Some conventional vehicle ECUs controlling an engine or the like store control information in a non-volatile memory capable of rewriting data. Such control information can be rewritten even after supply to the market. Because the control information stored in the non-volatile memory can be rewritten using a dedicated rewriting device (hereinafter a dedicated rewriting device) like a reprogramming apparatus owned by a dealer, an ECU has a problem of being incapable of preventing unauthorized access to the control information if the dedicated rewriting device itself is stolen, if information inside the dedicated rewriting device is stolen, or if a false device impersonates an authorized dedicated rewriting device.
In order to address such a problem, Patent Literature 1 (paragraph 0020) describes a system that prevents unauthorized access to the control information in the ECU even if the dedicated rewriting device or information inside the dedicated rewriting device is stolen.
In addition, Patent Literature 2 (paragraph 0013) describes a system that introduces a gateway in an on-vehicle network comprising the above-described ECU and thereby prevents unauthorized access to the ECU due to spoofing by a false device.