AUTOSARが2023年版、R23-11を公開しました。
https://www.autosar.org/fileadmin/standards/R23-11/FO/AUTOSAR_FO_PRS_IntrusionDetectionSystem.pdf
R22-11
https://www.autosar.org/fileadmin/standards/R22-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf
R21-11
https://www.autosar.org/fileadmin/standards/R21-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf
R20-11
https://www.autosar.org/fileadmin/standards/R20-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf
R19-11
https://www.autosar.org/fileadmin/standards/R19-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf
文書は検索してダウンロードできます。
https://www.autosar.org/
<この項は書きかけです。順次追記します。>
This article is not completed. I will add some words in order.
Release Overviews
AUTOSARには現在3つの分類があります。Foundation, CAN OSEK/VDXのClassic Platform, Ethernet/TCP/IP POSIXのAdaptive Platform.
Foundation Release Overview, AUTOSAR 781, R23-11, FO
https://qiita.com/kaizen_nagoya/items/f249bdb8c313d8bff883
Classic Platform Release Overview, AUTOSAR No.0 ,R23-11, CP
https://qiita.com/kaizen_nagoya/items/9d22c8722cbc0f42b137
Adaptive Platform Release Overview, AUTOSAR 782, R23-11, AP
https://qiita.com/kaizen_nagoya/items/13a104606a34fe24fcf7
Qiita 記事一覧
Autosar Foundation R23-11 一覧
https://qiita.com/kaizen_nagoya/items/c30674cb2dac2fcbbd04
AUTOSAR Adaptive Platform R23-11一覧
https://qiita.com/kaizen_nagoya/items/1dece8799a730367b0dc
Autosar Classic Platform R23-11 一覧
https://qiita.com/kaizen_nagoya/items/f770f6c2906e1dcbf180
文書変更(Document Change)
• Correct Message Header Length
用語(terms)
| term | Description |
|---|---|
| Adaptive Platform | AUTOSAR Adaptive Platform |
| BSW | Standardized AUTOSAR Software modules, which provides basic functionalities usually required in electronic control unit. |
| Controller Area Network/Controller Area Network with Flexible Data-Rate | An automotive network communication protocol. |
| Context Data | Relevant information to a SEv. It is optional data that provides a broader understanding of the security event (e.g. the corrupted data). The content and encoding of the context data is externally defined by the sensor and unknown to the IdsM module. |
| Classic Platform | AUTOSAR Classic Platform |
| Context Data Buffer | Buffer with variable sizes to fit to the needs of the context data of the SEvs. |
| ECU | Electronic Control Unit which provides functionalities in electronic system of a car, e.g. brake system or window lifter. |
| Event Buffer | Buffer to temporarily store the reported SEv. |
| Event Frame | Main frame of IDS protocol which includes the basic information like the Security Event ID. |
| Filter Chain | A set of consecutive filters which is applied to security events. The output are Qualified Security Events. |
| FlexRay | An automotive network communication protocol. |
| General Purpose I-Pdu | General Purpose Interaction Layer Protocol Data Unit. |
| Intrusion Detection System | An Intrusion Detection System is a security control which detects and processes security events. |
| Intrusion Detection System protocol | The IDS protocol specifies the message format which is used by IDS. |
| Intrusion Detection System Message | Message which is send by the IdsM with the IDS protocol. |
| Intrusion Detection System Manager | The Intrusion Detection System Manager handles security events reported by security sensors. |
| Intrusion Detection System Reporter | The Intrusion Detection System Reporter handles Qualified Security Events received from IdsM instances. |
| I-PDU Multiplexer | An AUTOSAR Basic Software module which specifies the protocol to multiplex multiple Pdus with one Protocol Control information. |
| LIN | Local Interconnect Network: serial communication bus to connect sensors and actuators. |
| Protocol Data Unit Router | An AUTOSAR component responsible for routing of messages independent from underlying communication network. |
| Protocol Requirement Specification Intrusion Detection System | The specification document which describes all elements of the IDS protocol. |
| Qualified Security Event (QSEv) | Security events which pass their filter chain are regarded as Qualified Security Events and are sent to the configured sink. |
| Security Extract | The Security Extract specifies which security events are handled by IdsM instances and their configuration parameters. |
| Security Events | Onboard security events are reported by BSW, CDD, SWC or other software components or applications to the IdsM. |
| Security Event Memory | A user defined diagnostic event memory which is independent from the primary diagnostic event memory. |
| Security Sensorsv | BSW, CDD, SWC or other software components or applications which report security events to the IdsM. |
| Security Incident and Event Management | Technology concept to collect, correlate and analyze security incidents to detect a threat. |
| Sensor | Reporting identity that informs the IdsM module about SEvs. It can be a BSW module, a proprietary CDD or a SWC Application. |
| Security Operation Centre | Security Operation Center is the Backend of the IDS in which data can be processed and analysed. |
| Socket Adapter | Socket Adaptor is a Basic Software module of AUTOSAR which creates interface between Pdu-Based communication on service level and socket based TCP/IP |
| AP | AUTOSAR Adaptive Platform |
| API | Application Programming Interface |
| BSW | Basic Software |
| CAN | Controller Area Network |
| CAN FD | Controller Area Network with Flexible Data-Rate |
| CDD | Complex Device Driver |
| Context Data | Relevant information to a Security Event (SEv). It is optional data that provides a broader understanding of the security event (e.g. the corrupted data). The content and encoding of the context data is externally defined by the sensor and unknown to the IdsM module. |
| Context Data Buffer | Buffer with variable sizes to fit to the needs of the context data of the SEvs. |
| CP | AUTOSAR Classic Platform |
| ECU | Electronic Control Unit |
| Event Buffer | Buffer to temporarily store the reported SEv. |
| Event Frame | Main frame of IDS protocol which includes the basic information like the Security Event ID. |
| Filter Chain | A set of consecutive filters which is applied to security events. The output are Qualified Security Events. |
| FlexRay | An automotive network communication protocol. |
| General Purpose I-Pdu | General Purpose Interaction Layer Protocol Data Unit. |
| ID | Identifier |
| IDS | Intrusion Detection System |
| I-PDU | Interaction Layer Protocol Data Unit |
| I-PDU Multiplexer | An AUTOSAR Basic Software module which specifies the proto- col to multiplex multiple Pdus with one Protocol Control informa- tion. |
| IdsM | Intrusion Detection System Manager |
| Ids message | Message which is send by the IdsM with the IDS protocol. |
| IdsR | Intrusion Detection System Reporter |
| Ids protocol | |
| Intrusion Detection System protocol specifies the message for- mat which is used by IDS. | |
| LIN | Local Interconnect Network |
| ms | Miliseconds |
| N-PDU | Network Layer Protocol Data Unit |
| OEM | Original Equipment Manufacturer |
| PDU Router | Protocol Data Unit Router is an AUTOSAR component respon- sible for routing of messages independent from underlying com- munication network. |
| PRS IDS | Protocol Requirement Specification Intrusion Detection System specification document which describes all elements of the IDS protocol. |
| QSEv | QSecurity events which pass the filter chain are regarded as Qual- ified Security Events and are sent to the configured sink. |
| SecXT | The Security Extract specifies which security events are handled by IdsM instances and their configuration parameters. |
| SEv | Security Event are reported by BSW, CDD, SWC or other soft- ware components or applications to the IdsM. |
| Sem | Security Event Memory, a user defined diagnostic event memory which is independent from the primary diagnostic event memory. |
| Security Sensor | BSW, CDD, SWC or other software components or applications which report security events to the IdsM. |
| SIEM | Security Incident and Event Management |
| Sensor | Reporting identity that informs the IdsM module about SEvs. It can be a BSW module, a proprietary CDD or a SWC Application. |
| SOC | Security Operation Center |
| Soad | Socket Adaptor is a Basic Software module of AUTOSAR which creates interface between Pdu-Based communication on service level and socket based TCP/IP |
| SOME/IP | Scalable service-Oriented MiddlewarE over Internet Protocol |
| SWC | Software Component |
| TCP | Transmission Control Protocol |
| UDP | User Datagram Protocol |
Reference
[1] Requirements on Intrusion Detection System AUTOSAR_FO_RS_IntrusionDetectionSystem
[2] Specification of Time Synchronization AUTOSAR_AP_SWS_TimeSynchronization
[3] Specification of I-PDU Multiplexer AUTOSAR_CP_SWS_IPDUMultiplexer
[4] Specification of FlexRay Interface AUTOSAR_CP_SWS_FlexRayInterface
[5] Specification of Socket Adaptor AUTOSAR_CP_SWS_SocketAdaptor
[6] System Template AUTOSAR_CP_TPS_SystemTemplate
Glossaryも掲載しましょう。
https://www.autosar.org/fileadmin/standards/R23-11/FO/AUTOSAR_FO_TR_Glossary.pdf
補足資料(Additions)
祝休日・謹賀新年:2024年の目標
https://qiita.com/kaizen_nagoya/items/b659d922327a7dcdc898
2023 Countdown Calendar 主催・参加一覧
https://qiita.com/kaizen_nagoya/items/c4c2f08ac97f38d08543
CountDownCalendar月間 いいねをいただいた記事群 views 順
https://qiita.com/kaizen_nagoya/items/583c5cbc225dac23398a
Countdown Calendar 2023, 百記事目を書くにあたって。
https://qiita.com/kaizen_nagoya/items/45185a04cfd88b71256a
1年間をまとめた「振り返りページ」@2023
https://qiita.com/kaizen_nagoya/items/bcd1ebd49d3a9e8c7a90
AUTOSAR 文書番号
https://qiita.com/kaizen_nagoya/items/8b894228a0b76c2265c7
AUTOSAR Countdown Calendar 2023
https://qiita.com/advent-calendar/2023/autosar
<この記事は個人の過去の経験に基づく個人の感想です。現在所属する組織、業務とは関係がありません。>
This article is an individual impression based on the individual's experience. It has nothing to do with the organization or business to which I currently belong.
文書履歴(document history)
ver. 0.01 初稿 20240102
最後までおよみいただきありがとうございました。
いいね 💚、フォローをお願いします。
Thank you very much for reading to the last sentence.
Please press the like icon 💚 and follow me for your happy life.