Method for handling transmission of fraudulent frames within in-vehicle network
First Claim
1. An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), in an in-vehicle network, the anti-fraud method comprising:
- receiving a data frame transmitted to the in-vehicle network, the data frame having added thereto a MAC;
generating a first MAC by using a MAC key and a value of a counter that counts a number of times the data frame is transmitted to the in-vehicle network;
performing verification that the data frame received has added thereto the first MAC;
incrementing a number of error occurrences when the verification has failed for the data frame, the data frame including a predetermined ID; and
executing, when the number of error occurrences exceeds a predetermined threshold, a process associated in advance with the predetermined ID.
0 Assignments
0 Petitions
Accused Products
Abstract
An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange, in an in-vehicle network, data frames, each having added thereto a message authentication code (MAC). The method includes generating a first MAC by using a MAC key and a value of a counter that counts a number of times a data frame having added thereto a MAC is transmitted to the in-vehicle network. The method also includes performing verification that the data frame received has added thereto the generated first MAC and incrementing a number of error occurrences when the verification has failed for the data frame, the data frame including a predetermined ID. When the number of error occurrences exceeds a predetermined threshold, a process associated in advance with the predetermined ID is executed.
7 Citations
13 Claims
-
1. An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), in an in-vehicle network, the anti-fraud method comprising:
-
receiving a data frame transmitted to the in-vehicle network, the data frame having added thereto a MAC; generating a first MAC by using a MAC key and a value of a counter that counts a number of times the data frame is transmitted to the in-vehicle network; performing verification that the data frame received has added thereto the first MAC; incrementing a number of error occurrences when the verification has failed for the data frame, the data frame including a predetermined ID; and executing, when the number of error occurrences exceeds a predetermined threshold, a process associated in advance with the predetermined ID. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), in an in-vehicle network, the in-vehicle network system comprising:
-
a first electronic control unit comprising one or more memories; and circuitry configured to; generate a first MAC using a first MAC key and a value of a first counter that counts a number of times a data frame having added thereto a MAC has been transmitted to the in-vehicle network, add the first MAC to the data frame, and transmit the data frame to the in-vehicle network; and a second electronic control unit comprising one or more memories; and circuitry configured to; receive the data frame transmitted to the in-vehicle network, generate a second MAC by using a second MAC key and a value of a second counter that counts a number of times the data frame having added thereto a MAC has been received from the in-vehicle network, perform verification that the data frame received has added thereto the second MAC, increment a number of error occurrences when the verification has failed for the data frame received, the data frame including a predetermined ID, and execute, when the number of error occurrences exceeds a predetermined threshold, a process associated in advance with the predetermined ID.
-
-
13. An electronic control unit for performing communication in an in-vehicle network, the electronic control unit comprising:
-
one or more memories; and circuitry configured to; receive a data frame from the in-vehicle network, the data frame having added thereto a MAC, generate a first message authentication code (MAC) using a MAC key and a value of a counter that counts a number of times the data frame has been received from the in-vehicle network, perform verification that the data frame received has added thereto the first MAC, increment a number of error occurrences when the verification has failed for the data frame, the data frame including a predetermined ID, and execute, when the number of error occurrences exceeds a predetermined threshold, a process associated in advance with the predetermined ID.
-
Specification