1. Technical Field
The present invention relates to technology for detecting unauthorized frames transmitted over an onboard network by which an electronic control unit performs communication.
2. Description of the Related Art
In recent years, a great number of electronic control units (ECU) have been placed in systems in automobiles. A network connecting these ECUs is referred to as an onboard network. Many standards exist for onboard networks. The most mainstream of these is a standard called Controller Area Network (CAN), that is stipulated in ISO11898-1.
A CAN is configured using two busses, and each ECU connected to the buses is called a node. Each node connected to a bus transmits/receives messages called frames. A transmitting node that transmits a frame applies voltage to the two busses, and generates potential difference between the busses, thereby transmitting a value “1” called recessive, and a value “0” called dominant. In a case where multiple transmitting nodes transmit recessive and dominant at exactly the same timing, the dominant is transmitted with priority. In a case where there is an abnormality in the format a received frame, a receiving node transmits a frame called an error frame. An error frame is a continuous transmission of six bits, thereby notifying the transmitting node and other receiving nodes that there is an abnormality.
No identifiers indicating the transmission destination or transmission source exist in CAN, with the transmitting node attaching an identifier (ID) to each frame and transmitting (i.e., sending out signals to the bus), and the receiving nodes only receiving frames of a predetermined ID (i.e., reading signals from the bus). The Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) format is employed, so when multiple nodes transmit at the same time, arbitration by message ID is performed, with frames having a smaller message ID value being transmitted with higher priority.
There is a threat to onboard CAN network systems in that an attacker might unauthorizedly control an ECU by accessing the bus and transmitting unauthorized frames, and security measures are being studied.
For example, the onboard network monitoring system described in Japanese Unexamined Patent Application Publication No. 2013-131907 monitors frames flowing over the CAN bus, and transmits warning information in a case where an unauthorized frame is detected. An ECU which has received the warning information is forbidden from control according to the unauthorized frame.