Network device and network system
First Claim
Patent Images
1. An electronic control unit (ECU), comprising:
- a computer configured to judge whether a message from at least one ECU of a plurality of ECUs is a valid message or not, and to detect a malicious message; and
a controller configured to, if the malicious message is detected, overwrite the malicious message with ERROR FRAME during receiving a Data Frame,wherein the ECU is connected to the at least one ECU via a controller area network (CAN) bus, andthe ECU has at least one feature of following feature A and following feature B;
feature A;
wherein the computer detects the malicious message by using ID, Payload, cycle, and frequency,feature B;
wherein the controller is further configured to, if the malicious message is detected, overwrite the malicious message with ERROR FRAME during receiving the Data Frame to cause a reception error, wherein the reception error is a decryption error or a frame-check sequence error.
1 Assignment
0 Petitions
Accused Products
Abstract
A network device connected via a bus with a plurality of network devices includes: an authentication unit that executes authentication based upon message authentication information included in data transmitted, via the bus, by one of the plurality of network devices acting as a sender device; and a processing unit that invalidates the data upon determining that unauthorized data have been transmitted by the sender device impersonating another network device among the plurality of network devices if the authentication fails.
-
Citations
17 Claims
-
1. An electronic control unit (ECU), comprising:
-
a computer configured to judge whether a message from at least one ECU of a plurality of ECUs is a valid message or not, and to detect a malicious message; and a controller configured to, if the malicious message is detected, overwrite the malicious message with ERROR FRAME during receiving a Data Frame, wherein the ECU is connected to the at least one ECU via a controller area network (CAN) bus, and the ECU has at least one feature of following feature A and following feature B; feature A;
wherein the computer detects the malicious message by using ID, Payload, cycle, and frequency,feature B;
wherein the controller is further configured to, if the malicious message is detected, overwrite the malicious message with ERROR FRAME during receiving the Data Frame to cause a reception error, wherein the reception error is a decryption error or a frame-check sequence error. - View Dependent Claims (2)
-
-
3. A network device, comprising a processor and a memory, wherein the processor is configured to:
-
(1) judge whether a message from at least one network device of a plurality of network devices is a valid message or not; and (2) if a malicious message is detected, overwrite the malicious message with ERROR FRAME; wherein the network device is connected to the one network device via a standardized network, and the network device has at least one feature of following feature A and following feature B; feature A;
wherein the processor detects the malicious message by using ID, Payload, cycle, and frequency,feature B;
wherein the processor is further configured to, if the malicious message is detected, overwrite the malicious message with ERROR FRAME to cause a reception error, wherein the reception error is a decryption error or a frame-check sequence error. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An electronic control unit (ECU), comprising:
-
a computer configured to judge whether a message from at least one ECU of a plurality of ECUs is a valid message or not, and to detect a malicious message; and a controller configured to, if the malicious message is detected, overwrite the malicious message with ERROR FRAME, wherein the ECU is connected to the at least one ECU via a controller area network (CAN) bus, and the ECU has at least one feature of following feature A and feature B; feature A;
wherein the computer detects the malicious message by using ID, Payload, cycle, and frequency,feature B;
wherein the controller is further configured to, if the malicious message is detected, overwrite the malicious message with ERROR FRAME to cause a reception error, wherein the reception error is a decryption error or a frame-check sequence error. - View Dependent Claims (17)
-
Specification