-
公开(公告)号:US10974669B2
公开(公告)日:2021-04-13
申请号:US16664192
申请日:2019-10-25
Inventor: Tomoyuki Haga , Toshihisa Nakano , Jun Anzai , Hideki Matsushima , Yoshihiro Ujiie , Yuji Unagami
IPC: H04L9/32 , B60R16/023 , H04L12/40 , H04L12/46 , H04L12/66
Abstract: A gateway connected to a bus, a bus, and the like used by a plurality of electronic control units for communication includes a frame communication unit that receives a frame, a transfer control unit that removes verification information used to verify a frame from the content of the frame received by the frame communication unit and transfers the frame to a destination bus or that adds verification information to the content of the frame and transfers the frame to the destination bus, and the like.
-
公开(公告)号:US10931634B2
公开(公告)日:2021-02-23
申请号:US15880769
申请日:2018-01-26
Inventor: Manabu Maeda , Jun Anzai , Yoshihiro Ujiie , Masato Tanabe , Takeshi Kishikawa
Abstract: A gateway serving as a security apparatus connected to one or a plurality of buses includes a receiver that receives a frame from a bus, a parameter storage that stores an examination parameter defining a content of an examination of the frame, an updater configured to, in a case where a predetermined condition is satisfied for the frame received by the receiver, update the examination parameter stored in the parameter storage, and an examiner that performs an examination, based on the examination parameter stored in the parameter storage, in terms of judgment of whether or not the frame received by the receiver is an attack frame.
-
公开(公告)号:US10725762B2
公开(公告)日:2020-07-28
申请号:US15465653
申请日:2017-03-22
Inventor: Yoshihiro Ujiie , Hideki Matsushima , Jun Anzai , Toshihisa Nakano , Tomoyuki Haga , Manabu Maeda , Takeshi Kishikawa
IPC: G06F8/65 , G06F8/654 , B60R16/023 , G06F11/00 , H04L12/46 , H04L12/40 , G06F11/14 , B60R16/02 , H04L29/08 , H04W4/48 , G06F21/64
Abstract: A gateway device, connected to one or more buses used in communication by a plurality of ECUs on-board a vehicle, is provided with: a receiving unit that receives, from a server that acts as an external device external to the vehicle, firmware update information that includes updated firmware to be applied to one ECU from among the plurality of ECUs; and a control unit that determines, based on certain information about the ECU on which to apply the updated firmware, whether or not the ECU satisfies a certain condition, and if the certain condition is satisfied, causes the ECU to execute a certain process related to updating firmware, whereas if the certain condition is not satisfied, causes equipment other than the ECU to execute the certain process.
-
4.发明授权公开(公告)号:US10693889B2
公开(公告)日:2020-06-23
申请号:US16217460
申请日:2018-12-12
Inventor: Yoshihiro Ujiie , Jun Anzai , Yoshihiko Kitamura , Masato Tanabe , Hideki Matsushima , Tomoyuki Haga , Takeshi Kishikawa , Ryota Sugiyama
IPC: H04L29/06 , H04L29/08 , H04L12/40 , B60R16/023
Abstract: An electronic control unit is connected to an in-vehicle network bus in an in-vehicle network system. The electronic control unit includes a first control circuit and a second control circuit. The first control circuit is connected to the in-vehicle network bus via the second control circuit over wired communication and/or wireless communication. The first control circuit performs a first determination process on a frame to determine conformity of the frame with a first rule. The second control circuit performs a second determination process on the frame to determine conformity of the frame with a second rule, and, upon determining that the frame conforms to the second rule, transmits the frame to the in-vehicle network bus.
-
公开(公告)号:US10193859B2
公开(公告)日:2019-01-29
申请号:US15940200
申请日:2018-03-29
Inventor: Manabu Maeda , Jun Anzai , Yoshihiro Ujiie , Masato Tanabe , Takeshi Kishikawa
Abstract: A security apparatus is provided that is connected to a bus. The security apparatus includes a receiver that receives a first frame from the bus, a memory that stores an examination parameter defining a content of an examination on the first frame, and processing circuitry that performs operations. The performed operations include first determining whether a predetermined condition is satisfied for the first frame. The performed operations also include, in a case where the first determining determined that the predetermined condition is satisfied, updating the examination parameter stored in the memory. The performed operations further include second determining whether the first frame is an attack frame based on the updated examination parameter stored in the memory.
-
Patent Agency Ranking
6.发明授权公开(公告)号:US11652643B2
公开(公告)日:2023-05-16
申请号:US17101876
申请日:2020-11-23
Inventor: Yuji Unagami , Manabu Maeda , Tomoyuki Haga , Hideki Matsushima , Jun Anzai
CPC classification number: H04L9/3247 , G06F21/6236 , G06F21/64 , H04L9/3242 , H04L63/123 , H04L67/12 , G08G1/09 , H04L2209/84
Abstract: A method for verifying content data to be used in a vehicle is provided. The method includes acquiring content data, acquiring, from partial data divided from the content data, a respective plurality of first hash values, acquiring a signature generated by using the first hash values and a key, acquiring state information that indicates a state of a vehicle, determining an integer N that is greater than or equal to one based on the acquired state information, generating, from N pieces of partial data included in the partial data, respective second hash values, verifying the content data by using each of (a) a subset of the plurality of first hash values respectively generated from partial data other than the N pieces of partial data, (b) the second hash values, and (c) the signature, and outputting information that indicates a result of the verifying.
-
7.发明授权公开(公告)号:US10887111B2
公开(公告)日:2021-01-05
申请号:US16264804
申请日:2019-02-01
Inventor: Yuji Unagami , Manabu Maeda , Tomoyuki Haga , Hideki Matsushima , Jun Anzai
Abstract: A method for verifying content data to be used in a vehicle is provided. The method includes acquiring content data, acquiring, from partial data divided from the content data, a respective plurality of first hash values, acquiring a signature generated by using the first hash values and a key, acquiring state information that indicates a state of a vehicle, determining an integer N that is greater than or equal to one based on the acquired state information, generating, from N pieces of partial data included in the partial data, respective second hash values, verifying the content data by using each of (a) a subset of the plurality of first hash values respectively generated from partial data other than the N pieces of partial data, (b) the second hash values, and (c) the signature, and outputting information that indicates a result of the verifying.
-
8.发明授权公开(公告)号:US10530572B2
公开(公告)日:2020-01-07
申请号:US15203622
申请日:2016-07-06
Inventor: Yoshihiro Ujiie , Jun Anzai , Yoshihiko Kitamura , Masato Tanabe , Takeshi Kishikawa
IPC: H04L9/08 , B60R16/023
Abstract: Provided is a key management method to secure security in an onboard network system having multiple electronic control units storing a shared key. In the key management method of the onboard network system including multiple electronic units (ECUs) that perform communication by frames via a bus, a master ECU stores a shared key to be mutually shared with one or more ECUs. Each of the ECUs acquire a session key by communication with the master ECU based on the stored shared key, and after this acquisition, executes encryption processing regarding a frame transmitted or received via the bus, using this session key. In a case where a vehicle in which the onboard network system is installed is in a particular state, the master ECU executes inspection of a security state of the shared key stored by the ECU or the like.
-
公开(公告)号:US11838303B2
公开(公告)日:2023-12-05
申请号:US16919809
申请日:2020-07-02
Inventor: Manabu Maeda , Jun Anzai , Takeshi Kishikawa
CPC classification number: H04L63/1425 , B60R16/023 , G06F11/3013 , G06F11/3476 , H04L9/3242 , H04W4/48 , H04L12/40013
Abstract: A log generation method for generating a log of communication on an in-vehicle network includes: performing a plurality of determination processes for determining, by using different methods, whether or not a message sent to the in-vehicle network is anomalous; generating a log in accordance with results of the plurality of determination processes; and transmitting the generated log. In the generating, information items to be included in the log are determined in accordance with a combination of the results of the plurality of determination processes so that the log does not include identical information items.
-
10.发明授权公开(公告)号:US11569984B2
公开(公告)日:2023-01-31
申请号:US17036470
申请日:2020-09-29
Inventor: Yoshihiro Ujiie , Jun Anzai , Yoshihiko Kitamura , Masato Tanabe , Takeshi Kishikawa
IPC: H04L9/08 , H04L9/40 , B60R16/023 , H04L67/12
Abstract: A key management method serves as an electronic control unit (ECU) in an onboard network system having a plurality of ECUs that perform communication by frames via a network. The method includes storing a shared key and executing encryption processing based on the shared key. The method further includes executing inspection of a security state of the shared key stored in a case where a vehicle is in at least one of the following particular states: the vehicle is not driving and is an accessory-on state; a fuel cap of the vehicle is open, and the vehicle is not driving and is fueling; the vehicle is parked, which is indicated by the gearshift; the vehicle is in a stopped state before driving, which is indicated by the gearshift; and a charging plug is connected to the vehicle, and the vehicle is electrically charging.
-
-
-
-
-
-
-
-
-
Search Results
31
records
(took 0.023 seconds)
