1. Technical Field
Embodiments of the present invention relate to a one-way gateway and a vehicle network system and method for protecting networks within a vehicle using the one-way gateway and, more particularly, to a one-way gateway that is capable of maintaining the security of a vehicle in any circumstance when operating, in conjunction with an external network to provide various convenient functions and collect data in the vehicle, and a vehicle network system and method for protecting networks within a vehicle using the one-way gateway.
2. Description of the Related Art
State-of-the-art devices, such as various machines/electronic devices, are clustered into a vehicle. The state-of-the-art devices include devices for acceleration, steering and braking, i.e., devices for the basic functions of a vehicle, as well as devices for various convenient functions.
Recently, as many parts of a vehicle have been digitized, an environment in which many functions can be performed has been established, and the needs of vehicle users tend to be gradually diversifying.
Representative needs of vehicle users include car navigation, the watching of digital multimedia broadcasts (DMB), listening to a radio, and the playback of music. Furthermore, technologies related to the control of a vehicle via an external device inside or outside the vehicle using Bluetooth, Wi-Fi and LTE have recently emerged in quick succession. However, the understanding of threats related to such technologies is insufficient. Accordingly, security measures are still quite poor, and security threats are increasing. It has been proved that the illegitimate control of a vehicle via an ODB terminal is possible.
A conventional vehicle network may be schematically illustrated as shown in FIG. 1 based on its functions.
The conventional vehicle network may be basically divided into an internal network 1 and an infotainment network 2. The internal network 1 chiefly includes devices related to the driving of a vehicle, such as an engine control module (ECM) 1a, a body control module (BCM) 1b, a transmission control module (TCM) 1c, and an anti-lock brake control module (ABCM) 1d. The infotainment network 2 includes devices related to the provision of information or user convenience, such as an audio radio 2a, a navigation system 2b, and a vehicle computer 2c. Furthermore, the conventional vehicle network uses a gateway 3 to handle communication between devices using different communication methods.
In the case of conventional vehicles, countermeasures against threats are very poor on the assumption that a vehicle network is an independent network without an external connection.
Recently, however, an external device is connected via an interface, such as a Bluetooth interface, included in the external communication 2d of FIG. 1. Accordingly, a penetration path to the vehicle network may be created. Furthermore, there is a possibility that the internal network 1 of the vehicle is influenced via the penetration path and thus the vehicle is defenselessly exposed to an attacker's malicious behavior.
A technology related to the present invention is disclosed in Korean Patent Application Publication No. 2013-0136852 entitled “CAN BUS separating apparatus and CAN communication security method using the same.”