LoginSignup
0
0

Specification of Intrusion Detection System Protocol, AUTOSAR 981, R23-11, FO

Last updated at Posted at 2024-01-02

AUTOSARが2023年版、R23-11を公開しました。
https://www.autosar.org/fileadmin/standards/R23-11/FO/AUTOSAR_FO_PRS_IntrusionDetectionSystem.pdf

R22-11
https://www.autosar.org/fileadmin/standards/R22-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf

R21-11
https://www.autosar.org/fileadmin/standards/R21-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf

R20-11
https://www.autosar.org/fileadmin/standards/R20-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf

R19-11
https://www.autosar.org/fileadmin/standards/R19-11/FO/AUTOSAR_PRS_IntrusionDetectionSystem.pdf

文書は検索してダウンロードできます。
https://www.autosar.org/

<この項は書きかけです。順次追記します。>
This article is not completed. I will add some words in order.

Release Overviews

AUTOSARには現在3つの分類があります。Foundation, CAN OSEK/VDXのClassic Platform, Ethernet/TCP/IP POSIXのAdaptive Platform.

Foundation Release Overview, AUTOSAR 781, R23-11, FO
https://qiita.com/kaizen_nagoya/items/f249bdb8c313d8bff883

Classic Platform Release Overview, AUTOSAR No.0 ,R23-11, CP
https://qiita.com/kaizen_nagoya/items/9d22c8722cbc0f42b137

Adaptive Platform Release Overview, AUTOSAR 782, R23-11, AP
https://qiita.com/kaizen_nagoya/items/13a104606a34fe24fcf7

Qiita 記事一覧

Autosar Foundation R23-11 一覧
https://qiita.com/kaizen_nagoya/items/c30674cb2dac2fcbbd04

AUTOSAR Adaptive Platform R23-11一覧
https://qiita.com/kaizen_nagoya/items/1dece8799a730367b0dc

Autosar Classic Platform R23-11 一覧
https://qiita.com/kaizen_nagoya/items/f770f6c2906e1dcbf180

文書変更(Document Change)

• Correct Message Header Length

用語(terms)

term Description
Adaptive Platform AUTOSAR Adaptive Platform
BSW Standardized AUTOSAR Software modules, which provides basic functionalities usually required in electronic control unit.
Controller Area Network/Controller Area Network with Flexible Data-Rate An automotive network communication protocol.
Context Data Relevant information to a SEv. It is optional data that provides a broader understanding of the security event (e.g. the corrupted data). The content and encoding of the context data is externally defined by the sensor and unknown to the IdsM module.
Classic Platform AUTOSAR Classic Platform
Context Data Buffer Buffer with variable sizes to fit to the needs of the context data of the SEvs.
ECU Electronic Control Unit which provides functionalities in electronic system of a car, e.g. brake system or window lifter.
Event Buffer Buffer to temporarily store the reported SEv.
Event Frame Main frame of IDS protocol which includes the basic information like the Security Event ID.
Filter Chain A set of consecutive filters which is applied to security events. The output are Qualified Security Events.
FlexRay An automotive network communication protocol.
General Purpose I-Pdu General Purpose Interaction Layer Protocol Data Unit.
Intrusion Detection System An Intrusion Detection System is a security control which detects and processes security events.
Intrusion Detection System protocol The IDS protocol specifies the message format which is used by IDS.
Intrusion Detection System Message Message which is send by the IdsM with the IDS protocol.
Intrusion Detection System Manager The Intrusion Detection System Manager handles security events reported by security sensors.
Intrusion Detection System Reporter The Intrusion Detection System Reporter handles Qualified Security Events received from IdsM instances.
I-PDU Multiplexer An AUTOSAR Basic Software module which specifies the protocol to multiplex multiple Pdus with one Protocol Control information.
LIN Local Interconnect Network: serial communication bus to connect sensors and actuators.
Protocol Data Unit Router An AUTOSAR component responsible for routing of messages independent from underlying communication network.
Protocol Requirement Specification Intrusion Detection System The specification document which describes all elements of the IDS protocol.
Qualified Security Event (QSEv) Security events which pass their filter chain are regarded as Qualified Security Events and are sent to the configured sink.
Security Extract The Security Extract specifies which security events are handled by IdsM instances and their configuration parameters.
Security Events Onboard security events are reported by BSW, CDD, SWC or other software components or applications to the IdsM.
Security Event Memory A user defined diagnostic event memory which is independent from the primary diagnostic event memory.
Security Sensorsv BSW, CDD, SWC or other software components or applications which report security events to the IdsM.
Security Incident and Event Management Technology concept to collect, correlate and analyze security incidents to detect a threat.
Sensor Reporting identity that informs the IdsM module about SEvs. It can be a BSW module, a proprietary CDD or a SWC Application.
Security Operation Centre Security Operation Center is the Backend of the IDS in which data can be processed and analysed.
Socket Adapter Socket Adaptor is a Basic Software module of AUTOSAR which creates interface between Pdu-Based communication on service level and socket based TCP/IP
AP AUTOSAR Adaptive Platform
API Application Programming Interface
BSW Basic Software
CAN Controller Area Network
CAN FD Controller Area Network with Flexible Data-Rate
CDD Complex Device Driver
Context Data Relevant information to a Security Event (SEv). It is optional data that provides a broader understanding of the security event (e.g. the corrupted data). The content and encoding of the context data is externally defined by the sensor and unknown to the IdsM module.
Context Data Buffer Buffer with variable sizes to fit to the needs of the context data of the SEvs.
CP AUTOSAR Classic Platform
ECU Electronic Control Unit
Event Buffer Buffer to temporarily store the reported SEv.
Event Frame Main frame of IDS protocol which includes the basic information like the Security Event ID.
Filter Chain A set of consecutive filters which is applied to security events. The output are Qualified Security Events.
FlexRay An automotive network communication protocol.
General Purpose I-Pdu General Purpose Interaction Layer Protocol Data Unit.
ID Identifier
IDS Intrusion Detection System
I-PDU Interaction Layer Protocol Data Unit
I-PDU Multiplexer An AUTOSAR Basic Software module which specifies the proto- col to multiplex multiple Pdus with one Protocol Control informa- tion.
IdsM Intrusion Detection System Manager
Ids message Message which is send by the IdsM with the IDS protocol.
IdsR Intrusion Detection System Reporter
Ids protocol
Intrusion Detection System protocol specifies the message for- mat which is used by IDS.
LIN Local Interconnect Network
ms Miliseconds
N-PDU Network Layer Protocol Data Unit
OEM Original Equipment Manufacturer
PDU Router Protocol Data Unit Router is an AUTOSAR component respon- sible for routing of messages independent from underlying com- munication network.
PRS IDS Protocol Requirement Specification Intrusion Detection System specification document which describes all elements of the IDS protocol.
QSEv QSecurity events which pass the filter chain are regarded as Qual- ified Security Events and are sent to the configured sink.
SecXT The Security Extract specifies which security events are handled by IdsM instances and their configuration parameters.
SEv Security Event are reported by BSW, CDD, SWC or other soft- ware components or applications to the IdsM.
Sem Security Event Memory, a user defined diagnostic event memory which is independent from the primary diagnostic event memory.
Security Sensor BSW, CDD, SWC or other software components or applications which report security events to the IdsM.
SIEM Security Incident and Event Management
Sensor Reporting identity that informs the IdsM module about SEvs. It can be a BSW module, a proprietary CDD or a SWC Application.
SOC Security Operation Center
Soad Socket Adaptor is a Basic Software module of AUTOSAR which creates interface between Pdu-Based communication on service level and socket based TCP/IP
SOME/IP Scalable service-Oriented MiddlewarE over Internet Protocol
SWC Software Component
TCP Transmission Control Protocol
UDP User Datagram Protocol

Reference

[1] Requirements on Intrusion Detection System AUTOSAR_FO_RS_IntrusionDetectionSystem
[2] Specification of Time Synchronization AUTOSAR_AP_SWS_TimeSynchronization
[3] Specification of I-PDU Multiplexer AUTOSAR_CP_SWS_IPDUMultiplexer
[4] Specification of FlexRay Interface AUTOSAR_CP_SWS_FlexRayInterface
[5] Specification of Socket Adaptor AUTOSAR_CP_SWS_SocketAdaptor
[6] System Template AUTOSAR_CP_TPS_SystemTemplate

Glossaryも掲載しましょう。
https://www.autosar.org/fileadmin/standards/R23-11/FO/AUTOSAR_FO_TR_Glossary.pdf

補足資料(Additions)

祝休日・謹賀新年:2024年の目標
https://qiita.com/kaizen_nagoya/items/b659d922327a7dcdc898

2023 Countdown Calendar 主催・参加一覧
https://qiita.com/kaizen_nagoya/items/c4c2f08ac97f38d08543

CountDownCalendar月間 いいねをいただいた記事群 views 順
https://qiita.com/kaizen_nagoya/items/583c5cbc225dac23398a

Countdown Calendar 2023, 百記事目を書くにあたって。
https://qiita.com/kaizen_nagoya/items/45185a04cfd88b71256a

1年間をまとめた「振り返りページ」@2023
https://qiita.com/kaizen_nagoya/items/bcd1ebd49d3a9e8c7a90

AUTOSAR 文書番号
https://qiita.com/kaizen_nagoya/items/8b894228a0b76c2265c7

AUTOSAR Countdown Calendar 2023
https://qiita.com/advent-calendar/2023/autosar

<この記事は個人の過去の経験に基づく個人の感想です。現在所属する組織、業務とは関係がありません。>
This article is an individual impression based on the individual's experience. It has nothing to do with the organization or business to which I currently belong.

文書履歴(document history)

ver. 0.01 初稿  20240102

最後までおよみいただきありがとうございました。

いいね 💚、フォローをお願いします。

Thank you very much for reading to the last sentence.

Please press the like icon 💚 and follow me for your happy life.

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0