CN110912944B - CAN equipment safety test system and test method - Google Patents
CAN equipment safety test system and test method Download PDFInfo
- Publication number
- CN110912944B CN110912944B CN201911409851.0A CN201911409851A CN110912944B CN 110912944 B CN110912944 B CN 110912944B CN 201911409851 A CN201911409851 A CN 201911409851A CN 110912944 B CN110912944 B CN 110912944B
- Authority
- CN
- China
- Prior art keywords
- test
- protocol
- equipment
- message
- tested
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/14—Arrangements for monitoring or testing data switching networks using software, i.e. software packages
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/0078—Avoidance of errors by organising the transmitted data in a format specifically designed to deal with errors, e.g. location
- H04L1/0083—Formatting with frames or packets; Protocol or part of protocol for error control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to a CAN equipment safety test system and test method, based on a current industrial control protocol fuzzy test platform, develop a test suite supporting CAN high-level protocol, the test suite contains DeviceNet protocol test script and CANopen protocol test script based on test script grammar rule, and a test engine for protocol data interaction with CAN equipment under test, the test engine CAN automatically analyze the protocol data script containing variation strategy, generate a test data packet in frame format, and send to CAN equipment under test through an extended USBCAN interface card, and receive the return data of CAN equipment under test; the whole design technical scheme CAN carry out high-level protocol high-efficiency test, and realizes stable verification aiming at the robustness of the protocol of the CAN tested equipment.
Description
Technical Field
The invention relates to a CAN (controller area network) equipment safety test system and a test method, belonging to the technical field of industrial informatization management.
Background
With the development of internet technology and the integration of communication technology and control technology, a traditional industrial control system gradually develops towards networking, more information resource sharing, more efficient data processing technology and faster data transmission technology bring rapid development to the field of traditional industrial control, but potential risks are brought at the same time, protocol equipment in a traditional closed industrial control network is exposed in the internet, if malicious attack is suffered, the whole system network cannot work normally, and enterprise customers suffer great loss. In order to improve the safety and stability of the industrial control Internet system and the robustness of industrial control protocol equipment in the system, effective safety detection is carried out on the protocol equipment, and timely measures are taken to be an effective way for avoiding risks.
CAN is a serial communication protocol bus for real-time application and effective support of a distributed control system, and is one of the most widely applied field buses in the world. The CAN protocol was originally developed by the german bosch corporation in the 80 th century as a serial communication bus dedicated to the automotive industry, and has been widely used in the field of industrial control due to the increasing emphasis on the protocol's high performance, high reliability and unique CAN-bus technology. The CAN bus technical Specification (Version2.0) was made and published in 1991. The standard format of the CAN message is given in 2.0A, and the standard and extended formats are given in 2.0B, wherein the difference is that the standard frame adopts an 11-bit identifier, and the extended frame adopts a 29-bit identifier. The CAN bus protocol specification describes five different frame types: data frames, remote frames, error frames, overload frames, and frame intervals. The data frame is similar to the remote frame structure, the maximum data transmission quantity of one frame is 8 bytes according to the identifier length standard frame and the extended frame, and the CAN-bus has high real-time performance and strong anti-interference capability due to the short frame structure, and is suitable for automobiles and industrial control application. There are five types of error frames of CAN-bus: CRC errors, format errors, acknowledgement errors, bit send errors, and bit fill errors. The overload frame is used for sending to the sending node when the receiving node is not ready to receive the next frame data, and consists of an overload mark and an overload frame delimiter. The frame interval is used for separating a data frame or a remote frame from a previous frame, and the overload frame and the error frame are not preceded by an interval.
The superiority of the transmission mode of the CAN bus with the short frame structure enables the field bus to become a necessary trend for the development of the field of industrial control systems, and the high-level protocol standards of DeviceNet and CANopen are generated based on the CAN bus, so that the CAN bus is widely applied to the industrial control systems at present. The DeviceNet protocol is an open communication network based on CAN bus technology and conforming to the global industry standard, and the DeviceNet specification defines a network communication standard to enable data communication between devices of an industrial control system, and defines part of the physical layer and data link layer in addition to the ISO model application layer definition. The application layer protocol of DeviceNet employs the common Industrial protocol CIP.
CANopen is a high-level communication protocol constructed on CAN, is based on the standard of CAN-bus distributed industrial control technology, and is jointly developed by manufacturers and users in combination with CiA. CANopen implements agreements above (including at) the network layer in the OSI model. CANopen has established standards for a wide range of industrial communications, including an addressing scheme, several small communication sub-protocols, and an application layer defined by device sub-protocols. CANopen supports object dictionaries (an object dictionary is a central element of each CANopen device and describes the function of the device), device description (describes the attributes and characteristics of the main device types in an automatic control system), data transfer using PDO/SDO (fast exchange of process data in PDO processing segments, access to the entry of the object dictionary through SDO), network management (to manage the state of network devices).
The two CAN high-level protocols are the application of the CAN bus technology in the industrial field, and the safety risk of the CAN bus is as follows: 1. the communication lacks an encryption and access control mechanism, and an attacker can reverse a bus communication protocol and analyze a protocol control instruction for forging the attack instruction; 2. communication lacks authentication and message verification mechanisms, and can not identify and early warn abnormal messages forged and tampered by attackers. In view of the characteristics of the CAN bus, an attacker CAN implement attacks such as message forgery, denial of service, replay, and the like by means of physical intrusion or remote intrusion. If protocol security holes exist in CAN high-level protocol equipment, equipment failure or information leakage is easily caused by attack.
With the wide use of two CAN high-level protocols of DeviceNet and CANopen, more and more attention is paid to the test of relevant equipment before network access, and relevant research mainly focuses on the aspect of protocol consistency test to test whether the CAN equipment protocol is consistent with the standard CAN high-level protocol or not and ensure the normal communication between the CAN equipment. The research on the safety test method of the protocol is not much, only the vulnerability and risk analysis of the CAN protocol are carried out, and no mature product is used for carrying out the system safety test on the CAN protocol equipment.
Disclosure of Invention
The invention aims to solve the technical problem of providing a CAN equipment safety test system, which CAN carry out high-level protocol high-efficiency test based on a communication mechanism supporting a CAN protocol and realize stable verification aiming at the robustness of the protocol of CAN equipment to be tested.
The invention adopts the following technical scheme for solving the technical problems: the invention designs a CAN equipment safety test system, which is based on a fuzzy test platform facing industrial control and Internet of things protocols and realizes the test of CAN equipment to be tested, wherein a test engine in the fuzzy test platform is butted with the CAN equipment to be tested through an extended USBCAN interface card, so that the mutual communication between the test engine and the CAN equipment to be tested based on a CAN communication channel is realized; a preset DeviceNet protocol test script library based on script grammar rules is built in the fuzzy test platform;
the CAN equipment is identified based on the definition of each test script keyword transport in a preset DeviceNet Protocol test script library, and the test engine is combined with an abnormal database in a fuzzy test platform, applies each preset test script in the preset DeviceNet Protocol test script library and based on different CAN transmission frame format protocols defined by the keyword Protocol, and tests the CAN transmission frame format protocols for the CAN equipment to be tested through an extended USBCAN interface card.
As a preferred technical scheme of the invention: a preset CANopen protocol test script library based on script grammar rules is also built in the fuzzy test platform;
and the test engine applies the test scripts of each preset type message in the preset CANopen protocol test script library according to the abnormal database in the fuzzy test platform and tests the CAN transmission frame format protocol for the CAN tested equipment through the extended USBCAN interface card.
Correspondingly, the technical problem to be solved by the invention is to provide a testing method based on a CAN equipment safety testing system, which CAN carry out high-level protocol high-efficiency testing based on a communication mechanism supporting a CAN protocol, and realize stable verification aiming at the robustness of the protocol of CAN equipment to be tested.
The invention adopts the following technical scheme for solving the technical problems: the invention designs a testing method based on a CAN equipment safety testing system, which comprises the following steps: defining xml test script language key word transport ═ CAN in the preset DeviceNet protocol test script library; the test method comprises the following steps:
step A, the extended USBCAN interface card starts a CAN channel based on a DeviceNet protocol or a CANopen protocol of which the test script is CAN, so that communication connection between a test engine and CAN equipment to be tested is realized, and then the step B is carried out;
b, the test engine analyzes the variation strategy and generates frame format abnormal data aiming at each preset test script of different CAN transmission frame format protocols in a preset DeviceNet protocol test script library and combining the test scripts of each preset type message in a preset CANopen protocol test script library according to an abnormal database in the fuzzy test platform, and then the step C is carried out;
step C, the test engine calls a corresponding interface to send frame format abnormal data to the CAN tested equipment through the extended USBCAN interface card according to a CAN transmission frame format Protocol defined by a DeviceNet Protocol test script keyword Protocol in the frame format abnormal data, and the step D is carried out;
d, judging whether the test engine fails to send or does not receive return data from the CAN tested equipment, if so, recalling the corresponding interface by the test engine to send frame format abnormal data to the CAN tested equipment through the expanded USBCAN interface card; otherwise, entering the step E;
e, the test engine receives the return data from the CAN tested equipment and judges whether the return data is consistent with the expected return data corresponding to the sent frame format abnormal data or not, and if yes, the CAN tested equipment is judged to have no protocol security loophole; otherwise, judging that the CAN tested device has protocol security holes.
As a preferred technical scheme of the invention: while the test method is executed in the steps B to E, the following operations are also executed:
and the test engine sends a monitoring script to the CAN tested equipment through the extended USBCAN interface card at a preset frequency, and is used for acquiring the current state of the CAN tested equipment and judging whether the acquired current state is consistent with the expected state, if so, no further judgment is made, and otherwise, the state of the CAN tested equipment is judged to be changed due to the aggressive test.
As a preferred technical scheme of the invention: each preset type message in the preset CANopen protocol test script library comprises a management message, a Service Data Object (SDO) message, a Process Data Object (PDO) message, a predefined message or a special function object message.
As a preferred technical scheme of the invention: the management message is used for realizing network management service aiming at a communication network between the test engine and the CAN tested equipment, and comprises an NMT module control message, an NMT node protection message and an NMT Boot-up message.
As a preferred technical scheme of the invention: the SDO message is used for accessing an object dictionary of the equipment object, namely the object dictionary of the equipment object accessed by the CAN equipment of the visitor or requesting service, the request message and the response message have the same structure, and the SDO message is used for realizing a request/response protocol, and comprises starting domain downloading, domain segmentation downloading, starting domain uploading, domain segmentation uploading and domain transmission suspension.
As a preferred technical scheme of the invention: the PDO message of the process data object is used for transmitting real-time data, wherein the data content of the PDO message of the process data object is defined by the ID corresponding to the CAN equipment, 2 objects are used for describing the communication parameters of the PDO message of the process data object and the PDO message mapping parameters of the process data object in an object dictionary of the PDO message of the process data object, the content of the PDO message of the process data object is predefined or configured when the network is started, and the mapping relation between the PDO message of the process data object and the application object is described in the object dictionary of the CAN equipment.
Compared with the prior art, the CAN equipment safety test system and the CAN equipment safety test method have the following technical effects:
the invention relates to a safety test system and a test method of CAN equipment, which are based on a current industrial control protocol fuzzy test platform and develop a test suite supporting a CAN high-level protocol, wherein the test suite comprises a DeviceNet protocol test script and a CANopen protocol test script based on a test script grammar rule and a test engine for performing protocol data interaction with CAN tested equipment; the whole design technical scheme CAN carry out high-level protocol high-efficiency test, and realizes stable verification aiming at the robustness of the protocol of the CAN tested equipment.
Drawings
Fig. 1 is a schematic structural diagram of a CAN device security test system according to the present invention.
Detailed Description
The following description will explain embodiments of the present invention in further detail with reference to the accompanying drawings.
The invention designs a CAN equipment safety test system, which is based on a fuzzy test platform facing industrial control and Internet of things protocols to test CAN equipment to be tested, as shown in figure 1, the fuzzy test platform is a successfully developed fuzzy test platform facing industrial control and Internet of things protocols, the platform supports more than 50 mainstream communication protocols, more than 40 original 0day bugs are found at present, and the fuzzy test platform accumulates abundant variation databases, sensitive data feature databases and the like in the process of testing industrial control network protocol equipment.
In industrial control applications, CANopen and DeviceNet are the main standard representatives of open distribution systems, DeviceNet is suitable for plant-based automation, CANopen is suitable for embedded applications of machine control, and they have different implementations in information identifier assignment, process data exchange, peer-to-peer communication, network management, etc.
CANopen provides a universal identifier library that can be applied to all devices and intermediate instances that locate identifiers manually or automatically, depending on the needs of the device, and can be completely up to the system designer to decide on the use of the identifier and the real-time behavior of the data communication system. CANopen specifies a device-oriented identifier assignment scheme that allows 127 devices to default to a master device, with 16 basic functions being distinguishable by a four-digit function code. The basic DeviceNet identifier assignment scheme is the ownership of node-oriented information identifiers, with a maximum of 64 nodes in the DeviceNet system, each node having a set of identifiers out of 3 information sets. CANopen and DeviceNet are the sending process, much the same as the communication mechanism provided by the service/setup data. For CANopen, process data is transferred through "process data objects" (PDOs). For DeviceNet, process data is conveyed via "I/O info".
With regard to the information trigger mode, DeviceNet supports looping, changing states, and application object triggering. CANopen supports a trigger mode after an event, application request, or predefined synchronization information is received. CANopen and DeviceNet provide a very sophisticated approach for flexibly mapping application data to communication objects. CANopen specifies the relevant application object mapping. The application objects are mapped into the PDO by a data structure of "PDO mapping records", which specifies the mapped application object data in the form of a list of object identifiers and a data length. In DeviceNet, the grouping of application data is specified by an instance of a "collection" object. The instance of the "collection" object defines the application object data format that is sent. With respect to service channels, CANopen provides service channels according to the CAL composite domain protocol, through which service data objects, SDOs, may be exchanged between any two devices. DeviceNet provides multipurpose device-oriented channels and services, with the reading and writing of object attributes, control of objects, etc. all performed "explicitly informed".
In the CAN tested device testing method based on the fuzzy testing platform, as shown in figure 1, a testing engine in the fuzzy testing platform is butted with the CAN tested device by expanding a USBCAN interface card, so that mutual communication between the testing engine and the CAN tested device based on a CAN communication channel is realized; the expanded USBCAN interface card realizes the bidirectional data transmission of the bus, and in practical application, the expanded USBCAN interface card uses a special industrial-grade high-speed 32-bit CPU, and the receiving and sending speed is more than 8000 frames/second. The extended USBCAN interface card conforms to the ISO 11898 standard, supports CAN 2.0A/B, and supports standard frames, extended frames, data frames and remote frames. And the USBCAN interface card has the characteristics of small volume, plug and play and the like, so that the USBCAN interface card CAN be very conveniently integrated with a testing device, and in practical application, interface cards with different configurations CAN be selected according to the performance characteristics of CAN equipment to be tested so as to match the communication capability of the equipment to be tested.
In practical application, the fuzzy test platform develops a preset DeviceNet protocol test script library and a preset CANopen protocol test script library based on script grammar rules based on an efficient fuzzy test language provided by the platform, and the preset DeviceNet protocol test script library and the preset CANopen protocol test script library are built in the fuzzy test platform.
In the application, CAN equipment is identified based on the definition of each test script keyword transport in a preset DeviceNet Protocol test script library, namely transport is CAN, the identification of the CAN equipment to be tested is realized, a test engine is combined with an abnormal database in a fuzzy test platform, each preset test script in the preset DeviceNet Protocol test script library and based on different CAN transmission frame format protocols defined by the keyword Protocol is applied, and the CAN transmission frame format Protocol is tested for the CAN equipment to be tested through an expanded USBCAN interface card.
Meanwhile, the test engine CAN also apply the test scripts of each preset type message in the preset CANopen protocol test script library according to an abnormal database in the fuzzy test platform, and test the CAN transmission frame format protocol for the CAN tested equipment through the extended USBCAN interface card.
In practical applications, the test script is exemplified as follows:
the core concept of CANopen is an equipment object dictionary which is an ordered object group; each object is addressed with a 16-bit index value, while an 8-bit sub-index is defined in order to allow access to a single element in the data structure. Each node in the CANopen network has an object dictionary. The object dictionary contains all the parameters describing this device and its network behavior.
In a specific practical application, each preset type message in the preset CANopen protocol test script library includes a management message, a service data object SDO message, a process data object PDO message, a predefined message, or a special function object message.
The management message is used for realizing network management service aiming at a communication network between a test engine and the CAN tested equipment, the management message comprises an NMT module control message, an NMT node protection message and an NMT Boot-up message, and an exemplary test script of the management message is as follows.
The service data object SDO message is used for accessing an object dictionary of the equipment object, namely the object dictionary of the equipment object accessed by the CAN equipment of the visitor or requesting service, the request message and the response message have the same structure, and the service data object SDO message is used for realizing a request/response protocol, and comprises starting domain downloading, domain subsection downloading, starting domain uploading, domain subsection uploading and domain transmission suspension.
The basic structure of SDO is shown in table 1 below.
| Byte0 | Byte1-2 | Byte3 | Byte4-7 |
| SDO command word | Object index | Object sub-index | ** |
TABLE 1
Where, is maximum 4 bytes of data or a 4 byte counter, or as shown in table 2 below.
| Byte0 | Byte1-7 |
| SDO command word | Maximum 7 bytes of data |
TABLE 2
An example test script for a service data object, SDO, message is as follows.
The process data object PDO message is used for transmitting real-time data, the data transmission length is 1-8 bytes, the data content of the process data object PDO message is defined by the ID of the corresponding CAN equipment, 2 objects are used for describing the process data object PDO message communication parameters and the process data object PDO message mapping parameters in the object dictionary of the process data object PDO message, the content of the process data object PDO message is predefined or configured when the network is started, and the mapping relation between the process data object PDO message and the application object is described in the CAN equipment object dictionary.
An example test script for a Process Data Object (PDO) message is as follows.
Based on the designed CAN equipment safety test system, the invention specifically designs a test method based on the system, and in practical application, the invention defines the xml test script language keyword transport in the preset DeviceNet protocol test script library as 'CAN', namely realizes the identification of CAN equipment to be tested, and performs initialization connection with the CAN equipment to be tested; and executing the following steps A to E to realize the execution of the design test method.
And step A, the extended USBCAN interface card starts a CAN channel based on a DeviceNet protocol or a CANopen protocol of which the test script is CAN, so that the communication connection between a test engine and CAN equipment to be tested is realized, and then the step B is carried out.
In practical application, the step a is specifically to configure initialization parameters, communication modes, baud rates and the like if the extended USBCAN interface card identifies that the test script is a DeviceNet protocol or a CANopen protocol of the CAN; then appointing a CAN channel and initializing equipment; and starting the CAN channel of the extended USBCAN interface card to realize the communication connection between the test engine and the CAN tested equipment.
And step B, the test engine analyzes the variation strategy and generates frame format abnormal data aiming at each preset test script of different CAN transmission frame format protocols in the preset DeviceNet protocol test script library and combining the test scripts of each preset type message in the preset CANopen protocol test script library according to the abnormal database in the fuzzy test platform, and the step C is carried out.
And step C, the test engine calls a corresponding interface to send the frame format abnormal data to the CAN tested equipment through the extended USBCAN interface card according to the CAN transmission frame format Protocol defined by the DeviceNet Protocol test script keyword Protocol in the frame format abnormal data, and the step D is carried out.
D, judging whether the test engine fails to send or does not receive return data from the CAN tested equipment, if so, recalling the corresponding interface by the test engine to send frame format abnormal data to the CAN tested equipment through the expanded USBCAN interface card; otherwise, entering the step E.
E, the test engine receives the return data from the CAN tested equipment and judges whether the return data is consistent with the expected return data corresponding to the sent frame format abnormal data or not, and if yes, the CAN tested equipment is judged to have no protocol security loophole; otherwise, judging that the CAN tested device has protocol security holes.
While the testing method executes the steps B to E, the following operations are also executed:
and the test engine sends a monitoring script to the CAN tested equipment through the extended USBCAN interface card at a preset frequency, and is used for acquiring the current state of the CAN tested equipment and judging whether the acquired current state is consistent with the expected state, if so, no further judgment is made, and otherwise, the state of the CAN tested equipment is judged to be changed due to the aggressive test.
In practical applications, the status monitoring script is exemplified as follows:
the CAN equipment safety test system and the test method are applied to practice, the CAN tested equipment selects a vehicle-mounted simulation diagnotor, and when an extended USBCAN interface card in the test device is connected with the CAN tested equipment, a fuzzy test platform in the device CAN form a CAN-bus network control node for data processing and data acquisition in a CAN-bus network. The fuzzy test platform supports a USBCAN interface card drive to establish CAN channel connection with a tested device vehicle-mounted simulation diagnostor through an extension test engine under the existing framework, sends abnormal data to the diagnostor by taking CAN high-level protocols such as DeviceNet and CANopen as templates, and conducts fuzzy test on the diagnostor, and the fuzzy test platform analyzes the returned value of the diagnostor to judge whether the diagnostor realizes the CAN high-level protocols to have holes.
The tested equipment CAN be not only limited in a vehicle-mounted network system, but also CAN be node equipment in CAN-bus networks such as a field bus laboratory, an industrial control system, an intelligent cell and the like, and the testing device CAN integrate different CAN interface cards according to the communication performance of the actual CAN tested equipment to complete actual testing.
The CAN equipment safety test system and the test method designed by the technical scheme are based on an existing industrial control protocol fuzzy test platform, a test suite supporting a CAN high-level protocol is developed, the test suite comprises a DeviceNet protocol test script and a CANopen protocol test script based on a test script grammar rule, and a test engine for performing protocol data interaction with CAN equipment to be tested, the test engine CAN automatically analyze the protocol data script containing a variation strategy, generate a test data packet in a frame format, transmit the test data packet to the CAN equipment to be tested through an expanded USBCAN interface card, and receive return data of the CAN equipment to be tested; the whole design technical scheme CAN carry out high-level protocol high-efficiency test, and realizes stable verification aiming at the robustness of the protocol of the CAN tested equipment.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.
Claims (7)
1. A testing method of a CAN equipment safety testing system is characterized in that: the CAN equipment safety test system is based on a fuzzy test platform facing industrial control and Internet of things protocols, tests on CAN equipment to be tested are realized, a test engine in the fuzzy test platform is in butt joint with the CAN equipment to be tested through an extended USBCAN interface card, and mutual communication between the test engine and the CAN equipment to be tested based on a CAN communication channel is realized; a preset DeviceNet protocol test script library based on script grammar rules is built in the fuzzy test platform;
identifying the CAN equipment based on the definition of each test script keyword transport in a preset DeviceNet Protocol test script library, combining a test engine with an abnormal database in a fuzzy test platform, applying each preset test script in the preset DeviceNet Protocol test script library and based on different CAN transmission frame format protocols defined by the keyword Protocol, and testing the CAN transmission frame format protocols aiming at the CAN equipment to be tested through an extended USBCAN interface card;
in the test method, an xml test script language keyword transport ═ CAN in the preset DeviceNet protocol test script library is defined; the test method comprises the following steps:
step A, the extended USBCAN interface card starts a CAN channel based on a DeviceNet protocol or a CANopen protocol of which the test script is CAN, so that communication connection between a test engine and CAN equipment to be tested is realized, and then the step B is carried out;
b, the test engine analyzes the variation strategy and generates frame format abnormal data aiming at each preset test script of different CAN transmission frame format protocols in a preset DeviceNet protocol test script library and combining the test scripts of each preset type message in a preset CANopen protocol test script library according to an abnormal database in the fuzzy test platform, and then the step C is carried out;
step C, the test engine calls a corresponding interface to send frame format abnormal data to the CAN tested equipment through the extended USBCAN interface card according to a CAN transmission frame format Protocol defined by a DeviceNet Protocol test script keyword Protocol in the frame format abnormal data, and the step D is carried out;
d, judging whether the test engine fails to send or does not receive return data from the CAN tested equipment, if so, recalling the corresponding interface by the test engine to send frame format abnormal data to the CAN tested equipment through the expanded USBCAN interface card; otherwise, entering the step E;
e, the test engine receives the return data from the CAN tested equipment and judges whether the return data is consistent with the expected return data corresponding to the sent frame format abnormal data or not, and if yes, the CAN tested equipment is judged to have no protocol security loophole; otherwise, judging that the CAN tested device has protocol security holes.
2. The testing method of the CAN device safety testing system according to claim 1, wherein: while the test method is executed in the steps B to E, the following operations are also executed:
and the test engine sends a monitoring script to the CAN tested equipment through the extended USBCAN interface card at a preset frequency, and is used for acquiring the current state of the CAN tested equipment and judging whether the acquired current state is consistent with the expected state, if so, no further judgment is made, and otherwise, the state of the CAN tested equipment is judged to be changed due to the aggressive test.
3. The testing method of the CAN device safety testing system according to claim 1, wherein: each preset type message in the preset CANopen protocol test script library comprises a management message, a Service Data Object (SDO) message, a Process Data Object (PDO) message, a predefined message or a special function object message.
4. The testing method of the CAN device safety testing system according to claim 3, wherein: the management message is used for realizing network management service aiming at a communication network between the test engine and the CAN tested equipment, and comprises an NMT module control message, an NMT node protection message and an NMT Boot-up message.
5. The testing method of the CAN device safety testing system according to claim 3, wherein: the SDO message is used for accessing an object dictionary of the equipment object, namely the object dictionary of the equipment object accessed by the CAN equipment of the visitor or requesting service, the request message and the response message have the same structure, and the SDO message is used for realizing a request/response protocol, and comprises starting domain downloading, domain segmentation downloading, starting domain uploading, domain segmentation uploading and domain transmission suspension.
6. The testing method of the CAN device safety testing system according to claim 3, wherein: the PDO message of the process data object is used for transmitting real-time data, wherein the data content of the PDO message of the process data object is defined by the ID corresponding to the CAN equipment, 2 objects are used for describing the communication parameters of the PDO message of the process data object and the PDO message mapping parameters of the process data object in an object dictionary of the PDO message of the process data object, the content of the PDO message of the process data object is predefined or configured when the network is started, and the mapping relation between the PDO message of the process data object and the application object is described in the object dictionary of the CAN equipment.
7. The testing method of the CAN device safety testing system according to claim 1, wherein: a preset CANopen protocol test script library based on script grammar rules is also built in the fuzzy test platform;
and the test engine applies the test scripts of each preset type message in the preset CANopen protocol test script library according to the abnormal database in the fuzzy test platform and tests the CAN transmission frame format protocol for the CAN tested equipment through the extended USBCAN interface card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911409851.0A CN110912944B (en) | 2019-12-31 | 2019-12-31 | CAN equipment safety test system and test method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911409851.0A CN110912944B (en) | 2019-12-31 | 2019-12-31 | CAN equipment safety test system and test method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110912944A CN110912944A (en) | 2020-03-24 |
| CN110912944B true CN110912944B (en) | 2021-11-23 |
Family
ID=69814127
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911409851.0A Active CN110912944B (en) | 2019-12-31 | 2019-12-31 | CAN equipment safety test system and test method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110912944B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111984320B (en) * | 2020-07-29 | 2024-02-27 | 苏州谷夫道自动化科技有限公司 | PDO data read-write method, device, equipment and storage medium |
| CN112105042A (en) * | 2020-11-02 | 2020-12-18 | 深圳开源互联网安全技术有限公司 | Fuzzy test and signal connection method, system and equipment based on wireless network |
| CN114554537B (en) * | 2022-02-25 | 2024-01-23 | 中国人民解放军国防科技大学 | MAC component consistency test method based on software communication system structure |
| CN115001829B (en) * | 2022-06-07 | 2024-06-07 | 中国软件评测中心(工业和信息化部软件与集成电路促进中心) | Protocol vulnerability discovery method, device, equipment and storage medium |
| CN115550228A (en) * | 2022-08-23 | 2022-12-30 | 深圳开源互联网安全技术有限公司 | Internet of vehicles bus communication network test method and system |
| CN116684185A (en) * | 2023-06-30 | 2023-09-01 | 中汽院新能源科技有限公司 | Automatic road condition data synthesizing method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107193272A (en) * | 2017-06-14 | 2017-09-22 | 中石化石油工程技术服务有限公司 | One kind is with brill measurement and control instrument bus testing system |
| CN110232012A (en) * | 2018-03-06 | 2019-09-13 | 国家计算机网络与信息安全管理中心 | A kind of fuzz testing language protocol test script and testing engine based on xml |
| CN110532162A (en) * | 2019-03-18 | 2019-12-03 | 信联科技(南京)有限公司 | A kind of fuzz testing script and testing engine based on protocol state machine |
-
2019
- 2019-12-31 CN CN201911409851.0A patent/CN110912944B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107193272A (en) * | 2017-06-14 | 2017-09-22 | 中石化石油工程技术服务有限公司 | One kind is with brill measurement and control instrument bus testing system |
| CN110232012A (en) * | 2018-03-06 | 2019-09-13 | 国家计算机网络与信息安全管理中心 | A kind of fuzz testing language protocol test script and testing engine based on xml |
| CN110532162A (en) * | 2019-03-18 | 2019-12-03 | 信联科技(南京)有限公司 | A kind of fuzz testing script and testing engine based on protocol state machine |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110912944A (en) | 2020-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110912944B (en) | CAN equipment safety test system and test method | |
| US7440415B2 (en) | Virtual network addresses | |
| CN109189704B (en) | Universal bus interface adaptation method and device | |
| US20020161883A1 (en) | System and method for collecting, aggregating, and coalescing network discovery data | |
| CN109284140B (en) | Configuration method and related equipment | |
| CN108092854B (en) | Test method and device for train-level Ethernet equipment based on IEC61375 protocol | |
| CN112367233A (en) | Vehicle-mounted network ECU communication method and device based on service-oriented architecture | |
| WO2019246169A1 (en) | Pattern match-based detection in iot security | |
| CN109167762B (en) | IEC104 message checking method and device | |
| CN111490893A (en) | Method, device and system for establishing network forwarding model | |
| CN107566513B (en) | Test equipment DOS environmental data acquisition method and system | |
| CN104468265A (en) | Method and device for detecting online states of local area network terminals | |
| CN112698640B (en) | ECU upgrading test system | |
| JP2018510538A (en) | Network sharing method and apparatus | |
| CN112311627B (en) | Universal power protocol testing method and system based on protocol description file in XML format | |
| CN111131232A (en) | Network access management method and device | |
| CN108089968A (en) | A kind of method of host's machine monitoring virtual-machine data storehouse state | |
| CN116962184A (en) | Method, system, terminal and medium for automatically deploying RoCE cluster | |
| CN106789407A (en) | A kind of method that cloud platform checks virtual machine connection status | |
| CN101098257A (en) | Method and network element for improving error management in managed networks | |
| CN115333872A (en) | Security gateway analysis function verification method and device, terminal device and storage medium | |
| CN115150207A (en) | Industrial network equipment identification method and device, terminal equipment and storage medium | |
| CN111865724B (en) | Information acquisition control implementation method for video monitoring equipment | |
| JP2024521211A (en) | Filtering remote vehicle communications | |
| CN110611678B (en) | Method for identifying message and access network equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |