Preparation of our test: Electronic Control Unit, Training and Simulation of the Network

Links table

Abstract and 1 introduction

2. Current security test platforms

2.1. The last progress

3. New test platform and 3.1. Plastic roles test

3.2. Reaching a distance on the web

3.3. Preparation test

4. Examinated test methodologies

4.1. SDL and 4.2. Hurry test

4.3. Search test

5. Conclusion and expectations, and references

3.3. Preparation test

Electronic control unit sources. In the context of this work, we define the electronic control unit as the electronic control unit of the field (i.e. real compounds), or geometric samples (for example, A samples, BS), or even a mcus control control. Depending on the user, obtaining the electronic control unit for the test platform will require different curricula. When the engineer and the five -year -old gets their supply chain or a contracted customer, respectively, the researcher is likely to obtain the electronic control unit from a real vehicle from the rescue square or buy the electronic control unit directly from OEM spare parts.

The electronic control unit test can be one sufficient if the tests focus on the details of the purely physical layer or other protocols based on the Singlecu session, such as the UDS and World Measurement Protocol (XCP). In some cases, there is a multiple need for the European Economic Intelligence Agency to wake up some electronic control units (for example, the control unit control unit for power generation may require the electronic control unit and vice versa), although we have manufactured some of these waking messages. For our platform, we lead to the electronic control unit across three different original equipment owners from a local rescue square and a real car: five transmission connections (two couples from different years of models), ECU gate, powerful ECU, and IPCs. We also get the C-SAMPLE ECU gate from one of the original equipment owners mentioned above, which corresponds to OEM for one of the iPCs. In addition, we also get a MCU car unit with full programming capabilities.

Trainable network. Most users often will work on projects that require electronic control units at different buses for buses, various OEM devices, and various attached devices (for example, measuring tools, engines, etc.), it is necessary for the test platform to provide the ability to form the basic system from remote. The alternative here is to reach multiple real compounds or (re -building a separate test bed, which is expensive and difficult to manage. We build a preliminary form for the configuration network system that supports multiple transmission speeds, the Multiple CIA from multiple original equipment manufacturers, the ability to run/turn off each electronic control unit upon request via the Vsec test.

In Figure 1, we film an example of one platform: (1) host multiple buses at different transmission -cutting, (2) multiple OEM platforms on one seat, and (3) the ability to control the network bopy. The shape shows how the entire seat looks with the intensive care unit of three different original equipment owners, as well as how our test platform will appear network that consists of the electronic control unit only of OEM #1 and OEM #2. Using a deportation panel that runs/turns off each electronic control unit on the matter, the laboratory can also insulate one electronic control unit or a sub -set of intensive care unit from the entire group. The ability to increase the number of control unit in the testing unit is useful when developing a technology (for example, a new attack), and the ability to test a technology against multiple OEM applications can determine the ability to apply this technology. For our platform, we build a training network by attaching the power source for each electronic control unit to a 16th deportation panel,[1] It is controlled by Arduino due to MCU. A text program on the PC continues with this MCU on the series, and the code on Arduino replaces the user’s electronic control unit to activate/revitalize. In this work, we focus on the box buses, adding a new bus protocol like Eternet automotive or Can-FD will be similar.

Network simulation. Real traffic is often available from road tests only after the car production. This traffic is usually the only information that the researcher can access to simulate the bus network. Reverse engineering can successfully detect traffic that can control messages that control the features/sensors of the car [14]and [20]. Engineers and some Kholiri (depending on the contract) can access the Canal database files (DBC), which determines the product/consumer for each signal for all messages. An alternative source of information for engineers and pimples is the Restbus simulation, which provides enough traffic for ECU to test as expected. For our platform, we have investigated another way to get a larger network of electronic control units by combining traffic from the multiple electronic control unit that belongs to the same model and model but is physically distributed. We carried out a test bed with the IPC in Pennsylvania and we continued remotely to an electric generation control unit hosted in Michigan. While there is some cumin that participates in the re -guidance can be traffic between these two sites, the cumin is small enough to enable access to most UDS orders and IPC control offer without any clear delay.

Environmental simulation. Although the DBC files for reverse engineering and ownership enables users to explain the signals, it is still difficult to imitate traffic from road tests without spending hours in driving the car. Users can take advantage of driving simulations, such as Carla [15]To provide hours and miles from

The road passes simulation. The combination of this simulation can be generated with the reverse or original DBC file for a realistic bus traffic to the electronic control unit under test. Engineers are often able to reach the advanced sensor and operator models that can significantly enhance the realism of the Canal movement. Although these models are usually published in program simulations only, they can be connected to our test platform to capture the results observed only on real devices. For our test platform, we use Carla in conjunction with the DBC file to provide realistic speed values ​​to the IPC and then publish the infiltration detection system (IDS) from the previous work [5] As if it was in a real car.

Measurement tools. We expand the statute capabilities by connecting the measuring tools, such as fluctuations and logic analyzes, and providing control of these tools. Since these tools are often expensive, the central -devices platform can reduce the costs of the total devices by allowing common access to these tools. For our platform, we connect Picoscope vibrations to ECU’s power pins and the Saleae logic analyst for all our boxes. Through the textual programs of the command line, Picoscope can capture energy profiles as inputs to the above -mentioned identifiers. In addition, a logic analyst can notice at the level of bits the passes of buses for the purpose of building advanced bus attacks [9]-[11].

---

[1] The ignition pin can be turned on a separate deportation if necessary, and therefore the presence of up to 16 outlets can help control both the main energy and ignite with the increase in the number of electronic control units under the test.