and resets the first electronic controller with the updated firmware.

公开(公告)号：US20230129603A1

公开(公告)日：2023-04-27

申请号：US18086282

申请日：2022-12-21

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yoshihiro UJIIE ,  Jun ANZAI ,  Yoshihiko KITAMURA ,  Masato TANABE ,  Takeshi KISHIKAWA

IPC: H04L9/08 ,  H04L9/40 ,  B60R16/023

Abstract: A key management method serves as an electronic control unit (ECU) in an onboard network system having a plurality of ECUs that perform communication by frames via a network. The method includes storing, in a first-type ECU, a shared key to be mutually shared with second-type ECUs, and executing encryption processing regarding a framed transmitted or received via the network, based on the shared key. The method further includes executing, by the first-type ECU, inspection of a security state of the shared key stored by the second type ECUs in a case where a vehicle is in at least one of the following particular states, including immediately after the vehicle is not driving and is entering the accessory-on state, immediately after the vehicle is not driving and the vehicle is entering the accessory-off state, and immediately after the vehicle engine is started.

公开(公告)号：US20220116405A1

公开(公告)日：2022-04-14

申请号：US17559749

申请日：2021-12-22

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yoshihiro UJIIE ,  Jun ANZAI ,  Yoshihiko KITAMURA ,  Masato TANABE ,  Hideki MATSUSHIMA ,  Tomoyuki HAGA ,  Takeshi KISHIKAWA ,  Ryota SUGIYAMA

IPC: H04L67/12 ,  H04L12/40 ,  B60R16/023

Abstract: An electronic control unit is connected to a network in an in-vehicle network system. The electronic control unit includes a first control circuit and a second control circuit. The first control circuit is connected to the network via the second control circuit. The second control circuit performs a first determination process on a frame to determine conformity of the frame with a first rule. Upon determining that the frame conforms to the first rule, the second control circuit transmits the frame to the first control circuit. The first control circuit performs a second determination process on the frame to determine conformity of the frame with a second rule. The second rule is different from the first rule.

公开(公告)号：US20210226973A1

公开(公告)日：2021-07-22

申请号：US17222325

申请日：2021-04-05

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Ryo HIRANO ,  Takeshi KISHIKAWA

IPC: H04L29/06 ,  G07C5/08 ,  G07C5/00 ,  H04L12/40

Abstract: A vehicle log transmission device includes: a vehicle log obtainer that obtains the vehicle log; a vehicle state extractor that extracts a vehicle state from the obtained vehicle log; difference generation log storage that stores a list of difference generation logs, each being a vehicle log for each of vehicle states shared between the vehicle log transmission device and a vehicle log analysis server; a difference generation log selector that selects a difference generation log from the list in accordance with the extracted vehicle state; a difference log generator that generates a difference log based on the obtained vehicle log and the selected difference generation log; and a difference log transmitter that transmits, to the vehicle log analysis server, the generated difference log and a difference generation log identifier corresponding to the selected difference generation log.

公开(公告)号：US20210226966A1

公开(公告)日：2021-07-22

申请号：US17224883

申请日：2021-04-07

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Takeshi KISHIKAWA ,  Ryo HIRANO ,  Yoshihiro UJIIE

IPC: H04L29/06 ,  H04L12/44 ,  H04L1/20

Abstract: In an anti-fraud control system, a first error monitoring device includes a first frame transmitting and receiving unit that receives a frame flowing on the on-board network; and a first error detector that causes transmission of an error notification frame for notifying of an occurrence of an error in the frame when detecting the occurrence of the error in the frame received by the first frame transmitting and receiving unit. Each of second error monitoring devices includes: a second frame transmitting and receiving unit that receives the error notification frame; and a second error detector that regards, as a frame to be invalidated, the frame subjected to the error and included in the received error notification frame, and shifts the second error monitoring device to an invalidation mode for invalidating reception of subsequent frames, if no error is detected in an own branch with respect to the frame.

公开(公告)号：US20210203525A1

公开(公告)日：2021-07-01

申请号：US17201797

申请日：2021-03-15

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yoshihiro UJIIE ,  Hideki MATSUSHIMA ,  Toshihisa NAKANO ,  Tohru WAKABAYASHI ,  Hiroshi AMANO ,  Tomoyuki HAGA ,  Takeshi KISHIKAWA

IPC: H04L12/40 ,  H04L29/06 ,  H04L12/46 ,  H04B1/3822 ,  H04L12/66

Abstract: A gateway device for a vehicle network system installed in a vehicle is provided. The vehicle network system includes a network, an electronic control unit connected to the network, and the gateway device connected to the first network and configured to communicate outside the vehicle. The gateway device receives a first frame from outside the vehicle; determines whether or not the first frame is appropriate; generates a second frame when the first frame is not determined to be appropriate; and transmits the second frame to the network. The second frame includes control information and additional information based on content of the first frame. The control information restricts processing of the additional information included in the second frame by the electronic control unit, after the second frame is received by the electronic control unit.

公开(公告)号：US20210144124A1

公开(公告)日：2021-05-13

申请号：US17152286

申请日：2021-01-19

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Manabu MAEDA ,  Jun ANZAI ,  Yoshihiro UJIIE ,  Masato TANABE ,  Takeshi KISHIKAWA

IPC: H04L29/06 ,  B60R16/023 ,  G06F21/55 ,  H04L12/28 ,  H04L12/40 ,  G06F21/85 ,  H04L9/36

Abstract: A security apparatus includes a receiver that receives a frame front at least one network, a parameter storage that stores at least one examination parameter defining a content of an examination on a frame, and processing circuitry that performs operations. The operations include judging whether a predetermined condition is satisfied for the frame received by the receiver. When the predetermined condition is satisfied, updating the stored at least one examination parameter, and when the predetermined condition is not satisfied, not updating the stored at least one examination parameter. The operations also include executing an examination, based on the stored at least one examination parameter, as to whether the frame received by the receiver is an attack frame, and performing a process depending on a result of the execution of the examination such that an influence of an attack frame on at least one electronic control unit is suppressed.