Abstract: An unauthorized activity detection method in an onboard network system. The detection method includes determining whether or not a message sent out onto the network is an attack message, saving information relating to the attack message in at least one memory in a case where the message is an attack message, identifying a communication pattern from information relating to the attack message, and determining whether or not the message matches a communication pattern. The determination of whether an attack message and determination of whether matching a communication pattern are executed on each of a plurality of messages received from the network. In the determining of whether an attack message executed on a message received after executing of determining of whether matching a communication pattern, results of the determination of whether an attack message that has already be executed are used.

Abstract: An abnormality detection method is provided. The abnormality detection method is for detecting an abnormality that may be transmitted to a bus in an on-board network system. The on-board network system includes a plurality of electronic controllers that transmit and receive messages via the bus in a vehicle according to a CAN protocol. In the abnormality detection method, for example, a gateway transmits vehicle identification information to a server and receives a response determining a unit time. An operation process is performed using feature information based on a number of messages received from the bus per the determined unit time and using a model indicating a criterion in terms of a message occurrence frequency. A judgment is made as to an abnormality according to a result of the operation process.

Abstract: A method for verifying content data to be used in a vehicle is provided. The method includes acquiring content data, acquiring, from partial data divided from the content data, a respective plurality of first hash values, acquiring a signature generated by using the first hash values and a key, acquiring state information that indicates a state of a vehicle, determining an integer N that is greater than or equal to one based on the acquired state information, generating, from N pieces of partial data included in the partial data, respective second hash values, verifying the content data by using each of (a) a subset of the plurality of first hash values respectively generated from partial data other than the N pieces of partial data, (b) the second hash values, and (c) the signature, and outputting information that indicates a result of the verifying.

Abstract: An information management method collects log information of one or more home electrical apparatuses corresponding to service providers. Display screen data is generated which indicates a status of the log information. The display screen data includes groups of information which each contain information on an apparatus, a service provider corresponding to the apparatus, and log information output from the apparatus. Provision of the log information of each group is individually selectable. The display screen data is provided via a network to a display terminal that performs access to a server device. Information is received from the display terminal, which indicates that selection on whether or not provision of the log information is performed. Provision of the log information is not performed on the selected group when a determination is made that refusal of provision of the log information on the selected group is performed.

Abstract: A network hub is provided for an onboard network system. The onboard network system includes first and second networks for transmission of first-type and second-type frames following first and second communication protocols. The network hub includes a receiver that receives a first-type frame. A processor determines whether or not the first-type frame received by the receiver includes first information that is a base for a second-type frame to be transmitted to the second network, to obtain a determination result, and selects a port to send a frame based on the first-type frame based on the determination result. A transmitter sends the frame based on the first-type frame to a wired transmission path connected to the port selected by the processor based on the first-type frame received by the receiver.

Abstract: In a fraud-detection method for use in an in-vehicle network system including a plurality of electronic control units (ECUs) that exchange messages on a plurality of networks, a plurality of fraud-detection ECUs each connected to a different one of the networks, and a gateway device, a fraud-detection ECU determines whether a message transmitted on a network connected to the fraud-detection ECU is malicious by using rule information stored in a memory. The gateway device receives updated rule information transmitted to a first network among the networks, selects a second network different from the first network, and transfers the updated rule information only to the second network. A fraud-detection ECU connected to the second network acquires the updated rule information and updates the rule information stored therein by using the updated rule information.

Abstract: An authentication method for a group of devices connected to a network includes selecting the first controller as a coordinator, the coordinator being configured to manage a group key to be used in common in the group. The method includes generating the group key, and performing first mutual authentication and second mutual authentication. The method also includes sharing the group key with each device for which the first mutual authentication has been successful, and sharing the group key with each second controller for which the second mutual authentication has been successful. The method further includes encrypting transmission data by using the group key to generate encrypted data, generating, authentication data by using the group key, and simultaneously broadcasting a message to each device for which the first mutual authentication has been successful and each second controller for which the second mutual authentication has been successful.

Abstract: A gateway serving as a security apparatus connected to one or a plurality of buses includes a receiver that receives a frame from a bus, a parameter storage that stores an examination parameter defining a content of an examination of the frame, an updater configured to, in a case where a predetermined condition is satisfied for the frame received by the receiver, update the examination parameter stored in the parameter storage, and an examiner that performs an examination, based on the examination parameter stored in the parameter storage, in terms of judgment of whether or not the frame received by the receiver is an attack frame.

Abstract: An information processing method performed by an information processing system including a storage device to process a plurality of data frames flowing in an in-vehicle network including at least one electronic control unit includes a receiving step of sequentially receiving a plurality of data frames flowing in the in-vehicle network, a frame collection step of recording, in a reception log held in the storage device, reception interval information indicating reception intervals between the plurality of data frames as frame information, a feature acquisition step of acquiring, from the reception interval information, a feature relating to distribution of the reception intervals between the plurality of data frames, and an unauthorized data presence determination step of determining the presence/absence of an unauthorized data frame among the plurality of data frames.

Abstract: A misuse detection electronic control unit in a vehicle network system including a plurality of electronic control units that communicate with one another through buses in accordance with a CAN protocol includes a transceiver unit that performs a reception step of receiving a target data frame and a reference data frame transmitted through the buses, wherein the target data frame is a data frame having a first identifier and wherein the reference data frame is a data frame having a second identifier different from the first identifier and a misuse detection process unit that performs a detection step of performing, as misuse detection for the target data frame, evaluation in accordance with a reception timing of the reference data frame and a reception timing of the target data frame on the basis of a certain rule specifying a reception interval between the reference data frame and the target data frame.

Abstract: A method for use in a network system is provided. The network system includes a plurality of electronic controllers that transmits and receives, via a network, a plurality of frames. The plurality of frames includes at least one control frame that instructs predetermined control to an object of control. The method receives, sequentially, the plurality of frames from the network, and determines whether the predetermined control, instructed by the control frame received in the receiving, is to be suppressed, based on a set of frames received in the receiving. The set of frames is received in the receiving within a predetermined period preceding a time of reception of the control frame.

Abstract: A method for verifying content data to be used in a vehicle is provided. The method includes acquiring content data, acquiring, from partial data divided from the content data, a respective plurality of first hash values, acquiring a signature generated by using the first hash values and a key, acquiring state information that indicates a state of a vehicle, determining an integer N that is greater than or equal to one based on the acquired state information, generating, from N pieces of partial data included in the partial data, respective second hash values, verifying the content data by using each of (a) a subset of the plurality of first hash values respectively generated from partial data other than the N pieces of partial data, (b) the second hash values, and (c) the signature, and outputting information that indicates a result of the verifying.

Abstract: An anomaly detection server is provided. The anomaly detection server is a server for counteracting an anomalous frame transmitted on an on-board network of a single vehicle. The anomaly detection server acquires information about multiple frames received on one or multiple on-board networks of one or multiple vehicles, including the single vehicle. The anomaly detection server, acting as an assessment unit that, based on the information about the multiple frames and information about a frame received on the on-board network of the single vehicle after the acquisition of the information about the multiple frames, assesses an anomaly level of the frame received on the on-board network of the single vehicle.

Abstract: A method, system, and medium used in unauthorized communication detection in an onboard network system having electronic control units connected to a network include: identifying, from information relating to an attack message on the onboard network system, a communication pattern indicating features of the attack message; determining whether a candidate reference message matches the communication pattern; and determining a reference message used as a reference in determining whether or not a message sent out onto the network is an attack message, using results of the determining of whether or not the candidate reference message matches the communication pattern identified in the identifying operation.

Abstract: An unauthorized control suppression method for use in a network system is provided. The network system includes a plurality of electronic controllers that exchange, via a communication channel, a plurality of frames The plurality of frames includes at least one control frame that instructs predetermined control to an object of control. The method receives, sequentially, the plurality of frames from the communication channel, and determines whether the predetermined control, instructed by the control frame received in the receiving, is to be suppressed, based on a set of frames received in the receiving. The set of frames is received in the receiving within a predetermined period preceding a time of reception of the control frame.

Abstract: A network system includes a first network through which a frame of a first type is transmitted in accordance with a first communication protocol and includes a second network in which a frame of a second type is transmitted in accordance with a second communication protocol. A gateway device is connected to the first network and the second network. The gateway device sequentially receives frames of the first type from the first network and determines whether to transmit data regarding the received frames of the first type to the second network. The gateway device transmits, to the second network, a frame of the second type including data regarding a plurality of the frames of the first type determined to be transmitted to the second network when a condition relating to a number of frames of the first type received by the gateway device is satisfied.

Abstract: A gateway device connected to a network used in communication by multiple electronic control units provided on-board a vehicle. The gateway device performs operations including receiving firmware update information that includes updated firmware for one electronic control unit among the electronic control units, and acquiring system configuration information indicating a function of each of the electronic control units connected to the network. The gateway device further performs a controlling operation to update firmware of the one electronic control unit, for which updated firmware is received by the receiving, on a basis of the updated firmware, after an operation verification of the updated firmware is performed in an operating environment appropriately. The operating environment being configured with electronic control units of the same functions as each of the electronic control units indicated by the system configuration information.

Abstract: A log generation method for generating a log of communication on an in-vehicle network includes: performing a plurality of determination processes for determining, by using different methods, whether or not a message sent to the in-vehicle network is anomalous; generating a log in accordance with results of the plurality of determination processes; and transmitting the generated log. In the generating, information items to be included in the log are determined in accordance with a combination of the results of the plurality of determination processes so that the log does not include identical information items.

Abstract: An anomaly detection server is provided. The anomaly detection server is a server for counteracting an anomalous frame transmitted on an on-board network of a single vehicle. The anomaly detection server acquires information about multiple frames received on one or multiple on-board networks of one or multiple vehicles, including the single vehicle. The anomaly detection server, acting as an assessment unit that, based on the information about the multiple frames and information about a frame received on the on-board network of the single vehicle after the acquisition of the information about the multiple frames, assesses an anomaly level of the frame received on the on-board network of the single vehicle.

Abstract: A gateway device is connected via one or more networks to electronic controllers on-board a vehicle. The gateway device includes one or more memories, and circuitry that acquires firmware update information. The circuitry determines whether or not a first electronic controller satisfies a second condition based on second information about the first electronic controller, where the second information is whether the first electronic controller includes a firmware cache for performing a pre-update firmware cache operation. The circuitry also causes, when the second condition is not satisfied, the gateway device to execute a proxy process, where the gateway device requests the first electronic controller to transmit boot ROM data to the gateway device, creates updated boot ROM data with the updated firmware, and transmits the updated boot ROM data to the first electronic controller that updates the boot ROM and resets the first electronic controller with the updated firmware.