CN112543195A

CN112543195A - Information security assessment method and device for intelligent networked automobile and electronic equipment

Info

Publication number: CN112543195A
Application number: CN202011396063.5A
Authority: CN
Inventors: 阚志刚; 袁森; 卢佐华; 陈彪
Original assignee: Beijing Bangcle Technology Co ltd
Current assignee: Beijing Bangcle Technology Co ltd
Priority date: 2020-12-03
Filing date: 2020-12-03
Publication date: 2021-03-23
Anticipated expiration: 2040-12-03
Also published as: CN112543195B

Abstract

The invention discloses an information security assessment method for an intelligent networked automobile, which comprises the following steps: determining process behavior information, system state information and network state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system respectively based on the times of abnormal function calling, the times of abnormal resource occupation and the times of abnormal network flow data of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent networked automobile in a preset time period; determining respective information security state information based on respective process behavior information, system state information and network state information; and determining the information safety state information of the intelligent networked vehicle based on the respective information safety state information and the respective preset weight. The invention also discloses an intelligent networked automobile-oriented information security evaluation device, electronic equipment and a computer-readable storage medium.

Description

Information security assessment method and device for intelligent networked automobile and electronic equipment

Technical Field

The invention relates to the technical field of intelligent networked automobiles, in particular to an intelligent networked automobile-oriented information security assessment method and device and electronic equipment.

Background

With the continuous integration of information technology, internet and automobile industry, automobile networking and intellectualization have become a necessary trend for the development of the automobile industry. Meanwhile, the information security problem of the intelligent networked automobile is also increasingly severe, for example, information tampering, virus intrusion and the like are applied to automobile attack by hackers, so that the research of risk assessment on the intelligent networked automobile becomes an important foundation and guarantee for strengthening the information security protection work of the intelligent networked automobile.

However, due to the compatibility problem, technical means such as intrusion detection and firewall on the conventional information system are difficult to deploy in the vehicle-mounted network of the intelligent networked vehicle without modification, that is, the conventional vehicle information security risk assessment method cannot be applied to the intelligent networked vehicle information security risk assessment. On the other hand, the theory and practice instruction documents about the information safety assessment of the intelligent networking vehicle are quite limited, and a detailed intelligent networking vehicle information safety assessment method with practice instruction significance is lacked.

Therefore, how to evaluate the information safety state of an intelligent networked automobile so as to discover the information safety hidden danger of the intelligent networked automobile becomes a technical problem which needs to be solved urgently in the field.

Disclosure of Invention

The embodiment of the invention provides an information security assessment method for an intelligent networked automobile, which is used for solving the problem that information security assessment cannot be carried out on the intelligent networked automobile in the prior art.

The embodiment of the invention also provides an intelligent networked automobile-oriented information security assessment device, electronic equipment and a computer-readable storage medium.

The embodiment of the invention adopts the following technical scheme:

in a first aspect, an embodiment of the present invention provides an information security assessment method for an intelligent networked automobile, including:

determining process behavior information, system state information and network state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system respectively based on the times of abnormal function call of the process system, the times of abnormal resource occupation of a CPU (Central processing Unit), the times of abnormal resource occupation of memory use information and the times of abnormal network flow data in a preset time period of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent networked automobile;

determining respective information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on respective process behavior information, system state information and network state information;

determining information safety state information of the intelligent networked vehicle based on information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system and preset weights of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system;

and presetting weight, and determining according to the loss degree caused by the attack of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system, whether the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be physically contacted and whether user privacy data is involved.

In a second aspect, an embodiment of the present invention provides an information security assessment method for an intelligent networked automobile, including:

determining information safety state information of a specified core component of the intelligent networked automobile;

and determining the information safety state information of the intelligent networked vehicle based on the information safety state information of the specified core component and the preset weight of the specified core component.

In a third aspect, an embodiment of the present invention provides an information security evaluation device for an intelligent networked automobile, including:

the first determining module is used for determining process behavior information, system state information and network state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system respectively based on the times of abnormal function call of the process system, the times of abnormal resource occupation of a CPU (central processing unit), the times of abnormal resource occupation of memory use information and the times of abnormal network flow data in a preset time period of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent networked automobile;

the second determination module is used for determining the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on the respective process behavior information, the system state information and the network state information;

the third determination module is used for determining the information safety state information of the intelligent networked vehicle based on the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system and the preset weight of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system;

In a fourth aspect, an embodiment of the present invention provides an information security evaluation device for an intelligent networked automobile, including a component information determination module and a vehicle information determination module, where:

the component information determining module is used for determining the information safety state information of the specified core component of the intelligent networked automobile;

and the vehicle information determining module is used for determining the information safety state information of the intelligent networked vehicle based on the information safety state information of the specified core components and the preset weight of each core component.

In a fifth aspect, an embodiment of the present invention provides an electronic device, including: the intelligent networked automobile information safety assessment method comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein when the computer program is executed by the processor, the steps of the intelligent networked automobile information safety assessment method are realized.

In a sixth aspect, an embodiment of the present invention provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the information security assessment method for an intelligent networked automobile are implemented as described above.

The embodiment of the invention adopts at least one technical scheme which can achieve the following beneficial effects:

by adopting the method provided by the embodiment of the invention, the process behavior information, the system state information and the network state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are determined based on the times of abnormal function call of the process system, the times of abnormal resource occupation of a CPU (central processing unit), the times of abnormal resource occupation of memory use information and the times of abnormal network flow data of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent internet automobile in a preset time period; then, determining respective information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on respective process behavior information, system state information and network state information; finally, determining the information safety state information of the intelligent networked vehicle based on the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system and the preset weight of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system; the weight is preset, and the determination is carried out according to the loss degree caused by the fact that the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are attacked, whether the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be in physical contact and whether the vehicle-mounted information entertainment system relates to user privacy data, so that the problem that information safety evaluation cannot be carried out on the intelligent networked automobile in the prior art can be solved.

Drawings

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:

fig. 1 is a schematic flow chart illustrating an implementation process of an intelligent networked automobile-oriented information security assessment method according to an embodiment of the present invention;

fig. 2a is a schematic flow chart illustrating an implementation process of an information security assessment method for an intelligent networked automobile according to an embodiment of the present invention;

fig. 2b is a schematic flow chart illustrating an implementation of the method for determining information security status information of a specified core component of an intelligent networked automobile according to an embodiment of the present invention;

fig. 3 is a schematic structural diagram of an information security assessment apparatus for an intelligent networked automobile according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of an information security evaluation device for an intelligent networked automobile according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the specific embodiments of the present invention and the accompanying drawings. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The technical solutions provided by the embodiments of the present invention are described in detail below with reference to the accompanying drawings.

Example 1

In order to solve the problem that information security assessment cannot be performed on an intelligent networked automobile in the prior art, the embodiment of the invention provides an information security assessment method for the intelligent networked automobile.

The execution subject of the method may be various types of computing devices, or may be an Application program or Application (APP) installed on the computing device. The computing device may be, for example, a user terminal such as a mobile phone, a tablet computer, and a smart wearable device, or a server.

For convenience of description, the embodiment of the present invention takes the execution subject of the method as an example, and introduces the method. It can be understood by those skilled in the art that the embodiment of the present invention is described by taking the server as an example, and is only an exemplary illustration, and does not limit the scope of the claims corresponding to the present invention.

Specifically, an implementation flow of the method provided by the embodiment of the present invention is shown in fig. 1, and includes the following steps:

and step 11, determining respective process behavior information, system state information and network state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on the times of abnormal function call of the process system, the times of abnormal resource occupation of a CPU (central processing unit), the times of abnormal resource occupation of memory use information and the times of abnormal network flow data in a preset time period of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent networked vehicle.

An Intelligent networked Vehicle (ICV) refers to a combination of an internet of vehicles and an Intelligent Vehicle, and can carry advanced devices such as a Vehicle-mounted sensor, a controller, an actuator and the like, and integrate modern communication and network technologies, so that Intelligent information exchange and sharing are realized, and a new generation of vehicles which run safely, comfortably, energy-saving and efficiently are realized.

Because the method is greatly different from a common automobile, the traditional information security risk assessment method cannot be completely suitable for intelligent networking automobile information security risk assessment, and based on the method, the embodiment of the invention provides an intelligent networking automobile-oriented information security assessment method.

In the embodiment of the invention, the intelligent networked automobile is a complex information physical fusion system integrating deep embedded network communication, calculation control and physical processes, so that when information safety evaluation is carried out on the intelligent networked automobile, information safety state information of each component for realizing the functions of network communication, calculation control and the like in the intelligent networked automobile can be respectively determined, and then the information safety state of the intelligent networked automobile is determined based on the information safety state information of each component.

Further, in the electronic and electrical architecture of the current intelligent networked automobile, the electrical components for installing and deploying the portable operating system usually include components such as a vehicle-mounted gateway device, a vehicle-mounted intelligent terminal, a vehicle-mounted information entertainment system and the like, so in the embodiment of the present invention, it may be considered to respectively determine information security state information of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system, and then determine information security state information of the intelligent networked automobile based on the information security state information of each component.

The vehicle-mounted gateway equipment is used for realizing communication of an in-vehicle network of the intelligent network connection automobile; the vehicle-mounted intelligent terminal is used for realizing the communication and network transmission functions of the intelligent networked vehicle; the vehicle-mounted information entertainment system is used for realizing functions of user interaction, information entertainment and the like.

In addition, the detection shows that the components such as the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are similar to the framework of the Internet of things equipment, and the information security problems are also similar, so that the information security state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be determined by adopting an information security state evaluation method of the Internet of things equipment. The information safety state evaluation method of the equipment of the Internet of things is used for monitoring and evaluating the information safety state of the equipment of the Internet of things from three aspects of process behaviors, system states, network states and the like.

Monitoring the process behavior, namely analyzing a process binary file to obtain system calling data of the process; and then, determining the times of abnormal function calls occurring in the process systems within a preset time period according to the system call data. An exception function refers to a function other than a process binary import function.

Monitoring the system state, namely acquiring the use information of a CPU and a memory; and then, monitoring the times of abnormal resource occupation of each part in a preset time period based on the acquired CPU and memory use information. Wherein, the abnormal resource occupation of the CPU can mean that the CPU utilization rate exceeds 95 percent; the abnormal resource occupation of the memory can mean that the memory utilization rate exceeds 90%.

Monitoring the network state, namely calculating the network flow data of each component, and then determining the times of network data abnormality of each component in a preset time period according to the calculated network flow data of each component. The abnormal network data refers to the fact that the network flow exceeds a preset network flow threshold within 10 seconds.

In summary, in the embodiment of the present invention, when determining the information security state information of each of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal, and the vehicle-mounted infotainment system, the process behavior information, the system state information, and the network state information of each of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal, and the vehicle-mounted infotainment system may be determined based on the number of times that the abnormal function call occurs to the process system, the number of times that the abnormal resource occupation occurs to the CPU, the number of times that the abnormal resource occupation occurs to the memory usage information, and the number of times that the abnormal network traffic data occurs to the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal, and the vehicle-mounted info.

When the number of times of abnormal function calling of a process system of a vehicle-mounted gateway device, a vehicle-mounted intelligent terminal and a vehicle-mounted information entertainment system of an intelligent networked automobile in a preset time period is determined, for example, respective process binary files of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system CAN be respectively obtained through a CAN (controller area network) communication tool based on configuration data downloading tool software, and then analysis is carried out based on the respective process binary files to obtain system calling data of the process; and finally, determining the times of abnormal function call of each process system in a preset time period according to the system call data and the process binary file import function.

When the times of abnormal resource occupation of a CPU (Central processing Unit) and the times of abnormal resource occupation of memory use information in a preset time period of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent networked automobile are determined, the CPU and memory use data of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in the preset time period CAN be obtained based on an OBD (on-board diagnostics) interface and a CAN (controller area network) communication tool; then, the times that the CPU utilization rate exceeds 95% and the times that the memory utilization rate exceeds 90% in a preset time period are determined based on the CPU and the memory utilization data, and the times are respectively determined as the times that the CPU has abnormal resource occupation and the times that the memory utilization information has abnormal resource occupation.

Similarly, when the number of times that the network flow data of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent networked automobile are abnormal in the preset time period is determined, the network flow data of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in the preset time period CAN be respectively obtained based on the OBD interface and the CAN communication tool, then the number of times that the network flow exceeds the preset network flow threshold value in 10 seconds is respectively determined based on the respective network flow data, and the determined number of times that the network flow exceeds the preset network flow threshold value in 10 seconds is used as the number of times that the network flow data of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in the preset time period are abnormal.

After the number of times of abnormal function call of the process system, the number of times of abnormal resource occupation of a CPU, the number of times of abnormal resource occupation of memory use information and the number of times of abnormal network flow data in the preset time period of each of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are determined through the method, the process behavior information, the system state information and the network state information of each of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be determined based on the information.

In the embodiment of the present invention, the process behavior information, the system state information, and the network state information may include scores obtained by evaluating information security states of process behaviors, system states, and network states of each component.

In the embodiment of the present invention, taking the example that the process behavior information, the system state information, and the network state information respectively include scores obtained by evaluating the process behaviors, the system states, and the information security states of the network states of the components, the process behavior information, the system state information, and the network state information of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal, and the vehicle-mounted infotainment system may be determined in the following manner:

the process behavior score is 100-10 times of abnormal function call of the process system in a preset time period;

the system state score is 100-10 (the number of times that the CPU occupies the abnormal resource within the preset time period + the number of times that the memory usage information occupies the abnormal resource within the preset time period);

and the network state score is 100-10 times of the network traffic data abnormal in the preset time period.

For example, taking the component as the vehicle-mounted intelligent terminal, taking the preset time period as 60 seconds as an example, assuming that the number of times that the vehicle-mounted intelligent terminal has abnormal function calls in 60 seconds, the number of times that abnormal resource occupation occurs, and the number of times that network traffic data is abnormal are respectively 3 times, 2 times, and 1 time, the process behavior score of the vehicle-mounted intelligent terminal is 70(100-10 × 3), the system state score is 80(100-10 × 2), and the network state score is 90(100-10 × 1).

And step 12, determining respective information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on the respective process behavior information, the system state information and the network state information.

After the process behavior information, the system state information and the network state information of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are obtained through the step 11, the information security state information of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be determined by adopting a weighted summation mode based on preset weights respectively corresponding to the information, the process behavior information, the system state information and the network state information.

In the embodiment of the present invention, according to the ranking information of the monitoring importance degree of the process behavior information, the system state information, and the network state information in the related vulnerability rating information, the weights of the process behavior information, the system state information, and the network state information may be set to 0.5, 0.3, and 0.2, respectively.

The information security state information of the vehicle-mounted gateway equipment is used for representing the information security state of the vehicle-mounted gateway equipment, and may include a score obtained by monitoring the vehicle-mounted network management equipment. The information security status information of the vehicle-mounted intelligent terminal and the vehicle-mounted infotainment system is similar to the information security status information, and is not described again here.

Therefore, assuming that the information security status information is taken as a score, the information security status score of the vehicle-mounted gateway device is 0.5 × the process behavior score of the vehicle-mounted gateway device +0.3 × the system status score of the vehicle-mounted gateway device +0.2 × the network status score of the vehicle-mounted gateway device.

In the same way, the score of the vehicle-mounted intelligent terminal is 0.5 times the process behavior score of the vehicle-mounted intelligent terminal +0.3 times the system state score of the vehicle-mounted intelligent terminal +0.2 times the network state score of the vehicle-mounted intelligent terminal.

The vehicle infotainment system score is 0.5 the vehicle infotainment system's progress behavior score +0.3 the vehicle infotainment system's system status score +0.2 the vehicle infotainment system's network status score.

And step 13, determining the information safety state information of the intelligent networked vehicle based on the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system and the preset weight of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system.

The information safety state information of the intelligent networked vehicle is used for representing the information safety state of the intelligent networked vehicle, and can comprise a score obtained by information safety evaluation on the intelligent networked vehicle.

The preset weight can be determined according to the loss degree caused by the fact that the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are attacked respectively, whether the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be in physical contact or not and whether user privacy data are involved or not.

In the embodiment of the invention, according to the loss degree caused by the attack of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted infotainment system, namely the influence caused by the attack of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted infotainment system, the importance degree of each component is as follows: vehicle-mounted gateway equipment, vehicle-mounted intelligent terminal and vehicle-mounted infotainment system, therefore, the weight distributed to the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted infotainment system can be set as follows: 0.5, 0.4, 0.1.

However, considering that in practical application, components such as the vehicle-mounted gateway device and the vehicle-mounted intelligent terminal are difficult to be physically contacted by the user, and the vehicle-mounted infotainment system can be physically contacted by the user and relates to the user privacy data, the weight of the vehicle-mounted gateway device and the vehicle-mounted intelligent terminal can be properly reduced, and the weight of the vehicle-mounted infotainment system can be properly increased.

For example, in the embodiment of the present invention, the final weights of the vehicle-mounted gateway-type device, the vehicle-mounted intelligent terminal, and the vehicle-mounted infotainment system may be set to 0.4, 0.3, and 0.3, respectively, according to the degree of loss caused by the vehicle-mounted gateway-type device, the vehicle-mounted intelligent terminal, and the vehicle-mounted infotainment system being attacked, whether the vehicle-mounted gateway-type device, the vehicle-mounted intelligent terminal, and the vehicle-mounted infotainment system are physically contacted.

Along the above example, assuming that the weights of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted infotainment system are respectively set to 0.4, 0.3 and 0.3, and the information security state information of the intelligent networked vehicle includes a score obtained by performing information security assessment on the intelligent networked vehicle, the information security state information of the intelligent networked vehicle can be calculated according to the following modes:

and the information safety state information of the intelligent networked vehicle is 0.4+ the score of the vehicle-mounted gateway equipment +0.3 + the score of the vehicle-mounted intelligent terminal +0.3 + the score of the vehicle-mounted information entertainment system.

For example, assuming that the vehicle-mounted gateway device score is 90, the vehicle-mounted smart terminal score is 82, and the vehicle-mounted infotainment system score is 85, the score of the smart networked vehicle is 86.1 (90 × 0.4+85 × 0.3+82 × 0.3).

Example 2

In order to solve the problem that information security assessment cannot be performed on an intelligent networked automobile in the prior art, the embodiment of the invention provides an information security assessment method for the intelligent networked automobile. As shown in fig. 2a, the method comprises the following steps:

and step 21, determining information safety state information of the specified core component of the intelligent networked automobile.

An Intelligent networked Vehicle (ICV) refers to a combination of an internet of vehicles and an Intelligent Vehicle, and can carry advanced devices such as a Vehicle-mounted sensor, a controller, an actuator and the like, and integrate modern communication and network technologies, so that Intelligent information exchange and sharing are realized, and a new generation of safe, comfortable, energy-saving and efficient Vehicle is realized.

In view of the fact that the intelligent networked automobile is a complex information physical fusion system integrating deep embedded network communication, calculation control and physical processes, in the embodiment of the invention, when information safety assessment is carried out on the intelligent networked automobile, information safety state information of each component for realizing the functions of network communication, calculation control and the like in the intelligent networked automobile can be determined, and then the information safety state of the intelligent networked automobile is determined based on the information safety state information of each component.

Further, in the electronic and electrical architecture of the current intelligent networked automobile, the electrical components for installing and deploying the portable operating system mainly include core components such as a vehicle-mounted gateway device, a vehicle-mounted intelligent terminal, a vehicle-mounted information and entertainment system, and therefore, in the embodiment of the present invention, the specified core components may include at least two of the following components: vehicle-mounted gateway equipment; a vehicle-mounted intelligent terminal; vehicle-mounted infotainment system.

In the embodiment of the invention, the specified core components such as the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are found to be similar to the structure of the existing Internet of things equipment through detection, and the generated information safety problems are also similar, so that the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be determined by adopting an information safety state evaluation method of the Internet of things equipment. The information safety state evaluation method of the equipment of the Internet of things is used for monitoring and evaluating the information safety state of the equipment of the Internet of things from three aspects of process behaviors, system states, network states and the like.

As shown in fig. 2b, when determining the information security status information of the specified core component of the intelligent networked automobile, the following steps 211 to 212 may be specifically adopted:

and step 211, monitoring indexes related to the state attribute of whether the representation of the specified core component has the information security vulnerability.

The state attribute for representing whether the information security vulnerability exists comprises at least one of the following:

a process behavior; a system state; the network status.

For example, assuming that the specified core component includes a vehicle-mounted gateway device, a vehicle-mounted intelligent terminal, and a vehicle-mounted infotainment system, and the state attribute representing whether the information security vulnerability exists includes a process behavior, a system state, and a network state, the monitoring of the index related to the state attribute representing whether the information security vulnerability exists of the specified core component may be performed, and may be understood as performing monitoring on the process behavior, the system state, and the network state of each of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal, and the vehicle-mounted infotainment system.

When the respective process behaviors of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are monitored, the respective process behaviors can be monitored by monitoring the abnormal calling times of the respective process systems of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in a preset time period.

The abnormal calling times refer to the times of abnormal function calling of each process system in a preset time period, and the abnormal functions refer to functions except the process binary file import function.

When the abnormal calling times of the respective process systems of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in the preset time period are monitored, for example, the respective process binary files of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system CAN be respectively obtained through a CAN communication tool based on configuration data downloading tool software, and then are respectively analyzed based on the respective process binary files to obtain the system calling data of the respective processes; and finally, determining the times of abnormal function call of each process system in a preset time period according to respective system call data and respective process binary file import functions.

By analogy, when the respective system states of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are monitored, the system state monitoring can be realized by monitoring the respective abnormal resource occupation times of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in a preset time period.

The abnormal resource occupation times comprise the sum of times of abnormal resource occupation of the CPU and the memory use information in a preset time period; in the embodiment of the invention, the abnormal resource occupation of the CPU can mean that the CPU utilization rate exceeds 95%; the abnormal resource occupation of the memory can refer to the condition that the memory utilization rate exceeds 90%.

In the embodiment of the invention, when the abnormal resource occupation times of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in the preset time period are monitored, the CPU and the memory use information of the appointed core component in the preset time period can be predetermined; then, based on the CPU and the memory use information, the number of times of occupation of abnormal resources is determined.

For example, the respective CPU and memory usage data of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted infotainment system within a preset time period may be determined based on the OBD interface and the CAN communication tool; then, the times that the CPU utilization rate exceeds 95% and the times that the memory utilization rate exceeds 90% in a preset time period are determined based on the CPU and the memory utilization data, and the sum of the times is used as the times that abnormal resources are occupied.

When the network states of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are monitored, the network state monitoring can be realized by monitoring the abnormal network flow times of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in a preset time period.

The abnormal network flow times comprise the times that the network flow exceeds a preset network flow threshold value within 10 seconds.

In the embodiment of the invention, when the abnormal network flow times of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system in the preset time period are monitored, the CPU and the memory use information of the appointed core component in the preset time period can be predetermined; and then determining the number of times of occupation of abnormal resources based on the CPU and the memory use information.

For example, network flow data of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system within a preset time period CAN be respectively acquired based on the OBD interface and the CAN communication tool, then the number of times that the network flow exceeds a preset network flow threshold value within 10 seconds is respectively determined based on the respective network flow data, and the determined number of times that the network flow exceeds the preset network flow threshold value within 10 seconds is used as the number of times that the network flow data of the vehicle-mounted gateway device, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system is abnormal within the preset time period.

And step 212, determining information safety state information of the specified core component according to the monitoring result.

The information security status information of the specified core component, which is used for characterizing the information security status of the specified core component, may include a score obtained by performing information security evaluation on the specified core component.

In the embodiment of the present invention, after the number of abnormal calls, the number of times of abnormal resource occupation, and the number of times of abnormal network traffic of the process system of each specified core component are determined in step 211, the process behavior, the system state, and the score corresponding to the network state of each specified core component may be calculated based on the number of abnormal calls, the number of times of abnormal resource occupation, and the number of times of abnormal network traffic of each specified core component; and carrying out weighted summation based on the calculated scores of the appointed core components and preset weights respectively corresponding to the process behaviors, the system states and the network states to obtain the information safety state information of the appointed core components.

The process behavior score is 100-10 times of abnormal calling times of the process system in a preset time period;

and the network state score is 100-10 times of abnormal network flow in a preset time period.

In addition, according to the ranking information of the monitoring importance degree of the process behavior information, the system state information and the network state information in the related vulnerability rating information, the weights of the process behavior information, the system state information and the network state information can be respectively set to be 0.5, 0.3 and 0.2.

Therefore, assuming that the information security information includes a score obtained by performing information security evaluation on the specified core component, the information security score of the specified core component is 0.5 × process behavior score +0.3 × system status score +0.2 × network status score.

For example, taking a preset time period of 60 seconds as an example, it is assumed that the number of abnormal calls, the number of abnormal resource occupancies, and the number of abnormal network traffic of the in-vehicle infotainment system are 1, 2, and 1, respectively, within the preset time period; the abnormal calling times, the abnormal resource occupation times and the abnormal network flow times of the vehicle-mounted intelligent terminal are respectively 3 times, 1 time and 0 time; the abnormal calling times, the abnormal resource occupation times and the abnormal network traffic times of the vehicle-mounted gateway equipment are respectively 1 time, 1 time and 1 time, and the process behavior score, the system state score, the network state score and the information security score of each specified core component are respectively as follows:

the process behavior score of the vehicle-mounted infotainment system is 100-10 x 1-90 points;

the system state score of the vehicle-mounted infotainment system is 100-10 x 2-80;

the network state score of the vehicle-mounted infotainment system is 100-10 x 2-80;

the safe score of the infotainment system is 0.5 × 90+0.3 × 80+0.2 × 80 × 86.

The progress behavior score of the vehicle-mounted intelligent terminal is 100-10 x 3-70;

the system state score of the vehicle-mounted intelligent terminal is 100-10 x 1-90;

the network state score of the vehicle-mounted intelligent terminal is 100-10 x 0-100;

the safe information score of the vehicle-mounted intelligent terminal is 0.5 × 70+0.3 × 90+0.2 × 100 × 82.

The process behavior score of the vehicle-mounted gateway equipment is 100-10 x 1-90;

the system state score of the vehicle-mounted gateway equipment is 100-10 x 1-90;

the network state score of the vehicle-mounted gateway equipment is 100-10 x 1-90;

and the information safety score of the vehicle-mounted gateway equipment is 0.5-90 + 0.3-90 + 0.2-90.

In an alternative embodiment, considering that when the specified core component of the intelligent networked automobile comprises the vehicle-mounted gateway type device, and a situation that the vehicle-mounted gateway type device comprises at least two vehicle-mounted gateways may also occur, the following method may be adopted to determine the information security status information of the specified core component of the intelligent networked automobile at this time:

firstly, determining the score of each vehicle-mounted gateway based on the information safety state information of each vehicle-mounted gateway of the intelligent networked automobile.

In the embodiment of the invention, when the information safety state information of each vehicle-mounted gateway is determined, the method same as that of vehicle-mounted network management equipment can be adopted, namely the abnormal calling times, the abnormal resource occupation times and the abnormal network flow times of the process system of each vehicle-mounted gateway in a preset time period are respectively determined, and then the process behavior score, the system state score and the network state score of each vehicle-mounted gateway are respectively determined based on the abnormal calling times, the abnormal resource occupation times and the abnormal network flow times of the process system of each vehicle-mounted gateway in the preset time period; and finally, performing weighted summation according to the calculated scores of the vehicle-mounted gateways and preset weights corresponding to the process behaviors, the system states and the network states respectively to obtain information safety state scores of the vehicle-mounted gateways, wherein the detailed contents refer to the related contents in the step 212 and are not described herein again.

And secondly, sorting the scores of the at least two vehicle-mounted gateways in an ascending order by adopting a sort mode to obtain a target array containing the scores of the at least two vehicle-mounted gateways.

For example, assuming that an intelligent vehicle includes n vehicle gateways, and the scores of the vehicle gateways are x1, x2, x3, …, and xn, where x1< x2< x3< … < xn, the scores of the n vehicle gateways are sorted in ascending order by sort, and then a target array sortdata ═ { x1, x2, x3, …, xn } can be obtained.

Thirdly, the following operation is executed circularly until N +1 is equal to N, and the operation is terminated circularly, and the N +1 th weighted summation result is determined as the information safety state information of the vehicle-mounted gateway equipment:

according to the sequence from small to large of the serial numbers of the scores in the target array, sequentially obtaining the score with the serial number n and the score with the serial number n +1 from the target array for weighted summation to obtain an nth weighted summation result; wherein N represents the serial number of the nth score in the target array, the numeric area of N is [1, 2, … N ], and N represents the serial number of the last score in the target array;

and carrying out weighted summation based on the nth weighted summation result and the score with the sequence number of n +2 in the target array to obtain the (n + 1) th weighted summation result.

It should be noted that, because it is considered that the vehicle-mounted gateway with a lower information safety score is more prone to malfunction and belongs to a content that needs to be focused on, in the embodiment of the present invention, when performing weighted summation, a weight value of a first addend may be set to be relatively higher than a weight value of a second addend, for example, the weight value of the first addend is 0.7, and the weight value of the first addend is 0.3, so that an influence of the vehicle-mounted gateway with a lower score in the process of determining the information safety status information of the vehicle-mounted gateway device may be increased.

For example, assuming that the vehicle-mounted gateway device includes 3 vehicle-mounted gateways, and the information security scores of the vehicle-mounted gateways are 90, 68, and 95, respectively, and after sort in an ascending manner, the obtained target array sortdata is {68, 90, 95}, then the score 68 with a sequence number of 1 and the score 90 with a sequence number of 2 may be sequentially obtained from the target array according to the sequence of the sequence numbers of the scores in the target array from small to large, and weighted summation is performed, so as to obtain a 1 st weighted summation result (0.7 × 68+0.3 × 90), which is described as rst1 for convenience.

Then, weighted summation is carried out on the 1 st weighted summation result rst1 and the score 95 with the sequence number of 3 in the target array, and a 2 nd weighted summation result rst2 is obtained. Along the above example, rst2 ═ 0.7 × (68 +0.3 × (90) +0.3 ═ 95 ═ 80.72.

At this time, since the score with the sequence number of 3 is the last score in the target array, that is, "N +1 ═ N" is satisfied, the obtained 2 nd weighted summation result rst2 may be determined as the information security status information of the vehicle-mounted gateway device.

And step 22, determining the information safety state information of the intelligent networked vehicle based on the information safety state information of the specified core component and the preset weight of the specified core component.

Wherein the preset weight of the specified core component can be determined based on at least one of the following status attributes:

specifying the loss degree caused by the attack of the core component;

specifying whether the core component can be physically contacted;

specifying whether the core component is related to user privacy data.

In the embodiment of the invention, according to the loss degree caused by the attack of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system, namely the influence caused by the attack of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system, the importance degree of each specified core component can be determined as follows: vehicle-mounted gateway equipment, vehicle-mounted intelligent terminal and vehicle-mounted infotainment system, therefore, the weight distributed to the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted infotainment system can be set as follows: 0.5, 0.4, 0.1.

and the information safety state score of the intelligent networked vehicle is 0.4, the score of the vehicle-mounted gateway equipment +0.3, the score of the vehicle-mounted intelligent terminal +0.3, and the score of the vehicle-mounted information entertainment system.

For example, following the above example, assuming that the information security score of the in-vehicle infotainment system, the information security score of the in-vehicle intelligent terminal, and the information security score of the in-vehicle gateway device are 86 points, 82 points, and 90 points, respectively, the information security status score of the intelligent networked vehicle is 0.4 × 90+0.3 × 85+0.3 × 82 is 86.1 points.

By adopting the method provided by the embodiment of the invention, the information safety state information of the appointed core component of the intelligent networked automobile is determined; then, based on the information safety state information of the specified core component and the preset weight of the specified core component, the information safety state information of the intelligent networked vehicle can be determined, and therefore the problem that information safety evaluation cannot be carried out on the intelligent networked vehicle in the prior art can be solved.

Example 3

In order to solve the problem that information security assessment cannot be performed on an intelligent networked automobile in the prior art, an embodiment of the present invention provides an information security assessment apparatus for an intelligent networked automobile, and a specific structural schematic diagram of the apparatus is shown in fig. 3, and the apparatus includes a first determining module 31, a second determining module 32, and a third determining module. The functions of the modules are as follows:

By adopting the device provided by the embodiment of the invention, the process behavior information, the system state information and the network state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are determined by the first determining module based on the times of abnormal function call of the process system, the times of abnormal resource occupation of a CPU (Central processing Unit), the times of abnormal resource occupation of memory use information and the times of abnormal network flow data in a preset time period of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent internet automobile; then, determining respective information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system through a second determination module based on respective process behavior information, system state information and network state information; finally, the information safety state information of the intelligent networked vehicle is determined through a third determination module based on the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system and the preset weight of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system; the weight is preset, and the determination is carried out according to the loss degree caused by the fact that the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are attacked, whether the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be in physical contact and whether the vehicle-mounted information entertainment system relates to user privacy data, so that the problem that information safety evaluation cannot be carried out on the intelligent networked automobile in the prior art can be solved.

Example 4

Based on the same inventive concept as that of the embodiment 2, the embodiment of the present invention further provides a device for implementing the method, so as to solve the problem that information security evaluation cannot be performed on an intelligent networked automobile in the prior art.

The following describes in detail the apparatus provided by the embodiments of the present invention.

Referring to fig. 4, a schematic structural diagram of an information security evaluation apparatus for an intelligent networked automobile according to an embodiment of the present application includes a component information determination module 41 and a vehicle information determination module 42. Wherein:

the component information determining module 41 is used for determining information safety state information of a specified core component of the intelligent networked automobile;

and the vehicle information determination module 42 is used for determining the information safety state information of the intelligent networked vehicle based on the information safety state information of the specified core components and the preset weight of each core component.

Optionally, the specified core components include at least two of:

vehicle-mounted gateway equipment; a vehicle-mounted intelligent terminal; vehicle-mounted infotainment system.

Optionally, if the specified core component includes a vehicle-mounted gateway device, and the vehicle-mounted gateway device includes at least two vehicle-mounted gateways, the component information determining module includes:

the score determining unit is used for determining the score of each vehicle-mounted gateway based on the information safety state information of each vehicle-mounted gateway of the intelligent networked automobile;

the ascending sorting unit is used for carrying out ascending sorting on the scores of the at least two vehicle-mounted gateways in a sort mode to obtain a target array containing the scores of the at least two vehicle-mounted gateways;

and the loop execution unit is used for executing the following operation in a loop manner until N +1 is equal to N, and ending the loop execution until the N + 1-th weighted sum result is determined as the information safety state information of the vehicle-mounted gateway equipment:

Optionally, the preset weight of the core component is specified, and the preset weight is determined based on at least one of the following state attributes:

specifying the loss degree caused by the attack of the core component;

specifying whether the core component can be physically contacted;

specifying whether the core component is related to user privacy data.

Optionally, the component information determining module includes:

the monitoring unit is used for monitoring indexes related to state attributes of whether the representation of the specified core component has the information security vulnerability;

and the determining unit is used for determining the information safety state information of the specified core component according to the monitoring result.

Optionally, the state attribute representing whether the information security vulnerability exists includes at least one of the following:

a process behavior; a system state; the network status.

Optionally, the state attribute representing whether the information security vulnerability exists includes a process behavior; then the process of the first step is carried out,

a monitoring unit comprising:

and the call frequency monitoring subunit is used for monitoring the abnormal call frequency of the process system of the specified core component in the preset time period.

Optionally, the call number monitoring subunit is configured to:

acquiring calling data of a process system of the specified core component based on the process binary file of the specified core component;

and monitoring the times of abnormal function calls of the process system of the specified core component based on the call data.

Optionally, the state attribute that may have the information security vulnerability includes a system state, then,

a monitoring unit comprising:

and the occupation frequency monitoring subunit is used for monitoring the abnormal resource occupation frequency of the specified core component in the preset time period.

Optionally, the occupancy number monitoring subunit is configured to:

determining CPU and memory use information of a designated core component in a preset time period;

and determining the times of occupation of abnormal resources based on the CPU and the memory use information.

Optionally, the state attribute that may have the information security breach includes a network state, then,

a monitoring unit comprising:

and the flow frequency monitoring subunit is used for monitoring the abnormal network flow frequency of the specified core component in the preset time period.

Optionally, the flow number monitoring subunit is configured to:

determining network flow data of a designated core component in a preset time period;

the number of times of abnormal network traffic is determined based on the network traffic data.

By adopting the device provided by the embodiment of the invention, the information safety state information of the appointed core component of the intelligent networked automobile is determined; then, based on the information safety state information of the specified core component and the preset weight of the specified core component, the information safety state information of the intelligent networked vehicle can be determined, and therefore the problem that information safety evaluation cannot be carried out on the intelligent networked vehicle in the prior art can be solved.

Example 5

Fig. 5 is a schematic diagram of a hardware structure of an electronic device for implementing various embodiments of the present invention, where the electronic device 300 includes but is not limited to: a radio frequency unit 501, a network module 502, an audio output unit 503, an input unit 504, a sensor 505, a display unit 506, a user input unit 507, an interface unit 508, a memory 509, a processor 510, and a power supply 511. Those skilled in the art will appreciate that the electronic device configuration shown in fig. 5 does not constitute a limitation of the electronic device, and that the electronic device may include more or fewer components than shown, or some components may be combined, or a different arrangement of components. In the embodiment of the present invention, the electronic device includes, but is not limited to, a mobile phone, a tablet computer, a notebook computer, a palm computer, a vehicle-mounted terminal, a wearable device, a pedometer, and the like.

The processor 510 is configured to determine process behavior information, system state information, and network state information of each of a vehicle-mounted gateway device, a vehicle-mounted intelligent terminal, and a vehicle-mounted information entertainment system of an intelligent networked automobile based on the number of times that an abnormal function call occurs to a process system, the number of times that an abnormal resource occupation occurs to a CPU, the number of times that an abnormal resource occupation occurs to memory usage information, and the number of times that network traffic data is abnormal in a preset time period; determining respective information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on respective process behavior information, system state information and network state information; determining information safety state information of the intelligent networked vehicle based on information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system and preset weights of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system; and presetting weight, and determining according to the loss degree caused by the attack of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system, whether the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be physically contacted and whether user privacy data is involved.

A memory 509 for storing a computer program operable on the processor 510, the computer program, when executed by the processor 510, implementing the above-described functionality implemented by the processor 510.

It should be understood that, in the embodiment of the present invention, the radio frequency unit 501 may be used for receiving and sending signals during a message sending and receiving process or a call process, and specifically, receives downlink data from a base station and then processes the received downlink data to the processor 510; in addition, the uplink data is transmitted to the base station. In general, radio frequency unit 501 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like. In addition, the radio frequency unit 501 can also communicate with a network and other devices through a wireless communication system.

The electronic device provides wireless broadband internet access to the user via the network module 502, such as assisting the user in sending and receiving e-mails, browsing web pages, and accessing streaming media.

The audio output unit 503 may convert audio data received by the radio frequency unit 501 or the network module 502 or stored in the memory 509 into an audio signal and output as sound. Also, the audio output unit 503 may also provide audio output related to a specific function performed by the electronic apparatus 500 (e.g., a call signal reception sound, a message reception sound, etc.). The audio output unit 503 includes a speaker, a buzzer, a receiver, and the like.

The input unit 504 is used to receive an audio or video signal. The input Unit 504 may include a Graphics Processing Unit (GPU) 5041 and a microphone 5042, and the Graphics processor 5041 processes image data of a still picture or video obtained by an image capturing device (e.g., a camera) in a video capturing mode or an image capturing mode. The processed image frames may be displayed on the display unit 406. The image frames processed by the graphic processor 5041 may be stored in the memory 509 (or other storage medium) or transmitted via the radio frequency unit 501 or the network module 502. The microphone 5042 may receive sounds and may be capable of processing such sounds into audio data. The processed audio data may be converted into a format output transmittable to a mobile communication base station via the radio frequency unit 501 in case of the phone call mode.

The electronic device 500 also includes at least one sensor 505, such as light sensors, motion sensors, and other sensors. Specifically, the light sensor includes an ambient light sensor that can adjust the brightness of the display panel 5061 according to the brightness of ambient light, and a proximity sensor that can turn off the display panel 5061 and/or a backlight when the electronic device 500 is moved to the ear. As one type of motion sensor, an accelerometer sensor can detect the magnitude of acceleration in each direction (generally three axes), detect the magnitude and direction of gravity when stationary, and can be used to identify the posture of an electronic device (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), and vibration identification related functions (such as pedometer, tapping); the sensors 505 may also include fingerprint sensors, pressure sensors, iris sensors, molecular sensors, gyroscopes, barometers, hygrometers, thermometers, infrared sensors, etc., which are not described in detail herein.

The display unit 506 is used to display information input by the user or information provided to the user. The Display unit 506 may include a Display panel 5061, and the Display panel 5061 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like.

The user input unit 507 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic device. Specifically, the user input unit 507 includes a touch panel 5071 and other input devices 5072. Touch panel 5071, also referred to as a touch screen, may collect touch operations by a user on or near it (e.g., operations by a user on or near touch panel 5071 using a finger, stylus, or any suitable object or attachment). The touch panel 5071 may include two parts of a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 510, and receives and executes commands sent by the processor 510. In addition, the touch panel 5071 may be implemented in various types such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. In addition to the touch panel 5071, the user input unit 507 may include other input devices 5072. In particular, other input devices 5072 may include, but are not limited to, a physical keyboard, function keys (e.g., volume control keys, switch keys, etc.), a trackball, a mouse, and a joystick, which are not described in detail herein.

Further, the touch panel 5071 may be overlaid on the display panel 5061, and when the touch panel 5071 detects a touch operation thereon or nearby, the touch operation is transmitted to the processor 510 to determine the type of the touch event, and then the processor 510 provides a corresponding visual output on the display panel 5061 according to the type of the touch event. Although in fig. 5, the touch panel 5071 and the display panel 5061 are two independent components to implement the input and output functions of the electronic device, in some embodiments, the touch panel 5071 and the display panel 5061 may be integrated to implement the input and output functions of the electronic device, and is not limited herein.

The interface unit 508 is an interface for connecting an external device to the electronic apparatus 500. For example, the external device may include a wired or wireless headset port, an external power supply (or battery charger) port, a wired or wireless data port, a memory card port, a port for connecting a device having an identification module, an audio input/output (I/O) port, a video I/O port, an earphone port, and the like. The interface unit 508 may be used to receive input (e.g., data information, power, etc.) from external devices and transmit the received input to one or more elements within the electronic apparatus 500 or may be used to transmit data between the electronic apparatus 500 and external devices.

The memory 509 may be used to store software programs as well as various data. The memory 509 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 509 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device.

The processor 510 is a control center of the electronic device, connects various parts of the whole electronic device by using various interfaces and lines, performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 509 and calling data stored in the memory 509, thereby performing overall monitoring of the electronic device. Processor 510 may include one or more processing units; preferably, the processor 510 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into processor 510.

The electronic device 500 may further include a power supply 511 (e.g., a battery) for supplying power to various components, and preferably, the power supply 511 may be logically connected to the processor 510 via a power management system, so as to implement functions of managing charging, discharging, and power consumption via the power management system.

In addition, the electronic device 500 includes some functional modules that are not shown, and are not described in detail herein.

Preferably, an embodiment of the present invention further provides an electronic device, which includes a processor 510, a memory 509, and a computer program that is stored in the memory 509 and can be run on the processor 510, and when the computer program is executed by the processor 510, the processes of the information security method embodiment for an intelligent internet-enabled vehicle are implemented, and the same technical effect can be achieved, and in order to avoid repetition, details are not described here again.

The embodiment of the invention also provides a computer-readable storage medium, wherein a computer program is stored on the computer-readable storage medium, and when being executed by a processor, the computer program realizes each process of the information security method embodiment for the intelligent networked automobile, can achieve the same technical effect, and is not repeated here to avoid repetition. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The above description is only an example of the present invention, and is not intended to limit the present invention. Various modifications and alterations to this invention will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the scope of the claims of the present invention.

Claims

1. An information security assessment method for intelligent networked automobiles is characterized by comprising the following steps:

determining process behavior information, system state information and network state information of a vehicle-mounted gateway device, a vehicle-mounted intelligent terminal and a vehicle-mounted information entertainment system of an intelligent networked automobile based on the times of abnormal function call of the process system, the times of abnormal resource occupation of a CPU (Central processing Unit), the times of abnormal resource occupation of memory use information and the times of abnormal network flow data in a preset time period;

determining respective information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on the respective process behavior information, the system state information and the network state information;

and the preset weight is determined according to the loss degree caused by the fact that the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system are attacked, whether the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system can be in physical contact and whether user privacy data are involved.

2. An information security assessment method for intelligent networked automobiles is characterized by comprising the following steps:

3. The method of claim 2, wherein the specified core components include at least two of:

4. The method of claim 3, wherein the specified core component comprises a vehicular gateway class device and the vehicular gateway class device comprises at least two vehicular gateways,

the method for determining the information safety state information of the specified core component of the intelligent networked automobile comprises the following steps:

determining the score of each vehicle-mounted gateway based on the information safety state information of each vehicle-mounted gateway of the intelligent networked automobile;

sorting the scores of the at least two vehicle-mounted gateways in an ascending order by adopting a sort method to obtain a target array containing the scores of the at least two vehicle-mounted gateways;

and circularly executing the following operation until N +1 is equal to N, and determining the N +1 th weighted sum result as the information safety state information of the vehicle-mounted gateway equipment:

according to the sequence of the serial numbers of the scores in the target array from small to large, sequentially obtaining the score with the serial number n and the score with the serial number n +1 from the target array for weighted summation to obtain an nth weighted summation result; wherein N represents the serial number of the nth score in the target array, the numeric range of N is [1, 2, … N ], and N represents the serial number of the last score in the target array;

5. The method of claim 2, wherein the predetermined weight for the specified core component is determined based on at least one of the following state attributes:

the loss degree caused by the attack of the specified core component;

whether the specified core component can be physically contacted;

whether the specified core component relates to user privacy data.

6. The method of any one of claims 2 to 5, wherein determining information security status information of a specified core component of the intelligent networked automobile comprises:

monitoring indexes related to state attributes representing whether the information security vulnerabilities exist in the specified core components;

and determining the information safety state information of the specified core component according to the monitoring result.

7. The method of claim 6, wherein the state attribute characterizing whether the information security vulnerability exists comprises at least one of:

a process behavior; a system state; the network status.

8. The method of claim 7, wherein the state attribute characterizing whether an information security vulnerability exists comprises the process behavior; then the process of the first step is carried out,

the monitoring whether the representation of the specified core component has indexes related to the state attribute of the information security vulnerability includes:

and monitoring the abnormal calling times of the process system of the specified core component in a preset time period.

9. The method of claim 8, wherein the monitoring the number of abnormal calls of the process system of the specified core component within a preset time period comprises:

10. The method of claim 7, wherein the state attribute of the potential information security vulnerability includes the system state, then,

the monitoring of the relevant indexes of the state attribute of whether the representation of the specified core component has the information security vulnerability includes:

and monitoring the number of times of abnormal resource occupation of the specified core component in a preset time period.

11. The method of claim 10, wherein the monitoring the number of abnormal resource occupancies for the specified core component within a predetermined time period comprises:

determining the CPU and memory use information of the specified core component in the preset time period;

12. The method of claim 7, wherein the state attribute for which there is a potential information security breach comprises the network state, then,

and monitoring the abnormal network flow times of the specified core component within a preset time period.

13. The method of claim 12, wherein the monitoring the number of abnormal network traffic for the specified core component comprises:

determining network traffic data of the specified core component within a preset time period;

determining a number of times of abnormal network traffic based on the network traffic data.

14. An information security assessment device for intelligent networked automobiles is characterized by comprising:

the first determining module is used for determining process behavior information, system state information and network state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on the times of abnormal function call of the process system, the times of abnormal resource occupation of a CPU (central processing unit), the times of abnormal resource occupation of memory use information and the times of abnormal network flow data in a preset time period of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system of the intelligent networked automobile;

the second determining module is used for determining the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system based on the respective process behavior information, the system state information and the network state information;

the third determination module is used for determining the information safety state information of the intelligent internet vehicle based on the information safety state information of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system and the preset weight of the vehicle-mounted gateway equipment, the vehicle-mounted intelligent terminal and the vehicle-mounted information entertainment system;

15. The utility model provides an information security evaluation device towards intelligent networking car which characterized in that, includes subassembly information determination module and vehicle information determination module, wherein:

16. An electronic device, comprising: a memory, a processor and a computer program stored on the memory and operable on the processor, wherein the computer program when executed by the processor implements the steps of the intelligent networked automobile-oriented information security assessment method according to any one of claims 1 to 13.

17. A computer-readable storage medium, wherein a computer program is stored on the computer-readable storage medium, and when being executed by a processor, the computer program implements the steps of the method for evaluating information security for an intelligent networked automobile according to any one of claims 1 to 13.