公开(公告)号：US11829472B2

公开(公告)日：2023-11-28

申请号：US17380228

申请日：2021-07-20

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Ryo Hirano ,  Takeshi Kishikawa ,  Yoshihiro Ujiie ,  Tomoyuki Haga

IPC: G06F21/14 ,  G06F21/56 ,  G06F21/55

CPC classification number: G06F21/56 ,  G06F21/552

Abstract: An anomalous vehicle detection server includes an anomaly score calculator that detects a suspicious behavior different from a predetermined driving behavior based on pieces of vehicle information that are received from a plurality of vehicles, respectively, and are each based on a vehicle log including the content of an event that has occurred in a vehicle system provided in the vehicle, and acquires an anomaly score of each of the plurality of vehicles that indicates a likelihood that reverse engineering is performed on the vehicle; and an anomalous vehicle determiner that determines whether one vehicle of the plurality of vehicles is an anomalous vehicle based on the anomaly score of the one vehicle and a statistical value of the anomaly scores of two or more vehicles of the plurality of vehicles.

公开(公告)号：US11438350B2

公开(公告)日：2022-09-06

申请号：US17194514

申请日：2021-03-08

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Manabu Maeda ,  Takeshi Kishikawa ,  Daisuke Kunimune

IPC: G06F21/00 ,  H04L9/40 ,  B60R16/023 ,  G06F21/55 ,  G05D1/02 ,  G05D1/00

Abstract: An unauthorized activity detection method in an onboard network system. The detection method includes determining whether or not a message sent out onto the network is an attack message, saving information relating to the attack message in at least one memory in a case where the message is an attack message, identifying a communication pattern from information relating to the attack message, and determining whether or not the message matches a communication pattern. The determination of whether an attack message and determination of whether matching a communication pattern are executed on each of a plurality of messages received from the network. In the determining of whether an attack message executed on a message received after executing of determining of whether matching a communication pattern, results of the determination of whether an attack message that has already be executed are used.

公开(公告)号：US11425128B2

公开(公告)日：2022-08-23

申请号：US17039107

申请日：2020-09-30

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Takeshi Kishikawa ,  Manabu Maeda ,  Tohru Wakabayashi ,  Toshihisa Nakano ,  Hideki Matsushima

IPC: H04L9/40 ,  B60R16/023 ,  H04L12/40 ,  H04L67/125 ,  H04L67/12

Abstract: A method for use in a network system is provided. The network system includes a plurality of electronic controllers that transmits and receives, via a network, a plurality of frames. The plurality of frames includes at least one control frame that instructs predetermined control to an object of control. The method receives, sequentially, the plurality of frames from the network, and determines whether the predetermined control, instructed by the control frame received in the receiving, is to be suppressed, based on a set of frames received in the receiving. The set of frames is received in the receiving within a predetermined period preceding a time of reception of the control frame.

公开(公告)号：US11296965B2

公开(公告)日：2022-04-05

申请号：US17201839

申请日：2021-03-15

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yoshihiro Ujiie ,  Tomoyuki Haga ,  Manabu Maeda ,  Hideki Matsushima ,  Takeshi Kishikawa ,  Junichi Tsurumi ,  Hisashi Kashima ,  Yukino Toriumi ,  Takuya Kuwahara

IPC: H04L43/0823 ,  H04L12/40 ,  H04W4/48 ,  H04L41/14 ,  H04L29/06

Abstract: An abnormality detection method is provided. The abnormality detection method is for detecting an abnormality that may be transmitted to a bus in an on-board network system. The on-board network system includes a plurality of electronic controllers that transmit and receive messages via the bus in a mobility entity. In the abnormality detection method, for example, a gateway transmits identification information to a server and receives a response determining a unit time. An operation process is performed using feature information based on a number of messages received from the bus per the determined unit time and using a model indicating a criterion in terms of a message occurrence frequency. A judgment is made as to an abnormality according to a result of the operation process.

公开(公告)号：US11223525B2

公开(公告)日：2022-01-11

申请号：US16915187

申请日：2020-06-29

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Manabu Maeda ,  Hideki Matsushima ,  Tomoyuki Haga ,  Yoshihiro Ujiie ,  Takeshi Kishikawa

IPC: H04L12/24 ,  B60R16/023 ,  G06F11/00 ,  B60R16/02 ,  G06F11/36 ,  G06F8/654 ,  G06F8/71 ,  H04L12/46 ,  H04L12/40 ,  H04L12/66

Abstract: A gateway device connected to a network used in communication by multiple electronic control units provided on-board a vehicle. The gateway device performs operations including receiving firmware update information that includes updated firmware for one electronic control unit among the electronic control units, and acquiring system configuration information indicating a function of each of the electronic control units connected to the network. The gateway device further performs a controlling operation to update firmware of the one electronic control unit, for which updated firmware is received by the receiving, on a basis of the updated firmware, after an operation verification of the updated firmware is performed in an operating environment appropriately. The operating environment being configured with electronic control units of the same functions as each of the electronic control units indicated by the system configuration information.

公开(公告)号：US10951631B2

公开(公告)日：2021-03-16

申请号：US16540675

申请日：2019-08-14

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yuji Unagami ,  Hideki Matsushima ,  Tomoyuki Haga ,  Manabu Maeda ,  Yoshihiro Ujiie ,  Takeshi Kishikawa

IPC: H04L29/06 ,  H04W4/40 ,  B60R16/023 ,  G06F21/57 ,  G06F21/60 ,  G06F21/71 ,  G06F21/85 ,  H04L12/28 ,  H04L29/08

Abstract: In a fraud-detection method for use in an in-vehicle network system including a plurality of electronic control units (ECUs) that exchange messages on a plurality of networks, a plurality of fraud-detection ECUs each connected to a different one of the networks, and a gateway device, a fraud-detection ECU determines whether a message transmitted on a network connected to the fraud-detection ECU is malicious by using rule information stored in a memory. The gateway device receives updated rule information transmitted to a first network among the networks, selects a second network different from the first network, and transfers the updated rule information only to the second network. A fraud-detection ECU connected to the second network acquires the updated rule information and updates the rule information stored therein by using the updated rule information.

公开(公告)号：US10931634B2

公开(公告)日：2021-02-23

申请号：US15880769

申请日：2018-01-26

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Manabu Maeda ,  Jun Anzai ,  Yoshihiro Ujiie ,  Masato Tanabe ,  Takeshi Kishikawa

IPC: H04L29/06 ,  B60R16/023 ,  G06F21/55 ,  H04L12/28 ,  H04L12/40 ,  G06F21/85 ,  H04L9/36 ,  H04L29/08

Abstract: A gateway serving as a security apparatus connected to one or a plurality of buses includes a receiver that receives a frame from a bus, a parameter storage that stores an examination parameter defining a content of an examination of the frame, an updater configured to, in a case where a predetermined condition is satisfied for the frame received by the receiver, update the examination parameter stored in the parameter storage, and an examiner that performs an examination, based on the examination parameter stored in the parameter storage, in terms of judgment of whether or not the frame received by the receiver is an attack frame.

公开(公告)号：US10909237B2

公开(公告)日：2021-02-02

申请号：US16431002

申请日：2019-06-04

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Yoshihiro Ujiie ,  Hideki Matsushima ,  Tomoyuki Haga ,  Yuji Unagami ,  Takeshi Kishikawa

IPC: G06F12/14 ,  G06F21/55 ,  B60R16/02 ,  B60R16/023 ,  H04L12/28 ,  H04L29/06 ,  G06F13/36

Abstract: A method for a fraud detecting controller connected to networks for communication by a plurality of controllers, includes, storing fraud detection rules, determining whether a message transmitted on the network connected to the fraud detecting controller conforms to the rules, receiving data including updated fraud detection rules and network type information indicating one network type to which the updated fraud detection rules are to be applied; and determining whether a vehicle having an on-board network is running, the on-board network including the plurality of controllers. When the vehicle is running, additionally determining whether the network type information indicates a drive network which is connected to a controller related to vehicle travel, when the network type information indicates the drive network, not updating to the updated fraud detection rules, and when the network type information does not indicate the drive network, updating to the updated fraud detection rules.

公开(公告)号：US10896616B2

公开(公告)日：2021-01-19

申请号：US16413035

申请日：2019-05-15

Applicant: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA

Inventor： Tomoyuki Haga ,  Hideki Matsushima ,  Yoshihiro Ujiie ,  Takeshi Kishikawa

IPC: G08G1/16 ,  G08G1/00 ,  H04W4/46 ,  H04W12/12 ,  B60R16/023 ,  H04L29/06 ,  H04W12/00 ,  H04L12/40

Abstract: An anomaly handling method using a roadside device is disclosed. The method includes receiving, from a vehicle, an anomaly detection notification, which includes level information indicating a level affecting safety, and a location of the vehicle. The method also includes obtaining a location of the roadside device and determining whether a distance between the location of the vehicle and the location of the roadside device is within a predetermined range. When the distance is within the predetermined range and shorter than a first predetermined distance, transmitting the received anomaly detection notification externally from the roadside device. When the distance is within the predetermined range and is longer than or equal to the first predetermined distance, changing to decrement a level indicated by the level information, and transmitting changed anomaly detection notification. When the distance is not within the predetermined range, not transmitting the received anomaly detection notification.

公开(公告)号：US10791129B2

公开(公告)日：2020-09-29

申请号：US16244162

申请日：2019-01-10

Applicant: Panasonic Intellectual Property Corporation of America

Inventor： Manabu Maeda ,  Takeshi Kishikawa ,  Daisuke Kunimune

IPC: H04L29/06 ,  H04L12/40 ,  G06N20/00 ,  G06N7/00 ,  B60R16/023

Abstract: A reference message deciding method used in unauthorized communication detection. The deciding method includes: identifying, from information relating to an attack message on the onboard network system, a communication pattern indicating features related to change in data values or communication timing of an attack message; determining whether or not a message sent out onto the network matches a communication pattern identified in the identifying; and deciding a reference message used in determining whether or not the message sent out is an attack message, using determination results of the determining.