[go: up one dir, main page]

WO2018179630A1 - Dispositif et procédé de traitement d'informations et programme - Google Patents

Dispositif et procédé de traitement d'informations et programme Download PDF

Info

Publication number
WO2018179630A1
WO2018179630A1 PCT/JP2017/045902 JP2017045902W WO2018179630A1 WO 2018179630 A1 WO2018179630 A1 WO 2018179630A1 JP 2017045902 W JP2017045902 W JP 2017045902W WO 2018179630 A1 WO2018179630 A1 WO 2018179630A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication data
analysis
analysis target
information processing
predetermined operation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2017/045902
Other languages
English (en)
Japanese (ja)
Inventor
小林 浩二
安齋 潤
藤村 一哉
正人 田邉
中野 稔久
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Panasonic Intellectual Property Management Co Ltd
Original Assignee
Panasonic Intellectual Property Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Panasonic Intellectual Property Management Co Ltd filed Critical Panasonic Intellectual Property Management Co Ltd
Publication of WO2018179630A1 publication Critical patent/WO2018179630A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]

Definitions

  • the present invention relates to a technique for analyzing communication between electronic control units mounted on a mobile object that performs automatic operation.
  • ECU Electronic Control Units
  • a communication network for controlling the automobile.
  • the ECU performs communication via a bus serving as a transmission path in accordance with, for example, a CAN (Controller ⁇ Area Network) standard defined by ISO11898.
  • CAN Controller ⁇ Area Network
  • the ECU serving as a transmission node transmits a frame as a message with an ID (identifier (also referred to as a message ID)), and each ECU serving as a reception node receives a frame having an ID predetermined for each ECU.
  • ID identifier (also referred to as a message ID)
  • an advanced driver assistance system for example, an advanced driver assistance system (ADAS: Advanced Driver Assistance System) is known.
  • ADAS function for example, parking support function, lane keeping support function, collision avoidance support function, etc.
  • information acquired by a sensor connected to an in-vehicle network that is, an image taken by an in-vehicle camera, a rider (LIDAR) : Light Detection and Ranging
  • LIDAR Light Detection and Ranging
  • the ECU recognizes the surrounding environment of the vehicle based on the information, and controls the vehicle according to the recognition result.
  • a plurality of ECUs cooperate to control the steering device to avoid a collision with an obstacle detected on the course.
  • the present invention provides an information processing apparatus capable of efficiently performing processing for analysis related to communication in a mobile body or other boarding apparatus that performs automatic driving.
  • the present invention also provides an information processing method and program used in the information processing apparatus.
  • An information processing apparatus collects information for analysis regarding communication between a plurality of electronic control units mounted on a boarding apparatus having an automatic driving function.
  • the information processing apparatus includes a receiving unit, a specifying unit, and a processing unit.
  • the receiving unit receives a plurality of communication data sequentially transmitted over a network in which a plurality of electronic control units in the boarding apparatus communicate.
  • the specifying unit detects a predetermined operation time when a predetermined operation is performed on the boarding device by a passenger of the boarding device, and specifies an analysis target period including the predetermined operation time.
  • the processing unit receives the communication data received by the receiving unit from the analysis target communication data that is communication data received within the analysis target period, and the non-analysis communication data that is communication data received outside the analysis target period, and And a predetermined process for analyzing the communication data to be analyzed is executed based on the result of the classification.
  • An information processing method is a boarding device that collects information for analysis regarding communication between a plurality of electronic control units mounted on a boarding device having an automatic driving function. It is used in an information processing apparatus mounted on the.
  • the information processing method includes a receiving step, a specifying step, and a processing step.
  • a receiving step a plurality of communication data sequentially transmitted through a network in which a plurality of electronic control units in the boarding apparatus communicate is received.
  • a predetermined operation time which is a time when a predetermined operation is performed on the boarding device by an occupant of the boarding device, is detected, and an analysis target period including the predetermined operation time is specified.
  • the communication data received in the reception step is analyzed data that is communication data received within the analysis target period, and communication data that is not analyzed that is communication data received outside the analysis target period. And a predetermined process for analyzing the communication data to be analyzed is executed based on the result of the classification.
  • a program for collecting information for analysis on communication between a plurality of electronic control units mounted on a boarding device having an automatic driving function is a program for causing an information processing apparatus that has a microprocessor to be executed.
  • the program causes the information processing apparatus to execute a reception step, a specific step, and a processing step.
  • a reception step a plurality of communication data sequentially transmitted through a network in which a plurality of electronic control units in the boarding apparatus communicate is received.
  • a predetermined operation time which is a time when a predetermined operation is performed on the boarding device by an occupant of the boarding device, is detected, and an analysis target period including the predetermined operation time is specified.
  • the communication data received in the reception process is analyzed data that is communication data received within the analysis target period, and communication data that is not analyzed and is communication data received outside the analysis target period. And a predetermined process for analyzing the communication data to be analyzed is executed based on the result of the classification.
  • FIG. 1 is a diagram showing an overall configuration of the in-vehicle network system according to the first embodiment.
  • FIG. 2 is a diagram showing a format of a data frame defined by the CAN protocol.
  • FIG. 3 is a functional block diagram of the information processing apparatus according to the first embodiment.
  • FIG. 4 is a diagram illustrating a hardware configuration example of the information processing apparatus according to the first embodiment.
  • FIG. 5 is a flowchart illustrating an example of predetermined information processing by the information processing apparatus according to the first embodiment.
  • FIG. 6 is a functional block diagram of the information processing apparatus and the external communication apparatus according to the second embodiment.
  • FIG. 7 is a diagram illustrating a hardware configuration example of the information processing apparatus and the external communication apparatus according to the second embodiment.
  • FIG. 8 is a flowchart illustrating an example of predetermined information processing by the information processing apparatus according to the second embodiment.
  • an attacker is a person who tries to control a vehicle against the driver's will by illegally controlling ADAS by, for example, a cyber attack on an in-vehicle network.
  • a server device operated by a vehicle manufacturer (vehicle manufacturer) or the like has a message analysis function or the like in order to quickly realize security measures against a new attack on a vehicle having an automatic driving function. I will explain.
  • Each vehicle manufactured by a vehicle manufacturer promptly and sequentially transmits information on messages flowing through the in-vehicle network to the server device.
  • the server device performs various analyzes based on the received information.
  • the analysis contents include, for example, grasping various items such as the type, period, frequency, and the like of the message flowing through the in-vehicle network, the state of the vehicle indicated by the message contents, the control contents, and the like. Based on the result of this analysis, vehicle manufacturers and the like can take measures against new attacks.
  • the present inventors narrow down the target of processing for analysis such as transmission in order to reduce the amount of resources such as communication bandwidth required for analysis of information related to messages flowing through the bus of the in-vehicle network. I came up with a technology to efficiently perform the process.
  • a period such as several seconds or several tens of seconds including a time when a vehicle occupant performs a predetermined operation such as a brake operation is defined as an analysis target period. Limit the target to messages received within the period, and perform processing for message analysis.
  • Information related to messages that flow through the bus before and after the occurrence of an abnormality in a vehicle having an automatic driving function is highly important in terms of, for example, verification of the automatic driving function or security measures. For this reason, in this information processing method, it is assumed that the occupant feels uncomfortable due to the behavior of the vehicle even during automatic driving, and when the abnormality is detected, the occupant of the vehicle performs a predetermined operation such as a brake operation.
  • the time of operation is used to specify the period to be analyzed as the time related to the occurrence of an abnormality.
  • Examples of the predetermined operation include operation of a brake, that is, a braking device, operation of a steering, that is, a steering device, operation of an alarm device, and the like.
  • Resources for which this increase can be suppressed include, for example, a communication band used for transmitting information from the vehicle to the server device, a capacity of a storage medium (or recording medium) for holding information in the vehicle or the server device, a vehicle or a server It is a computing resource used for various arithmetic processes related to analysis in an apparatus or the like. For example, by installing an information processing device that realizes this information processing method in a vehicle, it is possible to efficiently execute processing for analysis related to communication in the vehicle.
  • the purpose of the analysis may be other than the rapid realization of the security measures against the new attack as in the above-mentioned example, and various purposes for the advancement of the autonomous driving technology, security ensuring, etc. can be assumed. Therefore, in order to analyze information related to a message flowing through the bus of the in-vehicle network, the vehicle does not necessarily have to sequentially transmit the information to an external server device or the like.
  • the vehicle may store the information in a recording medium mounted on the vehicle without transmitting the information related to the message flowing through the bus.
  • the information stored in the recording medium is transferred to a computer outside the vehicle. It can be used for analysis in a device such as. Moreover, it is good also as collecting and analyzing the information regarding the message which flowed on the bus
  • the target is limited to messages received from the bus within the analysis target period determined based on the predetermined operation by the vehicle occupant, and transmitted to the recording medium. Performing processing for analysis such as recording is efficient and produces an effect of reducing the amount of resources necessary for processing for analysis.
  • the information processing method has been described by paying attention to the vehicle, but this information processing method can also be applied to robots other than the vehicle, and can be applied to a moving body or other boarding device that can perform automatic driving with a person on it. Is possible.
  • This information processing method can be executed in, for example, an information processing apparatus mounted on a boarding apparatus.
  • An information processing apparatus collects information for analysis regarding communication between a plurality of electronic control units mounted on a boarding apparatus having an automatic driving function.
  • the information processing apparatus includes a receiving unit, a specifying unit, and a processing unit.
  • the receiving unit receives a plurality of communication data sequentially transmitted over a network in which a plurality of electronic control units in the boarding apparatus communicate.
  • the specifying unit detects a predetermined operation time when a predetermined operation is performed on the boarding device by a passenger of the boarding device, and specifies an analysis target period including the predetermined operation time.
  • the processing unit receives the communication data received by the receiving unit from the analysis target communication data that is communication data received within the analysis target period, and the non-analysis communication data that is communication data received outside the analysis target period, and And a predetermined process for analyzing the communication data to be analyzed is executed based on the result of the classification.
  • a predetermined process for analyzing the communication data to be analyzed is executed based on the result of the classification.
  • This makes it possible to suppress an increase in the amount of resources required for processing for analyzing information related to communication between ECUs in the boarding apparatus.
  • data of a kind useful for analysis can be defined as communication data.
  • the predetermined process is a process performed by distinguishing the analysis target communication data and the non-analysis target communication data.
  • the predetermined process may be, for example, a process of deleting only the non-analysis communication data from the communication data received by the receiving unit and held in the recording medium, or the analysis target communication data is analyzed and excluded from the analysis target Processing that does not analyze communication data may be used.
  • the specifying unit detects a predetermined operation time based on the communication data received by the receiving unit, and includes a period from a predetermined operation time to a time when a predetermined condition is satisfied after the predetermined operation time.
  • the analysis target period may be specified.
  • an operation to be performed when an occupant of a moving body or other boarding device feels uncomfortable or uneasy about the operation of the boarding device such as movement is defined as a predetermined operation.
  • communication information between ECUs within a period including a predetermined operation time to a time when a predetermined condition is satisfied can be set as a processing target for analysis. For this reason, communication information in an abnormal state can be efficiently subjected to processing for analysis, and the amount of resources required for the processing can be suppressed.
  • the specifying unit may specify the analysis target period so that the predetermined operation time is set as the start of the analysis target period.
  • the specifying unit may specify the analysis target period so that a predetermined time before the predetermined operation is set as the start of the analysis target period.
  • a predetermined time before the predetermined operation is set as the start of the analysis target period.
  • a buffer that can store communication data received by the receiving unit may be further included.
  • the specifying unit analyzes the communication data stored in the buffer at the time of a predetermined operation so that the earliest received communication data stored in the buffer is received by the receiving unit. It is good also as specifying an object period.
  • the receiving unit sets the communication data to be stored as the overwrite target in order from the communication data stored earliest when there is no free space in the buffer. It may be overwritten. Accordingly, when the received communication data is temporarily stored in the buffer, the communication data remaining in the buffer when the passenger of the boarding apparatus performs a predetermined operation can be set as a processing target for analysis. .
  • the specifying unit may specify the analysis target period so that the time when the predetermined condition is satisfied after the predetermined operation is set as the end of the analysis target period.
  • the predetermined condition may be satisfied when a predetermined time has elapsed since the predetermined operation, or may be satisfied when a predetermined amount of communication data is received since the predetermined operation. Accordingly, if the predetermined condition is appropriately determined in combination with the predetermined operation in view of the importance of the communication data in the analysis, it is possible to efficiently perform the process for the analysis.
  • the boarding apparatus may be a moving body.
  • the boarding apparatus may have a braking device that suppresses the movement of the boarding apparatus in accordance with a predetermined operation.
  • the predetermined condition may be satisfied when the boarding apparatus stops.
  • the ECU within a period including the time from when the occupant who felt uncomfortable or uneasy about the movement of the moving body having the automatic driving function operates the braking device to suppress the movement until the moving body stops It is possible to separate the communication information between them from the communication information outside the period, and it is possible to efficiently narrow down the processing target for analysis to information related to the abnormal state.
  • the boarding apparatus may be a moving body.
  • the boarding apparatus may have a braking device that suppresses the movement of the boarding apparatus until a specific operation is performed after a predetermined operation is performed.
  • the specifying unit may detect a specific operation time that is a time when the specific operation is performed subsequent to the predetermined operation. Further, the predetermined condition may be satisfied during a specific operation.
  • the ECU within a period including the time from when the occupant who felt uncomfortable or uneasy about the movement of the moving body having the automatic driving function operated the braking device to suppress the movement until the operation was stopped It is possible to separate the communication information between them from the communication information outside the period, and it is possible to efficiently narrow down the processing target for analysis to information related to the abnormal state.
  • the boarding apparatus may be a moving body.
  • the boarding apparatus may have a steering apparatus that changes the moving direction of the boarding apparatus in accordance with an operation.
  • the predetermined operation may be an operation on the steering device.
  • the boarding device may have an alarm device that issues an alarm to the outside of the boarding device in response to an operation.
  • the predetermined operation may be an operation on the alarm device.
  • the processing unit includes, as a predetermined process, analysis information including analysis target communication data without including analysis target communication data in order to cause a device external to the boarding apparatus to perform analysis on the analysis target communication data. May be transmitted to the outside of the boarding apparatus.
  • information for analysis such as communication data to be transmitted to an external device having an analysis function or the like can be narrowed down to information related to the analysis target communication data. Therefore, the communication band necessary for transmission can be narrowed down. It becomes possible to keep it small compared with the case where it does not. For this reason, it becomes possible to efficiently analyze information related to communication in the network of the boarding apparatus with an external apparatus.
  • the processing unit includes an analysis including the analysis target communication data without including the non-analysis target communication data in the predetermined recording medium for recording the analysis information used for the analysis of the analysis target communication data. It is also possible to perform processing for recording the business information. As a result, the analysis information such as communication data to be recorded on the predetermined recording medium can be narrowed down to the information related to the analysis target communication data, so that the amount of data recorded in the recording medium per unit time is not reduced. Can be kept small. For this reason, an increase in the capacity of the recording medium necessary for recording for analysis is suppressed.
  • the boarding apparatus may be a vehicle.
  • the plurality of electronic control units exchange frames including communication data via a bus in accordance with a CAN (Controller (Area Network) protocol, the information processing apparatus is connected to the bus, and the receiving unit receives communication data from the bus.
  • the included frames may be received sequentially. This makes it possible to reduce the amount of resources required for processing for analyzing information related to communication between the ECUs in the vehicle via the bus.
  • the receiving unit may receive the content of the data field of the data frame in which the content of the ID field satisfies the specific condition as communication data.
  • a specific message ID corresponding to a specific type of data useful for analysis among the types of data determined by the in-vehicle network system can be determined so as to satisfy a specific condition.
  • the communication data whose contents are limited can be classified in terms of time using the specified analysis target period and the processing target can be narrowed down, so that the processing for analysis can be performed efficiently.
  • An information processing method is a boarding device that collects information for analysis regarding communication between a plurality of electronic control units mounted on a boarding device having an automatic driving function. It is used in an information processing apparatus mounted on the.
  • the information processing method includes a receiving step, a specifying step, and a processing step.
  • a receiving step a plurality of communication data sequentially transmitted through a network in which a plurality of electronic control units in the boarding apparatus communicate is received.
  • a predetermined operation time which is a time when a predetermined operation is performed on the boarding device by an occupant of the boarding device, is detected, and an analysis target period including the predetermined operation time is specified.
  • the communication data received in the reception step is analyzed data that is communication data received within the analysis target period, and communication data that is not analyzed that is communication data received outside the analysis target period. And a predetermined process for analyzing the communication data to be analyzed is executed based on the result of the classification. This makes it possible to suppress an increase in the amount of resources required for processing for analyzing information related to communication between ECUs in the boarding apparatus.
  • a program for collecting information for analysis on communication between a plurality of electronic control units mounted on a boarding device having an automatic driving function is a program for causing an information processing apparatus that has a microprocessor to be executed.
  • the program causes the information processing apparatus to execute a reception step, a specific step, and a processing step.
  • a reception step a plurality of communication data sequentially transmitted through a network in which a plurality of electronic control units in the boarding apparatus communicate is received.
  • a predetermined operation time which is a time when a predetermined operation is performed on the boarding device by an occupant of the boarding device, is detected, and an analysis target period including the predetermined operation time is specified.
  • the communication data received in the reception process is analyzed data that is communication data received within the analysis target period, and communication data that is not analyzed and is communication data received outside the analysis target period. And a predetermined process for analyzing the communication data to be analyzed is executed based on the result of the classification.
  • the microprocessor of the information processing apparatus executes the program, whereby predetermined information processing is executed. This makes it possible to suppress an increase in the amount of resources required for processing for analyzing information related to communication between ECUs in the boarding apparatus.
  • FIG. 1 is a diagram illustrating an overall configuration of an in-vehicle network system 10 according to the first embodiment.
  • the in-vehicle network system 10 is an example of a network communication system that performs communication according to the CAN protocol, and includes an in-vehicle network in the vehicle 30.
  • the vehicle 30 is an automobile, for example, and is equipped with various devices such as an actuator, a control device, and a sensor.
  • the in-vehicle network system 10 includes a bus 40, an information processing device 100, ECUs 20a to 20f, an engine 31, a braking device 32, a steering device 33, and an alarm device 34. Although omitted in FIG. 1, the in-vehicle network system 10 may include a number of ECUs in addition to the ECUs 20a to 20f, but here, for convenience of explanation, the explanation will be made with a focus on the ECUs 20a to 20f.
  • Each ECU is a device that includes, for example, a processor (that is, a microprocessor), a digital circuit such as a memory, an analog circuit, and a communication circuit in terms of hardware.
  • the memory is a ROM (read-only memory), a RAM (random access memory), or the like, and can store a program (that is, a computer program) executed by the processor.
  • Each ECU implement
  • Each ECU is connected to the bus 40 to constitute an in-vehicle network.
  • Each ECU can be connected to devices such as an actuator, a control device, and a sensor.
  • the ECUs 20a to 20d are connected to an engine 31, a braking device 32, a steering device 33, and an alarm device 34, respectively.
  • the engine 31 controls the number of revolutions of the engine by opening and closing a throttle valve, for example, according to an accelerator pedal operation or the like.
  • the braking device 32 controls the brake actuator in accordance with, for example, the operation of the brake pedal and suppresses the speed of the vehicle 30.
  • the steering device 33 controls a steering angle actuator or the like according to, for example, operation of the steering wheel, and changes the traveling direction of the vehicle 30, that is, the moving direction.
  • the alarm device 34 is, for example, a device that performs control to turn on an emergency flashing indicator lamp to notify the outside of the vehicle 30 and may be a device that performs control to sound a horn.
  • Each ECU sends and receives messages via the bus 40 according to the CAN protocol. For example, a message including data based on information acquired by the sensor is periodically transmitted from the ECU connected to the sensor to the bus 40. The message transmission period is, for example, several hundred milliseconds. Further, the ECU connected to the actuator in the vehicle 30 determines and controls the control content of the actuator based on the message received from the bus 40.
  • the ECU 20e and the ECU 20f are ECUs having an automatic driving function as an ADAS function.
  • the ECU 20e realizes an automatic driving control function
  • the ECU 20f realizes an automatic steering function.
  • the ECU 20e detects, for example, that the driver of the vehicle 30 has started an automatic driving operation, has ended an automatic driving operation, etc., and determines the start and end of the automatic driving.
  • the ECU 20e The control contents for automatic driving are determined according to the state, and various messages for instructing the control are transmitted to the bus 40.
  • the ECU 20f receives, for example, a message relating to a control instruction from the ECU 20e, a message including data based on information acquired by sensors from other ECUs, and the like. Then, the ECU 20f determines the state of the vehicle 30 from the received message and the like, determines instruction information such as a steering angle for automatic steering according to the state of the vehicle 30, and transmits a message indicating the instruction information to the bus 40. To do.
  • the message indicating the instruction information has a predetermined message ID so that the ECU 20c receives and controls the steering device 33 according to the instruction information.
  • Several ECUs that operate in response to a message from the ECU 20e may exist in addition to the ECU 20f.
  • the information processing apparatus 100 is an apparatus that collects information related to communication data transmitted and received by the ECUs 20a to 20f and performs processing for analysis.
  • the information processing apparatus 100 includes hardware similar to the ECUs 20a to 20f, for example, and receives messages from the bus 40 according to the CAN protocol.
  • the information processing apparatus 100 has a function of narrowing down the processing target by separating the communication data included in the message received from the bus 40 into communication data to be analyzed and communication data other than that.
  • the information processing apparatus 100 has an external communication function for communicating with a device outside the vehicle 30 via a wide area network such as the Internet.
  • the information processing apparatus 100 transmits information based on communication data narrowed down as a processing target from communication data received from the bus 40 to a server apparatus outside the vehicle 30 having an analysis function.
  • the server device is, for example, a computer that receives, collects, and analyzes information related to messages transmitted / received in each in-vehicle network of a plurality of vehicles 30 of the same type from each vehicle 30.
  • each ECU exchanges a frame such as a data frame as a message according to the CAN protocol.
  • Frames in the CAN protocol include a data frame, a remote frame, an overload frame, and an error frame.
  • a description will be given focusing on a data frame as a message including communication data.
  • FIG. 2 is a diagram showing a data frame format defined by the CAN protocol.
  • a data frame in a standard ID format defined by the CAN protocol is shown.
  • the data frame includes an SOF (Start Of Frame), ID field, RTR (Remote Transmission Request), IDE (Identifier Extension), reserved bit “r”, DLC (Data Length Code), data field, CRC (Cyclic Redundancy Check) sequence.
  • the ID field is a field for storing an ID (also referred to as a message ID) that is a value indicating the type of data, which is composed of 11 bits.
  • ID also referred to as a message ID
  • a frame having a small ID is designed to have a high priority in order to perform communication arbitration in this ID field.
  • the data field is a field for storing data having a maximum of 64 bits.
  • Each ECU that transmits a message stores data of a predetermined type as a specification of the in-vehicle network system 10 in the data field, and stores a message ID predetermined corresponding to the type of data in the ID field.
  • a data frame is constructed and transmitted.
  • a message ID used for a message, a configuration of corresponding data, and the like are determined in advance by a vehicle manufacturer or the like.
  • FIG. 3 is a functional block diagram illustrating the configuration of the information processing apparatus 100.
  • the information processing apparatus 100 includes a receiving unit 110, a buffer 120, a specifying unit 130, a processing unit 140, and a recording medium 150.
  • the processing unit 140 includes an external communication unit 141.
  • the information processing apparatus 100 has, in terms of hardware, a communication circuit for communicating with, for example, the recording medium 150 and an external apparatus located outside the vehicle 30 in addition to the hardware configuration of the ECU.
  • FIG. 4 shows an exemplary hardware configuration of the information processing apparatus 100.
  • the information processing apparatus 100 includes a processor (microprocessor) 101, a memory 102, a CAN communication I / F (interface) 103, an external communication I / F 104, and a recording medium 150 in terms of hardware. .
  • the memory 102 is a ROM, a RAM, or the like, and can store a program executed by the processor 101.
  • the memory 102 may include a non-volatile memory.
  • the CAN communication I / F 103 is a communication circuit such as a CAN controller for performing communication according to the CAN protocol.
  • the external communication I / F 104 is a wireless communication circuit for communicating with a network outside the vehicle 30.
  • the recording medium 150 is, for example, a nonvolatile memory such as a memory card, a hard disk, or the like.
  • the receiving unit 110 is realized by a CAN communication I / F 103, a processor 101 that executes a program, and the like.
  • the receiving unit 110 sequentially receives communication data related to communication between ECUs from the bus 40 and stores the data in the buffer 120.
  • Communication data received by the receiving unit 110 is included in a message that flows on the bus 40, that is, a data frame.
  • the communication data is, for example, the contents of the data field of the data frame, and may further include other information in the data frame such as a message ID.
  • the receiving unit 110 may receive all messages appearing on the bus 40, or only messages having a specific message ID, that is, only messages whose ID field content satisfies a specific condition. It's also good.
  • a message whose contents in the ID field satisfy a specific condition is, for example, a message having a message ID included in the received ID list.
  • the reception unit 110 uses a reception ID list as a reception target for a plurality of messages including communication data of a type corresponding to a specific message ID in a data field.
  • message IDs of messages including communication data of a kind useful for analysis as the contents of the data field are listed.
  • the types of communication data that are useful for analysis include, for example, vehicle speed, speed change gear position, estimated gear, axle angular speed, accelerator pedal position, engine speed, driver demand torque, engine maximum torque, fuel consumption rate, The throttle valve position, braking level, steering angle, lateral acceleration, yaw rate, and the like.
  • the buffer 120 is composed of a storage medium, for example, a region of the memory 102 or the like.
  • the buffer 120 stores the communication data received by the receiving unit 110 at least temporarily. For example, each time a message including communication data is received from the bus 40, the reception unit 110 sets the received communication data as a storage target in the buffer 120. If there is an empty area in the buffer 120, the communication data to be stored is buffered. 120. When there is no free space in the buffer 120, for example, the receiving unit 110 sequentially overwrites the communication data stored in the buffer 120 with the communication data to be stored as the overwrite target in order.
  • the specifying unit 130 is realized by the processor 101 or the like that executes a program.
  • the specifying unit 130 detects a predetermined operation time when a predetermined operation is performed on the vehicle 30 by an occupant of the vehicle 30, and specifies an analysis target period including the predetermined operation time.
  • the predetermined operation is, for example, an operation of the braking device 32 such as depressing a brake pedal, and is a predetermined operation.
  • the predetermined operation may be an operation of the steering device 33 such as turning the steering wheel, etc., an operation of the alarm device 34, for example, an operation interface for lighting an emergency flashing indicator light, or an operation interface for sounding a horn. It may be an operation.
  • the vehicle 30 When a predetermined operation is performed, the vehicle 30 performs an operation according to the predetermined operation. For example, when the brake device 32 is operated, the movement of the vehicle 30 is suppressed, that is, the vehicle 30 decelerates, and when the steering device 33 is operated, the vehicle 30 changes its traveling direction and the alarm device 34 is operated. Then, the vehicle 30 issues an alarm to the outside of the vehicle 30 by light, sound, or the like.
  • the detection by the specifying unit 130 at the time of the predetermined operation may be performed by any method, for example, by referring to the communication data received from the bus 40. For example, a message including communication data indicating that a predetermined operation has been performed is transmitted by the ECU that controls the vehicle 30 in response to the predetermined operation.
  • the identification unit 130 repeatedly confirms the contents of the buffer 120, confirms that communication data indicating that a predetermined operation has been performed is stored in the buffer 120, or at the time of confirmation or the communication data is received by the receiving unit.
  • the time received by 110 is treated as a predetermined operation time.
  • the specifying unit 130 specifies the analysis target period so as to include, for example, a period from a predetermined operation time to a time when a predetermined condition is satisfied after the predetermined operation time.
  • the predetermined condition is satisfied, for example, when a predetermined time (for example, several seconds) has elapsed since the predetermined operation. Further, the predetermined condition may be satisfied when, for example, a predetermined amount of communication data is received from the bus 40 after a predetermined operation. The predetermined condition may be satisfied when the vehicle 30 stops.
  • the predetermined condition is a braking device such as stopping the depression of the brake pedal after the predetermined operation. It may be established at the time of a specific operation that is a time when a specific operation that is an operation for releasing the braking by 32 is performed.
  • the specifying unit 130 sets the analysis target period so that the predetermined operation time is the start of the analysis target period and the predetermined condition is satisfied after the predetermined operation is the end of the analysis target period. Identify. Further, the specifying unit 130 sets a period before the predetermined operation (for example, several seconds, several tens of seconds, etc.) as the start of the analysis target period, and the time when the predetermined condition is satisfied after the predetermined operation as the end of the analysis target period. As such, the analysis target period may be specified. In addition, instead of setting the predetermined operation time as the start of the analysis target period, the specifying unit 130 receives the communication data stored in the buffer 120 earliest among the communication data stored in the buffer 120 at the predetermined operation time. The analysis target period may be specified with the time received at 110 as the start of the analysis target period.
  • the analysis target period specified by the specifying unit 130 is used in the processing unit 140 to separate communication data to be processed for analysis from communication data not to be processed for analysis.
  • the processing unit 140 includes an external communication unit 141 that communicates with a server device that is an external device outside the vehicle 30.
  • the processing unit 140 is realized by the processor 101 that executes a program, the external communication I / F 104, and the like.
  • the processing unit 140 analyzes the communication data received by the receiving unit 110, the analysis target communication data that is communication data received within the analysis target period specified by the specifying unit 130, and the communication received outside the analysis target period.
  • the data is classified into non-analysis communication data that is data, and predetermined processing for analysis of the analysis target communication data is executed based on the classification result.
  • the start and end of the analysis target period are included in the analysis target period.
  • the predetermined process for the analysis is an analysis process or a process useful for the analysis, and is a predetermined process performed by distinguishing between the analysis target communication data and the non-analysis target communication data.
  • the processing unit 140 performs communication data received by the receiving unit 110 and stored in the buffer 120 in order to cause the server device outside the vehicle 30 to analyze the analysis target communication data as the predetermined process for analysis.
  • the external communication unit 141 performs processing for transmitting the analysis information including the analysis target communication data without including the non-analysis target communication data to the server device.
  • the analysis information is information used for analysis of the analysis target communication data, for example, a so-called communication log.
  • the analysis information includes the content of the analysis target communication data, and may further include, for example, information indicating when the analysis target communication data is received by the receiving unit 110, information indicating the reception frequency of the analysis target communication data, and the like.
  • the analysis information may include information such as a message ID included in a message including the analysis target communication data received by the reception unit 110. For example, every time the reception unit 110 receives a message including communication data from the bus 40, if the communication data is stored in the buffer 120 with information such as reception time, reception frequency, message ID, and the like, The processing unit 140 can acquire the information from the buffer 120.
  • the analysis information may include a digital signature based on the vehicle 30 identification information or the like. In the analysis information, data conversion such as compression or encryption may be performed on the communication data to be analyzed.
  • the transmission of the analysis information to the server device by the external communication unit 141 may be performed using any communication method.
  • a transmission unit, a transmission timing, and the like can be arbitrarily determined.
  • the external communication unit 141 sequentially transmits one piece of communication data and information indicating the time when the communication data is received as one transmission unit of analysis information, for each one or a predetermined number of transmission units. It is also good to do.
  • the server device sequentially receives and collects information for analysis, and performs analysis by, for example, statistical processing, multivariate analysis, etc. based on the information for analysis.
  • analysis for example, it may be possible to verify whether or not the vehicle 30 has been appropriately automatically driven, detect a security problem in the in-vehicle network, and formulate security measures.
  • the processing unit 140 records the analysis information including the analysis target communication data without including the non-analysis communication data in the recording medium 150 for recording the analysis information. Processing may be performed.
  • the predetermined process for analysis may be other processes. Other specific examples of the predetermined process for analysis include the following process.
  • the processing unit 140 temporarily stores all communication data received by the receiving unit 110 in a recording medium, and deletes only non-analysis communication data from the recording medium. Further, for example, the processing unit 140 performs analysis by performing information processing such as a predetermined calculation for analysis only on the communication data to be analyzed among the communication data received by the receiving unit 110, and the analysis This is a process for outputting the result. In addition, for example, the processing unit 140 determines whether each analysis target communication data is in an abnormal state by analyzing only the analysis target communication data among the communication data received by the reception unit 110, This is processing for transmitting the analysis information related to the analysis target communication data whose determination result is abnormal to the server device outside the vehicle 30 by the external communication unit 141.
  • FIG. 5 is a flowchart illustrating an example of predetermined information processing in the information processing apparatus 100.
  • the information processing apparatus 100 starts the predetermined information processing shown in FIG. 5 when, for example, it is detected that an automatic driving start operation is performed by an occupant of the vehicle 30 and the automatic driving is started by the ECU 20e of the vehicle 30 or the like.
  • the operation is stopped when it is detected that the automatic operation has been stopped by the ECU 20e of the vehicle 30 and the like.
  • the information processing apparatus 100 may detect the start and stop of automatic driving by any method.
  • the ECU 20e may transmit a message with a predetermined message ID at the start and end of automatic driving, and the information processing apparatus 100 may detect the start and stop of automatic driving by receiving the message.
  • the receiving unit 110 will be described using an example in which all messages appearing on the bus 40 are received.
  • the information processing apparatus 100 receives the message when the message appears on the bus 40 by the receiving unit 110 (Yes in step S11).
  • the receiving unit 110 stores the communication data (for example, the contents of the data field) related to the received message in the buffer 120 with a message ID, information indicating the reception time, and the like, for example (step S12). If the message is not received in step S11 (No in step S11), the receiving unit 110 skips the process in step S12.
  • the information processing apparatus 100 detects a predetermined operation time when the predetermined operation is performed by the specifying unit 130 (Step S14). .
  • the information processing apparatus 100 detects from the contents of the buffer 120 that a message including communication data indicating that a predetermined operation has been performed is received by the receiving unit 110, and determines when the communication data is received. Detect as operation.
  • the predetermined operation is an operation of operating the braking device 32 of the vehicle 30 such as depression of a brake pedal.
  • the braking device 32 suppresses the movement of the vehicle 30 after a predetermined operation such as depression of the brake pedal is performed until a specific operation such as stopping the depression is performed.
  • the identifying unit 130 identifies the start of the analysis target period based on the predetermined operation (step S15).
  • the specifying unit 130 specifies, for example, a predetermined operation time as the start of the analysis target period.
  • step S13 If the predetermined operation is not performed in step S13 (No in step S13), the specifying unit 130 skips the processes in steps S14 to S15.
  • the specifying unit 130 of the information processing apparatus 100 determines that the analysis target period is satisfied if the predetermined condition for the end of the analysis target period is satisfied in the state where only the start of the division target period is specified (Yes in step S16). Is determined (step S17).
  • the predetermined condition is satisfied when the vehicle 30 stops.
  • the specifying unit 130 confirms in step S16 that communication data indicating that the vehicle speed of the vehicle 30 has changed to zero after the predetermined operation is stored in the buffer 120, for example, in step S17.
  • the reception time of the communication data is specified as the end of the analysis target period.
  • the detection of the stop of the vehicle 30 may be performed by any method.
  • the predetermined condition in step S16 may be established, for example, when a specific operation is performed. If the predetermined condition is not satisfied in step S16 (No in step S16), the specifying unit 130 skips the process in step S17.
  • the processing unit 140 of the information processing apparatus 100 determines whether or not communication data received by the receiving unit 110 during the analysis target period and not yet recorded in the recording medium 150 is stored in the buffer 120.
  • the determination is made (step S18) and the determination is affirmative (Yes in step S18)
  • the communication data received within the analysis target period that is, the analysis information including the analysis target communication data is recorded in the recording medium 150.
  • Step S19 When there is no unrecorded communication data within the analysis target period in step S18 (No in step S18), the processing unit 140 skips the process in step S19.
  • the processing unit 140 determines whether or not communication data received by the receiving unit 110 within the analysis target period and not yet transmitted is stored in the buffer 120 (step S20). When the determination is made (Yes in step S20), the communication data received within the analysis target period, that is, the analysis information including the analysis target communication data is transmitted to the server device by the external communication unit 141 (step S21). In step S20, when there is no untransmitted communication data within the analysis target period (No in step S20), the processing unit 140 skips the process in step S21.
  • step S18 and step S20 a negative determination (No in step S18 and step S20) is made if the start of the analysis target period has not already been specified in step S15.
  • Communication data received while the start of the analysis target period has already been specified in step S15 and the end of the analysis target period has not been specified in step S17 can be treated as communication data received within the analysis target period. .
  • step S17 If the end of the analysis target period has already been specified in step S17 at the time of the determination in step S18 and step S20, the processing unit 140 converts the communication data received up to that end within the analysis target period.
  • the communication data received after the end of the period is treated as not the communication data received within the analysis target period.
  • processing unit 140 may cause the external communication unit 141 to further transmit analysis information including the analysis target communication data recorded in the recording medium 150 to the server device in step S19, and omit steps S20 and S21. .
  • a flag indicating whether or not the data has been recorded or transmitted has been attached to the buffer 120 for each communication data, and the processing unit 140 may check and update the flag.
  • the processing unit 140 for example, when the analysis information corresponding to the communication data is transmitted to the server device or when the communication data is read from the buffer 120 for the transmission or the like, from the buffer 120
  • the communication data may be deleted.
  • the analysis target communication data classified in relation to the operation of the occupant of the vehicle 30 among the communication data related to the messages sent and received by the ECUs 20 a to 20 f via the bus 40 in the vehicle 30 having the automatic driving function Only the target of processing for analysis. Thereby, it is possible to efficiently perform processing for analysis.
  • the information processing apparatus 100 transmits information for analysis related to communication data to a server apparatus having an external analysis function as processing for analysis related to communication between ECUs.
  • the communication data is narrowed down to the analysis target communication data received from the bus 40 within the analysis target period starting from a time when a predetermined operation is performed by the occupant among the communication data flowing through the bus 40. Due to this narrowing down, the amount of analysis information transmitted to the server device for analysis of communication in the vehicle 30 can be kept relatively small, so the communication band necessary for sending analysis information is kept relatively small. It is done.
  • the information processing apparatus 100 records analysis information related to the analysis target communication data among the communication data in the recording medium 150. Thereby, the data amount of the analysis information recorded on the recording medium 150 can be suppressed to be smaller than that in the case of recording the analysis information related to all the communication data flowing through the bus 40.
  • the processing unit 140 analyzes only the communication data to be analyzed among the communication data received by the receiving unit 110 by performing information processing such as calculation for analysis, all the communication data is processed. Compared to the target case, the computational resources such as the required amount of computation can be kept small.
  • the information processing apparatus 100 connected to the bus 40 includes an external communication unit 141 that is realized by an external communication I / F 104 or the like that communicates with an external device of the vehicle 30.
  • an example is shown.
  • the information processing apparatus which is a partial modification of the information processing apparatus 100 does not have the external communication I / F 104 but is connected to the bus 40 and connected to the external communication I / F 104.
  • An example of cooperation with an external communication apparatus having the same external communication I / F will be shown.
  • the in-vehicle network system according to the present embodiment includes an information processing device 100a and an external communication device 200 connected to a bus 40 as shown in FIG.
  • the in-vehicle network system according to the present embodiment is the same as the in-vehicle network system 10 (see FIG. 1) shown in the first embodiment, unless particularly described here.
  • FIG. 6 is a functional block diagram showing configurations of the information processing apparatus 100a and the external communication apparatus 200.
  • FIG. 7 shows an example of the hardware configuration of the information processing apparatus 100a and the external communication apparatus 200 according to the present embodiment. As illustrated in FIG. 7, the information processing apparatus 100 a has a configuration in which the external communication I / F 104 is removed from the information processing apparatus 100 illustrated in the first embodiment.
  • the constituent elements of the information processing apparatus 100a are substantially the same as the constituent elements of the information processing apparatus 100 according to the first embodiment, and therefore will be described using the same reference numerals. Note that the information processing apparatus 100a is the same as the information processing apparatus 100 described in the first embodiment except for points that are not particularly described here.
  • External communication device 200 has a communication circuit for communicating with an external device such as a server device located outside vehicle 30 in addition to the hardware configuration of the ECU.
  • the external communication device 200 includes a processor 201, a memory 202, a CAN communication I / F (interface) 203, and an external communication I / F 204.
  • the processor 201 operates in accordance with a program stored in the memory 202, the external communication apparatus 200 realizes various functions.
  • the external communication device 200 includes a receiving unit 210 and an external transmission unit 241 in terms of functions.
  • the receiving unit 210 is realized by a CAN communication I / F 203 or the like, has a predetermined message ID, receives a message including analysis information, and transmits the content of the message to the external transmission unit 241.
  • the external transmission unit 241 is realized by an external communication I / F 204 or the like, and transmits analysis information to a server device outside the vehicle 30.
  • the information processing apparatus 100a is configured to include a receiving unit 110, a buffer 120, a specifying unit 130, a processing unit 140, a recording medium 150, and a transmitting unit 160, as shown in FIG.
  • the processing unit 140 is slightly different from the first embodiment, does not include the external communication unit 141, and does not transmit the analysis information related to the analysis target communication data outside the vehicle 30.
  • the transmission unit 160 is realized by the CAN communication I / F 103, the processor 101 that executes a program, and the like. Under the control of the processing unit 140, the transmission unit 160 has a predetermined message ID and includes a message including analysis information and the like on the bus 40. Send to.
  • the processing unit 140 in the information processing apparatus 100a uses the communication data received by the receiving unit 110 as analysis target communication data that is communication data received within the analysis target period specified by the specifying unit 130, and outside the analysis target period.
  • the communication data is classified into non-analysis communication data which is received communication data, and predetermined processing for analysis of the analysis target communication data is executed based on the classification result.
  • the processing unit 140 performs a process of recording the analysis information including the analysis target communication data on the recording medium 150 without including the non-analysis target communication data, as the predetermined process for the analysis. Further, the processing unit 140 performs processing for causing the server device outside the vehicle 30 to analyze the analysis target communication data in cooperation with the external communication device 200 as the predetermined processing for analysis. Specifically, as a predetermined process for analysis, the processing unit 140 uses the communication data stored in the buffer 120 to analyze information including analysis target communication data without including non-analysis communication data.
  • the transmitter 160 is controlled so as to be included in a message having a predetermined message ID so as to be received by the device 200 and sequentially transmitted to the bus 40.
  • the transmission unit 160 may include analysis information recorded in the recording medium 150 in the message.
  • the reception unit 210 sequentially receives messages including the analysis information, and the external transmission unit 241 transmits the analysis information to a server device outside the vehicle 30.
  • the processing unit 140 performs a primary analysis by performing information processing such as calculation for analysis based on only analysis target communication data among communication data stored in the buffer 120 as predetermined processing for analysis. Then, the communication data to be analyzed and the result of the primary analysis are recorded in the recording medium 150, and further included in a message having a message ID determined in advance to be received by the external communication device 200 in the transmission unit 160. You may make it transmit to the bus
  • the analysis performed by the information processing apparatus 100a is also referred to as primary analysis.
  • the information processing device 100a and the external communication device 200 in the present embodiment are combined to correspond to the information processing device 100 in the first embodiment. Functions as one information processing device.
  • Processing sharing between the information processing apparatus 100a and the external communication apparatus 200 may be changed.
  • the information processing apparatus 100a transmits the information indicating the analysis target period specified by the specifying unit 130 to the bus 40 in a message having a predetermined message ID so that the external communication apparatus 200 receives the information.
  • the external communication device 200 grasps the analysis target period by receiving the message, and analyzes the communication data related to the message received from the bus 40 with the analysis target communication data within the analysis target period and outside the analysis target period. And the analysis information about the analysis target communication data can be transmitted to the server device.
  • FIG. 8 is a flowchart illustrating an example of predetermined information processing in the information processing apparatus 100a.
  • the information processing apparatus 100a starts the predetermined information processing shown in FIG. 8, for example, when it is detected that an automatic driving start operation is performed by an occupant of the vehicle 30 and the automatic driving is started by the ECU 20e of the vehicle 30 or the like.
  • the operation is stopped when it is detected that the automatic operation has been stopped by the ECU 20e of the vehicle 30 and the like.
  • the receiving unit 110 uses a reception ID list that lists message IDs of messages including communication data to be received.
  • the information processing apparatus 100a receives the message including the communication data (Yes in step S31).
  • the receiving unit 110 stores the communication data related to the received message, for example, the contents of the data field in the buffer 120 with, for example, a message ID and information indicating the reception time (step S32). If the message having the message ID shown in the reception ID list is not received in step S31 (No in step S31), the reception unit 110 skips the process in step S32.
  • the information processing apparatus 100a detects the time of the predetermined operation by the specifying unit 130 (step S14), and based on the predetermined operation time, The start period is specified (step S15).
  • the predetermined operation for example, an operation for a device that is operated when an abnormality is sensed by the occupant of the vehicle 30, such as the braking device 32, the steering device 33, and the alarm device 34, is determined in advance. If the predetermined operation is not performed in step S13 (No in step S13), the specifying unit 130 skips the processes in steps S14 to S15.
  • step S16 the specifying unit 130 of the information processing device 100a specifies the end of the analysis target period (step S17). If the predetermined condition for the end of the analysis target period is not satisfied in step S16 (No in step S16), the specifying unit 130 skips the process in step S17.
  • the processing unit 140 of the information processing apparatus 100a determines whether or not communication data that has not been analyzed yet and is received by the receiving unit 110 during the analysis target period is stored in the buffer 120.
  • the determination is made (step S33) and the determination is affirmative (Yes in step S33)
  • the communication data received within the analysis target period, that is, the analysis target communication data is primarily analyzed (step S34).
  • the processing unit 140 may perform the primary analysis by any calculation. For example, the processing unit 140 performs determination based on a predetermined criterion for determining whether there is an abnormality, and information indicating whether the abnormality is an analysis result. Generate.
  • the processing unit 140 records the analysis target communication data and the result of the primary analysis in the recording medium 150 (step S35), and includes the analysis target communication data and the result of the primary analysis by controlling the transmission unit 160.
  • One or more messages are transmitted to the bus 40 according to the CAN protocol (step S36).
  • the external communication device 200 receives the message by the reception unit 210, generates the analysis information based on the analysis target communication data by the external transmission unit 241 according to the result of the primary analysis, and analyzes the analysis
  • the business information is transmitted to the server device outside the vehicle 30. If a negative determination is made in step S33 (No in step S33), the processing unit 140 skips the processes in steps S34 to S36.
  • step S33 if the start of the analysis target period has not already been specified in step S15 at the time of determination, a negative determination (No in step S33) is made.
  • Communication data received while the start of the analysis target period has already been specified in step S15 and the end of the analysis target period has not been specified in step S17 can be treated as communication data received within the analysis target period. .
  • the processing unit 140 receives the communication data received up to that end within the analysis target period.
  • the communication data received after the end of the period is handled as not the communication data received within the analysis target period.
  • a flag indicating whether or not the primary analysis has been performed is attached to the buffer 120 for each communication data, and the processing unit 140 may check and update the flag. Further, the processing unit 140 may delete the communication data from the buffer 120 when performing a primary analysis corresponding to the communication data, for example.
  • the communication data related to the messages sent and received by the ECUs 20a to 20f via the bus 40 in the vehicle 30 having the automatic driving function is classified in relation to the operation of the occupant of the vehicle 30. Only the analyzed communication data to be analyzed is set as a processing target for analysis.
  • the information processing apparatus 100a sequentially acquires communication data included in a message having a specific message ID from the reception ID list from the bus 40. Only the communication data is analyzed, recorded on the recording medium 150, and the like.
  • Predetermined operations are defined as operations for devices that are estimated to be operated when the driver of the vehicle 30 feels discomfort, anxiety, fear, etc., such as the braking device 32, the steering device 33, and the warning device 34. Therefore, the communication data within the analysis target period specified based on the predetermined operation can be related to the abnormal state of the vehicle 30 and compared as an analysis target for the purpose of advancement of automatic driving technology, security assurance, etc. Important information. Therefore, the information processing apparatus 100a can efficiently perform processing for analysis on communication data related to important information by predetermined information processing.
  • Embodiments 1 and 2 have been described as examples of the technology according to the present invention.
  • the technology according to the present invention is not limited to this, and can also be applied to embodiments in which changes, replacements, additions, omissions, etc. are made as appropriate.
  • the following modifications are also included in one embodiment of the present invention.
  • the vehicle 30 has the automatic driving function. It may be replaced with a robot that can be boarded.
  • the above-described technique can be applied to a moving body having an automatic driving function that is a function of moving the moving body without receiving an operation of an occupant.
  • the automatic driving function may be any function that automatically moves the moving body. Even if the driving route is autonomously selected to perform complete automatic driving, the driver can move the moving body. It may be sufficient to support the maneuvering.
  • This boarding device is a device on which an occupant can board, for example, a moving body such as a moving robot and a vehicle 30, and a non-moving robot, a machine, and the like.
  • the standard ID format (see FIG. 2) is shown as the format for the data frame in the CAN protocol.
  • the extended ID format may be used, and the ID of the data frame (that is, the message ID). May be an extended ID in an extended ID format.
  • the CAN protocol shown in the above embodiment may have a broad meaning including derivative protocols such as TTCAN (Time-Triggered CAN) and CANFD (CAN with Flexible Data Rate).
  • the network used for communication between the ECUs in the moving body such as the vehicle 30 is not limited to the network according to the CAN protocol, and may be another network.
  • Protocols other than CAN used in a network for exchanging communication data by the ECU include, for example, Ethernet (registered trademark), LIN (Local Interconnect Network), MOST (registered trademark) (Media Oriented Systems Transport), FlexRay ( Registered trademark), Broader reach protocol, and the like.
  • Each ECU in the above embodiment is, for example, a device including a digital circuit such as a processor and a memory, an analog circuit, a communication circuit, and the like, but includes a hard disk device, a display, and other hardware components. You can leave.
  • each device described in the above embodiment realizes its function by dedicated hardware (digital circuit or the like) instead of realizing the function by software by the program stored in the memory being executed by the processor. It's also good.
  • the execution order of the various processing procedures shown in the above-described embodiment is not necessarily limited to the order described above, and the gist of the invention
  • the execution order can be changed, a plurality of procedures can be performed in parallel, or a part of the procedures can be omitted without departing from the above.
  • a part or all of the components constituting each device in the above embodiment may be configured by one system LSI (Large Scale Integration).
  • the system LSI is an ultra-multifunctional LSI manufactured by integrating a plurality of components on a single chip.
  • the system LSI is a computer system including a microprocessor, a ROM, a RAM, and the like. .
  • a computer program is recorded in the RAM.
  • the system LSI achieves its functions by the microprocessor operating according to the computer program.
  • each part of the constituent elements constituting each of the above devices may be individually made into one chip, or may be made into one chip so as to include a part or all of them.
  • the system LSI is used here, it may be called an IC (integrated circuit), LSI, super LSI, or ultra LSI depending on the degree of integration.
  • the method of circuit integration is not limited to LSI's, and implementation using dedicated circuitry or general purpose processors is also possible.
  • An FPGA Field Programmable Gate Array
  • a reconfigurable processor that can reconfigure the connection and setting of circuit cells inside the LSI may be used.
  • integrated circuit technology comes out to replace LSI's as a result of the advancement of semiconductor technology or a derivative other technology, it is naturally also possible to carry out function block integration using this technology. Biotechnology can be applied as a possibility.
  • a part or all of the constituent elements constituting each of the above devices may be composed of an IC card that can be attached to and detached from each device or a single module.
  • the IC card or module is a computer system that includes a microprocessor, ROM, RAM, and the like.
  • the IC card or the module may include the super multifunctional LSI described above.
  • the IC card or the module achieves its function by the microprocessor operating according to the computer program. This IC card or this module may have tamper resistance.
  • an information processing method including all or part of the processing procedure shown in FIGS.
  • the information processing method is used in an information processing apparatus mounted on a moving body that collects information for analysis of communication between a plurality of ECUs mounted on the moving body such as the vehicle 30 having an automatic driving function. It may be an information processing method.
  • the information processing method may include a reception step (for example, steps S11 and S31), a specific step (for example, steps S13 to S17), and a processing step (for example, steps S19, S21, S34, and S36).
  • the receiving step for example, steps S11 and S31
  • a plurality of communication data sequentially transmitted through a network in which a plurality of ECUs in the moving body communicate is received.
  • the specifying step for example, steps S13 to S17
  • a predetermined operation time which is a time when a predetermined operation is performed on the moving body by an occupant of the moving body, is detected and an analysis target period including the predetermined operation time is specified.
  • the processing steps for example, steps S19, S21, S34, S36
  • the communication data received in the receiving step is received outside the analysis target period and the analysis target communication data that is the communication data received within the analysis target period.
  • the communication data is classified into non-analysis communication data that is communication data, and predetermined processing for analysis of the analysis target communication data is executed based on the classification result.
  • the information processing method may be a program (computer program) for realizing predetermined information processing by a computer, or may be a digital signal composed of a program.
  • a computer program or a digital signal may be recorded on a computer-readable recording medium.
  • Computer-readable recording media include, for example, a flexible disk, hard disk, CD-ROM, MO (magneto-optical disc), DVD (digital versatile disc), DVD-ROM (digital versatile disc read-only memory), DVD- It may be a RAM (digital versatile disc, random access memory), a BD (Blu-ray (registered trademark) Disc), a semiconductor memory, or the like. Further, it may be a digital signal recorded on these recording media.
  • a program or a digital signal may be transmitted via an electric communication line, a wireless or wired communication line, a network represented by the Internet, data broadcasting, or the like.
  • a computer system having a microprocessor and a memory may be used, in which the memory records the above program, and the microprocessor operates according to the program.
  • the program or digital signal may be recorded on a recording medium and transferred, or the program or digital signal may be transferred via a network or the like and executed by another independent computer system.
  • the present invention can be used in a network system or the like of a vehicle having an automatic driving function or other boarding devices.
  • In-vehicle network system 20a-20f Electronic control unit (ECU) 30 Vehicle 31 Engine 32 Braking Device 33 Steering Device 34 Alarm Device 40 Bus 100, 100a Information Processing Device 101, 201 Processor (Microprocessor) 102, 202 Memory 103, 203 CAN communication I / F 104,204 External communication I / F DESCRIPTION OF SYMBOLS 110,210 Reception part 120 Buffer 130 Identification part 140 Processing part 141 External communication part 150 Recording medium 160 Transmission part 200 External communication apparatus 241 External transmission part

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Small-Scale Networks (AREA)
  • Traffic Control Systems (AREA)

Abstract

La présente invention concerne un dispositif de traitement d'informations qui comprend une unité de réception, une unité de spécification, et une unité de traitement. L'unité de réception reçoit une pluralité de données de communication transmises de manière séquentielle par l'intermédiaire d'un réseau dans lequel la pluralité d'unités de commande électroniques dans un dispositif d'embarquement communiquent. L'unité de spécification détecte un temps de fonctionnement prédéterminé au niveau duquel un fonctionnement prédéterminé a été réalisé sur le dispositif d'embarquement par un occupant du dispositif d'embarquement, et spécifie une période soumise à une analyse comprenant le temps de fonctionnement prédéterminé. L'unité de traitement classifie les données de communication reçues par l'unité de réception en données de communication soumises à une analyse qui constitue des données de communication reçues dans la période soumise à une analyse, et des données de communication qui ne sont pas soumises à une analyse qui constitue des données de communication reçues à l'extérieur de la période soumise à une analyse, et exécute un traitement prédéterminé pour une analyse des données de communication soumises à une analyse sur la base du résultat de la classification.
PCT/JP2017/045902 2017-03-30 2017-12-21 Dispositif et procédé de traitement d'informations et programme Ceased WO2018179630A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2017-068680 2017-03-30
JP2017068680A JP2018170728A (ja) 2017-03-30 2017-03-30 情報処理装置、情報処理方法及びプログラム

Publications (1)

Publication Number Publication Date
WO2018179630A1 true WO2018179630A1 (fr) 2018-10-04

Family

ID=63677724

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2017/045902 Ceased WO2018179630A1 (fr) 2017-03-30 2017-12-21 Dispositif et procédé de traitement d'informations et programme

Country Status (2)

Country Link
JP (1) JP2018170728A (fr)
WO (1) WO2018179630A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12296841B2 (en) * 2021-12-10 2025-05-13 Toyota Jidosha Kabushiki Kaisha Information processing apparatus and information processing method

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102119638B1 (ko) * 2018-11-29 2020-06-08 주식회사 이에스피 자율주행차량의 정보활용을 위한 데이터 취득 시스템, 데이터 취득 서버 및 방법

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001236586A (ja) * 2000-02-24 2001-08-31 Honda Motor Co Ltd 車両用監視装置及び車両用監視システム
JP2007293536A (ja) * 2006-04-24 2007-11-08 Denso Corp 事故情報収集システムおよび事故情報記録装置
JP2012181686A (ja) * 2011-03-01 2012-09-20 Denso Corp 車両用データ記録装置

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001236586A (ja) * 2000-02-24 2001-08-31 Honda Motor Co Ltd 車両用監視装置及び車両用監視システム
JP2007293536A (ja) * 2006-04-24 2007-11-08 Denso Corp 事故情報収集システムおよび事故情報記録装置
JP2012181686A (ja) * 2011-03-01 2012-09-20 Denso Corp 車両用データ記録装置

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12296841B2 (en) * 2021-12-10 2025-05-13 Toyota Jidosha Kabushiki Kaisha Information processing apparatus and information processing method

Also Published As

Publication number Publication date
JP2018170728A (ja) 2018-11-01

Similar Documents

Publication Publication Date Title
CN109843653B (zh) 异常检测装置以及异常检测方法
US11398116B2 (en) Anomaly detection electronic control unit, in-vehicle network system, and anomaly detection method
JP6839846B2 (ja) 情報処理装置、情報処理方法及びプログラム
US11165851B2 (en) System and method for providing security to a communication network
CN110494330B (zh) 车辆监视装置、不正当检测服务器、以及控制方法
US10440120B2 (en) System and method for anomaly detection in diagnostic sessions in an in-vehicle communication network
US11190533B2 (en) Anomaly detection electronic control unit, onboard network system, and anomaly detection method
CN114514731B (zh) 车辆日志发送装置、车辆日志收集系统、车辆日志发送方法以及保存优先级变更装置
CN107431625B (zh) 网关装置、车载网络系统以及转送方法
JP7030957B2 (ja) 自動車用サイバーセキュリティ
WO2017038351A1 (fr) Dispositif de réseau embarqué
CN109076016B (zh) 非法通信检测基准决定方法、决定系统以及记录介质
CN112367318A (zh) 安全处理方法以及计算机
JP2019008618A (ja) 情報処理装置、情報処理方法及びプログラム
WO2018110046A1 (fr) Appareil de commande, système de commande, procédé de commande, programme de commande et support de stockage
WO2021019636A1 (fr) Dispositif de sécurité, procédé de traitement des incidents, programme et support de stockage
WO2018179630A1 (fr) Dispositif et procédé de traitement d'informations et programme
CN120902769A (zh) 认证方法、认证系统以及认证装置
JP2019209961A (ja) 情報処理装置、監視方法、プログラム及びゲートウェイ装置
JP2019146145A (ja) 通信装置、通信方法及びプログラム
CN113300927B (zh) 网关装置、车载网络系统以及转送方法
JP6519829B1 (ja) 電子制御装置、監視方法、プログラム及びゲートウェイ装置
JP2019146144A (ja) 情報処理装置、情報処理方法及びプログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17903600

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17903600

Country of ref document: EP

Kind code of ref document: A1