Vehicle control system network security detection system based on multi-stage feedback queue

Abstract

The invention belongs to the technical field of vehicle control system network security detection, in particular to a vehicle control system network security detection system based on multistage feedback queues. The system comprises a vehicle control network topology detection module, a vehicle control network protocol analysis module, a vehicle control network equipment vulnerability scanning module, a security vulnerability and security event POC library, a security event priority queuing module, a security event backup queue registration module and a security event injection detection module. The security event queues for injection detection are sequentially generated, and the security events are injected and detected by adopting a multi-stage feedback queue round-robin scheduling mechanism, so that the security vulnerabilities and vulnerabilities of the vehicle control network can be positioned more reasonably, efficiently and accurately, and the autonomous and controllable networksecurity detection target of the vehicle control system is achieved. The scheme is high in automation degree, the security event injection detection mechanism is reasonable, efficient and accurate, the detection scene conforms to the real attack behavior of an attacker, and the whole network security detection process is autonomous and controllable.

Description

technical field [0001] The invention belongs to the technical field of vehicle control system network security detection, and in particular relates to a vehicle control system network security detection system based on a multi-level feedback queue. Background technique [0002] The vehicle control system is one of the important branches of the industrial control system. The network composition of the vehicle control system mainly includes gateways, system buses, electronic control units (Electronic Control Unit, ECU), various types of on-board equipment and subsystem functional modules, etc. The vehicle control network is generally based on the Controller Area Network (CAN) bus, supplemented by a low-cost bus such as the Local Interconnect Network (LIN) to realize the distributed electronic system control of the vehicle. . The vehicle control network generally integrates the five CAN subnets of powertrain, body control, chassis control, diagnostic control and business infor...

AI Technical Summary

Problems solved by technology

For emerging autonomous driving technologies, the security of its vehicle control network is more complex, with more risk points and poorer autonomous controllability. Autonomous driving means that once the vehicle control rights are maliciously hijacked, it will directly threaten personal safety, traffic security and even social security

At present, the network security risk of the vehicle control system is mainly reflected in three aspects: 1) The lack of network protection equipment leads to insufficient border protection capabilities: the vehicle control network has the characteristics of mobility, specialization, and closure, and considers computing resources and equipment power consumption. , performance attenuation and other limiting factors, unable to adapt to complete security reinforcement and protection equipment such as firewall, intrusion prevention, flow control, access authentication, etc., resulting in limited vehicle control network boundary protection capabilities; 2) vehicle control network protocol design itself has security loopholes : The vehicle control network adopts public CAN and other standard buses, lacks perfect security encryption, security authentication and boundary protection mechanisms, some electronic devices are directly connected to the control bus, electronic keys and tire pressure based on near-field wireless networks such as Bluetooth and radio frequency signals Application scenarios such as monitoring (TPMS) further increase the risk of malicious intrusion into the vehicle control network

Attackers can easily access the vehicle control network through the OBD debugging interface or bus nodes, forge control information and inj

Images