An in-vehicle electronic control unit (ECU) may be prone to hacking, or unauthorized overwriting of a control program, and therefore, needs to be protected, thereby requiring a verification technique for detecting abnormality in a controller of a vehicle. A patent document, JP 2014-138380 A, (patent document 1) discloses a technique for detecting an unjust state of a vehicle by the comparison of ECU verification messages in a verification center that is provided as an outside facility outside of the vehicle, with which a tampering of an ECU by the other ECU is detectable.
However, the above-described technique checks/verifies each of many ECUS that exchange messages at the outside verification center, and therefore is incapable of detecting the unjust state at the moment of tampering. For an immediate detection of the tampering, in other words, the communication with the verification center needs to be more frequently performed, which may increase the communication load.