Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

To achieve high traceability from requirements to test scenarios, a test scenario generation method has been widely recognized as being an integral aspect of model-based development. However, it is difficult to make effective test scenarios that have sufficient requirement coverage including hazardous conditions. In this study, we propose a test scenario generation method from formalized functional requirements. Based on results from a hazard analysis, this technique is able to generate the scenario that reveals hazardous situations by specifying a hazardous state as the end-state of a scenario. Furthermore, by modeling attack targets and methods, test scenarios leading to a hazardous state by malicious simultaneous external attacks are generated. A parallelization technique for generating simultaneous attack test scenarios is shown. Using the exhaustive path-finding approach, our results show the ability to achieve high requirement coverage compared to the existing approaches. The proposed method uses a model checking method and cannot escape from the state explosion. However, it is able to reach real problems by modeling the highly-abstract requirement areas and specifying partial scenarios.

DOI： 10.1109/VTC2020-Spring48590.2020.9129076

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/vtc/vtc2020s.html#FujikuraK20

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：Springer  

Cybersecurity threats have become a reality for safety critical systems such as automobiles, railways and avionics witnessing cybersecurity incidents and research reports from white hackers. Threat analysis plays an important role to identify potential threats in early stages of the system development and it is a common understanding that the threat analysis for safety critical systems need to assess an effect caused by threats against safety. In this paper, we propose a threat analysis framework on safety concepts required by ISO 26262 in an architecture description language SCDL (Safety Concept Description Language) specifically designed for safety concepts modeling in ISO 26262 and demonstrate the effectiveness of our framework on a case study. Our research result shows the potential usage of SCDL for threat analysis and effect analysis between functional safety and cybersecurity.

DOI： 10.1007/978-3-030-54549-9_23

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/safecomp/safecomp2020.html#0001KSNTY20

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：ACM  

In recent years, frequent spoofing attacks targeting automotive control systems have been reported. To address this issue, automotive manufactures seek to assign a message authentication code(MAC) to ensure the security of these systems. As it is challenging to assign an authenticator to all messages due to limitations in transfer capacity, automotive manufactures are seeking to assign it to only a certain type of message. In this study, a method of spoofing detection is proposed that makes use of one of the critical messages referred to as Keep Alive Messages.

DOI： 10.1145/3375706.3380557

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/codaspy/autosec2020.html#KurachiTUT20

Language：Japanese   Publishing type：Research paper (scientific journal)  

With the increasing computational demands of applications, the research of energy-efficient heterogeneous multiprocessor scheduling is becoming more and more important. The problem can be addressed as allocating tasks to the right cores and setting the appropriate operating frequencies. In this paper, we present a task allocation algorithm for a single-ISA big.LITTLE architecture which consists of two different types of cores: high-performance core and energy-efficient core. Based on the execution variance of two types of cores, a heuristic that approximate the optimal load distribution is proposed. We experimentally simulate our method and compare it with the state-of-the-art solutions. Experimental results show that average 20.4% less energy consumption (and up to 60.2% for some cases) can be saved from the typical Little-Core-First with satisfying the deadline constraints of all tasks.

DOI： 10.1016/j.suscom.2018.10.001

Web of Science

Scopus

Language：Japanese   Publishing type：Research paper (scientific journal)  

Recently, quite a number of security attacks against Controller Area Network (CAN) have been reported. Many automotive companies are planning to adopt security countermeasures to strengthen security of their in-vehicle systems while saving the costs. This paper proposes a method to block unauthorized CAN-bus access using our enhanced CAN controller that prevents the transmission of messages from a malicious electronic control unit. We demonstrate the effectiveness of our device disabler on a CAN with Flexible Date rate buses.

Scopus

Language：Japanese   Publishing type：Research paper (scientific journal)  

The controller area network with flexible data-rate (CAN FD) is the new generation of the CAN technology to meet the daily increasing bandwidth requirement for automotive cyber-physical systems (ACPS). However, ACPS is a security-critical system, an efficient security/timing-aware design space exploration (DSE) method is required to fully utilize CAN FD's high data phase data rate. In this paper, we propose an AUTOSAR-compliant system model that integrates both timing and security constraint, an integrated mixed-integer linear programming formulation (i-MILP) for the optimal DSE of CAN FD, and a divide-and-conquer approach to the i-MILP (dc-MILP) to address its timing complexity problem. The experiment results show that dc-MILP scales well for industrial-size systems and saves 1.94%-4.76% bandwidth utilization and guarantees the schedulability for more signal sets by comparing with the state-of-the-art algorithm.

DOI： 10.1109/TII.2018.2851939

Web of Science

Scopus

Language：Japanese   Publishing type：Research paper (scientific journal)  

We study the worst case response time (WCRT) analysis and evaluation for sporadic message-processing tasks in a multicore automotive gateway of a controller area network (CAN) cluster. We first build a multicore automotive gateway on CAN clusters. Two WCRT analysis methods for message-processing tasks in the multicore gateway are subsequently presented based on global and partitioned scheduling paradigms. We evaluate the WCRT results of two analysis methods with real message sets provided by the automaker, and present the design optimization guide.

DOI： 10.1109/TCAD.2018.2812119

Web of Science

Scopus

Language：Japanese   Publishing type：Research paper (scientific journal)  

A typical automotive integrated architecture is a controller area network (CAN) cluster integrated by a central gateway. This study proposes a novel and exact worst-case response time (WCRT) analysis method for message-processing tasks in the gateway. We first propose a round search method to obtain lower bound on response time (LBRT) and upper bound on response time (UBRT), respectively. We then obtain the exact WCRT belonging to the scope of the LBRT and UBRT with an effective non-exhaustive exploration. Experimental results on a real CAN message set reveal that the proposed exact analysis method can reduce 99.99999% combinations on large-scale CAN clusters.

DOI： 10.1145/3284178

Web of Science

Scopus

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

To achieve high traceability from requirements to test scenarios, a test scenario generation method has been widely recognized as being an integral aspect of model-based development. In this study, we propose a test scenario generation method from formalized functional requirements which employs the approach with the 'fluent' proposition. Based on results from a hazard analysis, this technique is able to generate test scenarios that reveals hazardous situations by specifying a hazardous state as their end-state of a scenario. Furthermore, by modeling attack targets and methods, test scenarios leading to a hazardous state by malicious external attacks are generated.

DOI： 10.1109/PRDC47002.2019.00025

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/prdc/prdc2019.html#FujikuraK19

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

To achieve high traceability from requirements to test scenarios, a test scenario generation method has been widely recognized as being an integral aspect of model-based development. In this paper, we propose a test scenario generation method from formalized functional requirements which employs the KAOS-based approach with the fluent proposition. Based on safety requirements, this technique is able to generate the scenario that reveals hazardous situations by specifying a hazard state as the end state of a scenario. By using exhaustive pathfinding approach, our results show the ability to achieve the high requirement coverage compared to existing approaches.

DOI： 10.1109/QRS-C.2019.00115

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/qrs/qrs2019c.html#FujikuraK19

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

Many threat cases for in-vehicle systems have been reported and various methods to enhance automotive security have been proposed in recent years. One of the methods proposed is a means for detecting possible CAN message spoofing by attaching a message authentication code(MAC) to controller area network (CAN) messages. It is expected, however, that MAC generation keys are compromised during the replacement of ECUs if malicious dealers or repair shops are attackers. For this reason, a secure ECU replacement method is proposed in this paper.

DOI： 10.1109/HASE.2019.00043

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/hase/hase2019.html#KurachiTAUM19

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：ACM  

With the expansion of Industry 4.0, the factory automation (FA) system has become more complex due to wireless communication between multiple devices. Therefore, short-term development and secure communication are required for development cost and cyber-security issues. For this reason, a secure robot operating system 2 (SROS2) was developed. SROS2 is an open-source platform applicable to industrial robots. SROS2 achieves short-term development with various libraries and implements encryption and authentication by embedding advanced encryption standard - Galois/counter mode (AES-GCM). On the other hand, AES-GCM has been reported to be vulnerable to spoofing. Therefore, a secure encryption algorithm to replace AES-GCM is required. In addition, the system must be able to operate without problems after replacement. For these reasons, this study embeds secure authenticated encryption instead of AES-GCM in SROS2. The results of an evaluation experiment on the latency of the encryption algorithm showed that Ascon is more effective than AES-GCM.

DOI： 10.1145/3375959.3375976

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/aiccc/aiccc2019.html#TakemotoNNYHK19

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

DOI： 10.1109/VTCSpring.2019.8746714

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/vtc/vtc2019s.html#KurachiTTISNMAN19

Language：Japanese  

Web of Science

Language：Japanese   Publishing type：Research paper (scientific journal)  

In real-time embedded systems, minimizing energy consumption is one of the most important tasks. Intra-task dynamic voltage and frequency scaling (DVFS) has been the subject of much research in the task boundary of time-constrained applications for energy reduction. The problem of optimizing energy consumption with respect to intra-task DVFS scheduling can be addressed by assigning proper operational frequencies to individual basic blocks in a program while guaranteeing the deadline. Based on the profile information of a task, we first formulate the problem in terms of integer linear programming (ILP) regarding different assumptions of transition overhead. To verify the effectiveness of ILP formulations, the most representative intra-task DVFS techniques are taken for comparisons. The results of the experiments demonstrate that the proposed ILP method achieves greater energy savings than the existing approaches. Moreover, it determines the optimal scheduling strategy in reasonable execution time for applications with a limited number of blocks.

DOI： 10.1109/ACCESS.2019.2902353

Web of Science

Scopus

Language：English   Publishing type：Research paper (scientific journal)   Publisher：Information Processing Society of Japan  

<p>Energy-aware task allocation of embedded systems is one of the most important issues in recent decades. A classical solution to solve the issue is Integer Linear Programming (ILP). However, given the considerable time consumption, it is effective only to the extent that the scale of the problem is small. How to use ILP to solve large allocation problems on heterogeneous multiprocessor systems to minimize energy consumption is still a challenge. This paper proposes two ILP formulations to deal with it. One complete ILP(1) is used to derive a feasible allocation, and the other simplified ILP(2) is for calculating the desired minimum energy. Then the desired minimum energy can be used as a reference to evaluate the intermediate solution of ILP(1) and decide its timeout. Besides, to find out the best-suited platform for a given workload, a flexible design which presents flexibilities and choices in core assignment, is considered for further energy saving. For example, the optimal core number design and core type design are generated as two independent ILP formulations, denoted as ILP(3) and ILP(4). The experimental results on randomly generated task sets demonstrate that, compared with the fixed platform, automatically synthesizing a flexible core assignment saves more energy.</p>

DOI： 10.2197/ipsjjip.27.136

Scopus

CiNii Research

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

The Controller Area Network (CAN) is widely used in in-vehicle networks. As increasing the number of Electronic Control Units (ECUs) in an in-vehicle system, the delay of the CAN message is critical issues to achieve high accuracy of the control applications. This protocol employs an arbitration mechanism for priority-based transmission, therefore, although it is easy to estimate the worst-case response time (WCRT) of each message by using real-time scheduling theory, there is no way to know the delay time at which each CAN message was generated in the run-time environment. To address this issue, in this paper, we propose a method is to notify the real delay time of each message without synchronizing to global time between each node in the run-time environment. Our proposed method can provide the delay time of each CAN message with a small improvement so it can be applied for the existing in-vehicle systems.

DOI： 10.1109/QRS-C.2019.00020

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/qrs/qrs2019c.html#KurachiTAUM19

Language：Japanese   Publisher：THE INSTITUTE OF SYSTEMS, CONTROL AND INFORMATION ENGINEERS  

DOI： 10.11509/isciesci.62.4_124

CiNii Books

CiNii Research

J-GLOBAL

Other Link： https://ndlsearch.ndl.go.jp/books/R000000004-I028937031

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society  

In recent decades, the research of energy-aware scheduling on heterogeneous multiprocessor systems is becoming more and more popular. A classic method for real-time task allocation is Linear Programming (LP). However, existing LP formulations are usually regarded as ineffective in solving large-scale allocation problems due to the unacceptable time consumption. In this work, we propose two integer linear programming (ILP) formulations to deal with the allocation problems for large task sets. One exact ILP(1) is formulated to derive an intermediate solution, and the other relaxed ILP(2) is considered to calculate the desired minimum energy. Then the desired minimum energy can be taken as a reference to evaluate the optimality of the intermediate solution. Experimental results on randomly generated task sets demonstrate that our method achieves average 19.2% less energy within limited time than the classic greedy and the state-of-the-art heuristic algorithm.

DOI： 10.1109/EUC.2018.00031

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/euc/euc2018.html#QinZKMT18

Language：Japanese   Publisher：Japan Science and Technology Agency  

<p>In recent years, automobiles are expected to create new value by connecting with various devices. In the future, it is expected that a communication function called V2X will be installed for automatic operation, and it will become an important position as IoT more and more. On the other hand, it is pointed out that many of the current vehicles are not sufficiently security measures. For this reason, security enhancement is required in the future. Moreover, automobile security has various problems and is expected to become more and more important in the future. This paper focuses on the overview of IoT and information security issues in automotive industry.</p>

DOI： 10.1241/johokanri.60.690

CiNii Books

CiNii Research

J-GLOBAL

Other Link： https://ndlsearch.ndl.go.jp/books/R000000004-I028743777

Language：Japanese   Publishing type：Research paper (scientific journal)  

With the considerable growth of cybersecurity risks in modern automobiles, cybersecurity issues in the in-vehicle network environment have attracted significant attention from security researchers in recent years. Enhancing the cybersecurity ability of in-vehicle networks while considering the computing resource and cost constraints become an urgent issue. To address this problem, a novel information entropy-based method is proposed in this paper, which uses a fixed number of messages as sliding windows. By improving the sliding window strategy and optimizing the decision conditions, the detection accuracy is increased and the false positive rate is reduced. Experimental results demonstrate that the proposed method can provide real-time response to attacks with a considerably improved detection precision for intrusion detection in the in-vehicle network environment.

DOI： 10.1109/ACCESS.2018.2865169

Web of Science

Scopus

Language：Japanese   Publishing type：Research paper (international conference proceedings)  

We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.

DOI： 10.4271/2018-01-0013

Scopus

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

In automotive software development, secure coding is required to enhance the security level because the secure coding guidelines state that vulnerability of software must be eliminated. However, secure coding is difficult to incorporate because it provides different assumptions from the coding guidelines of product development for existing automobiles. More specifically, in the automobile industry, MISRA-C is applied to improve the reliability of software. To achieve higher dependability and security level, an original guideline was developed in this study for the AUTOSAR adaptive platform. In this paper, we discuss the secure coding guidelines for strengthening security in classic and adaptive platforms.

DOI： 10.1109/ICVES.2018.8519496

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/icves/icves2018.html#KurachiTTATIMM18

Language：Japanese  

Web of Science

Language：Japanese   Publishing type：Research paper (scientific journal)  

Cybersecurity is increasingly important for the safety and reliability of autonomous vehicles. The controller area network (CAN) is the most widely used in-vehicle network for automotive safety-critical applications. Enhancing the cybersecurity ability of CAN while considering the real-time, schedulability, and cost constraints becomes an urgent issue. To address this problem, a real-time, and schedulability analysis-guaranteed security mechanism [identification hopping CAN (IDH-CAN)] is proposed in this paper, which aims to improve the security performance of CAN under the constraints of automotive real-time applications. In order to support the operation of the IDH-CAN mechanism, an IDH-CAN controller is also designed and implemented on a field-programmable gate array, which can work as a hardware firewall in the data link layer of CAN to isolate cyberattacks from the physical layer. Meanwhile, to maximize the information entropy of the CAN message ID on the physical layer, the ID hopping table generation and optimization algorithms for IDH-CAN are also proposed. Then, information security evaluation experiments based on information entropy comparison are deployed. The simulation and practical evaluations demonstrate the effectiveness of the proposed mechanism in defending reverse engineering, targeted denial of service, and replay attacks without violating real-time and schedulability constraints.

DOI： 10.1109/ACCESS.2018.2870695

Web of Science

Scopus

Language：Japanese   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society  

Controller Area Network (CAN) is the most widely employed real-Time communication protocol for safety-critical applications. Recently, an issue of security countermeasure for CAN is the limited bandwidth of CAN. For this reason, the ID hopping technology has been proposed to improve the security with limited resource by varying the ID of a message when transmitting it on the CAN bus. However, the existing ID hopping method is not effective in terms of ID variation. In this paper, we propose a real-Time and security mechanism to improve the security effect of ID hopping. Firstly, we obfuscate the priority of messages with two MILP models and a greedy algorithm called 'Priority Bound Decision Algorithm', making priority different on the application layer. Secondly, combining the ID-hopping, our method can enhance the diversity of IDs on the data link layer. Thirdly, the results of security analysis indicate that our proposal can hinder the targeted DoS, replay attack and reverse engineering better than some existing methods.

DOI： 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00029

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/dasc/dasc2018.html#DingZKZ18

Language：English   Publishing type：Research paper (scientific journal)   Publisher：Information Processing Society of Japan  

<p>The recently developed FMLP⁺ provides significant advantages for partitioned fixed priority scheduling, since it ensures asymptotically optimal <i>O</i>(<i>n</i>) maximum priority-inversion blocking. The constraints under the FMLP⁺ can be exploited to determine bounds on the blocking time. However, these bounds may be pessimistic since shared resources local to a processor do not incur priority-inversion blocking in some cases. Consequently, a schedulable task set may be erroneously judged as unschedulable because of these pessimistic values. Based on our analysis, additional constraints were added to compute the maximum blocking time bound of each task with linear programming and the corresponding worst-case response time. The results of experiments show our proposed strategy is less pessimistic than existing strategies. Meanwhile, we also demonstrate that local resource sharing should be used instead of global resource sharing where possible.</p>

DOI： 10.2197/ipsjjip.26.540

Scopus

CiNii Research

Language：English   Publishing type：Research paper (scientific journal)   Publisher：ELSEVIER SCIENCE BV  

CAN with flexible data rate (CAN FD) is considered the next generation in-vehicle network standard for automotive cyber-physical systems. CAN FD supports a data phase bit-rate of up to 10 Mbps and message payload of up to 64 bytes. However, the substantial differences regarding the allowed message payloads and the heterogeneity of the signal periods indicate the need for a systematic design method to fully utilize its large transmission bandwidth. We propose an optimized design method for CAN FD to minimize bandwidth utilization while meeting the signal timing constraint. First, two slack evaluation metrics are defined for the quantitative analysis of the potential packing choices. Based on these metrics, we propose a clustering-based signal packing algorithm, and the schedulability of the signals and the packed messages are both verified. The proposed method is compared with other design methods proposed for both CAN and CAN FD. The experimental results demonstrated that our method is the most bandwidth efficient and can meet the timing constraint simultaneously.

DOI： 10.1016/j.sysarc.2017.10.008

Web of Science

Scopus

Language：English   Publishing type：Research paper (scientific journal)   Publisher：IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC  

In modern automobiles, gateways are commonly used to connect several subsystems of controller area networks (CANs) to achieve integrated architecture and distributed cross-bus functionalities. To analyze the real-time property of such in-vehicle networks, worst-case response time (WCRT) analysis for gateway-integrated CAN messages has been studied recently. However, the WCRTs obtained are quite pessimistic. In this study, we examine in detail the various actual arriving orders of gateway messages and then propose an explorative WCRT computation method. It is proved that the obtained WCRT results are safe WCRT bounds. Experimental results for real message set demonstrate as much as 24% reduction of WCRT compared with those obtained using the state-of-the-art methods.

DOI： 10.1109/TVT.2017.2737035

Web of Science

Scopus

Language：English   Publishing type：Research paper (scientific journal)   Publisher：The Institute of Electronics, Information and Communication Engineers  

<p>As a next-generation CAN (Controller Area Network), CAN FD (CAN with flexible data rate) has attracted much attention recently. However, how to use the improved bus bandwidth efficiently in CAN FD is still an issue. Contrasting with existing methods using greedy approximate algorithms, this paper proposes a genetic algorithm for CAN FD frame packing. It tries to minimize the bandwidth utilization by considering the different periods of signals when packing them in the same frame. Moreover, it also checks the schedulability of packed frames to guarantee the real-time constraints of each frame and proposed a merging algorithm to improve the schedulability for signal set with high bus load. Experimental results validate that the proposed algorithm can achieve significantly less bandwidth utilization and improved schedulability than existing methods for a given set of signals.</p>

DOI： 10.1587/transinf.2017edp7073

Web of Science

Scopus

CiNii Research

Other Link： http://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#journals/ieicet/DingZKH17

Language：Japanese   Publisher：Reliability Engineering Association of Japan  

DOI： 10.11348/reajshinrai.39.2_68

CiNii Books

CiNii Research

J-GLOBAL

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：Institute of Electrical and Electronics Engineers Inc.  

As a next-generation CAN (Controller Area Network), CAN-FD (CAN with flexible data rate) has attracted much attention recently. However, how to use the improved bus bandwidth efficiently in CAN-FD is still an issue. Contrasting with existing methods using greedy approximate algorithms, this paper proposes a genetic algorithm for CAN-FD frame packing. It tries to minimize the bandwidth utilization by considering the different periods of signals when packing them in the same frame. Experimental results validate that the proposed algorithm can achieve significantly less bandwidth utilization than existing methods for a given set of signals.

DOI： 10.1109/ICESS.2016.12

Web of Science

Scopus

Language：Japanese  

Web of Science

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

With the growth of ECUs that are mounted in automobiles, the transmission capacity of Controller Area Network (CAN), which is currently used by most on-vehicle networks, is becoming insufficient, and therefore CAN With Flexible Data Rate (CAN-FD), presented by Bosch GmbH, is viewed as a nextgeneration standard. Recently, the number of attacks on ECUs connected to CAN has been increasing, and from the viewpoint of CAN security there has been much discussion of safety. However, with regard to CAN-FD, which is an expansion of CAN, although a discussion of safety is needed, that has hardly happened. This paper reports on an implementation that uses the generic fuzzing tool beSTORM to investigate the vulnerability of the CAN-FD protocol. We also aim at practical application by measuring the transmission time for beSTORM test data and by estimating the time required for CAN-FD fuzzing tests.

DOI： 10.1109/ICVES.2016.7548161

Web of Science

Language：Japanese  

Web of Science

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

Partitioned fixed priority scheduling is one of the most comprehensively chosen predictable scheduling in practice. The FMLP+ developed in recent years is a better protocol, which ensures asymptotically optimal O(n) maximum priority-inversion blocking. The constraints under several protocols besides the FMLP+ can be exploited to gain the bound on maximum blocking time. However, the blocking time bounds may be pessimistic under the FMLP+ on the ground that shared resources local to a processor do not incur priority-inversion blocking in some cases. It is possible that a schedulable task set is judged as unschedulable because of the pessimistic values. Based on our analysis, a few constraints was added to compute the maximum blocking time of each task, and then its worst-case response time. The results of our experiments show less pessimism than the existing ones. Meanwhile, we also demonstrate the usefulness of the conclusion that global resource sharing should be transformed into local one where possible.

DOI： 10.1109/SIES.2016.7509435

Web of Science

Scopus

Language：Japanese   Publishing type：Research paper (scientific journal)  

One of the main concerns for the security of in-vehicle data is spoofing messages on the in-vehicle network. Controller Area Network (CAN) is the most extensively embedded network protocol in vehicles. In the last decade, security attacks in vehicles have been increasing and have been reported in several papers. Therefore, security measures are expected that meet the requirements of real time and cost constraint for in-vehicle control network. In this paper, we propose centralized authentication system in CAN with improved CAN controller. Our experimental results demonstrate that our proposal method is effective on real in-vehicle network environments.

Scopus

Language：Japanese  

Web of Science

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

Nowadays, in-vehicle network design has become a difficult challenge due to increased complexity and strict real-time constraints. In this work, we propose an integrated framework for CAN network topology design under real-time constraints. The framework integrates topology design with real-time analysis. It firstly allocates electronic control units (ECU) automatically to one of the CAN buses via integer linear programming (ILP) optimization. Then, the worst case response rate (WCRR) results of real-time analysis are fed back to a weighted ILP optimization to further improve the topology design with respect to a real-time property. A case study using a real message set from automaker validated the effectiveness and scalability of the proposed framework.

DOI： 10.1109/VTCFall.2015.7390840

Web of Science

Scopus

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

A central gateway is a very important node for connecting the buses to pass messages from one bus to the other bus(es) in current in-vehicle networks. However, transmitting message through gateway causes additional delay to the end-to end delay of messages. Existing methods for analysis of gateway processing delay usually employed experimental measurements which are inefficient and cannot obtain a safe delay bound. Meanwhile, the increased complexity of in-vehicle networks require theoretical analysis (if gateway processing delay to obtain a safe upper bound delay. In this paper, we first construct a central gateway model with CAN clusters, then we propose a novel response time analysis method with rigorous proof to compute the upper bound delay of gateway tasks. Experimental results demonstrated that the proposed approach can obtain the upper bound delay in reasonable time even for a large-scale network workload, and the calculated upper bound is close to the exact worst case delay.

DOI： 10.1109/HPCC-CSS-ICESS.2015.324

Web of Science

Scopus

Language：English   Publishing type：Research paper (scientific journal)  

Language：English   Publishing type：Research paper (scientific journal)  

Language：English   Publisher：Society of Automotive Engineers of Japan, INC  

The Controller Area Network (CAN) is a widely used in-vehicle network and its schedulability is particularly
important. In a CAN system, implementing the priority queues is better than FIFO queues with respect to the schedulability, which is widely recognized by users. In this paper, we investigate whether and how much implementing the priority queues is better than FIFO queues when the offset assignment for CAN messages is conducted. Our results show that usually the priority queues are better, whereas the FIFO queues are better in some specific situations. Furthermore, we propose a new scheduling method for obtaining the advantages of both queues, which improves the schedulability effectively.

DOI： 10.20485/jsaeijae.4.4_75

CiNii Research

Language：English   Publishing type：Research paper (scientific journal)   Publisher：The Institute of Electronics, Information and Communication Engineers  

In modern automobiles, Controller Area Network (CAN) has been widely used in different sub systems that are connected by using gateway. While a gateway is necessary to integrate different electronic sub systems, it brings challenges for the analysis of Worst Case Response Time (WCRT) for CAN messages, which is critical from the safety point of view. In this paper, we first analyzed the challenges for WCRT analysis of messages in gateway-interconnected CANs. Then, based on the existing WCRT analysis method proposed for one single CAN, a new WCRT analysis method that uses two new definitions to analyze the interfering delay of sporadically arriving gateway messages is proposed for non-gateway messages. Furthermore, a division approach, where the end-to-end WCRT analysis of gateway messages is transformed into the similar situation with that of non-gateway messages, is adopted for gateway messages. Finally, the proposed method is extended to include CANs with different bandwidths. The proposed method is proved to be safe, and experimental results demonstrated its effectiveness by comparing it with a full space searching based simulator and applying it to a real message set.

DOI： 10.1587/transinf.e96.d.1467

Web of Science

Scopus

CiNii Research

Other Link： http://dblp.uni-trier.de/db/journals/ieicet/ieicet96d.html#journals/ieicet/XieZCKTL13

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE  

Controller Area Network (CAN) is widely used inside the automobiles. To decrease design complexity and cost, several CAN are utilized in different sub systems and gateway is employed to realize the communication between them. But the employment of gateway brings many challenges for schedulability analysis of CAN messages. We first analyzed the key challenges for schedulability analysis of messages. And then, based on existing method proposed for one single CAN, a new analysis method that is based on interference analysis for dynamically arriving gateway messages is proposed for non-gateway messages. Furthermore, a division approach that transforms the end-to-end schedulability analysis of gateway messages into the similar situation with that of non-gateway messages is proposed for gateway messages. The proposed method is proved to be safe, and by comparing it with a full space searching based simulator and applying to a real message set, its effectiveness is demonstrated as well.

DOI： 10.1109/ICCVE.2012.23

Web of Science

Scopus

Other Link： https://dblp.uni-trier.de/db/conf/iccve/iccve2012.html#XieZCKTL12

Language：Japanese   Publisher：Society of Automotive Engineers of Japan  

In this paper, a new high-speed bus topology LAN protocol for automobiles is proposed and its compatibility with the traditional CAN protocol is discussed. The transfer rate of traditional CAN cannot be increased due to its bitwise arbitration using message priority and acknowledgment mechanisms. Our proposed protocol avoids collisions by assigning one or more time slots to each ECU within a communication cycle. ACK is informed through the ACK bits included in the header of each frame. Based on this protocol, we implemented a 5 Mbit/s LAN system on which the existing software for CAN is used with small modifications. According to our evaluation, the proposed protocol achieves a short synchronization time during system start-up.

DOI： 10.11351/jsaeronbun.43.509

CiNii Books

CiNii Research

Language：English   Publishing type：Research paper (scientific journal)   Publisher：Information Processing Society of Japan  

The Controller Area Network (CAN) is widely employed in automotive control system networks. In the last few years, the amount of data has been increasing rapidly in these networks. With the purpose of improving CAN bandwidth efficiency, scheduling and analysis are considered to be particularly important. As an effective method, it has been known that assigning offsets to the CAN messages can reduce their worst case response time (WCRT). Meanwhile, the fact is that many commercial CAN controllers have been equipped with a priority or first-in-first-out (FIFO) queue to transmit messages to the CAN bus. However, previous researches for WCRT analysis of CAN messages either assumed a priority queue or did not consider the offset. For this reason, in this paper we propose a WCRT analysis method for CAN messages with assigned offset in the FIFO queue. We first present a critical instant theorem, then we propose two algorithms for WCRT calculation based on the given theorem. Experimental results on generated message sets and a real message set have validated the effectiveness of the proposed algorithms.

DOI： 10.2197/ipsjjip.20.451

Scopus

CiNii Research

Language：English   Publishing type：Research paper (scientific journal)   Publisher：Information and Media Technologies Editorial Board  

The Controller Area Network (CAN) is widely employed in automotive control system networks. In the last few years, the amount of data has been increasing rapidly in these networks. With the purpose of improving CAN bandwidth efficiency, scheduling and analysis are considered to be particularly important. As an effective method, it has been known that assigning offsets to the CAN messages can reduce their worst case response time (WCRT). Meanwhile, the fact is that many commercial CAN controllers have been equipped with a priority or first-in-first-out (FIFO) queue to transmit messages to the CAN bus. However, previous researches for WCRT analysis of CAN messages either assumed a priority queue or did not consider the offset. For this reason, in this paper we propose a WCRT analysis method for CAN messages with assigned offset in the FIFO queue. We first present a critical instant theorem, then we propose two algorithms for WCRT calculation based on the given theorem. Experimental results on generated message sets and a real message set have validated the effectiveness of the proposed algorithms.

DOI： 10.11185/imt.7.841

CiNii Research

Language：Japanese   Publisher：SAE 2011 World Congress and Exhibition  

In this paper, a new high-speed bus topology LAN protocol for automobiles is proposed and its compatibility with the traditional CAN protocol is discussed. The transfer rate of traditional CAN cannot be increased due to its bitwise arbitration using message priority and Acknowledgment mechanisms. Our proposed protocol avoids collisions by assigning one or more time slots to each ECU within a communication cycle. ACK is informed through the ACK bits included in the header of each frame. Based on this protocol, we implemented a 5 Mbit/s LAN system on which the existing software for CAN is used with small modifications. This paper describes the proposed protocol, named "Scalable CAN," and its implementation on FPGA, and demonstrates that existing software can be easily ported to this new protocol. © 2011 SAE International.

DOI： 10.4271/2011-01-1043

Scopus

Language：Japanese   Publisher：SAE Technical Papers  

In this paper, a new high-speed bus topology LAN protocol for automobiles is proposed and its compatibility with the traditional CAN protocol is discussed. The transfer rate of traditional CAN cannot be increased due to its bitwise arbitration using message priority and Acknowledgment mechanisms. Our proposed protocol avoids collisions by assigning one or more time slots to each ECU within a communication cycle. ACK is informed through the ACK bits included in the header of each frame. Based on this protocol, we implemented a 5 Mbit/s LAN system on which the existing software for CAN is used with small modifications. This paper describes the proposed protocol, named "Scalable CAN," and its implementation on FPGA, and demonstrates that existing software can be easily ported to this new protocol. Copyright © 2011 SAE International.

Scopus

Publishing type：Research paper (international conference proceedings)  

Other Link： http://dblp.uni-trier.de/db/conf/rtns/rtns2011.html#conf/rtns/ChenKTZ11

Language：Japanese   Publishing type：Research paper (scientific journal)  

In today's automotive industry, FlexRay and other next generation protocols for automotive network communications are gaining attention. However, these protocols are unlikely to replace existing applications in the immediate future due to the cost and reliability problems caused by the replacement. In this paper we propose Scalable CAN, a new automotive network protocol based on the existing CAN (controller area network). Having a new ACK (Acknowledgement) information field, instead of an ACK slot, the Scalable CAN features a transmission speed of 10 Mbps and a new collision resolution algorithm which guarantees the delivery of a message within a given time period. Our simulation analysis indicates that the Scalable CAN protocol is superior to the conventional CAN in throughput performance such as a maximum data transmission speed, scalability, and priority inversion. This paper also includes considerations given for the implementation of the Scalable CAN.

Scopus

Language：Japanese   Publisher：SAE International Journal of Passenger Cars - Electronic and Electrical Systems  

In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbit/s. The new automotive protocol "10 Mbit/s CAN" is based on two changes to CAN; a star topology, in which nodes are physically connected using a multi-port gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the "10 Mbit/s CAN" protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of "10 Mbit/s CAN" are also reviewed briefly. © 2009 SAE International.

DOI： 10.4271/2009-01-0126

Scopus

Language：Japanese   Publisher：SAE Technical Papers  

In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbit/s. The new automotive protocol "10 Mbit/s CAN" is based on two changes to CAN; a star topology, in which nodes are physically connected using a multi-port gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the "10 Mbit/s CAN" protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of "10 Mbit/s CAN" are also reviewed briefly. Copyright © 2009 SAE International.

DOI： 10.4271/2009-01-0126

Scopus

Language：English   Publishing type：Research paper (scientific journal)  

In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbit/s. The new automotive protocol "10 Mbit/s CAN" is based on two changes to CAN
a star topology, in which nodes are physically connected using a multi-port gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the "10 Mbit/s CAN" protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of "10 Mbit/s CAN" are also reviewed briefly. © 2009 SAE International.

DOI： 10.4271/2009-01-0126

Scopus

J-GLOBAL

Language：Japanese  

CiNii Books

J-GLOBAL

J-GLOBAL

J-GLOBAL

J-GLOBAL

J-GLOBAL

J-GLOBAL

Language：Japanese   Publisher：自動車技術会  

CiNii Books

J-GLOBAL

J-GLOBAL

J-GLOBAL

Language：English   Publishing type：Research paper, summary (national, other academic conference)  

Language：Japanese  

J-GLOBAL

Language：Japanese   Publisher：情報処理学会 ; 1960-  

本稿では，自動車制御システムを中心にその発展経緯を踏まえて，セーフティとセキュリティに関する現状を整理する．特に，情報処理の観点から，先進運転支援システムや自律走行システムの実用化に向けて，今後取り組むべき課題やその方向性について概説する．

CiNii Books

J-GLOBAL

Language：Japanese   Publisher：自動車技術会  

CiNii Books

J-GLOBAL

Language：Japanese   Publisher：日本信頼性学会  

CiNii Books

J-GLOBAL

Language：Japanese   Publisher：技術情報協会  

J-GLOBAL

Language：Japanese   Publisher：情報処理学会 ; 1960-  

近年，自動車に対する脆弱性事例が多数報告されており，自動車のセキュリティが注目されている．これまでに販売されている自動車の多くは機能安全規格に対応されつつあり故障などに対して安全ではあるものの，攻撃者からの意図的なサイバー攻撃に対しては対策されておらず，脆弱であることが指摘されている．また，リアルタイム性やコスト制約が厳しい車載制御システムでは情報セキュリティの対策技術をそのまま適用することができない場合があり，車載制御システムの特徴を生かしたセキュリティ対策技術が必要とされている．本解説記事では，車載制御システムに求められる安全性とセキュリティを概説する．

CiNii Books

J-GLOBAL

Language：English   Publishing type：Research paper, summary (national, other academic conference)  

Language：Japanese   Publisher：日本自動車工業会  

CiNii Books

J-GLOBAL

Language：Japanese   Publishing type：Rapid communication, short report, research note, etc. (scientific journal)  

J-GLOBAL

J-GLOBAL

J-GLOBAL

J-GLOBAL

Language：Japanese   Publisher：電気評論社  

CiNii Books

J-GLOBAL

Language：English   Publishing type：Research paper, summary (national, other academic conference)  

Language：Japanese  

J-GLOBAL

Language：Japanese   Publisher：住友電気工業  

CiNii Books

J-GLOBAL

Language：English   Publishing type：Research paper, summary (national, other academic conference)  

Language：English   Publishing type：Research paper, summary (national, other academic conference)  

Language：English   Publishing type：Research paper, summary (national, other academic conference)  

Today, the Controller Area Network (CAN) is a widely used in-vehicle network. However, due to the constraint of the theoretical upper bound speed of CAN, we proposed Scalable-CAN (SCAN), which employs round-robin scheduling to improve upper bound speed while keeping the compatibility with traditional CAN. Moreover, we proposed the worst-case response time (WCRT) analysis for a single SCAN bus system and showed the real-time performance. In this paper, to apply SCAN to a next-generation in-vehicle network composed of a SCAN bus and a CAN bus, we first propose a schedulability analysis method for the integrated network system. Second, we show its real-time performance and highlight the effects of the bandwidth extension and throughput performance of the SCAN integrated system. Finally, we conclude that SCAN achieves lower latency, high schedulability, and high integrity toward a next-generation in-vehicle network. Copyright © 2013 SAE International.

DOI： 10.4271/2013-01-1182

Scopus

Language：English  

Language：English  

CiNii Books

Language：Japanese   Publisher：情報処理学会  

現在，様々な機能を実現するために，車載ネットワークに流れるデータ量は急激に増加しており，広く採用されているController Area Network（CAN）では回線容量が不足している．しかしながら，CANの最大伝送速度はバス上での送信権の調停やACK応答メカニズムにより制約されており，最大伝送速度を向上させるためにはプロトコルの改良が必要となる．そこで，我々はCANを改良したスケーラブルCANプロトコルを提案している．本論では，スケーラブルCANプロトコルの最大遅れ時間解析手法を提案し，スケーラブルCANプロトコルがCANよりスループットを向上させたことにより，十分なメッセージ量を転送できる能力があることを示す．The Controller Area Network (CAN) is widely employed in in-vehicle networks to install new functions. However, CAN has significant restrictions on upper bound of maximum speed due to its bitwise arbitration and acknowledgement sequences. Therefore, we have proposed a new high-speed protocol &quot;Scalable CAN&quot; to improve upper bound speed of CAN. In this paper, we propose the worst-case response time analysis for &quot;Scalable CAN&quot;. According to our analysis, the Scalable CAN has achieved much higher throughput performance than CAN, and it has the ability to transfer a sufficient amount of message.

CiNii Books

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers  

車載制御システム向けのネットワークは,厳しいコスト制約や重量制約,高い信頼性やリアルタイム性などの要求から,一般の情報ネットワーク技術とは大きく異なる技術が用いられている.本稿では,まず,車載制御ネットワークの主な使途について述べた後,ネットワーク技術に課されている制約事項や要求事項について整理する.次に,現状の車載制御ネットワーク規格として,CANの概要について解説する.また,LINやFlexRayなど,その他のネットワーク規格についても概説する.最後に,車載制御ネットワーク技術の今後の発展性として,CANの高速化やイーサネットの導入の動き,光ファイバ化などの研究開発動向について紹介する.

CiNii Books

J-GLOBAL

Language：Japanese   Publisher：自動車技術会  

DOI： 10.11351/jsaeronbun.43.509

Language：Japanese   Publisher：Society of Automotive Engineers of Japan  

In this paper, a new high-speed bus topology LAN protocol for automobiles is proposed and its compatibility with the traditional CAN protocol is discussed. The transfer rate of traditional CAN cannot be increased due to its bitwise arbitration using message priority and acknowledgment mechanisms. Our proposed protocol avoids collisions by assigning one or more time slots to each ECU within a communication cycle. ACK is informed through the ACK bits included in the header of each frame. Based on this protocol, we implemented a 5 Mbit/s LAN system on which the existing software for CAN is used with small modifications. According to our evaluation, the proposed protocol achieves a short synchronization time during system start-up.

DOI： 10.11351/jsaeronbun.43.509

Language：Japanese  

J-GLOBAL

Language：Japanese   Publisher：情報処理学会  

これまでにオフセット付きCANメッセージの最大遅れ時間の解析手法が提案されている．しかしながら，従来の手法では計算量を抑え速く効率的に計算できる一方，悲観的に解析される場合がある．このため，本論では従来手法の問題点を指摘し，正確な最大遅れ時間を求めるための手法を提案する．提案する手法は，最大遅れ時間となりうるメッセージ送信シーケンスに着目し，限定した範囲に限り網羅的に解析を行うことで，正確な最大遅れ時間を導出する方法である．本提案手法の評価として自動車メーカから提供されるメッセージセットに適用した結果，十分に少ない組合せで正確な最大遅れ時間が得られた．The existing analysis for CAN messages with offsets can compute fast and efficient by reducing the amount of computation. However, it is pessimistic in some cases. The causes of the pessimism is that the cumulative accounting of maximum interference functions is overestimated much greater than a realistic situation. In this paper, we show the cause of this situation that existing analysis takes into account unrealistic interference in the cumulative accounting. Then, we propose the exact schedulability analysis which involves the partially exhaustive analysis. According to our experiments by using actually-used message sets, we can conclude that our approach can significantly reduce the combination of the critical interference function, and its can achieve an exact schedulability analysis.

CiNii Books

Language：Japanese   Publisher：情報処理学会  

CAN（Controller Area Network）は，自動車の制御系ネットワークとして広く使われているネットワーク規格である．近年，自動車の制御系ネットワークを流れるデータ量が急増しており，CANの帯域を効率的に使用するために，CAN上でのメッセージのスケジューリング手法が重要となっている．CAN上でのメッセージ送信タイミングに適切なオフセットを付けることで，メッセージのスケジュール可能性を高くできることが知られている．本論文では，CAN上のメッセージに対して適切なオフセットを付けるための手法を提案する．また，提案した手法の有効性を確認するために，実際の車載システムで使用されているメッセージセットなどを用いた評価を行い，従来のオフセット決定手法よりも優れていることを示す．The Controller Area Network (CAN) as a network standard is widely employed in control network of vehicle. ln the last few years, the amount of data has been increasing rapidly in automotive control system network. With the purpose of improving CAN broadband efficiency, scheduling is considered to be particularly important. As we know, an appropriate offset assignment method for CAN messages could enhance schedulability. In this study, we propose a new method that provide a suitable offset for every message in CAN system. And we demonstrated its effects by using message sets of real vehicle network, etc. Compare with previous methods, the new method reveals its remarkable priority.

CiNii Books

Language：English   Publishing type：Research paper, summary (national, other academic conference)  

In this paper, a new high-speed bus topology LAN protocol for automobiles is proposed and its compatibility with the traditional CAN protocol is discussed. The transfer rate of traditional CAN cannot be increased due to its bitwise arbitration using message priority and Acknowledgment mechanisms. Our proposed protocol avoids collisions by assigning one or more time slots to each ECU within a communication cycle. ACK is informed through the ACK bits included in the header of each frame. Based on this protocol, we implemented a 5 Mbit/s LAN system on which the existing software for CAN is used with small modifications. This paper describes the proposed protocol, named "Scalable CAN," and its implementation on FPGA, and demonstrates that existing software can be easily ported to this new protocol. © 2011 SAE International.

DOI： 10.4271/2011-01-1043

Scopus

J-GLOBAL

J-GLOBAL

J-GLOBAL

Language：Japanese   Publisher：情報処理学会  

これまでにオフセット付き CAN メッセージの最大遅れ時間の解析手法が提案されている．しかしながら，従来の手法では計算量を抑え速く効率的に計算出来る一方，悲観的に解析される場合がある．このため，本論では従来手法の問題点を指摘し，より正確な最大遅れ時間を求めるための手法について提案する．提案する手法は，クリティカルフレームに着目し限定した範囲に限り網羅的に解析を行うことで，厳密な最大遅れ時間を導出する方法である．本提案手法の評価として自動車メーカーから提供されるメッセージセットに適用した結果，十分に少ない組み合わせでより正確な解析結果がえられた．The existing analysis for CAN messages with offsets can compute fast and efficient by reducing the amount of computation. However, it is pessimisctic in some cases. The causes of the pessimism is that the cumulative accounting of maximum interference functions is overestimated much greater than a realistic situation. In this paper, we show the cause of this situation that existing analysis takes into account unrealistic interference in the cumulative accounting. Then, we propose the exact schedulability analysis which involves the partially exhaustive analysis. According to our experiments by using a actually-used messege sets, we can conclude that our approach can significantly reduce the conbination of the critical frames, and its can achieve an exact schedulability analysis.

CiNii Books

Language：Japanese   Publisher：住友電気工業  

CiNii Books

J-GLOBAL

Language：Japanese  

今日までに提案されている次世代車載プロトコルの多くは既存システムの再構成を強く要求しており，高い安全性が求められる自動車の制御ネットワークへ適用するには高いコストとリスクがともなう．そこで本論文では，自動車内の制御系ネットワークに広く使われるCANをベースとした新しい次世代車載プロトコル10 MbpsCANを提案する．10 MbpsCANプロトコルはスタートポロジへの変更と新しい衝突解決アルゴリズムにより高速化を実現した．さらにシミュレーション結果によれば，10 MbpsCANは従来CANに比べ十分なメッセージ量を送信できる能力を示した．最後に，10 MbpsCANコントローラの実装について説明する．Recently, automotive industry has atracted next genaration automotive protocols such as FlexRay. However, these solutions which shift to new applications will not meet the cost and risk requirements. In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbps. The new automotive protocol &quot;10 MbpsCAN&quot; is based on several changes to CAN; a star topology, in which nodes are physically connected using a multiport gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the &quot;10 MbpsCAN&quot; protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of &quot;10 MbpsCAN&quot; are also reviewed briefly.

CiNii Books

Language：Japanese   Publisher：情報処理学会  

CiNii Books

J-GLOBAL

Language：Japanese   Publisher：情報処理学会  

車載システム向けソフトウェアプラットフォームである AUTOSAR はシングルコアのみを想定しており，マルチコア環境を考慮していない．車載システムは相互に通信を行うことで協調制御するため，通信処理を実現するミドルウェアのマルチコア対応が必須である．本研究では，マルチコア環境での AUTOSAR 通信ミドルウェアの実現方法と評価を行う．まず，通信をコア内通信，コア間通信，チップ外通信の 3 つに分類し，それぞれの実現方法を検討する．チップ外通信については，ロック方式，通信サーバ方式の 2 方式を提案する．既存の通信ミドルウェアを 2 方式で拡張し，それぞれの送信処理時間の比較を行った．シングルコア環境に比べ，ロック方式は 41%，通信サーバ方式は 29% のオーバヘッドで実現可能であることがわかった．AUTOSAR, a software platform for automotive systems, assumes only an ECU with a single core processor, and does not consider an ECU with a multicore processor. It is necessary that a communication on a multicore processor because ECUs communicate each other for cooperative control. There are three communication types: a inside core, a inter core, and a outside chip communications. This paper proposes two methods for outside chip communication: a lock method and a server method. An existing communication middleware is extended as the two methods. Compared to a single core processor, the results of extended middleware show that transmission time overheads of the lock method and the server method are 41% and 29%, respectively.

CiNii Books

J-GLOBAL

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers  

Scalable CAN protocol is an improvement of the original CAN (Controller Area Network) protocol so that more than ten times higher speed communication is available. In this paper, we analyze behavior of Scalable CAN on a bit-error channel by using a model checking tool, NuSMV. We first describe in the SMV language a model of Scalable CAN on an error free channel and specifications which express desired properties of Scalable CAN. We verify by using NuSMV that this model satisfies the specifications. We next modify the model by replacing the error free channel with a bit-error channel. Model checking of the modified model for the specifications produces a counter example. We analyze the counter example and give suggestions for correcting Scalable CAN on a bit-error channel.

CiNii Books

J-GLOBAL

Language：Japanese   Publishing type：Research paper, summary (national, other academic conference)  

J-GLOBAL

Language：Japanese   Publisher：Information Processing Society of Japan (IPSJ)  

Today, the data capacity in automotive control network has reached the limits of CAN (maximum data rates for 1 megabits per second). Speed of CAN is affected by the propagation delay, because of using bit synchronous transmission. For increasing data transmission speed, we must change arbitration process and ACK process. We propose the 10 megabits per second CAN architecture for improved bandwidth by using a new collision detection algorithm and topology change.

CiNii Books

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-115712  Date applied：2019.6

Announcement no：特開2021-002768  Date announced：2021.1

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-115712  Date applied：2019.6

Announcement no：特開2021-002768  Date announced：2021.1

Patent/Registration no：特許第7138083号  Date registered：2022.9 

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-047478  Date applied：2019.3

Announcement no：特開2022-163093  Date announced：2022.10

Patent/Registration no：特許第7394185号  Date registered：2023.11 

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-047478  Date applied：2019.3

Announcement no：特開2020-150456  Date announced：2020.9

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-047478  Date applied：2019.3

Announcement no：特開2020-150456  Date announced：2020.9

Patent/Registration no：特許第7114515号  Date registered：2022.7 

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-002124  Date applied：2019.1

Announcement no：特開2022-172215  Date announced：2022.11

Patent/Registration no：特許第7328419号  Date registered：2023.8 

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-002124  Date applied：2019.1

Announcement no：特開2020-113852  Date announced：2020.7

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2019-002124  Date applied：2019.1

Announcement no：特開2020-113852  Date announced：2020.7

Patent/Registration no：特許第7132132号  Date registered：2022.8 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2017-204025  Date applied：2017.10

Announcement no：特開2019-080119  Date announced：2019.5

J-GLOBAL

Applicant：国立大学法人東海国立大学機構

Application no：特願2017-120830  Date applied：2017.6

Announcement no：特開2019-009509  Date announced：2019.1

Patent/Registration no：特許第6754325号  Date registered：2020.8 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2017-120830  Date applied：2017.6

Announcement no：特開2019-009509  Date announced：2019.1

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2017-009633  Date applied：2017.1

Announcement no：特開2018-121120  Date announced：2018.8

J-GLOBAL

Applicant：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

Application no：特願2016-146714  Date applied：2016.7

Announcement no：特開2016-208536  Date announced：2016.12

Patent/Registration no：特許第6267596号  Date registered：2018.1 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2016-146714  Date applied：2016.7

Announcement no：特開2016-208536  Date announced：2016.12

J-GLOBAL

Applicant：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

Application no：JP2015082349  Date applied：2015.11

Announcement no：WO2016-080422  Date announced：2016.5

Publication no：WO2016-080422  Date published：2016.5

Patent/Registration no：特許第6306206号  Date registered：2018.3 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2016-560252  Date applied：2015.11

Patent/Registration no：特許第6306206号  Date registered：2018.3 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：JP2015082349  Date applied：2015.11

Publication no：WO2016-080422  Date published：2016.5

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2015-171190  Date applied：2015.8

Announcement no：特開2017-050643  Date announced：2017.3

Patent/Registration no：特許第6525824号  Date registered：2019.5 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2015-171191  Date applied：2015.8

Announcement no：特開2017-050644  Date announced：2017.3

Patent/Registration no：特許第6525825号  Date registered：2019.5 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2015-171190  Date applied：2015.8

Announcement no：特開2017-050643  Date announced：2017.3

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2015-171191  Date applied：2015.8

Announcement no：特開2017-050644  Date announced：2017.3

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2015-100994  Date applied：2015.5

Announcement no：特開2016-219944  Date announced：2016.12

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2015-100994  Date applied：2015.5

Announcement no：特開2016-219944  Date announced：2016.12

Patent/Registration no：特許第6284903号  Date registered：2018.2  Date issued：2018.2

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2015-005260  Date applied：2015.1

Announcement no：特開2016-131325  Date announced：2016.7

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2014-235781  Date applied：2014.11

Announcement no：特開2016-100725  Date announced：2016.5

J-GLOBAL

Applicant：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

Application no：特願2014-235783  Date applied：2014.11

Announcement no：特開2016-100726  Date announced：2016.5

Patent/Registration no：特許第5717240号  Date registered：2015.3 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2014-235783  Date applied：2014.11

Announcement no：特開2016-100726  Date announced：2016.5

Patent/Registration no：特許第6282216号  Date registered：2018.2  Date issued：2018.2

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2014-235783  Date applied：2014.11

Announcement no：特開2016-100726  Date announced：2016.5

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2014-144038  Date applied：2014.7

Announcement no：特開2016-021623  Date announced：2016.2

Patent/Registration no：特許第6267596号  Date registered：2018.1 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2014-144038  Date applied：2014.7

Announcement no：特開2016-021623  Date announced：2016.2

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2014-139074  Date applied：2014.7

Announcement no：特開2016-019054  Date announced：2016.2

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2011-025240  Date applied：2011.2

Announcement no：特開2011-130486  Date announced：2011.6

Patent/Registration no：特許第5190901号  Date registered：2013.2 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2011-025240  Date applied：2011.2

Announcement no：特開2011-130486  Date announced：2011.6

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2010-178681  Date applied：2010.8

Announcement no：特開2012-039446  Date announced：2012.2

Patent/Registration no：特許第5717240号  Date registered：2015.3 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2010-178681  Date applied：2010.8

Announcement no：特開2012-039446  Date announced：2012.2

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2009-121152  Date applied：2009.5

Announcement no：特開2010-272971  Date announced：2010.12

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2008-266695  Date applied：2008.10

Announcement no：特開2010-098467  Date announced：2010.4

Patent/Registration no：特許第5158600号  Date registered：2012.12 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2008-266695  Date applied：2008.10

Announcement no：特開2010-098467  Date announced：2010.4

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2008-180685  Date applied：2008.7

Announcement no：特開2010-021805  Date announced：2010.1

Patent/Registration no：特許第4581037号  Date registered：2010.9 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2008-180686  Date applied：2008.7

Announcement no：特開2010-021806  Date announced：2010.1

Patent/Registration no：特許第4621837号  Date registered：2010.11 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2008-180686  Date applied：2008.7

Announcement no：特開2010-021806  Date announced：2010.1

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2008-180685  Date applied：2008.7

Announcement no：特開2010-021805  Date announced：2010.1

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2008-180684  Date applied：2008.7

Announcement no：特開2010-021804  Date announced：2010.1

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-232734  Date applied：2007.9

Announcement no：特開2009-065518  Date announced：2009.3

Patent/Registration no：特許第5219120号  Date registered：2013.3 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-232734  Date applied：2007.9

Announcement no：特開2009-065518  Date announced：2009.3

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-216392  Date applied：2007.8

Announcement no：特開2009-049929  Date announced：2009.3

Patent/Registration no：特許第4784838号  Date registered：2011.7 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-216433  Date applied：2007.8

Announcement no：特開2009-049933  Date announced：2009.3

Patent/Registration no：特許第5007904号  Date registered：2012.6 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-216393  Date applied：2007.8

Announcement no：特開2009-049930  Date announced：2009.3

Patent/Registration no：特許第4919192号  Date registered：2012.2 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-216392  Date applied：2007.8

Announcement no：特開2009-049929  Date announced：2009.3

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-216393  Date applied：2007.8

Announcement no：特開2009-049930  Date announced：2009.3

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-216433  Date applied：2007.8

Announcement no：特開2009-049933  Date announced：2009.3

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-153298  Date applied：2007.6

Announcement no：特開2008-306592  Date announced：2008.12

Patent/Registration no：特許第5057304号  Date registered：2012.8 

J-GLOBAL

Applicant：国立大学法人名古屋大学

Application no：特願2007-153298  Date applied：2007.6

Announcement no：特開2008-306592  Date announced：2008.12

J-GLOBAL