[go: up one dir, main page]

WO2018172926A1 - Unité de commande électronique de passerelle - Google Patents

Unité de commande électronique de passerelle Download PDF

Info

Publication number
WO2018172926A1
WO2018172926A1 PCT/IB2018/051850 IB2018051850W WO2018172926A1 WO 2018172926 A1 WO2018172926 A1 WO 2018172926A1 IB 2018051850 W IB2018051850 W IB 2018051850W WO 2018172926 A1 WO2018172926 A1 WO 2018172926A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
gateway
features
processing engine
unfiltered
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IB2018/051850
Other languages
English (en)
Inventor
Anup SABLE
Shirish PATWARDHAN
Deepak DEOKULE
Prasad ORASKAR
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
KPIT Technologies Ltd
Original Assignee
KPIT Technologies Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by KPIT Technologies Ltd filed Critical KPIT Technologies Ltd
Publication of WO2018172926A1 publication Critical patent/WO2018172926A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40052High-speed IEEE 1394 serial bus
    • H04L12/40071Packet processing; Packet format
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40052High-speed IEEE 1394 serial bus
    • H04L12/40097Interconnection with other networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/088Access security using filters or firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40234Local Interconnect Network LIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40241Flexray
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/40273Bus for use in transportation systems the transportation system being a vehicle

Definitions

  • the present disclosure relates to network architectures.
  • the present disclosure relates to gateway modules that are configured in network architectures to filter out and transmit only relevant data.
  • AUTOSAR Automotive Open System Architecture
  • AUTOSAR is a standard pertaining to an automotive electronics software architecture that was established by a partnership between vehicle manufacturers and manufacturers for related parts and electronics application development tools, and is configured to provide an architecture and development methodology for automotive electronics software and Application Programming Interfaces (APIs) for electronics applications.
  • AUTOSAR includes coverage of structures of applications, network structures/communication data between Electronic Control Units (ECUs) on which applications are to be mounted, structure of lower-layer platform modules that support application software to be loaded onto respective ECUs, and methods of setting up the platform modules.
  • ECUs Electronic Control Units
  • AUTOSAR defines and provides meta-models required to describe products obtained by respective development methodologies.
  • a gateway Electronic Control Unit is a central network interconnecting system that links various buses in a vehicle, and supports signal/message gateway, frame gateway, and Transport Protocol (TP) gateway. Gateway transfers data between multiple buses of the same protocol or to different types of buses periodically or on data update.
  • CAN, LIN, FLEXRAY and Ethernet bus are exemplary topologies/networks that are operatively coupled with and compatible with most existing gateways.
  • Vehicle gateway is usually positioned uniquely where entire network data traffic can be monitored.
  • a gateway is therefore, in sum, required to route messages/data/signals across various ECUs, sensors, and other vehicle components such as door control unit, dashboard unit, immobilizer, and engine ECU in the vehicle to enable message communication between same or different networks.
  • Gateway ECU is a device or a piece of software in a machine that forwards and routes data packets along networks.
  • V2X communication can attract hackers to misuse network communication, architectures, and systems configured therein. Even with secured ECUs, attackers can still manipulate messages on in-vehicle networks, e.g. resulting in manipulated sensor values and actuator commands. Since gateway ECU manages all the data, its security and its role in managing overall system data security becomes vital. Furthermore, as gateway ECU is the central element that receives data from multiple communication networks, apart from such sensitive data being exposed to a security threat, even handling of such huge amount of data makes it impractical and costly to transmit all of it outside the system for further processing.
  • ECU electronice control unit
  • ECU electronice control unit
  • the present disclosure mainly relates to gateways that are configured in network architectures to filter out and transmit only relevant data. Such gateways may find particular use in vehicle network architectures.
  • present disclosure elaborates upon a system comprising a gateway electronic control unit (ECU) of a vehicle, the gateway ECU comprising: anon-transitory storage device having embodied therein one or more routines operable to filter network data; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines comprise: a data receive module, which when executed by the one or more processors, receives unfiltered data from one or more networks that are operatively coupled with the gateway ECU; a pattern detection module, which when executed by the one or more processors, performs, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the unfiltered data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection; and a feature extraction module, which when executed by the one
  • the one or more networks may be selected from any or a combination of CAN, LIN, Flexray, and Ethernet.
  • the data may be received from one or more sensors, subnetworks, ECUs, or electronic devices that form part of or may be communicatively coupled with the vehicle.
  • the received data may be in the form of signals encapsulated in frames, one or more of the signals being extracted by a configurable gateway module and relayed based at least on one of the first set of preset configuration rules.
  • the one or more patterns may be realized by the primary data processing engine based on any or a combination of FPGA or System-On-Chip (SOC) design.
  • the first and second set of preset configuration rules may be same or subsets of each other.
  • the advanced data processing engine may extract the one or more features based on frequency defined in the second set of preset configuration rules.
  • the advanced data processing engine in order to extract the one or more features, may perform any or a combination of scaling, offsetting, or a computational operation on the retrieved unfiltered data corresponding to each of the one or more patterns.
  • the primary data processing engine may perform pattern detection on the at least a part of the received unfiltered data based on type and/or amount of data to be filtered.
  • both of the pattern detection module and the feature extraction module may be deactivated simultaneously.
  • any or a part of the pattern detection module and the feature extraction module may be performed through a hardware element configured in the system.
  • present disclosure elaborates upon a vehicle comprising a gateway electronic control unit (ECU), the gateway ECU comprising: a non-transitory storage device having embodied therein one or more routines operable to filter network data; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines comprise: data receive module, which when executed by the one or more processors, receives unfiltered data from one or more networks that are operatively coupled with the gateway ECU; a pattern detection module, which when executed by the one or more processors, performs, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection; and a feature extraction module, which when executed by the one or more processors, retrieves data
  • present disclosure elaborates upon a method comprising the steps of: receiving, at a gateway electronic control unit (ECU) of a vehicle, unfiltered data from one or more networks that are operatively coupled with the gateway ECU; performing, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection; and retrieving data corresponding to each of the one or more patterns, and extracting, using an advanced data processing engine, based on a second set of preset configuration rules, one or more features from the retrieved data corresponding to each of the one or more patterns, the one or more features being used to filter the unfiltered data based on libraries corresponding to the one or more features such that the filtered data is transmitted to one or more desired devices operatively coupled to the vehicle.
  • ECU electronice control unit
  • the one or more networks may be selected from any or a combination of CAN, LIN, Flexray, and Ethernet, and the data may be received from one or more sensors, sub-networks, ECUs, or electronic devices that form part of or may be communicatively coupled with the vehicle.
  • one or more features may be extracted based on frequency defined in the second set of preset configuration rules.
  • the pattern detection may be performed on the at least a part of the received unfiltered data based on type and/or amount of data to be filtered.
  • FIG. 1 illustrates an overall exemplary configuration of the proposed gateway ECU in accordance with an embodiment of the present disclosure.
  • FIG. 2 illustrates an exemplary architecture of the proposed gateway ECU in accordance with an embodiment of the present disclosure.
  • FIG. 3 illustrates various modules of the proposed gateway ECU in accordance with an exemplary embodiment of the present disclosure.
  • FIG. 4 illustrates a method of working of system proposed in accordance with an exemplary embodiment of the present disclosure.
  • Embodiments of the present invention include various steps, which will be described below.
  • the steps may be performed by hardware components or may be embodied in machine-executable instructions, which may be used to cause a general-purpose or special- purpose processor programmed with the instructions to perform the steps.
  • steps may be performed by a combination of hardware, software, and firmware and/or by human operators.
  • Embodiments of the present invention may be provided as a computer program product, which may include a machine-readable storage medium tangibly embodying thereon instructions, which may be used to program a computer (or other electronic devices) toperform a process.
  • the machine-readable medium may include, but is not limited to, fixed (hard) drives, magnetic tape, floppy diskettes, optical disks, compact disc read-only memories (CD-ROMs), and magneto-optical disks, semiconductor memories, such as ROMs, PROMs, random access memories (RAMs), programmable read-only memories (PROMs), erasable PROMs (EPROMs), electrically erasable PROMs (EEPROMs), flash memory, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic instructions (e.g., computer programming code, such as software or firmware).
  • Various methods described herein may be practiced by combining one or more machine-readable storage media containing the code according to the present invention with appropriate standard computer hardware to execute the code contained therein.
  • An apparatus for practicing various embodiments of the present invention may involve one or more computers (or one or more processors within a single computer) and storage systems containing or having network access to computer program(s) coded in accordance with various methods described herein, and the method steps of the invention could be accomplished by modules, routines, subroutines, or subparts of a computer program product.
  • systems depicted in some of the figures may be provided in various configurations.
  • the systems may be configured as a distributed system where one or more components of the system are distributed across one or more networks in a cloud computing system.
  • gateways that are configured in network architectures to filter out and transmit only relevant data. Such gateways may find particular use in vehicle network architectures.
  • present disclosure elaborates upon a system comprising a gateway electronic control unit (ECU) of a vehicle, the gateway ECU comprising: anon-transitory storage device having embodied therein one or more routines operable to filter network data; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines comprise: a data receive module, which when executed by the one or more processors, receives unfiltered data from one or more networks that are operatively coupled with the gateway ECU; a pattern detection module, which when executed by the one or more processors, performs, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the unfiltered data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection; and a feature extraction module, which when executed by the one
  • the one or more networks may be selected from any or a combination of CAN, LIN, Flexray, and Ethernet.
  • the data may be received from one or more sensors, subnetworks, ECUs, or electronic devices that form part of or may be communicatively coupled with the vehicle.
  • the received data may be in the form of signals encapsulated in frames, one or more of the signals being extracted by a configurable gateway module and relayed based at least on one of the first set of preset configuration rules.
  • the one or more patterns may be realized by the primary data processing engine based on any or a combination of FPGA or System-On-Chip (SOC) design.
  • the first and second set of preset configuration rules may be same or subsets of each other.
  • the advanced data processing engine may extract the one or more features based on frequency defined in the second set of preset configuration rules.
  • the advanced data processing engine in order to extract the one or more features, may perform any or a combination of scaling, offsetting, or a computational operation on the retrieved unfiltered data corresponding to each of the one or more patterns.
  • the primary data processing engine may perform pattern detection on the at least a part of the received unfiltered data based on type and/or amount of data to be filtered.
  • both of the pattern detection module and the feature extraction module may be deactivated simultaneously.
  • any or a part of the pattern detection module and the feature extraction module may be performed through a hardware element configured in the system.
  • present disclosure elaborates upon a vehicle comprising a gateway electronic control unit (ECU), the gateway ECU comprising: a non-transitory storage device having embodied therein one or more routines operable to filter network data; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines comprise: data receive module, which when executed by the one or more processors, receives unfiltered data from one or more networks that are operatively coupled with the gateway ECU; a pattern detection module, which when executed by the one or more processors, performs, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection; and a feature extraction module, which when executed by the one or more processors, retrieves data
  • present disclosure elaborates upon a method comprising the steps of: receiving, at a gateway electronic control unit (ECU) of a vehicle, unfiltered data from one or more networks that are operatively coupled with the gateway ECU; performing, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection; and retrieving data corresponding to each of the one or more patterns, and extracting, using an advanced data processing engine, based on a second set of preset configuration rules, one or more features from the retrieved data corresponding to each of the one or more patterns, the one or more features being used to filter the unfiltered data based on libraries corresponding to the one or more features such that the filtered data is transmitted to one or more desired devices operatively coupled to the vehicle.
  • ECU electronice control unit
  • the one or more networks may be selected from any or a combination of CAN, LIN, Flexray, and Ethernet, and the data may be received from one or more sensors, sub-networks, ECUs, or electronic devices that form part of or may be communicatively coupled with the vehicle.
  • one or more features may be extracted based on frequency defined in the second set of preset configuration rules.
  • the pattern detection may be performed on the at least a part of the received unfiltered data based on type and/or amount of data to be filtered.
  • the present disclosure relates to a runtime configurable gateway ECU (interchangeably referred herein as gateway device or simply as gateway) that is configured to perform pattern detection and feature extraction for data analytics.
  • the gateway receives data from various networks like CAN, LIN, Flexray and Ethernet, the data being available in the form of signals encapsulated in frames.
  • Gateway ECU disclosed extracts signals from these frames and relay them as per preset configuration rules.
  • the gateway device provides all data which is being received via data communication mechanism which would include share memory for IPC (inter process communication) or any other fast hardware based data copying technique to a primary data processing engine .
  • the primary data processing engine has a filter or a pattern defined by configuration rules, which filters the data based on certain parameters, viz source of data and frequency of collection of data, This pattern maybe realized through either FPGA or SOC ( (system on chip) design.
  • the primary data processing engine may extract the data as per the configured filter.
  • the filtered data is read by an advanced data processing engine at the frequency defined by configuration rules.
  • the advanced data processing engine further processes the data based on the configuration rules.
  • the processing comprises scaling (multiplication), offsets and any further calculation to arrive at the values to be transmitted.
  • This process of extracting only specific information from the bulk of data is termed as Feature Extraction.
  • gateway ECU disclosed may receive a huge amount of data over a network across one or more communication channels, protocols, and topologies, and in order to make this large data manageable, gateway device of the present disclosure performs pattern detection and feature extraction on the received data so as to extract relevant feature/required data.
  • FIG. 1 illustrates an overall exemplary configuration of the proposed gateway ECU in accordance with an embodiment of the present disclosure.
  • configurable gateway ECU 100 of the present disclosure comprises a software component 102 and a hardware component 104. At least a part of the proposed pattern detection and feature extraction (as explained above) may be executed by the software component 102, while the other part is enabled by the hardware component 104.
  • the hardware component 104 may comprise one or more inbuilt/pre-configured/pre-defined libraries 106 required for different functionalities based on feature(s) to be extracted and/or further based the type and amount of data that is to be filtered.
  • Libraries (106) referred here may constitute various bit masks that maybe applied on the data received from a gateway module (shown as 202 in FIG.2). These bit masks maybe created by a Configuration processing engine (212, as show in FIG. 2) based on the configuration rules and may be sent to an FPGA based hardware component 104 to extract only the required data.
  • system (configured in a combination of hardware and software) of the present disclosure may run a script that enables only relevant libraries (say 106-1, 106-2, and 106-3 of N libraries 106) inside the hardware component 104 to be retrieved and processed and so, only relevant data is then transmitted over the network.
  • relevant libraries say 106-1, 106-2, and 106-3 of N libraries 106
  • gateway ECU 100 of the present disclosure may be configurable Over the air' (OTA) and therefore enable addition/updation (modification)/deletion of features that need to be extracted.
  • OTA Over the air'
  • gateway ECU 100 of the present disclosure may comprise an input/output circuit to input and output data to and from external circuits, a processor for arithmetic operations and a memory to store data, wherein the processor reads and writes programs and control information to and from the memory to execute arithmetic operations for automotive control. Communication of data with the external circuits outside the ECU may be performed via the input/output circuit.
  • a car driving state and behaviors of devices to be controlled are input from a sensor through the input/output circuit such that the gateway ECU 100 may receive control information from other ECU or when it transmits control information that it has acquired or calculated to other ECU, the data communication may be done via the input/output circuit and a network such as CAN and FlexRay, or a communication bus. Based on a variety of pieces of control information, ECU 100 may output a control signal through the input/output circuit to an actuator to be controlled.
  • gateway ECU 100 of the present disclosure may be configured to relay vehicle speed information received from, for instance, but not limited to, CAN to FlexRay.
  • the gateway ECU may comprise a data relaying unit (not shown) in its memory, as may other ECUs.
  • gateway ECU may be connected to two or more networks.
  • At least a part of the proposed pattern detection and feature extraction that is performed by the proposed gateway ECU 100 may be executed by a software component 102 (such as an application/engine configured in the gateway) by running scripts, while the other part is enabled by the hardware component 104.
  • hardware component 104 may comprise one or more inbuilt libraries 106 including but not limited to Fourier transform, and Kalman filtering that may be used for different functionalities based on feature(s) that are intended to be extracted and the type/amount of data that is to be filtered.
  • software component 102 may run a script that enables the relevant libraries inside the hardware component to be invoked and used for filtering received data and generate only relevant/required/desired data.
  • a plurality of ECUs may be operatively coupled with the gateway ECU in context, wherein the plurality of ECUs may be selected from, in a non- limiting manner, an anti-lock braking system (ABS) ECU; a parking aid module (PAM) ECU; a forward or rearward park assist sensor; a water presence sensor; a water depth sensor; or a chassis control module (CHCM).
  • ABS anti-lock braking system
  • PAM parking aid module
  • CHCM chassis control module
  • filtering of data to obtain relevant data need not necessarily be with respect to one or more ECUs but may also be with respect to one or more sub networks of a network that the gateway forms part of.
  • GatewayECU 100 is uniquely placed since it may have access to all the network traffic except for the signals which are only used within the subnets.
  • the gateway ECU 100 maybe at the center of "Star Topology" where all the networks may terminate and considering the complexity of the features offered by most of the OEMs highest priority may be given to almost every signal routed through
  • configurable gateway ECU 100 of the present disclosure may be used in any application where networking gateways are used including, but not limited to, Internet, Automotive, Internet of Things (IoT), Firewalls, network security devices, cloud storage, pharmaceutical applications, and healthcare, among other applications.
  • the reconfigurable gateway ECU may be used for an automotive ECU gateway that receives a large amount of data from multiple ECUs. This data can give really good insight into the working of vehicle and especially any design flaws leading to abnormal exchange of signals between the ECUs. Such deviation from the pattern can help in guiding the user to go for preventive maintenance.
  • intrusion in the vehicle network may cause unexpected vehicle behavior although the attack may be 'silent'.
  • Such silent attacks may be detected through anomaly detection achieved by configuring right feature for extraction.
  • addition of this re-configurable gateway in the form of CDD can provide for pattern detection and feature extraction by performing edge processing on the data, (edge processing is done in two steps, first by only selecting the data which is of interest, such selection being configurable, and further, in the second step, performing processing of this select data to further narrow down on the data elements which are of current interest, the second step too being configurable. This can reduce the huge amount of received data from various ECUs into a manageable amount of data which can be then transmitted efficiently through one or more telematics devices.
  • pattern detection and feature extraction executed inside the gateway ECU disclosed may be activated or deactivated remotely.
  • the deactivation may be achieved by setting up a configuration rule which will filter out entire data. Similarly it may be reactivated by setting up a configuration rule which will filter only required data. Any other configurational change may also be performed on the proposed gateway device to enable only required data to be retrieved from all the received data and further transmitted as required.
  • data processed by the proposed gateway ECU may be transmitted either to the other ECUs, other vehicle networks (V2V), or vehicle to infrastructure (V2I) or over a remote cloud storage.
  • V2V vehicle networks
  • V2I vehicle to infrastructure
  • proposed gateway device may be configured as an on-demand feature extraction gateway (as explained above the configuration rule may be set so as to activate or deactivate the feature extraction)device that, in view of the increasing signal data exchange between ECUs through gateway ECU, efficiently monitors vehicle data to detect corruption and unauthorized access.
  • feature extraction may be deployed for anomaly detection which is typically caused by certain noise on the vehicle network. This noise could get introduced unintentionally due to malfunction or it could get introduced intentionally by way of unauthorized access or hacking. Continuous monitoring of certain key signals may help in sensing variations in expected pattern of data. Based on detected variation further drill down is possible by sending updated configuration rules and perform further interrogation and conclude on actions based on the pattern of data received from Telematics unit.
  • gateway and feature extraction part may be implemented in hardware component 104 to meet deterministic performance whereas configurable part may be implemented in software component 102 for signal routing and selection of algorithm for pattern detection. Different algorithms such as Fourier transform may be implemented in hardware but selection of algorithm may be updated over the air. System of the present disclosure is therefore capable of getting programmed "Over the Air" to add/update/delete feature description that needs to be extracted.
  • the hardware component 104 may be FPGA based hardware which may have pre-programmed libraries (hardware based static implementation) that perform complex computations like Fourier transforms to filter out only required details from the signal.
  • the configuration rules which are provided over the air may get converted into FPGA programming constructs by Configuration Processing Engine (212, FIG. 2) like Verilog that may in turn provide simple filtering mechanisms like signal and frequency of sampling for that signal and also complex mathematical computations on the signals using pre-build libraries.
  • data processing may take place in hardware component 104 and processed data may be transmitted to a data server, thereby saving cost and sending of huge data online.
  • Feature extraction may be activated /deactivated remotely.
  • FIG. 2 illustrates an exemplary architecture of the proposed gateway ECU in accordance with an embodiment of the present disclosure.
  • FIG. 2 illustrates an exemplary architecture 200 of the proposed gateway ECU in accordance with an embodiment of the present disclosure, wherein the gateway ECU may comprise a gateway module 202 that is configured to, upon receipt of unfiltered network data from multiple external/internal sources such as over CAN network 204-1, LIN network 204-2, Ethernet network 204-3, and FlexRay network 204-4, transmit the received unfiltered/unprocessed data to a primary data processing engine 206 of a configurable feature extraction module 208.
  • a gateway module 202 that is configured to, upon receipt of unfiltered network data from multiple external/internal sources such as over CAN network 204-1, LIN network 204-2, Ethernet network 204-3, and FlexRay network 204-4, transmit the received unfiltered/unprocessed data to a primary data processing engine 206 of a configurable feature extraction module 208.
  • the primary data processing engine 206 and subsequently advanced data processing engine 210 may be configured to, based on features to be extracted and functionality that needs to be triggered, perform pattern detection and extraction of the desired features so as to trigger libraries that correspond to the desired features and filter the received unprocessed data using the triggered libraries in order to obtain desired/relevant data that may be subsequently transmitted.
  • Module 208 may further comprise a configuration processing engine 212 that assists and/or functions in conjunction with engines 206/210 to enable efficient feature extraction and processing of libraries based on extracted features.
  • configuration rules which are provided over the air may get converted into FPGA programming constructs by configuration processing engine (212) (similar to Verilog, for instance), that may in turn provide simple filtering mechanisms like signal and frequency of sampling for a signal and also complex mathematical computations on signals using pre-build libraries.
  • the primary data processing engine 206 may be an on chip implementation which is a hard wired or a configurable hardware component, whereas the advanced data processing engine 210 and the configuration processing engine 212 may be the software component.
  • Resultant filtered network data may be transmitted by the module 202 to one or more appropriate/configured ECUs/control units, over Ethernet or other suitable networks.
  • FIG. 3 illustrates various modules of the proposed gateway ECU in accordance with an exemplary embodiment of the present disclosure.
  • gateway proposed may comprise one or more processor(s) 302.
  • the one or more processor(s) 302 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, logic circuitries, and/or any devices that manipulate data based on operational instructions.
  • the one or more processor(s) 302 are configured to fetch and execute computer- readable instructions stored in a memory 304 of the gateway ECU 300 proposed.
  • the memory 304 may store one or more computer-readable instructions or routines, which may be fetched and executed to create or share the data units over a network service.
  • the memory 304 may comprise any non-transitory storage device including, for example, volatile memory such as RAM, or non-volatile memory such as EPROM, flash memory, and the like.
  • the gateway ECU 300 may also comprise an interface(s) 306.
  • the interface(s) 306 may comprise a variety of interfaces, for example, interfaces for data input and output devices, referred to as I/O devices, storage devices, and the like.
  • the interface(s) 306 may facilitate communication of the gateway ECU300 with various devices coupled to the gateway ECU300.
  • the interface(s) 306 may also provide a communication pathway for one or more components of the gateway ECU300. Examples of such components include, but are not limited to, processing engine(s) 308 and data 310.
  • the processing engine(s) 308 may be implemented as a combination of hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processing engine(s) 308.
  • programming for the processing engine(s) 308 may be processor executable instructions stored on a non-transitory machine-readable storage medium and the hardware for the processing engine(s) 308 may comprise a processing resource (for example, one or more processors), to execute such instructions.
  • the machine-readable storage medium may store instructions that, when executed by the processing resource, implement the processing engine(s) 308.
  • the gateway ECU300 may comprise the machine-readable storage medium storing the instructions and the processing resource to execute the instructions, or the machine-readable storage medium may be separate but accessible to gateway ECU300 and the processing resource.
  • the processing engine(s) 308 may be implemented by electronic circuitry.
  • the data 310 may comprise data that is either stored or generated as a result of functionalities implemented by any of the components of the processing engine(s) 308.
  • the engine(s) 308 may comprise a data receive module 312, a pattern detection module 314, a feature extraction module 316, and other modules 318.
  • the other modules 318 may implement functionalities that supplement applications or functions performed by the gateway ECU300 or the processing engine(s) 308.
  • modules being described are only exemplary modules and any other module or sub-module may be included as part of the proposed gateway ECU. These modules too may be merged or divided into super-modules or sub-modules as may be configured.
  • module 312 may receive unfiltered data from one or more networks that may be operatively coupled with the proposed gateway ECU.
  • the one or more networks may be selected from any or a combination of CAN, LIN, Flexray, and Ethernet.
  • the data may be received from one or more sensors, subnetworks, ECUs, or electronic devices that form part of or are communicatively coupled with the vehicle.
  • module 314 may perform, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the unfiltered data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection.
  • the received data (that is, data received by module 312) may be in the form of signals encapsulated in frames.
  • One or more of such signals maybe extracted by a configurable gateway module and relayed based at least on one of the first set of preset configuration rules.
  • the one or more patterns may be realized by the primary data processing engine based on any or a combination of FPGA or System-On-Chip (SOC) design.
  • the primary data processing engine may perform pattern detection on the at least a part of the received unfiltered data based on type and/or amount of data to be filtered.
  • the primary data processing engine used by module 314 may be as elaborated in FIG. 2 (206).
  • Module 314 may be operably connected to the primary data processing engine 206, or may have the engine as part of itself.
  • module 316 may retrieve unfiltered data corresponding to each of the one or more patterns, and may extract, using an advanced data processing engine, based on a second set of preset configuration rules, one or more features from the retrieved unfiltered data corresponding to each of the one or more patterns, the one or more features being used to filter the unfiltered data such that the filtered data is transmitted to one or more designated devices operatively coupled to the vehicle.
  • the first and second set of preset configuration rules may be same or subsets of each other.
  • the advanced data processing engine may extract the one or more features based on frequency defined in the second set of preset configuration rules. It can be appreciated that a single set of rules may be split into two, wherein the first part may be used by the primary data processing engine and the second part may be used by the advanced data processing engine.
  • the advanced data processing engine in order to extract the one or more features, may perform any or a combination of scaling, offsetting, or a computational operation on the retrieved unfiltered data corresponding to each of said one or more patterns.
  • both the pattern detection module 314 and the feature extraction module 316 may be deactivated simultaneously.
  • any or a part of the pattern detection module 314 and the feature extraction module 316 may be performed through a hardware element configured in a system that comprises the gateway ECU proposed.
  • module 316 is functionally similar to feature extraction module 208 of FIG. 2 that has an advanced data processing engine 210.
  • Configuration processing engine 212 may generate the configuration rules that may be used by the primary data processing engine 206 and the advanced data processing engine 210, as shown in FIG. 2.
  • the gateway ECU elaborated above may be configured inside a vehicle.
  • a vehicle comprising the gateway ECU may be configured wherein the gateway ECU may comprise a non-transitory storage device having embodied therein one or more routines operable to filter network data; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines comprise: a data receive module that receives unfiltered data from one or more networks that are operatively coupled with the gateway ECU; a pattern detection module, which when executed by the one or more processors, performs, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection; and a feature extraction module, which when executed by the one or more processors
  • FIG. 4 illustrates a method of working of system proposed in accordance with an exemplary embodiment of the present disclosure.
  • the proposed method may be described in general context of computer executable instructions.
  • computer executable instructions comprise routines, programs, objects, components, data structures, procedures, modules, functions, etc., that perform particular functions or implement particular abstract data types.
  • the method may also be practiced in a distributed computing environment where functions are performed by remote processing devices that are linked through a communications network.
  • computer executable instructions may be located in both local and remote computer storage media, including memory storage devices.
  • the method may comprise, at step 402, receiving, at a gateway electronic control unit (ECU) of a vehicle ,unfiltered data from one or more networks that are operatively coupled with the gateway ECU and at step 404, performing, using a primary data processing engine, based on a first set of preset configuration rules, pattern detection on at least a part of the received unfiltered data so as to yield one or more patterns of the data, wherein the first set of preset configuration rules may be based on any or a combination of source of data and frequency of data collection.
  • ECU electronice control unit
  • the method may further comprise, at step 406, retrieving data corresponding to each of the one or more patterns, and extracting, using an advanced data processing engine, based on a second set of preset configuration rules, one or more features from the retrieved data corresponding to each of the one or more patterns, the one or more features being used to filter the unfiltered data based on libraries corresponding to the one or more features such that the filtered data is transmitted to one or more desired devices operatively coupled to the vehicle.
  • the one or more networks may be selected from any or a combination of CAN, LIN, Flexray, and Ethernet, and wherein the data may be received from one or more sensors, sub-networks, ECUs, or electronic devices that form part of or are communicatively coupled with the vehicle.
  • the one or more features may be extracted based on frequency defined in the second set of preset configuration rules.
  • the pattern detection may be performed on the at least a part of the received unfiltered data based on type and/or amount of data to be filtered.
  • Coupled to is intended to include both direct coupling (in which two elements that are coupled to each other or in contact each other) and indirect coupling (in which at least one additional element is located between the two elements). Therefore, the terms “coupled to” and “coupled with” are used synonymously. Within the context of this document terms “coupled to” and “coupled with” are also used euphemistically to mean “communicatively coupled with” over a network, where two or more devices are able to exchange data with each other over the network, possibly via one or more intermediary device.
  • the present disclosure provides for a gateway electronic control unit (ECU) of a vehicle that efficiently handles and manages data in a manner such that only relevant data or processed data is transmitted to devices that are operatively coupled with it.
  • ECU electronice control unit
  • the present disclosure provides for a gateway electronic control unit (ECU) of a vehicle that reduces the amount of data that is transmitted outside of the specific network, and so improves efficiency and reduces the associated costs.
  • ECU electronice control unit
  • the present disclosure provides for a system and method that helps improve the efficiency, speed, security, and performance of a gateway ECU along with making it configurable

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Medical Informatics (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Small-Scale Networks (AREA)

Abstract

La présente invention concerne une unité de commande électronique (ECU) de passerelle configurable (200) qui comprend un composant logiciel et un composant matériel, l'ECU de passerelle (200) étant configurée pour effectuer une détection de motif (210) et une extraction de caractéristiques (208), dont au moins une partie est exécutée par le composant logiciel, tandis que l'autre partie est activée par le composant matériel. Une partie configurable est exécutée par le composant logiciel pour un routage de signal et une sélection d'algorithme de détection de motif, tandis que le composant matériel comprend une ou plusieurs bibliothèques intégrées/pré- ou post-configurées/pré-définies qui sont requises pour différentes fonctionnalités sur la base d'une ou de plusieurs caractéristiques à extraire et/ou en outre sur la base du type et de la quantité de données à filtrer. Sur la base des caractéristiques à extraire et de la fonctionnalité qui doit être déclenchée, l'ECU de passerelle (200) décrite permet de récupérer et de traiter des bibliothèques pertinentes à l'intérieur du composant matériel. L'architecture proposée réduit significativement la quantité de données à transmettre et le temps de traitement, améliore la vitesse et l'efficacité, et rend les ressources CPU disponibles pour une mise en œuvre de caractéristiques supplémentaire.
PCT/IB2018/051850 2017-03-21 2018-03-20 Unité de commande électronique de passerelle Ceased WO2018172926A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN201721009836 2017-03-21
IN201721009836 2017-03-21

Publications (1)

Publication Number Publication Date
WO2018172926A1 true WO2018172926A1 (fr) 2018-09-27

Family

ID=62089781

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2018/051850 Ceased WO2018172926A1 (fr) 2017-03-21 2018-03-20 Unité de commande électronique de passerelle

Country Status (1)

Country Link
WO (1) WO2018172926A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111942306A (zh) * 2020-07-13 2020-11-17 东风汽车集团有限公司 一种汽车电子执行器控制方法及系统
WO2022171285A1 (fr) * 2021-02-11 2022-08-18 Volvo Construction Equipment Ab Dispositif de passerelle ayant une fonction de routage
CN118432971A (zh) * 2024-05-13 2024-08-02 镁佳(北京)科技有限公司 数据处理方法、系统、计算机设备及存储介质
CN119172247A (zh) * 2024-09-04 2024-12-20 东风汽车集团股份有限公司 报文监测更新方法、装置、设备及存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013144962A1 (fr) * 2012-03-29 2013-10-03 Arilou Information Security Technologies Ltd. Système et procédé de sécurité destinés à protéger un système électronique de véhicule
US20150113638A1 (en) * 2013-10-23 2015-04-23 Christopher Valasek Electronic system for detecting and preventing compromise of vehicle electrical and control systems
EP3113529A1 (fr) * 2015-06-29 2017-01-04 Argus Cyber Security Ltd Système et procédé de détection d'anomalie sur la base de durée dans un réseau de communication embarqué

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013144962A1 (fr) * 2012-03-29 2013-10-03 Arilou Information Security Technologies Ltd. Système et procédé de sécurité destinés à protéger un système électronique de véhicule
US20150113638A1 (en) * 2013-10-23 2015-04-23 Christopher Valasek Electronic system for detecting and preventing compromise of vehicle electrical and control systems
EP3113529A1 (fr) * 2015-06-29 2017-01-04 Argus Cyber Security Ltd Système et procédé de détection d'anomalie sur la base de durée dans un réseau de communication embarqué

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111942306A (zh) * 2020-07-13 2020-11-17 东风汽车集团有限公司 一种汽车电子执行器控制方法及系统
CN111942306B (zh) * 2020-07-13 2022-04-12 东风汽车集团有限公司 一种汽车电子执行器控制方法及系统
WO2022171285A1 (fr) * 2021-02-11 2022-08-18 Volvo Construction Equipment Ab Dispositif de passerelle ayant une fonction de routage
CN118432971A (zh) * 2024-05-13 2024-08-02 镁佳(北京)科技有限公司 数据处理方法、系统、计算机设备及存储介质
CN119172247A (zh) * 2024-09-04 2024-12-20 东风汽车集团股份有限公司 报文监测更新方法、装置、设备及存储介质

Similar Documents

Publication Publication Date Title
JP7492622B2 (ja) 車両異常検知サーバ、車両異常検知システム及び車両異常検知方法
US11165851B2 (en) System and method for providing security to a communication network
CN112204578B (zh) 使用机器学习在数据接口上检测数据异常
EP3370389B1 (fr) Détection d'anomalies de véhicule cloud-edge coopérative
WO2018172926A1 (fr) Unité de commande électronique de passerelle
US20200274851A1 (en) Full featured packet-based automotive network security gateway
US20190182267A1 (en) Vehicle security manager
CN113498509B (zh) 替代装置、替代控制程序产品及替代方法
US20160173513A1 (en) Apparatuses and methods for security in broadcast serial buses
US11027676B2 (en) Vehicle data communications network
US20180196941A1 (en) Security system and methods for identification of in-vehicle attack orginator
US20240411864A2 (en) System and method for detection of anomalous controller area network (can) messages
EP3772209B1 (fr) Système de défense contre les cyber-menaces, composants et procédé d'utilisation de modèles d'intelligence artificielle formés sur un modèle de vie normal pour des systèmes ayant des sources de données inhabituelles
JP7065444B2 (ja) 情報処理装置および情報処理システム
JP2019521040A (ja) 車内ネットワーク異常検出のためのnet sleuth
CN109873652B (zh) 车载中继装置、外部装置、信息处理装置、方法及系统
US20210274010A1 (en) Optimizing size of protocol communication in a vehicle internal networks
US20190126858A1 (en) Vehicle data communications network
KR102446579B1 (ko) 차량용 데이터 교환 장치와 데이터 교환 방법, 차량의 차량 부품용 장치와 방법 및 컴퓨터 프로그램
KR20140076692A (ko) 차량 진단 게이트웨이 장치 및 이를 포함하는 시스템
JP7537382B2 (ja) 攻撃分析装置、攻撃分析方法、及び攻撃分析プログラム
CN117461061A (zh) 混合车辆通信网络上的装置健康代码广播
US11074108B2 (en) Caching electronic control unit mapping solutions for connected vehicles
CN113767034A (zh) 中心装置、数据分发系统以及限制实施程序
Mosenia et al. ProCMotive: bringing programmability and connectivity into isolated vehicles

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18721132

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18721132

Country of ref document: EP

Kind code of ref document: A1