Method of updating fraud detection rules for detecting malicious frames, fraud detecting electronic control unit, and on-board network system
First Claim
1. A method used in an on-board network system provided with a plurality of electronic controllers that exchange messages by communication over one or more buses, and a fraud detecting electronic controller connected to the one or more buses, the method comprising:
- determining, in the fraud detecting electronic controller, whether or not a message transmitted on the one or more buses connected to the fraud detecting electronic controller conforms to the rules based on fraud detection rules;
receiving, from an external device external to the on-board network system, delivery data including updated fraud detection rules and bus type information indicating one of a plurality of bus types to which the updated fraud detection rules are to be applied;
determining whether or not a vehicle in which the on-board network system is installed is running;
when the vehicle is determined to be running, additionally determining whether or not the bus type information indicates a drive bus which is connected to an electronic controller related to travel of the vehicle;
(i) when the bus type information indicates the drive bus, not conducting an update process with the updated fraud detection rules; and
(ii) when the bus type information does not indicate the drive bus, updating the fraud detection rules to the updated fraud detection rules.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a fraud detection rule updating method enabling the updating of rules that serve as the basis for detecting malicious frames as necessary in an on-board network system. In an on-board network system equipped with multiple electronic control units (ECUs) that communicate via buses and fraud detecting ECUs that determine, based on fraud detection rules, whether messages transmitted on the buses conform to the rules, a fraud detection rule updating method is used in which delivery data including updated fraud detection rules is received from a server external to the on-board network system, and if a certain update condition is satisfied, the fraud detection rules in a fraud detecting ECU are updated to the updated fraud detection rules.
-
Citations
20 Claims
-
1. A method used in an on-board network system provided with a plurality of electronic controllers that exchange messages by communication over one or more buses, and a fraud detecting electronic controller connected to the one or more buses, the method comprising:
-
determining, in the fraud detecting electronic controller, whether or not a message transmitted on the one or more buses connected to the fraud detecting electronic controller conforms to the rules based on fraud detection rules; receiving, from an external device external to the on-board network system, delivery data including updated fraud detection rules and bus type information indicating one of a plurality of bus types to which the updated fraud detection rules are to be applied; determining whether or not a vehicle in which the on-board network system is installed is running; when the vehicle is determined to be running, additionally determining whether or not the bus type information indicates a drive bus which is connected to an electronic controller related to travel of the vehicle; (i) when the bus type information indicates the drive bus, not conducting an update process with the updated fraud detection rules; and (ii) when the bus type information does not indicate the drive bus, updating the fraud detection rules to the updated fraud detection rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A fraud detecting electronic controller connected to one or more buses used for communication by a plurality of electronic controllers, comprising:
-
a processor; and a memory having a computer program stored thereon, a computer program causing the processor to execute operations including; storing fraud detection rules; determining whether or not a message transmitted on the bus connected to the fraud detecting electronic controller conforms to the rules based on the fraud detection rules; receiving delivery data including updated fraud detection rules and bus type information indicating one of a plurality of bus types to which the updated fraud detection rules are to be applied; determining whether or not a vehicle in which an on-board network system is installed is running, the on-board network system including the plurality of controllers; when the vehicle is determined to be running, additionally determining whether or not the bus type information indicates a drive bus which is connected to an electronic controller related to a travel of the vehicle; (i) when the bus type information indicates the drive bus, not conducting an update process with the updated fraud detection rules; and (ii) when the bus type information does not indicate the drive bus, updating the fraud detection rules to the updated fraud detection rules. - View Dependent Claims (14, 15, 16)
-
-
17. An on-board network system comprising:
-
a plurality of electronic controllers configured to exchange messages by communication over one or more buses; and a fraud detecting electronic controller configured to connect to the one or more buses, wherein the fraud detecting electronic controller determines whether or not a message transmitted on the one or more buses connected to the fraud detecting electronic controller conforms to the rules based on fraud detection rules, one of the electronic controllers receives, from an external device external to the on-board network system, delivery data including updated fraud detection rules and bus type information indicating one of a plurality of bus types to which the updated fraud detection rules are to be applied, and transmits the updated fraud detection rules over the one or more buses, and the fraud detecting electronic controller receives the updated fraud detection rules from the one or more buses, determines whether or not a vehicle in which the on-board network system is installed is running, when the vehicle is determined to be running, additionally determines whether or not the bus type information indicates a drive bus which is connected to an electronic controller related to the travel of the vehicle, (i) when the bus type information indicates a drive bus related to running, does not conduct an update process with the updated fraud detection rules, and (ii) when the bus type information does not indicate a drive bus related to running, updates the fraud detection rules to the updated fraud detection rules. - View Dependent Claims (18, 19, 20)
-
Specification