公开(公告)号：US20220014544A1

公开(公告)日：2022-01-13

申请号：US17368999

申请日：2021-07-07

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA ,  Taiji ABE

IPC: H04L29/06 ,  H04L29/08

Abstract: A log transmission controller includes a log acquirer, a priority storage, an update instruction acquirer, a priority updater and a transmitter. The log acquirer acquires a log indicating respective states of electronic control units connected to the log transmission controller equipped in a moving object. The priority storage stores priority information indicating a priority for transmitting the log to a server. The update instruction acquirer acquires a first update instruction generated by an update instructor for updating the priority information, and second and third update instructions generated by the server for updating the priority information. The priority updater updates the priority information based on the update instruction. The transmitter transmits the log based on the priority. The first and second update instructions are for updating the priority to be higher than a predetermined priority, and the third update instruction is for updating the priority to the predetermined priority.

公开(公告)号：US20250045396A1

公开(公告)日：2025-02-06

申请号：US18776308

申请日：2024-07-18

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA ,  Taiji ABE ,  Tomonori IKUSE ,  Keita HAYAKAWA ,  Masumi EGAWA

IPC: G06F21/56

Abstract: An attack analysis device stores attack abnormality relationship information indicating a relationship among (i) predicted attack information indicating an attack predicted to be received by an electronic control system, (ii) predicted abnormality information indicating an abnormality predicted to occur in response to the predicted attack, and (iii) predicted abnormality location information indicating a location within the electronic control system where the predicted abnormality occurs. The attack analysis device is configured to: acquire a security log indicating an abnormality detected in the electronic control system and a detection location of the abnormality in the electronic control system; estimate the attack based on the security log and the attack abnormality relationship information; analyze an estimation accuracy of the attack based on context data included in the security log; and output attack information, which indicates the estimated attack, and estimation accuracy information, which indicates the estimation accuracy of the attack.

公开(公告)号：US20240089280A1

公开(公告)日：2024-03-14

申请号：US18462466

申请日：2023-09-07

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/1416 ,  H04L63/1466

Abstract: An attack analysis device includes attack abnormality relationship information indicating a relationship among (i) attack information indicating an attack possible to be received by an electronic control system, (ii) an estimation abnormality information indicating an abnormality estimated to be occurred when the attack is received, and (iii) commonized estimation abnormality location information indicating a commonized estimation abnormality location, which is a location of the abnormality estimated to be occurred when the electronic control system receives the attack and commonized between the electronic control system and a different electronic control system. The attack analysis device estimates an attack received by the electronic control system with reference to the attack abnormality relationship information.

公开(公告)号：US20240089281A1

公开(公告)日：2024-03-14

申请号：US18462475

申请日：2023-09-07

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/1416

Abstract: An attack analysis device acquires a security log generated by a security sensor mounted on each of a plurality of electronic control units configuring an electronic control system, sets a log package in which a plurality of the security logs are packaged, estimates an attack received by the electronic control system based on the log package, and outputs attack information indicating the estimated attack.

公开(公告)号：US20220309153A1

公开(公告)日：2022-09-29

申请号：US17693469

申请日：2022-03-14

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA ,  Taiji ABE ,  Reiichiro IMOTO

IPC: G06F21/55

Abstract: An attack analyzer includes: a common log acquisition unit acquiring a common security log including abnormality information indicating abnormality detected by an electronic control system, and a common abnormality position indicating an abnormality position of the abnormality converted to be common among the electronic control system and other electronic control systems; an attack/abnormality relationship table storage unit storing an attack/abnormality relationship table; an estimation unit; and an output unit outputting attack information including the attack type.

公开(公告)号：US20220019661A1

公开(公告)日：2022-01-20

申请号：US17371148

申请日：2021-07-09

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA ,  Taiji ABE

IPC: G06F21/55

Abstract: A log analysis device is provided. The log analysis device receives a log indicating status of an electronic control system mounted in a movable object from the electronic control system, analyzes an abnormality in the electronic control system by using the log received. Depending on a result of the analyzing, the log analysis device determines, on a log-by-log basis, priority for the electronic control system to transmit the log to the log analysis device. Based on the priority determined, the log analysis device generates instruction information that gives an instruction for controlling transmission of the log, and transmits the instruction information to the electronic control system.

公开(公告)号：US20240039949A1

公开(公告)日：2024-02-01

申请号：US18353152

申请日：2023-07-17

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA

IPC: H04L9/40

CPC classification number: H04L63/1433 ,  H04L63/1425 ,  H04L63/1458 ,  H04L63/105

Abstract: By an attack estimation verification device, an attack estimation verification method, and a computer-readable non-transitory storage medium storing an attack estimation verification program, an attack-abnormality relation table is stored, a security log is acquired, an attack received by an electronic control system is estimated, it is determined whether grouping or an assumption feature of an abnormal electronic control unit is appropriate, and a notification indicating a verification result is provided.

公开(公告)号：US20220019662A1

公开(公告)日：2022-01-20

申请号：US17371163

申请日：2021-07-09

Applicant: DENSO CORPORATION

Inventor： Naoya ISHIDA ,  Masumi EGAWA ,  Takeshi SUGASHIMA ,  Taiji ABE ,  Katsuya TANAKA ,  Reiichirou IMOTO ,  Keigo NAGARA

IPC: G06F21/55

Abstract: A center device is provided that receives a log from vehicle-mounted equipment transmitting the log based on an external transmission rule and analyzes the log to detect a cyber attack. Based on a result of the detecting, the center device determines update of the external transmission rule. The center devices transmits an external transmission rule update instruction. As attack depth of the cyber attack is deeper, the center device sets an external transmission target to the log that is generated in a deeper layer among layers in which constituent elements of the vehicle-mounted equipment are defined.

公开(公告)号：US20210397504A1

公开(公告)日：2021-12-23

申请号：US17346314

申请日：2021-06-14

Applicant: DENSO CORPORATION

Inventor： Keigo NAGARA ,  Taiji ABE ,  Reiichirou IMOTO ,  Masumi EGAWA

IPC: G06F11/07

Abstract: A log transmission controller includes a log acquirer, a priority storage, an update instruction acquirer, a priority updater and a transmitter. The log acquirer acquires a log indicating respective states of electronic control units connected to the log transmission controller, which is equipped in a moving object. The priority storage stores priority information indicating a priority for transmitting the log to a server, which is disposed at exterior of the moving object. The update instruction acquirer acquires an update instruction, which is generated by an update instructor equipped in the moving object, for instructing to update the priority information stored in the priority storage. The priority updater updates the priority information based on the update instruction. The transmitter transmits the log to the server based on the priority indicated by the updated priority information.