METHOD AND APPARATUS FOR ENHANCING SECURITY IN AN IN-VEHICLE COMMUNICATION NETWORK

US 20150172306A1
Filed: 11/28/2014
Published: 06/18/2015
Est. Priority Date: 12/13/2013
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method for enhancing security in a gateway configured to communicate with at least one controller, the method comprising:

performing an authentication procedure with the at least one controller according to an external input signal;

sensing, when the authentication procedure is completed, at least one message generated by the at least one controller;

checking a periodicity of the at least one message based on a timing point of sensing of the message; and

determining whether the at least one message is a hacking message based on the checked periodicity and a moving average for a consecutively sensed message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for enhancing security in an in-vehicle communication network using a gateway are provided. The gateway includes a moving average determination module configured to calculate a moving average for a transmission interval of a predetermined number of received messages and to determine whether the received messages are hacking messages by comparing the moving average with a preset maximum allowable latency. The gateway further includes a security code checking module configured to analyze, if any one of the received messages is an aperiodic message, a security code contained in the aperiodic message to determine whether the aperiodic message is a hacking message. Therefore, security in the vehicle may be enhanced.

63 Citations

View as Search Results

21 Claims

1. A computer-implemented method for enhancing security in a gateway configured to communicate with at least one controller, the method comprising:
- performing an authentication procedure with the at least one controller according to an external input signal;
  
  sensing, when the authentication procedure is completed, at least one message generated by the at least one controller;
  
  checking a periodicity of the at least one message based on a timing point of sensing of the message; and
  
  determining whether the at least one message is a hacking message based on the checked periodicity and a moving average for a consecutively sensed message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The computer-implemented method according to claim 1, wherein the authentication procedure comprises:
    - collecting, from the controller having passed the authentication, a message identifier (ID) list used by the controller,wherein when a message ID not contained in the message ID list is sensed, the sensed message ID is recorded in a predetermined recording region, and a message containing a registered message ID is blocked.
  - 3. The computer-implemented method according to claim 1, wherein the at least one message generated by the controller comprises a first message and a second message, the first message being a periodic message and the second message being an aperiodic message.
  - 4. The computer-implemented method according to claim 3, wherein a maximum latency of the first message does not exceed a half of a preset transmission period.
  - 5. The computer-implemented method according to claim 1, wherein, when the at least one message is sensed at every start point of a pre-defined transmission period, the at least one message is determined to be a periodic message.
  - 6. The computer-implemented method according to claim 1, wherein, when the at least one message is sensed at a point other than a start point of a pre-defined transmission period, the at least one message is determined to be an aperiodic message.
  - 7. The computer-implemented method according to claim 6, further comprising comparing, when the at least one message is determined to be the aperiodic message, a first security code contained in the message with a second security code generated by a predetermined security code generation function using data extracted from the at least one message as an input value,wherein, when the comparison confirms that the security codes do not coincide with each other, the at least one message is determined to be the hacking message.
  - 8. The computer-implemented method according to claim 7, further comprising:
    - generating, when the at least one message is determined to the hacking message, a predetermined error frame corresponding to the hacking message.
  - 9. The method according to claim 7, further comprising:
    - storing, when the at least one message is determined to the hacking message, a hacking detail corresponding to the hacking message in a predetermined recording region,wherein the hacking detail comprises at least one of information about date and time of sensing of the hacking message, information about the controller having generated the hacking message and information about a message identifier (ID) contained in the hacking message.
  - 10. The computer-implemented method according to claim 7, wherein the first security code is inserted in one side of a region of a data field of the at least one message, the region not being actually used for data transmission.
  - 11. The computer-implemented method according to claim 1, wherein the moving average is an average value of a sum of transmission intervals for at least three consecutively sensed messages.
  - 12. The computer-implemented method according to claim 11, wherein, if the moving average is less than a predetermined maximum allowable latency, determining that the hacking message is included in a corresponding one of the transmission intervals.
  - 13. The computer-implemented method according to claim 12, wherein the maximum allowable latency changes in accordance with a number of messages or transmission intervals used for the moving average.
  - 14. The computer-implemented method according to claim 1, wherein the moving average is calculated every time the at least one message is sensed.
  - 15. The method according to claim 1, wherein the at least one message is a controller area network (CAN) frame.

16. A gateway comprising:
- a moving average determination module configured to calculate a moving average for a transmission interval of a predetermined number of received messages and to determine whether the received messages are hacking messages by comparing the moving average with a preset maximum allowable latency; and
  
  a security code checking module configured to analyze, if any one of the received messages is an aperiodic message, a security code contained in the aperiodic message to determine whether the aperiodic message is a hacking message,wherein the gateway receives the messages from at least one controller through a controller area network (CAN) bus.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The gateway according to claim 16, further comprising a message filtering module configured to identify controllers of the at least one controller, to collect a message identifier (ID) list used by the identified controllers, and to determine whether the received messages are hacking messages using the collected message ID list, the controllers being authenticated through a predetermined authentication procedure with the at least one controller.
  - 18. The gateway according to claim 17, further comprising a memory module, the message ID list being recorded in the memory module.
  - 19. The gateway according to claim 16, further comprising a reference timing signal generation module configured to generate reference timing information necessary for periodic message transmission to the at least one controller.
  - 20. The gateway according to claim 16, wherein, if the moving average is less than the preset maximum allowable latency, the moving average determination module determines that a hacking message is included in the transmission interval.
  - 21. The gateway according to claim 16, wherein the security code checking module extracts a first security code and data contained in the aperiodic message, compares the first security code with a second security code, and determines, when the first and second security codes do not coincide with each other, that the aperiodic message is the hacking message, the second security code being generated by a predetermined the security code generation function using the extracted data as an input value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hyundai Motor Company (Hyundai Motor Group)
Original Assignee
Hyundai Motor Company (Hyundai Motor Group)
Inventors
KIM, Dong Won, OK, Soon Seock

Application Number

US14/556,089
Publication Number

US 20150172306A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 12/40   Bus networks

H04L 12/4625   Single bridge functionality...

H04L 2012/40215   Controller Area Network CAN

H04L 63/08   for authentication of entit...

H04L 63/123   received data contents, e.g...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 67/12   specially adapted for propr...

METHOD AND APPARATUS FOR ENHANCING SECURITY IN AN IN-VEHICLE COMMUNICATION NETWORK

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

63 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR ENHANCING SECURITY IN AN IN-VEHICLE COMMUNICATION NETWORK

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links