Authentication and access control method for CAN (Controller Area Network) bus

A CAN bus and access control technology, applied in the field of CAN bus authentication and access control, can solve the problems of inability to intercept data, insufficient protection ability to ensure security, etc., and achieve the effect of backward compatibility

Active Publication Date: 2017-02-22
CHINA FIRST AUTOMOBILE
View PDF5 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But this protection is not enough to ensure safety
First of all, since the CAN bus is an open broadcast data, attackers can access the bus by bypassing the location of the firew...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authentication and access control method for CAN (Controller Area Network) bus
  • Authentication and access control method for CAN (Controller Area Network) bus
  • Authentication and access control method for CAN (Controller Area Network) bus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The present invention will be further described below in conjunction with accompanying drawing: figure 1 An example of division of bus network logical function areas is described. Based on the original network topology of the vehicle, a bus switch is added, namely the central gateway. All controllers connected to the central gateway are divided into different logical areas according to their functions. A controller can belong to different logical functional areas, and the central gateway is included in all logical functional areas.

[0046] figure 2Describes the process of node key management and update. The key distribution management is completed by the vehicle manufacturer. The vehicle manufacturer stores the node key in the non-readable storage area of ​​the corresponding node controller, and encrypts it with the manufacturer's key. The key is stored in the central gateway. Key update management mainly refers to the key replacement mechanism when the in-vehicle c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an authentication and access control method for a CAN (Controller Area Network) bus, which is characterized by particularly comprising the following steps of: (1) completing functional partitioning of a vehicle system, and defining each function as a logic functional region; (2) based on functional partitioning of the vehicle system in the step (1), partitioning nodes of the vehicle system into each logic functional region according to functions to which the nodes belong; (3) based on partitioning of each node logic functional region in the step (2), allocating a secret key to each logic functional region; (4) based on each secret key in the step (3), generating a session secret key of the corresponding logic functional region after a vehicle is started up every time; (5) based on each session secret key in the step (4), completing authentication and encryption of CAN data, and based on each secret key in the step (3), implementing secret key resetting on updated nodes. According to the authentication and access control method disclosed by the invention, based on a cryptography technology, a node authentication and encryption protocol of the CAN bus is constructed by utilizing a cryptographic algorithm, and resource access control on the integral CAN bus is implemented.

Description

technical field [0001] The invention relates to a CAN bus authentication and access control method, in particular to a CAN bus network security framework and corresponding security measures, belonging to the vehicle network information security technology. Background technique [0002] CAN is the abbreviation of Controller Area Network, that is, Controller Area Network. CAN bus is a bus technology commonly used in vehicles now. Nodes in the CAN bus are all connected to the same shared line. The CAN bus is connected by twisted pair, 0 is the dominant signal, 1 is the invisible signal, and the signal uses the CSMA / CA scheme to solve the conflict problem. The arbitration mechanism uses priority to decide which node is allowed to transmit data on the bus. The smaller the ID of the node, that is, the more dominant 0 signals the node sends in the arbitration, the higher its priority. Using this mechanism makes the CAN bus suitable for real-time communication. [0003] Accordi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08H04L12/40
CPCH04L12/40006H04L63/0428H04L63/08H04L67/12H04L2012/40215
Inventor 王祎男李木犀和卫民
Owner CHINA FIRST AUTOMOBILE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap