As is well known, many electronic control units are mounted on an automobile such as electronic control units to electronically control various types of on-board devices such as an engine and a brake, electronic control units for controlling devices such as meters indicating various conditions of a vehicle, and electronic control units forming a navigation system. In the automobile, these electronic control units are connected through communication lines in a way that allows communication there between, thereby forming in-vehicle networks. Various types of data is transmitted and received to and from each electronic control unit through the in-vehicle networks.
The in-vehicle networks include one connected to an electronic control unit responsible for control of the engine or the brakes, for example. Such an in-vehicle network is required to have a particularly high level of security. However, this in-vehicle network has originally been designed on the assumption that it is isolated from external networks, so that it has not had a sufficient level of security against access from external devices. Hence, an on-board communication system capable of ensuring the security of an in-vehicle network against connection with an external device has been suggested conventionally. Patent Document 1 describes an example of this system.
The system described in Patent Document 1 is an on-board communication system that realizes data communication between an outside-vehicle power line communication line and an in-vehicle network. The system includes security means, which is an information processing device that determines whether data communication between the outside-vehicle power line communication line and the in-vehicle network is permitted, and an electronic control unit connected to the in-vehicle network. In this communication system, if the security means permits data communication, data is communicated between the outside-vehicle power line communication line and the in-vehicle network via the electronic control unit. Specifically, determination made by the security means as to whether communication from an external network to the in-vehicle network is permitted ensures the security of the in-vehicle network.