1. Technical Field
The present disclosure discloses a technology for updating fraud detection rules used to detect malicious frames transmitted in an on-board network on which electronic control units communicate.
2. Description of the Related Art
Recently, in systems inside automobiles, devices called electronic control units (ECUs) are being disposed in large numbers. A network joining these ECUs is called an on-board network. Various standards exist for on-board networks. One of the most prevalent on-board network standards is called a controller area network (CAN) prescribed in ISO 11898-1.
In a CAN, communication links (buses) are formed using two cables, and an ECU connected to the buses is called a node. Each node connected to the buses transmits and receives messages called frames. A transmitting node that transmits a frame applies a voltage to the two cables, and by producing a potential difference between the cables, transmits a value of “1”, called recessive, and a value of “0”, called dominant. When multiple transmitting nodes transmit recessive and dominant at the exact same timing, the dominant is prioritized for transmission. When there is an abnormality in the format of a received frame, the receiving node transmits a frame called an error frame. In an error frame, dominant is transmitted for 6 bits in succession, thereby notifying the transmitting node and other receiving nodes of the abnormality in the frame.
In addition, in a CAN, identifiers that indicate the destination and the source of a transmission do not exist, and instead, the transmitting node transmits (in other words, sends out signals on the buses) while attaching an ID called a message ID to each frame, while each receiving node receives (in other words, reads signals from the buses) only a predetermined message ID. Also, carrier sense multiple access with collision avoidance (CSMA/CA) is adopted, whereby mediation according to message ID is conducted when multiple nodes transmit simultaneously, and the frame whose message ID has the smaller value is prioritized for transmission.
In the related art, there is known a technology in which, when an abnormal message is transmitted on a CAN bus, a gateway device that connects between the buses detects the abnormal message and does not forward the abnormal message to the other bus, thereby moderating increases in the bus load (see Japanese Unexamined Patent Application Publication No. 2007-38904). Also known is a technology that checks the period of a message transmitted periodically, and determines a malicious frame (see Satoshi Otsuka and Tasuku Ishigooka, “Intrusion Detection for In-vehicle Networks without Modifying Legacy ECUs”, Special Interest Group on Embedded Systems (EMB), Information Processing Society of Japan, 2013-EMB-28(6), 1-5, Mar. 6, 2013).