Unlock instant, AI-driven research and patent intelligence for your innovation.

Automobile electronic control unit code vulnerability analysis method and system

An automotive electronic control unit and vulnerability analysis technology, applied in code compilation, program code conversion, electrical digital data processing, etc., can solve problems such as the inability to complete automatic analysis, and achieve the effect of improving the efficiency of vulnerability analysis and ensuring security.

Active Publication Date: 2020-06-02
广东为辰信息科技有限公司
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Although there are currently some open source tools that can implement code vulnerability analysis, there are still problems that require manual input of parameters and commands, and manual screening from the analysis results, making it impossible to complete automated analysis

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automobile electronic control unit code vulnerability analysis method and system
  • Automobile electronic control unit code vulnerability analysis method and system
  • Automobile electronic control unit code vulnerability analysis method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0028] figure 1 It is a flow chart of a specific embodiment of the method for analyzing the code loopholes of an automobile electronic control unit according to the present invention. like figure 1 As shown, the specific steps of the automobile electronic control unit code vulnerability analysis method of the present invention include:

[0029] S101: Setting vulnerability analysis rules:

[0030] According to the type of vulnerability to be analyzed, set the corresponding vulnerability analysis rules. Multiple vulnerabilities exist in automotive ECU code, such as Computer Emergency Response Team (CERT) syntax standard detection rules, Common Weakness Enumeration (CWE), and Open Web Application Security Project (OWASP) available for automotive ECU code Rules and standards for security vulnerabilities, rules and standards for operations on memory. The analysis rules for different vulnerabilities are different, so the analysis rules should be set according to the type of the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an automobile electronic control unit code vulnerability analysis method and a system. The method comprises the steps of setting a corresponding vulnerability analysis rule according to the type of the vulnerability to be analyzed; carrying out header file directory marking on the automobile electronic control unit code to be detected, and then compiling the automobile electronic control unit code; and generating a symbolic execution syntax tree and a program control flow graph, traversing the access symbolic execution syntax tree according to the control flow graph toperform vulnerability detection, and finally concluding and organizing vulnerability detection results of each program block in the symbolic execution syntax tree into a vulnerability analysis reportand outputting the vulnerability analysis report. According to the method, automatic analysis and report generation of the automobile electronic control unit code bug can be realized, bug analysis efficiency is improved, and thus safety of the automobile electronic control unit code is ensured.

Description

technical field [0001] The invention belongs to the technical field of electronic control units of automobiles, and more specifically relates to a method for analyzing code loopholes of electronic control units of automobiles. Background technique [0002] With the popularization of intelligent networked vehicles, on-board electronic devices are becoming more and more complex, and the surge in the number of electronic devices has also led to a sharp increase in the amount of code. When the code size on the car is quite large, only relying on manual review of code vulnerabilities and obfuscated code becomes unrealistic. [0003] The automotive industry is different from the traditional Internet industry. It has very high standards and requirements for software security. Code security issues may cause serious problems in automobiles. However, there are still relatively few researches on the analysis of automotive code vulnerabilities. Therefore, the research on the analysis r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F8/41
CPCG06F8/41G06F21/577
Inventor 李允王崇鉴赵焕宇
Owner 广东为辰信息科技有限公司