Abstract: An information processing device that receives, from another information processing device, a communication message generated based on recency information and control data, includes: a recency information generation unit that generates the recency information; and a recency information management unit that extracts the recency information from the received communication message.

Abstract: An in-vehicle information communication system is configured from an in-vehicle communication device, an electronic control device that is installed in a vehicle, and an information processing device that is not installed in a vehicle. The electronic control device comprises an electronic control device storage unit, a message generation unit, a MAC generation unit, and an electronic control device communication unit which sends the message and the MAC to the information processing device via the in-vehicle communication device. The information processing device comprises an information processing device storage unit, a message authentication code verification unit, a response code generation unit, and an information processing device communication unit which sends the response code to the electronic control device via the in-vehicle communication device. The electronic control device further comprises a response code verification unit.

Abstract: A gateway device that relays a message between two or more domains receives a first message including a first message authentication code corresponding to a first domain among the two or more domains and first data from the first domain and transmits a second message including a second message authentication code corresponding to a second domain among the two or more domains and the first data to the second domain.

Abstract: An information processing apparatus includes a shared information generation unit for generating shared information via a network, a communication unit configured to receive a message, a shared information verification unit configured to compare shared information in the message with the information generated by the shared information generation unit, and verify validity of the shared information in the message based on the comparison, a security code generation unit for generating a security code based on the shared information, a security code verification unit configured to compare a security code in the message with the security code generated by the security code generation unit, and verify correctness of the shared information in the message based on the comparison, and a processing determination control unit configured to determine normality of the message on the based on the verification by the shared information verification unit and the verification by the security code verification unit.

Abstract: A system that detects any unauthorized communication without imposing a processing load on a control device is provided. In the incident detection system configured to detect any security incident, a gateway device includes: an ID generation unit that generates its own gateway device identification information; a detection packet generation unit that generates a detection packet including control information transmitted from a control device and path information obtained by adding its own gateway device identification information to a communication packet; a log generation unit that generates log information including the detection packet; and a device communication unit that transmits the log information to a management server connected to the gateway device over a network or transmits the detection packet to a control device controlled based on the control information.

Abstract: The present invention is directed to solve a problem that time is required for a process related to verification of a public key certificate of a message sender. An in-vehicle device mounted on a vehicle has a memory for holding information of a device which failed in verification of a public key certificate. At the time of performing communication between vehicles or between a vehicle and a roadside device, a check is made to see whether or not information of a device included in a message transmitted matches information of a device which failed and held in the memory. When the information matches, verification of a public key certificate is not performed.

Abstract: An in-vehicle information communication system is configured from an in-vehicle communication device, an electronic control device that is installed in a vehicle, and an information processing device that is not installed in a vehicle. The electronic control device comprises an electronic control device storage unit, a message generation unit, a MAC generation unit, and an electronic control device communication unit which sends the message and the MAC to the information processing device via the in-vehicle communication device. The information processing device comprises an information processing device storage unit, a message authentication code verification unit, a response code generation unit, and an information processing device communication unit which sends the response code to the electronic control device via the in-vehicle communication device. The electronic control device further comprises a response code verification unit.

Abstract: There are provided an inspection apparatus, an inspection system, and an inspection method capable of inspecting operation of a control device, accurately, during use. An inspection apparatus configured to inspect operation of an ECU coupled to automotive networks, includes an inspection performance control unit configured to transmit two pieces of data including operation-inspection data and security-check data used for inspecting the operation of the ECU, to the ECU, and configured to receive data output from the ECU. The operation-inspection data is data previously generated based on design information of the ECU. The security-check data is data including part or entirety of the operation-inspection data replaced with random data.

Abstract: An information processing device that receives, from another information processing device, a communication message generated based on recency information and control data, includes: a recency information generation unit that generates the recency information; and a recency information management unit that extracts the recency information from the received communication message.

Abstract: An evaluation system includes a network device, a gateway device, a policy evaluation device, and first and second control devices. The network device copies a packet received from the first control device and transmits to the gateway device and the policy evaluation device. The gateway device receives the copied packet, performs a first filtering based on the policy stored in a first policy storage unit, transmits the packet to the second control device while storing the result of the first filtering, and transmits the result of the stored first filtering to the policy evaluation device. The policy evaluation device receives the copied packet, performs a second filtering based on the policy stored in a second policy storage unit, stores the result of the second filtering, and evaluates the policy stored in the second policy storage unit based on the results of the two filterings.

Abstract: A gateway device that relays a message between two or more domains receives a first message including a first message authentication code corresponding to a first domain among the two or more domains and first data from the first domain and transmits a second message including a second message authentication code corresponding to a second domain among the two or more domains and the first data to the second domain.

Abstract: A system that detects any unauthorized communication without imposing a processing load on a control device is provided. In the incident detection system configured to detect any security incident, a gateway device includes: an ID generation unit that generates its own gateway device identification information; a detection packet generation unit that generates a detection packet including control information transmitted from a control device and path information obtained by adding its own gateway device identification information to a communication packet; a log generation unit that generates log information including the detection packet; and a device communication unit that transmits the log information to a management server connected to the gateway device over a network or transmits the detection packet to a control device controlled based on the control information.

Abstract: An information processing apparatus includes a shared information generation unit for generating shared information via a network, a communication unit configured to receive a message, a shared information verification unit configured to compare shared information in the message with the information generated by the shared information generation unit, and verify validity of the shared information in the message based on the comparison, a security code generation unit for generating a security code based on the shared information, a security code verification unit configured to compare a security code in the message with the security code generated by the security code generation unit, and verify correctness of the shared information in the message based on the comparison, and a processing determination control unit configured to determine normality of the message on the based on the verification by the shared information verification unit and the verification by the security code verification unit.

Abstract: The present invention is directed to solve a problem that time is required for a process related to verification of a public key certificate of a message sender. An in-vehicle device mounted on a vehicle has a memory for holding information of a device which failed in verification of a public key certificate. At the time of performing communication between vehicles or between a vehicle and a roadside device, a check is made to see whether or not information of a device included in a message transmitted matches information of a device which failed and held in the memory. When the information matches, verification of a public key certificate is not performed.

Abstract: The present invention is directed to solve a problem that time is required for a process related to verification of a public key certificate of a message sender. An in-vehicle device mounted on a vehicle has a memory for holding information of a device which failed in verification of a public key certificate. At the time of performing communication between vehicles or between a vehicle and a roadside device, a check is made to see whether or not information of a device included in a message transmitted matches information of a device which failed and held in the memory. When the information matches, verification of a public key certificate is not performed.

Abstract: A communication system (10) includes a certificate authority (100) for performing authentication, a roadside device (110), a vehicle-mounted terminal (120), a first server (130), and a second server (140). The vehicle-mounted terminal transmits its position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result. The certificate authority transmits the first and second lists to the roadside device and the vehicle-mounted terminal.

Abstract: There are provided an inspection apparatus, an inspection system, and an inspection method capable of inspecting operation of a control device, accurately, during use. An inspection apparatus configured to inspect operation of an ECU coupled to automotive networks, includes an inspection performance control unit configured to transmit two pieces of data including operation-inspection data and security-check data used for inspecting the operation of the ECU, to the ECU, and configured to receive data output from the ECU. The operation-inspection data is data previously generated based on design information of the ECU. The security-check data is data including part or entirety of the operation-inspection data replaced with random data.

Abstract: An evaluation system includes a network device, a gateway device, a policy evaluation device, and first and second control devices. The network device copies a packet received from the first control device and transmits to the gateway device and the policy evaluation device. The gateway device receives the copied packet, performs a first filtering based on the policy stored in a first policy storage unit, transmits the packet to the second control device while storing the result of the first filtering, and transmits the result of the stored first filtering to the policy evaluation device. The policy evaluation device receives the copied packet, performs a second filtering based on the policy stored in a second policy storage unit, stores the result of the second filtering, and evaluates the policy stored in the second policy storage unit based on the results of the two filterings.

Abstract: An authentication method is provided which is capable of performing message authentication within an allowable time regardless of the magnitude of the number of messages and performing message authentication high in accuracy within a range for which the allowable time allows. Upon transmission by wireless communications with another mobile or a fixed station, a message authentication code of communication data and a digital signature are generated (S200 and S300). The generated message authentication cod and digital signature are transmitted with being added to the communication data. Upon reception, whether authentication should be done using either one of the message authentication code and the digital signature included in received information is determined according to its own state for the authentication (S400 and S500). This state includes, for example, a load state of a central processing unit or the like that performs an authentication process.

Abstract: If identification information is updated periodically, there is such a problem that when another vehicle is receiving driving support based on transmitted identification information of an own vehicle, if the identification information of the own vehicle is updated, the operation of driving support using the identification information becomes unstable because another vehicle can no longer identify the own vehicle. A mobile terminal mounted on a vehicle determines whether or not transmission control of identification information is necessary after determining the possibility of identification information misuse, determining the effect by controlling transmission of identification information, and determining the magnitude of adverse influence on the safe driving support service.