公开(公告)号：JP2019004518A

公开(公告)日：2019-01-10

申请号：JP2018174641

申请日：2018-09-19

Applicant: PANASONIC IP CORP AMERICA

Inventor： HAGA TOMOYUKI ,  MATSUSHIMA HIDEKI ,  MAEDA MANABU ,  KAIJO YUJI ,  UJIIE YOSHIHIRO ,  KISHIKAWA TAKESHI

IPC: H04L12/28 ,  B60R16/023 ,  G09C1/00 ,  H04L9/32

Abstract: 【課題】CANプロトコル等に従って通信する車載ネットワークシステムにおいて、MACに対する総当たり攻撃への耐性を高め、不正なフレームの送信に対して適切に対処する不正対処方法を提供する。【解決手段】車載ネットワークにおいてMACが付加されたデータフレームの授受を行う複数の電子制御ユニットを備える車載ネットワークシステムにおいて用いられる不正対処方法は、車載ネットワークに送信されたデータフレームを受信する受信ステップ(シーケンスS4004)と、データを利用してMACを生成して、受信ステップで受信されたデータフレームに当該MACが付加されていることを検証する検証ステップ(シーケンスS4005)と、検証ステップでの検証が失敗した場合に、MACの生成に利用されるデータについての更新処理を行う更新処理ステップ(シーケンスS4007等)とを含む。【選択図】図43

公开(公告)号：EP3297207A4

公开(公告)日：2018-03-21

申请号：EP16792321

申请日：2016-02-23

Applicant: PANASONIC IP CORP AMERICA

Inventor： UNAGAMI YUJI ,  MAEDA MANABU ,  MATSUSHIMA HIDEKI

IPC: H04L9/08 ,  G06F21/44 ,  H04L9/32 ,  H04L29/06 ,  H04Q9/00

CPC classification number: H04L63/0869 ,  G06F21/445 ,  G06F2221/2107 ,  G06F2221/2151 ,  H04L9/0631 ,  H04L9/0637 ,  H04L9/0833 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/3263 ,  H04L9/3273 ,  H04L63/0428

Abstract: A controller and a first device perform mutual authentication, create a group key, and share the group key, and the first device is set as a reference device. Thereafter, at a group key update timing when the controller and the reference device update the group key, the controller and a second device, which is not the reference device, perform mutual authentication, and the updated group key is also shared by the second device. Further, encrypted data is generated by encrypting transmission data by using the group key, a MAC is generated from the transmission data, a header, a transmission source address, and a transmission destination address, and a message that includes the encrypted data, the header, the transmission source address, the transmission destination address, and the MAC is broadcast.

公开(公告)号：EP3192703A4

公开(公告)日：2017-08-02

申请号：EP15839733

申请日：2015-08-25

Applicant: PANASONIC IP CORP AMERICA

Inventor： UJIIE YOSHIHIRO ,  ANZAI JUN ,  KITAMURA YOSHIHIKO ,  TANABE MASATO ,  MATSUSHIMA HIDEKI ,  HAGA TOMOYUKI ,  KISHIKAWA TAKESHI ,  SUGIYAMA RYOTA

IPC: B60R16/023 ,  H04L12/28 ,  H04L12/40 ,  H04L29/06

CPC classification number: H04L63/123 ,  B60R16/023 ,  H04L12/28 ,  H04L12/40 ,  H04L63/08 ,  H04L63/102 ,  H04L63/20 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: A head unit (100) that is a vehicle communication apparatus connected to a bus in an in-vehicle network system, the in-vehicle network system including a plurality of apparatuses that perform communication of frames via the bus, includes a multimedia control unit (150) that identifies a transmit frame, the transmit frame being a frame to be delivered to the bus, and a system control unit (110) capable of exchanging information on frames with the multimedia control unit (150) via wired communication or wireless communication. At least one of the multimedia control unit (150) and the system control unit (110) determines a conformity of the transmit frame with a rule.

Abstract translation: 在车载网络系统中与车辆连接的车辆通信装置即车头单元（100）包括多个通过总线进行帧通信的装置，该车载网络系统包括多媒体控制单元（ 150），所述发送帧是要被传送到所述总线的帧，以及系统控制单元（110），其能够经由有线通信或无线通信与所述多媒体控制单元（150）交换关于帧的信息。 多媒体控制单元（150）和系统控制单元（110）中的至少一个确定发送帧与规则的一致性。

公开(公告)号：EP3110066A4

公开(公告)日：2017-03-01

申请号：EP14883080

申请日：2014-12-10

Applicant: PANASONIC IP CORP AMERICA

Inventor： UNAGAMI YUJI ,  MAEDA MANABU ,  MATSUSHIMA HIDEKI

IPC: H04L9/00 ,  H04L9/08 ,  H04L9/32 ,  H04L29/06

CPC classification number: H04L63/0869 ,  H04L9/006 ,  H04L9/0833 ,  H04L9/3268 ,  H04L9/3273 ,  H04L63/061 ,  H04L63/062 ,  H04L63/065 ,  H04L63/068 ,  H04L63/0823 ,  H04L63/0876

Abstract: A controller and a first device perform mutual authentication, create a group key, and share the group key, and the first device is set as a reference device. The controller and a second device perform mutual authentication, and the group key is also shared by the second device. Thereafter, the controller and the first device, which is the reference device, perform mutual authentication again, update the group key, and share the updated group key. At a group key update timing when the controller and the reference device update the group key, the controller and the second device, which is not the reference device, perform mutual authentication, and the updated group key is also shared by the second device.

公开(公告)号：EP3219553A4

公开(公告)日：2017-10-25

申请号：EP15858625

申请日：2015-10-13

Applicant: PANASONIC IP CORP AMERICA

Inventor： HAGA TOMOYUKI ,  MATSUSHIMA HIDEKI ,  MAEDA MANABU ,  UNAGAMI YUJI ,  ANZAI JUN

IPC: B60R16/02 ,  G06F21/44 ,  G06F21/57 ,  G06F21/62

CPC classification number: H04L9/085 ,  B60R16/023 ,  G06F8/65 ,  G06F8/665 ,  G06F21/445 ,  G06F21/572 ,  G06F21/6218 ,  G06F2221/2107 ,  G06F2221/2113 ,  G06F2221/2137 ,  G06F2221/2141 ,  G06F2221/2151

Abstract: Provided is an update management method that causes an external tool, capable of transmitting an update message to update data such as shared keys and the like within electronic control units (ECUs) making up an onboard network, to update shared keys and the like within the ECUs, while reducing the risk of all ECUs being unauthorizedly rewritten in a case where secret information given to the external tool is leaked. The update management method is to receive and verify update authority information indicating authority of the external tool, and in a case that an update message instructing updating of shared keys or the like of one or multiple ECUs has been transmitted from the external tool (step S1010), if the verification is successful and the update authority information indicates that the transmission of the update message is within the range of authority of the external tool (step S1013), the update is executed at the ECU (step S1019), and otherwise, update at the ECU is inhibited.

公开(公告)号：EP3142291A4

公开(公告)日：2017-05-17

申请号：EP15789834

申请日：2015-04-21

Applicant: PANASONIC IP CORP AMERICA

Inventor： HAGA TOMOYUKI ,  MATSUSHIMA HIDEKI ,  MAEDA MANABU ,  UNAGAMI YUJI ,  UJIIE YOSHIHIRO ,  KISHIKAWA TAKESHI

IPC: H04L9/32 ,  B60R16/023 ,  H04L9/08 ,  H04L29/08

CPC classification number: B60R25/307 ,  B60R2325/108 ,  H04L9/0891 ,  H04L9/3242 ,  H04L67/12 ,  H04L2209/84

Abstract: An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a MAC, via a bus includes a receiving step of receiving a data frame transmitted on the bus, a verification step of generating a MAC by using data and verifying that the data frame received in the receiving step has added thereto the MAC, and an update processing step of performing an update process on the data used for generating the MAC in a case where verification has failed in the verification step.

Abstract translation: 在车载网络系统，其包括没有交换数据帧，每个都具有加于其上的MAC电子控制单元的多元性中使用的抗欺诈方法，经由总线包括总线上接收数据帧的反式mitted的接收步骤， 通过使用数据和验证产生MAC的验证步骤的确在接收步骤中接收已加入其中的MAC数据帧，并在用于在一个情况下验证生成MAC的数据进行更新处理的更新处理步骤 失败的验证步骤。

公开(公告)号：EP3346648A4

公开(公告)日：2018-07-11

申请号：EP16820145

申请日：2016-06-27

Applicant: PANASONIC IP CORP AMERICA

Inventor： UJIIE YOSHIHIRO ,  MATSUSHIMA HIDEKI ,  NAKANO TOSHIHISA ,  WAKABAYASHI TOHRU ,  AMANO HIROSHI ,  HAGA TOMOYUKI ,  KISHIKAWA TAKESHI

IPC: H04L12/46 ,  H04L12/40

CPC classification number: H04L12/40 ,  H04B1/3822 ,  H04L12/40169 ,  H04L12/4625 ,  H04L12/66 ,  H04L63/00 ,  H04L63/1425 ,  H04L63/1466 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: Provided is a gateway device connected to a bus used in communication by multiple electronic control units (ECUs) in a vehicle network system, which minimizes adverse effects on the vehicle network and which may use a determination technique taking some amount of time to determine whether or not a received frame is appropriate. A gateway 300a that forwards frames between a bus 200a and a bus 200b includes a receiving unit that receives a first frame, and a transmitting unit that, when a first frame transmitted by an ECU 100a, for example, is received from the bus 200a by the receiving unit, includes, in a second frame including information based on content of the first frame, first control information related to a restriction on processing after reception of the second frame, and transmits the second frame to the bus 200b.

公开(公告)号：EP3249626A4

公开(公告)日：2018-04-25

申请号：EP15878675

申请日：2015-11-17

Applicant: PANASONIC IP CORP AMERICA

Inventor： HAGA TOMOYUKI ,  MATSUSHIMA HIDEKI ,  UJIIE YOSHIHIRO ,  KISHIKAWA TAKESHI

IPC: G08G1/09 ,  G08G1/00

CPC classification number: B60R16/023 ,  G08G1/22 ,  H04L63/1408 ,  H04L63/1466 ,  H04W4/046 ,  H04W12/12

Abstract: An anomaly handling method that suitably handles a case where the possibility of a vehicle being unauthorizedly controlled so as to suppress the effects thereof is provided. In an anomaly handling method used in one or a plurality of electronic control units installed in one vehicle, when an unauthorized frame is detected on an onboard network installed in another vehicle, an inter-vehicle communication message transmitted from a device installed in the other vehicle is received as an anomaly detection notification, and an anomaly handling processing is selected from a plurality of predetermined anomaly handling processing in accordance with the received content (e.g., step S304 in level determination) to transition to a safe state for example, and the selected anomaly handling processing is executed (e.g., steps S305 through S311).

公开(公告)号：EP3142289A4

公开(公告)日：2017-05-17

申请号：EP15788947

申请日：2015-04-21

Applicant: PANASONIC IP CORP AMERICA

Inventor： KISHIKAWA TAKESHI ,  MATSUSHIMA HIDEKI ,  HAGA TOMOYUKI ,  MAEDA MANABU ,  UNAGAMI YUJI ,  UJIIE YOSHIHIRO

IPC: H04L9/32 ,  B60R16/023 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L67/12 ,  B60R16/023 ,  H04L9/3242 ,  H04L9/3297 ,  H04L63/08 ,  H04L63/10 ,  H04L63/12 ,  H04L63/20 ,  H04L2209/84

Abstract: A fraud detection method for use in an in-vehicle network system including a plurality of electronic control units that communicate with one another via a bus in accordance with the CAN protocol includes receiving a data frame sent to the bus and verifying, if a data frame that does not follow a predetermined rule regarding a transmission period is received in receiving a data frame, a specific identifier in the data frame.

Abstract translation: 一种用于包括多个电子控制单元的车载网络系统中的欺诈检测方法，所述多个电子控制单元根据CAN协议经由总线彼此通信，包括：接收发送到总线的数据帧，并且如果数据帧 在接收数据帧中的特定标识符时接收不遵循关于传输时段的预定规则。

公开(公告)号：EP3142288A4

公开(公告)日：2017-05-17

申请号：EP15789442

申请日：2015-04-21

Applicant: PANASONIC IP CORP AMERICA

Inventor： UJIIE YOSHIHIRO ,  MATSUSHIMA HIDEKI ,  HAGA TOMOYUKI ,  MAEDA MANABU ,  UNAGAMI YUJI ,  KISHIKAWA TAKESHI

IPC: H04L9/16 ,  B60R16/023 ,  H04L9/08 ,  H04L9/32 ,  H04L12/40 ,  H04L29/08

CPC classification number: B60R16/023 ,  H04L9/0891 ,  H04L9/3242 ,  H04L12/40 ,  H04L63/062 ,  H04L63/0869 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273 ,  H04L2209/84

Abstract: An update processing method for updating data used to generate a MAC in an in-vehicle network system including a plurality of electronic control units that communicate a data frame having a MAC added thereto with one another via a bus in accordance with the CAN protocol is provided. The method includes the detection step of detecting a state of a vehicle having the in-vehicle network system mounted therein and the update step of updating a MAC key used to generate a MAC under the condition that the state of the vehicle detected in the detection step is a predetermined state.

Abstract translation: 一种用于更新用于在车载网络系统中生成MAC的数据的更新处理方法，所述车载网络系统包括多个电子控制单元，所述多个电子控制单元根据CAN协议经由总线相互通信添加了MAC的数据帧 。 该方法包括：检测步骤，检测安装有车载网络系统的车辆的状态;以及更新步骤，在检测步骤中检测到车辆的状态的情况下更新用于生成MAC的MAC密钥 是预定状态。