Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Vehicle control system network security detection system based on multi-stage feedback queue

A vehicle control system and network security technology, which is applied in the field of vehicle control system network security detection, can solve the problems of vehicle control network damage, poor autonomous controllability, and no immutable fixed mode, etc., to improve the degree of automation and matching degree, and to quickly screen Effect

Active Publication Date: 2019-11-08
北京京航计算通讯研究所
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For emerging autonomous driving technologies, the security of its vehicle control network is more complex, with more risk points and poorer autonomous controllability. Autonomous driving means that once the vehicle control rights are maliciously hijacked, it will directly threaten personal safety, traffic security and even social security
At present, the network security risk of the vehicle control system is mainly reflected in three aspects: 1) The lack of network protection equipment leads to insufficient border protection capabilities: the vehicle control network has the characteristics of mobility, specialization, and closure, and considers computing resources and equipment power consumption. , performance attenuation and other limiting factors, unable to adapt to complete security reinforcement and protection equipment such as firewall, intrusion prevention, flow control, access authentication, etc., resulting in limited vehicle control network boundary protection capabilities; 2) vehicle control network protocol design itself has security loopholes : The vehicle control network adopts public CAN and other standard buses, lacks perfect security encryption, security authentication and boundary protection mechanisms, some electronic devices are directly connected to the control bus, electronic keys and tire pressure based on near-field wireless networks such as Bluetooth and radio frequency signals Application scenarios such as monitoring (TPMS) further increase the risk of malicious intrusion into the vehicle control network
Attackers can easily access the vehicle control network through the OBD debugging interface or bus nodes, forge control information and inject it into the vehicle control network, use message interception, protocol analysis and other means to crack and tamper with the vehicle control protocol messages transmitted in plain text, and then attack the vehicle Control or destroy the control network; 3) The network security detection method of the vehicle control system needs to be improved urgently: the traditional vehicle control network security detection uses manual, one by one access to the vehicle control bus through the OBD interface, intercepts the message, cracks the protocol, uses Vulnerabilities are injected into security events to verify the network security level of the vehicle control system. The entire process of security event injection detection requires a high degree of manual participation and a low degree of automation. In addition, there is no fixed pattern of attacker behavior, and the existing non-autonomous controllable security event injection detection mechanism It is also impossible to simulate scenarios such as more realistic attacker attack behaviors
[0004] From the above analysis, it can be seen that the deficiency of the current vehicle control system network security detection technology is mainly due to the insufficient protection capability of the vehicle control network boundary and the security loopholes in the protocol design itself, the existing vehicle control system network security detection technology has not yet achieved a higher degree of automation , The security event injection detection mechanism is more reasonable, the detection scenario is more in line with the real attack behavior, and the detection process is more autonomous and controllable detection target

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vehicle control system network security detection system based on multi-stage feedback queue
  • Vehicle control system network security detection system based on multi-stage feedback queue

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0127] This embodiment adopts a vehicle control system network security detection system based on a multi-level feedback queue, which achieves a higher degree of automation, a more reasonable, efficient, and accurate security event injection detection mechanism, and a detection scenario that is more in line with real attack behaviors. More autonomous and controllable vehicle control system network security testing in the whole testing process.

[0128] The method for detecting the network security of the vehicle control system using the method of the present invention will be described in detail below in conjunction with specific embodiments. Therefore, it can be extended to a wider range of network security detection applications for vehicle control systems of various types of ordinary vehicles, special vehicles, and self-driving vehicles.

[0129] First build the target vehicle control system network. The target vehicle control system network uses the vehicle CAN and LIN bus...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of vehicle control system network security detection, in particular to a vehicle control system network security detection system based on multistage feedback queues. The system comprises a vehicle control network topology detection module, a vehicle control network protocol analysis module, a vehicle control network equipment vulnerability scanning module, a security vulnerability and security event POC library, a security event priority queuing module, a security event backup queue registration module and a security event injection detection module. The security event queues for injection detection are sequentially generated, and the security events are injected and detected by adopting a multi-stage feedback queue round-robin scheduling mechanism, so that the security vulnerabilities and vulnerabilities of the vehicle control network can be positioned more reasonably, efficiently and accurately, and the autonomous and controllable networksecurity detection target of the vehicle control system is achieved. The scheme is high in automation degree, the security event injection detection mechanism is reasonable, efficient and accurate, the detection scene conforms to the real attack behavior of an attacker, and the whole network security detection process is autonomous and controllable.

Description

technical field [0001] The invention belongs to the technical field of vehicle control system network security detection, and in particular relates to a vehicle control system network security detection system based on a multi-level feedback queue. Background technique [0002] The vehicle control system is one of the important branches of the industrial control system. The network composition of the vehicle control system mainly includes gateways, system buses, electronic control units (Electronic Control Unit, ECU), various types of on-board equipment and subsystem functional modules, etc. The vehicle control network is generally based on the Controller Area Network (CAN) bus, supplemented by a low-cost bus such as the Local Interconnect Network (LIN) to realize the distributed electronic system control of the vehicle. . The vehicle control network generally integrates the five CAN subnets of powertrain, body control, chassis control, diagnostic control and business infor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433
Inventor 何占博王颖陈慧龙郑德利宋悦高飞刘军王黎朱琳闫丛张晛
Owner 北京京航计算通讯研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products