-
公开(公告)号:US11956262B2
公开(公告)日:2024-04-09
申请号:US17330020
申请日:2021-05-25
发明人: Ryo Hirano , Takeshi Kishikawa , Yoshihiro Ujiie , Tomoyuki Haga
CPC分类号: H04L63/1425 , H04L63/20 , H04L67/12
摘要: An anomaly detection device (IDS ECU) includes a detection rule generator that monitors a communication establishment frame flowing over Ethernet in a communication establishment phase of service-oriented communication and that generates, for each communication ID, a detection rule including the communication ID written in the communication establishment frame and a server (or client) address written in the communication establishment frame; an anomaly detector that monitors a communication frame flowing over the Ethernet in a communication phase of the service-oriented communication and that, by referring to a detection rule that includes a communication ID written in the communication frame, detects the communication frame as an anomalous frame when a server (or client) address written in the communication frame differs from a server (or client) address included in the detection rule; and an anomaly notifier that provides a notification of an anomaly in response to the anomalous frame being detected.
-
公开(公告)号:US11764998B2
公开(公告)日:2023-09-19
申请号:US17089277
申请日:2020-11-04
发明人: Takeshi Kishikawa , Yoshihiro Ujiie , Ryo Hirano
IPC分类号: H04L12/44 , H04L12/40 , H04L12/417
CPC分类号: H04L12/44 , H04L12/40013 , H04L12/417 , H04L2012/40241
摘要: A secure star coupler in a communication network adopting a time-triggered protocol based on a time slot include: transceivers each of which is connected to one of branches and transmits and receives signals; a routing table holder that holds a predetermined rule indicating a correspondence between a time slot and a branch; and a router that routes a signal received from a first branch to another branch unless a no-transfer condition is satisfied. The no-transfer condition includes a condition that the predetermined rule is not followed by the first branch and a condition that routing of a signal received from a second branch different from the first branch has started in the time slot.
-
公开(公告)号:US11595422B2
公开(公告)日:2023-02-28
申请号:US17344097
申请日:2021-06-10
发明人: Yoshihiro Ujiie , Hideki Matsushima , Tomoyuki Haga , Manabu Maeda , Yuji Unagami , Takeshi Kishikawa
摘要: A method for use in a network communication system including a plurality of electronic controllers that communicate with each other via a bus in accordance with a Controller Area Network (CAN) protocol determines whether or not content of a predetermined field in a frame which has started to be transmitted meets a predetermined condition indicating fraud. In a case where the content of the predetermined field meets the predetermined condition, a frame including predetermined consecutive dominant bits for notifying an anomaly is transmitted before an end of the frame is transmitted. A number of times the frame including the predetermined consecutive dominant bits is transmitted is recorded for each identifier (ID) represented by content of an ID field included in a plurality of frames which has been transmitted. A malicious electronic controller is determined in accordance with the number of times recorded for each ID.
-
公开(公告)号:US11522733B2
公开(公告)日:2022-12-06
申请号:US17201797
申请日:2021-03-15
发明人: Yoshihiro Ujiie , Hideki Matsushima , Toshihisa Nakano , Tohru Wakabayashi , Hiroshi Amano , Tomoyuki Haga , Takeshi Kishikawa
IPC分类号: H04L12/40 , H04L9/40 , H04L12/46 , H04B1/3822 , H04L12/66
摘要: A gateway device for a vehicle network system installed in a vehicle is provided. The vehicle network system includes a network, an electronic control unit connected to the network, and the gateway device connected to the first network and configured to communicate outside the vehicle. The gateway device receives a first frame from outside the vehicle; determines whether or not the first frame is appropriate; generates a second frame when the first frame is not determined to be appropriate; and transmits the second frame to the network. The second frame includes control information and additional information based on content of the first frame. The control information restricts processing of the additional information included in the second frame by the electronic control unit, after the second frame is received by the electronic control unit.
-
公开(公告)号:US11469921B2
公开(公告)日:2022-10-11
申请号:US16798530
申请日:2020-02-24
摘要: A security device connected to a plurality of networks in a vehicle is provided. The security device determines, with regard to a frame received from a first network, whether to transmit a determination request for the frame outside the vehicle. The security device transmits the determination request outside the vehicle in a case where it is determined to transmit the determination request outside the vehicle, transmits, before obtaining a determination result from outside the vehicle in accordance with the determination request, the frame to a second network, and then obtains determination results from outside the vehicle in accordance with the determination request. The security device outputs presentation information in accordance with the determination result.
-
公开(公告)号:US11381420B2
公开(公告)日:2022-07-05
申请号:US16734435
申请日:2020-01-06
发明人: Yuishi Torisaki , Hiroyasu Terazawa , Tomoyuki Haga , Yoshihiro Ujiie , Ryo Kato
摘要: An in-vehicle relay device prevents an anomaly of a control command exchanged over networks having different transmittable data sizes in a frame. The in-vehicle relay device relays communication between multiple control devices in a vehicle over the networks to which the control devices are connected. The in-vehicle relay device receives control data from a first control network. The control data includes, in a frame, a plurality of control commands to be executed by at least one of the control devices. The in-vehicle relay device determines, as a first determination, whether types of the control commands included in the frame form a first combination that is preset as a combination of control commands that are executable simultaneously. The in-vehicle relay device thereafter determines, as a second determination, whether the control data is anomalous by using the result of the first determination, and outputs the result of the second determination.
-
公开(公告)号:US10904883B2
公开(公告)日:2021-01-26
申请号:US16380447
申请日:2019-04-10
发明人: Yoshihiro Ujiie , Yuishi Torisaki , Tomoyuki Haga , Hiroyasu Terazawa , Ryo Kato
摘要: A communication device is a communication device connected to a mobility network which is a network mounted in a mobility and which is used by a plurality of electronic control devices for communication. The communication device includes: a holding unit which holds range information indicating a transferable path range determined for a message on the mobility network; a receiving unit which receives the message on the mobility network; and a determining unit which determines validity of the received message by using the range information.
-
公开(公告)号:US10609049B2
公开(公告)日:2020-03-31
申请号:US16207875
申请日:2018-12-03
发明人: Manabu Maeda , Hideki Matsushima , Tomoyuki Haga , Yuji Unagami , Yoshihiro Ujiie , Takeshi Kishikawa
IPC分类号: H04L29/06 , H04L12/28 , B60R16/023 , H04L12/40 , H04L29/08
摘要: A fraud sensing method for use in an in-vehicle network system including a plurality of electronic control units that communicate with each other via a network includes detecting that a state of a vehicle satisfies a predetermined condition, and switching, upon detecting that the state of the vehicle satisfies the predetermined condition, an operation mode of a fraud-sensing electronic control unit connected to the network between a first mode in which a first type of sensing process for sensing a fraudulent message in the network is performed and a second mode in which the first type of sensing process is not performed.
-
9.发明授权公开(公告)号:US10530572B2
公开(公告)日:2020-01-07
申请号:US15203622
申请日:2016-07-06
IPC分类号: H04L9/08 , B60R16/023
摘要: Provided is a key management method to secure security in an onboard network system having multiple electronic control units storing a shared key. In the key management method of the onboard network system including multiple electronic units (ECUs) that perform communication by frames via a bus, a master ECU stores a shared key to be mutually shared with one or more ECUs. Each of the ECUs acquire a session key by communication with the master ECU based on the stored shared key, and after this acquisition, executes encryption processing regarding a frame transmitted or received via the bus, using this session key. In a case where a vehicle in which the onboard network system is installed is in a particular state, the master ECU executes inspection of a security state of the shared key stored by the ECU or the like.
-
10.发明授权公开(公告)号:US10320826B2
公开(公告)日:2019-06-11
申请号:US15228299
申请日:2016-08-04
摘要: An anomaly detection electronic control unit, that performs anomaly detection processing and that is connected to a bus which a plurality of electronic control units use for communication to communicate following a Controller Area Network (CAN) protocol, includes an anomaly detection processing requester that decides an anomaly detection processing timing based on an ID of a data frame acquired from the bus, and an anomaly detection processor that performs anomaly detection processing regarding the data frame at the anomaly detection processing timing decided by the anomaly detection processing requester.
-
-
-
-
-
-
-
-
-
搜索结果
86 条记录 (耗时 0.033 秒)
