記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Vehicular Technology Conference  

To achieve high traceability from requirements to test scenarios, a test scenario generation method has been widely recognized as being an integral aspect of model-based development. However, it is difficult to make effective test scenarios that have sufficient requirement coverage including hazardous conditions. In this study, we propose a test scenario generation method from formalized functional requirements. Based on results from a hazard analysis, this technique is able to generate the scenario that reveals hazardous situations by specifying a hazardous state as the end-state of a scenario. Furthermore, by modeling attack targets and methods, test scenarios leading to a hazardous state by malicious simultaneous external attacks are generated. A parallelization technique for generating simultaneous attack test scenarios is shown. Using the exhaustive path-finding approach, our results show the ability to achieve high requirement coverage compared to the existing approaches. The proposed method uses a model checking method and cannot escape from the state explosion. However, it is able to reach real problems by modeling the highly-abstract requirement areas and specifying partial scenarios.

DOI： 10.1109/VTC2020-Spring48590.2020.9129076

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/vtc/vtc2020s.html#FujikuraK20

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Cybersecurity threats have become a reality for safety critical systems such as automobiles, railways and avionics witnessing cybersecurity incidents and research reports from white hackers. Threat analysis plays an important role to identify potential threats in early stages of the system development and it is a common understanding that the threat analysis for safety critical systems need to assess an effect caused by threats against safety. In this paper, we propose a threat analysis framework on safety concepts required by ISO 26262 in an architecture description language SCDL (Safety Concept Description Language) specifically designed for safety concepts modeling in ISO 26262 and demonstrate the effectiveness of our framework on a case study. Our research result shows the potential usage of SCDL for threat analysis and effect analysis between functional safety and cybersecurity.

DOI： 10.1007/978-3-030-54549-9_23

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/safecomp/safecomp2020.html#0001KSNTY20

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：AutoSec 2020 - Proceedings of the 2nd ACM Workshop on Automotive and Aerial Vehicle Security  

In recent years, frequent spoofing attacks targeting automotive control systems have been reported. To address this issue, automotive manufactures seek to assign a message authentication code(MAC) to ensure the security of these systems. As it is challenging to assign an authenticator to all messages due to limitations in transfer capacity, automotive manufactures are seeking to assign it to only a certain type of message. In this study, a method of spoofing detection is proposed that makes use of one of the critical messages referred to as Keep Alive Messages.

DOI： 10.1145/3375706.3380557

Web of Science

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/codaspy/autosec2020.html#KurachiTUT20

記述言語：日本語   出版者・発行元：ACM International Conference Proceeding Series  

With the expansion of Industry 4.0, the factory automation (FA) system has become more complex due to wireless communication between multiple devices. Therefore, short-term development and secure communication are required for development cost and cyber-security issues. For this reason, a secure robot operating system 2 (SROS2) was developed. SROS2 is an open-source platform applicable to industrial robots. SROS2 achieves short-term development with various libraries and implements encryption and authentication by embedding advanced encryption standard - Galois/counter mode (AES-GCM). On the other hand, AES-GCM has been reported to be vulnerable to spoofing. Therefore, a secure encryption algorithm to replace AES-GCM is required. In addition, the system must be able to operate without problems after replacement. For these reasons, this study embeds secure authenticated encryption instead of AES-GCM in SROS2. The results of an evaluation experiment on the latency of the encryption algorithm showed that Ascon is more effective than AES-GCM.

DOI： 10.1145/3375959.3375976

Scopus

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：Sustainable Computing: Informatics and Systems  

With the increasing computational demands of applications, the research of energy-efficient heterogeneous multiprocessor scheduling is becoming more and more important. The problem can be addressed as allocating tasks to the right cores and setting the appropriate operating frequencies. In this paper, we present a task allocation algorithm for a single-ISA big.LITTLE architecture which consists of two different types of cores: high-performance core and energy-efficient core. Based on the execution variance of two types of cores, a heuristic that approximate the optimal load distribution is proposed. We experimentally simulate our method and compare it with the state-of-the-art solutions. Experimental results show that average 20.4% less energy consumption (and up to 60.2% for some cases) can be saved from the typical Little-Core-First with satisfying the deadline constraints of all tasks.

DOI： 10.1016/j.suscom.2018.10.001

Web of Science

Scopus

記述言語：日本語   出版者・発行元：SEI Technical Review  

Recently, quite a number of security attacks against Controller Area Network (CAN) have been reported. Many automotive companies are planning to adopt security countermeasures to strengthen security of their in-vehicle systems while saving the costs. This paper proposes a method to block unauthorized CAN-bus access using our enhanced CAN controller that prevents the transmission of messages from a malicious electronic control unit. We demonstrate the effectiveness of our device disabler on a CAN with Flexible Date rate buses.

Scopus

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IEEE Transactions on Industrial Informatics  

The controller area network with flexible data-rate (CAN FD) is the new generation of the CAN technology to meet the daily increasing bandwidth requirement for automotive cyber-physical systems (ACPS). However, ACPS is a security-critical system, an efficient security/timing-aware design space exploration (DSE) method is required to fully utilize CAN FD's high data phase data rate. In this paper, we propose an AUTOSAR-compliant system model that integrates both timing and security constraint, an integrated mixed-integer linear programming formulation (i-MILP) for the optimal DSE of CAN FD, and a divide-and-conquer approach to the i-MILP (dc-MILP) to address its timing complexity problem. The experiment results show that dc-MILP scales well for industrial-size systems and saves 1.94%-4.76% bandwidth utilization and guarantees the schedulability for more signal sets by comparing with the state-of-the-art algorithm.

DOI： 10.1109/TII.2018.2851939

Web of Science

Scopus

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems  

We study the worst case response time (WCRT) analysis and evaluation for sporadic message-processing tasks in a multicore automotive gateway of a controller area network (CAN) cluster. We first build a multicore automotive gateway on CAN clusters. Two WCRT analysis methods for message-processing tasks in the multicore gateway are subsequently presented based on global and partitioned scheduling paradigms. We evaluate the WCRT results of two analysis methods with real message sets provided by the automaker, and present the design optimization guide.

DOI： 10.1109/TCAD.2018.2812119

Web of Science

Scopus

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：ACM Transactions on Embedded Computing Systems  

A typical automotive integrated architecture is a controller area network (CAN) cluster integrated by a central gateway. This study proposes a novel and exact worst-case response time (WCRT) analysis method for message-processing tasks in the gateway. We first propose a round search method to obtain lower bound on response time (LBRT) and upper bound on response time (UBRT), respectively. We then obtain the exact WCRT belonging to the scope of the LBRT and UBRT with an effective non-exhaustive exploration. Experimental results on a real CAN message set reveal that the proposed exact analysis method can reduce 99.99999% combinations on large-scale CAN clusters.

DOI： 10.1145/3284178

Web of Science

Scopus

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Vehicular Technology Conference  

Numerous examples of automotive vulnerabilities have been provided, and the diagnostic functions in the on-board electronic control unit (ECU) have been used as an avenue of attack and analysis. Many ECUs are equipped with security access services that protect crucial diagnostic functions. If these security access services contain vulnerabilities, however, the ECU may be falsified or improperly controlled through the controller area network. In this study, we analyze the means of attacking security access services and provide the results of evaluating actual ECUs.

DOI： 10.1109/VTCSpring.2019.8746714

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/vtc/vtc2019s.html#KurachiTTISNMAN19

記述言語：日本語  

Web of Science

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IEEE Access  

In real-time embedded systems, minimizing energy consumption is one of the most important tasks. Intra-task dynamic voltage and frequency scaling (DVFS) has been the subject of much research in the task boundary of time-constrained applications for energy reduction. The problem of optimizing energy consumption with respect to intra-task DVFS scheduling can be addressed by assigning proper operational frequencies to individual basic blocks in a program while guaranteeing the deadline. Based on the profile information of a task, we first formulate the problem in terms of integer linear programming (ILP) regarding different assumptions of transition overhead. To verify the effectiveness of ILP formulations, the most representative intra-task DVFS techniques are taken for comparisons. The results of the experiments demonstrate that the proposed ILP method achieves greater energy savings than the existing approaches. Moreover, it determines the optimal scheduling strategy in reasonable execution time for applications with a limited number of blocks.

DOI： 10.1109/ACCESS.2019.2902353

Web of Science

Scopus

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 情報処理学会  

Energy-aware task allocation of embedded systems is one of the most important issues in recent decades. A classical solution to solve the issue is Integer Linear Programming (ILP). However, given the considerable time consumption, it is effective only to the extent that the scale of the problem is small. How to use ILP to solve large allocation problems on heterogeneous multiprocessor systems to minimize energy consumption is still a challenge. This paper proposes two ILP formulations to deal with it. One complete ILP(1) is used to derive a feasible allocation, and the other simplified ILP(2) is for calculating the desired minimum energy. Then the desired minimum energy can be used as a reference to evaluate the intermediate solution of ILP(1) and decide its timeout. Besides, to find out the best-suited platform for a given workload, a flexible design which presents flexibilities and choices in core assignment, is considered for further energy saving. For example, the optimal core number design and core type design are generated as two independent ILP formulations, denoted as ILP(3) and ILP(4). The experimental results on randomly generated task sets demonstrate that, compared with the fixed platform, automatically synthesizing a flexible core assignment saves more energy.

DOI： 10.2197/ipsjjip.27.136

Scopus

CiNii Research

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings - Companion of the 19th IEEE International Conference on Software Quality, Reliability and Security, QRS-C 2019  

The Controller Area Network (CAN) is widely used in in-vehicle networks. As increasing the number of Electronic Control Units (ECUs) in an in-vehicle system, the delay of the CAN message is critical issues to achieve high accuracy of the control applications. This protocol employs an arbitration mechanism for priority-based transmission, therefore, although it is easy to estimate the worst-case response time (WCRT) of each message by using real-time scheduling theory, there is no way to know the delay time at which each CAN message was generated in the run-time environment. To address this issue, in this paper, we propose a method is to notify the real delay time of each message without synchronizing to global time between each node in the run-time environment. Our proposed method can provide the delay time of each CAN message with a small improvement so it can be applied for the existing in-vehicle systems.

DOI： 10.1109/QRS-C.2019.00020

Web of Science

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/qrs/qrs2019c.html#KurachiTAUM19

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）  

DOI： 10.1109/HASE.2019.00043

Web of Science

その他リンク： https://dblp.uni-trier.de/db/conf/hase/hase2019.html#KurachiTAUM19

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC  

To achieve high traceability from requirements to test scenarios, a test scenario generation method has been widely recognized as being an integral aspect of model-based development. In this study, we propose a test scenario generation method from formalized functional requirements which employs the approach with the 'fluent' proposition. Based on results from a hazard analysis, this technique is able to generate test scenarios that reveals hazardous situations by specifying a hazardous state as their end-state of a scenario. Furthermore, by modeling attack targets and methods, test scenarios leading to a hazardous state by malicious external attacks are generated.

DOI： 10.1109/PRDC47002.2019.00025

Web of Science

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/prdc/prdc2019.html#FujikuraK19

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings - Companion of the 19th IEEE International Conference on Software Quality, Reliability and Security, QRS-C 2019  

To achieve high traceability from requirements to test scenarios, a test scenario generation method has been widely recognized as being an integral aspect of model-based development. In this paper, we propose a test scenario generation method from formalized functional requirements which employs the KAOS-based approach with the fluent proposition. Based on safety requirements, this technique is able to generate the scenario that reveals hazardous situations by specifying a hazard state as the end state of a scenario. By using exhaustive pathfinding approach, our results show the ability to achieve the high requirement coverage compared to existing approaches.

DOI： 10.1109/QRS-C.2019.00115

Web of Science

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/qrs/qrs2019c.html#FujikuraK19

記述言語：日本語   出版者・発行元：一般社団法人 システム制御情報学会  

DOI： 10.11509/isciesci.62.4_124

CiNii Research

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings - 16th International Conference on Embedded and Ubiquitous Computing, EUC 2018  

In recent decades, the research of energy-aware scheduling on heterogeneous multiprocessor systems is becoming more and more popular. A classic method for real-time task allocation is Linear Programming (LP). However, existing LP formulations are usually regarded as ineffective in solving large-scale allocation problems due to the unacceptable time consumption. In this work, we propose two integer linear programming (ILP) formulations to deal with the allocation problems for large task sets. One exact ILP(1) is formulated to derive an intermediate solution, and the other relaxed ILP(2) is considered to calculate the desired minimum energy. Then the desired minimum energy can be taken as a reference to evaluate the optimality of the intermediate solution. Experimental results on randomly generated task sets demonstrate that our method achieves average 19.2% less energy within limited time than the classic greedy and the state-of-the-art heuristic algorithm.

DOI： 10.1109/EUC.2018.00031

Web of Science

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/euc/euc2018.html#QinZKMT18

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 情報処理学会  

The recently developed FMLP+ provides significant advantages for partitioned fixed priority scheduling, since it ensures asymptotically optimal O(n) maximum priority-inversion blocking. The constraints under the FMLP+ can be exploited to determine bounds on the blocking time. However, these bounds may be pessimistic since shared resources local to a processor do not incur priority-inversion blocking in some cases. Consequently, a schedulable task set may be erroneously judged as unschedulable because of these pessimistic values. Based on our analysis, additional constraints were added to compute the maximum blocking time bound of each task with linear programming and the corresponding worst-case response time. The results of experiments show our proposed strategy is less pessimistic than existing strategies. Meanwhile, we also demonstrate that local resource sharing should be used instead of global resource sharing where possible.

DOI： 10.2197/ipsjjip.26.540

Scopus

CiNii Research

記述言語：日本語   出版者・発行元：国立研究開発法人 科学技術振興機構  

<p>近年，自動車はさまざまな機器と接続されることにより，新しい価値を生み出すことが期待されている。今後は自動運転に向けて，V2Xと呼ばれる通信機能の搭載が予想されており，ますますIoTとしての重要な位置づけとなる。しかしながら，一方で現在販売されている自動車の多くが，セキュリティー対策が不十分であることが指摘されている。このため，今後はセキュリティー強化が必要とされている。本論では，自動車を取り巻くIoTと情報セキュリティーの課題について概説する。</p>

DOI： 10.1241/johokanri.60.690

CiNii Research

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IEEE Access  

With the considerable growth of cybersecurity risks in modern automobiles, cybersecurity issues in the in-vehicle network environment have attracted significant attention from security researchers in recent years. Enhancing the cybersecurity ability of in-vehicle networks while considering the computing resource and cost constraints become an urgent issue. To address this problem, a novel information entropy-based method is proposed in this paper, which uses a fixed number of messages as sliding windows. By improving the sliding window strategy and optimizing the decision conditions, the detection accuracy is increased and the false positive rate is reduced. Experimental results demonstrate that the proposed method can provide real-time response to attacks with a considerably improved detection precision for intrusion detection in the in-vehicle network environment.

DOI： 10.1109/ACCESS.2018.2865169

Web of Science

Scopus

記述言語：日本語   出版者・発行元：SAE Technical Papers  

We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.

DOI： 10.4271/2018-01-0013

Scopus

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：2018 IEEE International Conference on Vehicular Electronics and Safety, ICVES 2018  

In automotive software development, secure coding is required to enhance the security level because the secure coding guidelines state that vulnerability of software must be eliminated. However, secure coding is difficult to incorporate because it provides different assumptions from the coding guidelines of product development for existing automobiles. More specifically, in the automobile industry, MISRA-C is applied to improve the reliability of software. To achieve higher dependability and security level, an original guideline was developed in this study for the AUTOSAR adaptive platform. In this paper, we discuss the secure coding guidelines for strengthening security in classic and adaptive platforms.

DOI： 10.1109/ICVES.2018.8519496

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/icves/icves2018.html#KurachiTTATIMM18

記述言語：日本語  

Web of Science

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IEEE Access  

Cybersecurity is increasingly important for the safety and reliability of autonomous vehicles. The controller area network (CAN) is the most widely used in-vehicle network for automotive safety-critical applications. Enhancing the cybersecurity ability of CAN while considering the real-time, schedulability, and cost constraints becomes an urgent issue. To address this problem, a real-time, and schedulability analysis-guaranteed security mechanism [identification hopping CAN (IDH-CAN)] is proposed in this paper, which aims to improve the security performance of CAN under the constraints of automotive real-time applications. In order to support the operation of the IDH-CAN mechanism, an IDH-CAN controller is also designed and implemented on a field-programmable gate array, which can work as a hardware firewall in the data link layer of CAN to isolate cyberattacks from the physical layer. Meanwhile, to maximize the information entropy of the CAN message ID on the physical layer, the ID hopping table generation and optimization algorithms for IDH-CAN are also proposed. Then, information security evaluation experiments based on information entropy comparison are deployed. The simulation and practical evaluations demonstrate the effectiveness of the proposed mechanism in defending reverse engineering, targeted denial of service, and replay attacks without violating real-time and schedulability constraints.

DOI： 10.1109/ACCESS.2018.2870695

Web of Science

Scopus

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings - IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018  

Controller Area Network (CAN) is the most widely employed real-Time communication protocol for safety-critical applications. Recently, an issue of security countermeasure for CAN is the limited bandwidth of CAN. For this reason, the ID hopping technology has been proposed to improve the security with limited resource by varying the ID of a message when transmitting it on the CAN bus. However, the existing ID hopping method is not effective in terms of ID variation. In this paper, we propose a real-Time and security mechanism to improve the security effect of ID hopping. Firstly, we obfuscate the priority of messages with two MILP models and a greedy algorithm called 'Priority Bound Decision Algorithm', making priority different on the application layer. Secondly, combining the ID-hopping, our method can enhance the diversity of IDs on the data link layer. Thirdly, the results of security analysis indicate that our proposal can hinder the targeted DoS, replay attack and reverse engineering better than some existing methods.

DOI： 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00029

Web of Science

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/dasc/dasc2018.html#DingZKZ18

記述言語：日本語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1016/j.sysarc.2017.10.008

Web of Science

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IEEE Transactions on Vehicular Technology  

In modern automobiles, gateways are commonly used to connect several subsystems of controller area networks (CANs) to achieve integrated architecture and distributed cross-bus functionalities. To analyze the real-time property of such in-vehicle networks, worst-case response time (WCRT) analysis for gateway-integrated CAN messages has been studied recently. However, the WCRTs obtained are quite pessimistic. In this study, we examine in detail the various actual arriving orders of gateway messages and then propose an explorative WCRT computation method. It is proved that the obtained WCRT results are safe WCRT bounds. Experimental results for real message set demonstrate as much as 24% reduction of WCRT compared with those obtained using the state-of-the-art methods.

DOI： 10.1109/TVT.2017.2737035

Web of Science

Scopus

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 電子情報通信学会  

As a next-generation CAN (Controller Area Network), CAN FD (CAN with flexible data rate) has attracted much attention recently. However, how to use the improved bus bandwidth efficiently in CAN FD is still an issue. Contrasting with existing methods using greedy approximate algorithms, this paper proposes a genetic algorithm for CAN FD frame packing. It tries to minimize the bandwidth utilization by considering the different periods of signals when packing them in the same frame. Moreover, it also checks the schedulability of packed frames to guarantee the real-time constraints of each frame and proposed amerging algorithm to improve the schedulability for signal set with high bus load. Experimental results validate that the proposed algorithm can achieve significantly less bandwidth utilization and improved schedulability than existing methods for a given set of signals.

DOI： 10.1587/transinf.2017edp7073

Web of Science

Scopus

CiNii Research

その他リンク： http://dblp.uni-trier.de/db/journals/ieicet/ieicet100d.html#journals/ieicet/DingZKH17

記述言語：日本語   出版者・発行元：日本信頼性学会  

現在販売されている自動車の多くは，安全性が高く設計されている一方で，セキュリティ対策が施さ れておらず，攻撃者に対して脆弱であることが幾つかの研究事例により指摘されている．このため，近 年，自動車のサイバーセキュリティに対して注目が集まっている．自動車のような安全性に関わる制御 システムが攻撃されると，人命や安全に対して様々な危害を加えることが可能である一方，コスト効率 の高い制御システムであるために，情報セキュリティで行われるような対策手法をそのまま適用出来な いことが課題とされている．本論では，これらの自動車のサイバーセキュリティ強化に向けた取り組み を中心に，現状を概説する．

DOI： 10.11348/reajshinrai.39.2_68

CiNii Research

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings - 2016 13th International Conference on Embedded Software and System, ICESS 2016  

As a next-generation CAN (Controller Area Network), CAN-FD (CAN with flexible data rate) has attracted much attention recently. However, how to use the improved bus bandwidth efficiently in CAN-FD is still an issue. Contrasting with existing methods using greedy approximate algorithms, this paper proposes a genetic algorithm for CAN-FD frame packing. It tries to minimize the bandwidth utilization by considering the different periods of signals when packing them in the same frame. Experimental results validate that the proposed algorithm can achieve significantly less bandwidth utilization than existing methods for a given set of signals.

DOI： 10.1109/ICESS.2016.12

Web of Science

Scopus

記述言語：日本語  

Web of Science

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

With the growth of ECUs that are mounted in automobiles, the transmission capacity of Controller Area Network (CAN), which is currently used by most on-vehicle networks, is becoming insufficient, and therefore CAN With Flexible Data Rate (CAN-FD), presented by Bosch GmbH, is viewed as a nextgeneration standard. Recently, the number of attacks on ECUs connected to CAN has been increasing, and from the viewpoint of CAN security there has been much discussion of safety. However, with regard to CAN-FD, which is an expansion of CAN, although a discussion of safety is needed, that has hardly happened. This paper reports on an implementation that uses the generic fuzzing tool beSTORM to investigate the vulnerability of the CAN-FD protocol. We also aim at practical application by measuring the transmission time for beSTORM test data and by estimating the time required for CAN-FD fuzzing tests.

DOI： 10.1109/ICVES.2016.7548161

Web of Science

記述言語：日本語  

Web of Science

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：2016 11th IEEE International Symposium on Industrial Embedded Systems, SIES 2016 - Proceedings  

Partitioned fixed priority scheduling is one of the most comprehensively chosen predictable scheduling in practice. The FMLP+ developed in recent years is a better protocol, which ensures asymptotically optimal O(n) maximum priority-inversion blocking. The constraints under several protocols besides the FMLP+ can be exploited to gain the bound on maximum blocking time. However, the blocking time bounds may be pessimistic under the FMLP+ on the ground that shared resources local to a processor do not incur priority-inversion blocking in some cases. It is possible that a schedulable task set is judged as unschedulable because of the pessimistic values. Based on our analysis, a few constraints was added to compute the maximum blocking time of each task, and then its worst-case response time. The results of our experiments show less pessimism than the existing ones. Meanwhile, we also demonstrate the usefulness of the conclusion that global resource sharing should be transformed into local one where possible.

DOI： 10.1109/SIES.2016.7509435

Web of Science

Scopus

記述言語：日本語   出版者・発行元：SEI Technical Review  

One of the main concerns for the security of in-vehicle data is spoofing messages on the in-vehicle network. Controller Area Network (CAN) is the most extensively embedded network protocol in vehicles. In the last decade, security attacks in vehicles have been increasing and have been reported in several papers. Therefore, security measures are expected that meet the requirements of real time and cost constraint for in-vehicle control network. In this paper, we propose centralized authentication system in CAN with improved CAN controller. Our experimental results demonstrate that our proposal method is effective on real in-vehicle network environments.

Scopus

記述言語：日本語  

Web of Science

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：2015 IEEE 82nd Vehicular Technology Conference, VTC Fall 2015 - Proceedings  

Nowadays, in-vehicle network design has become a difficult challenge due to increased complexity and strict real-time constraints. In this work, we propose an integrated framework for CAN network topology design under real-time constraints. The framework integrates topology design with real-time analysis. It firstly allocates electronic control units (ECU) automatically to one of the CAN buses via integer linear programming (ILP) optimization. Then, the worst case response rate (WCRR) results of real-time analysis are fed back to a weighted ILP optimization to further improve the topology design with respect to a realtime property. A case study using a real message set from automaker validated the effectiveness and scalability of the proposed framework.

DOI： 10.1109/VTCFall.2015.7390840

Web of Science

Scopus

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings - 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security and 2015 IEEE 12th International Conference on Embedded Software and Systems, HPCC-CSS-ICESS 2015  

A central gateway is a very important node for connecting the buses to pass messages from one bus to the other bus(es) in current in-vehicle networks. However, transmitting message through gateway causes additional delay to the end-toend delay of messages. Existing methods for analysis of gateway processing delay usually employed experimental measurements which are inefficient and cannot obtain a safe delay bound.Meanwhile, the increased complexity of in-vehicle networks require theoretical analysis of gateway processing delay to obtain a safe upper bound delay. In this paper, we first construct a central gateway model with CAN clusters, then we propose a novel response time analysis method with rigorous proof to compute the upper bound delay of gateway tasks. Experimental results demonstrated that the proposed approach can obtain the upper bound delay in reasonable time even for a large-scale network workload, and the calculated upper bound is close to the exact worst case delay.

DOI： 10.1109/HPCC-CSS-ICESS.2015.324

Web of Science

Scopus

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   出版者・発行元：公益社団法人 自動車技術会  

The Controller Area Network (CAN) is a widely used in-vehicle network and its schedulability is particularlyimportant. In a CAN system, implementing the priority queues is better than FIFO queues with respect to the schedulability, which is widely recognized by users. In this paper, we investigate whether and how much implementing the priority queues is better than FIFO queues when the offset assignment for CAN messages is conducted. Our results show that usually the priority queues are better, whereas the FIFO queues are better in some specific situations. Furthermore, we propose a new scheduling method for obtaining the advantages of both queues, which improves the schedulability effectively.

DOI： 10.20485/jsaeijae.4.4_75

CiNii Research

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 電子情報通信学会  

In modern automobiles, Controller Area Network (CAN) has been widely used in different sub systems that are connected by using gateway. While a gateway is necessary to integrate different electronic sub systems, it brings challenges for the analysis of Worst Case Response Time (WCRT) for CAN messages, which is critical from the safety point of view. In this paper, we first analyzed the challenges for WCRT analysis of messages in gateway-interconnected CANs. Then, based on the existing WCRT analysis method proposed for one single CAN, a new WCRT analysis method that uses two new definitions to analyze the interfering delay of sporadically arriving gateway messages is proposed for non-gateway messages. Furthermore, a division approach, where the end-to-end WCRT analysis of gateway messages is transformed into the similar situation with that of non-gateway messages, is adopted for gateway messages. Finally, the proposed method is extended to include CANs with different bandwidths. The proposed method is proved to be safe, and experimental results demonstrated its effectiveness by comparing it with a full space searching based simulator and applying it to a real message set. © 2013 The Institute of Electronics.

DOI： 10.1587/transinf.e96.d.1467

Web of Science

Scopus

CiNii Research

その他リンク： http://dblp.uni-trier.de/db/journals/ieicet/ieicet96d.html#journals/ieicet/XieZCKTL13

記述言語：日本語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings - 2012 International Conference on Connected Vehicles and Expo, ICCVE 2012  

Controller Area Network (CAN) is widely used inside the automobiles. To decrease design complexity and cost, several CAN are utilized in different sub systems and gateway is employed to realize the communication between them. But the employment of gateway brings many challenges for schedulability analysis of CAN messages. We first analyzed the key challenges for schedulability analysis of messages. And then, based on existing method proposed for one single CAN, a new analysis method that is based on interference analysis for dynamically arriving gateway messages is proposed for non-gateway messages. Furthermore, a division approach that transforms the end-to-end schedulability analysis of gateway messages into the similar situation with that of non-gateway messages is proposed for gateway messages. The proposed method is proved to be safe, and by comparing it with a full space searching based simulator and applying to a real message set, its effectiveness is demonstrated as well. © 2012 IEEE.

DOI： 10.1109/ICCVE.2012.23

Web of Science

Scopus

その他リンク： https://dblp.uni-trier.de/db/conf/iccve/iccve2012.html#XieZCKTL12

記述言語：日本語   出版者・発行元：公益社団法人 自動車技術会  

Controller Area Network (CAN)の最大伝送速度を改善するために，CANプロトコルを改良したスケーラブルCANプロトコルを提案し評価する．

DOI： 10.11351/jsaeronbun.43.509

CiNii Books

CiNii Research

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 情報処理学会  

The Controller Area Network (CAN) is widely employed in automotive control system networks. In the last few years, the amount of data has been increasing rapidly in these networks. With the purpose of improving CAN bandwidth efficiency, scheduling and analysis are considered to be particularly important. As an effective method, it has been known that assigning offsets to the CAN messages can reduce their worst case response time (WCRT). Meanwhile, the fact is that many commercial CAN controllers have been equipped with a priority or first-in-first-out (FIFO) queue to transmit messages to the CAN bus. However, previous researches for WCRT analysis of CAN messages either assumed a priority queue or did not consider the offset. For this reason, in this paper we propose a WCRT analysis method for CAN messages with assigned offset in the FIFO queue. We first present a critical instant theorem, then we propose two algorithms forWCRT calculation based on the given theorem. Experimental results on generated message sets and a real message set have validated the effectiveness of the proposed algorithms. © 2012 Information Processing Society of Japan.

DOI： 10.2197/ipsjjip.20.451

Scopus

CiNii Research

記述言語：英語   出版者・発行元：Information and Media Technologies 編集運営会議  

The Controller Area Network (CAN) is widely employed in automotive control system networks. In the last few years, the amount of data has been increasing rapidly in these networks. With the purpose of improving CAN bandwidth efficiency, scheduling and analysis are considered to be particularly important. As an effective method, it has been known that assigning offsets to the CAN messages can reduce their worst case response time (WCRT). Meanwhile, the fact is that many commercial CAN controllers have been equipped with a priority or first-in-first-out (FIFO) queue to transmit messages to the CAN bus. However, previous researches for WCRT analysis of CAN messages either assumed a priority queue or did not consider the offset. For this reason, in this paper we propose a WCRT analysis method for CAN messages with assigned offset in the FIFO queue. We first present a critical instant theorem, then we propose two algorithms for WCRT calculation based on the given theorem. Experimental results on generated message sets and a real message set have validated the effectiveness of the proposed algorithms.

DOI： 10.11185/imt.7.841

CiNii Research

記述言語：日本語   出版者・発行元：SAE 2011 World Congress and Exhibition  

In this paper, a new high-speed bus topology LAN protocol for automobiles is proposed and its compatibility with the traditional CAN protocol is discussed. The transfer rate of traditional CAN cannot be increased due to its bitwise arbitration using message priority and Acknowledgment mechanisms. Our proposed protocol avoids collisions by assigning one or more time slots to each ECU within a communication cycle. ACK is informed through the ACK bits included in the header of each frame. Based on this protocol, we implemented a 5 Mbit/s LAN system on which the existing software for CAN is used with small modifications. This paper describes the proposed protocol, named "Scalable CAN," and its implementation on FPGA, and demonstrates that existing software can be easily ported to this new protocol. © 2011 SAE International.

DOI： 10.4271/2011-01-1043

Scopus

記述言語：日本語   出版者・発行元：SAE Technical Papers  

In this paper, a new high-speed bus topology LAN protocol for automobiles is proposed and its compatibility with the traditional CAN protocol is discussed. The transfer rate of traditional CAN cannot be increased due to its bitwise arbitration using message priority and Acknowledgment mechanisms. Our proposed protocol avoids collisions by assigning one or more time slots to each ECU within a communication cycle. ACK is informed through the ACK bits included in the header of each frame. Based on this protocol, we implemented a 5 Mbit/s LAN system on which the existing software for CAN is used with small modifications. This paper describes the proposed protocol, named "Scalable CAN," and its implementation on FPGA, and demonstrates that existing software can be easily ported to this new protocol. Copyright © 2011 SAE International.

Scopus

掲載種別：研究論文（国際会議プロシーディングス）  

その他リンク： http://dblp.uni-trier.de/db/conf/rtns/rtns2011.html#conf/rtns/ChenKTZ11

記述言語：日本語   出版者・発行元：SEI Technical Review  

In today's automotive industry, FlexRay and other next generation protocols for automotive network communications are gaining attention. However, these protocols are unlikely to replace existing applications in the immediate future due to the cost and reliability problems caused by the replacement. In this paper we propose Scalable CAN, a new automotive network protocol based on the existing CAN (controller area network). Having a new ACK (Acknowledgement) information field, instead of an ACK slot, the Scalable CAN features a transmission speed of 10 Mbps and a new collision resolution algorithm which guarantees the delivery of a message within a given time period. Our simulation analysis indicates that the Scalable CAN protocol is superior to the conventional CAN in throughput performance such as a maximum data transmission speed, scalability, and priority inversion. This paper also includes considerations given for the implementation of the Scalable CAN.

Scopus

記述言語：日本語   出版者・発行元：SAE International Journal of Passenger Cars - Electronic and Electrical Systems  

In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbit/s. The new automotive protocol "10 Mbit/s CAN" is based on two changes to CAN; a star topology, in which nodes are physically connected using a multi-port gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the "10 Mbit/s CAN" protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of "10 Mbit/s CAN" are also reviewed briefly. © 2009 SAE International.

DOI： 10.4271/2009-01-0126

Scopus

記述言語：日本語   出版者・発行元：SAE Technical Papers  

In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbit/s. The new automotive protocol "10 Mbit/s CAN" is based on two changes to CAN; a star topology, in which nodes are physically connected using a multi-port gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the "10 Mbit/s CAN" protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of "10 Mbit/s CAN" are also reviewed briefly. Copyright © 2009 SAE International.

DOI： 10.4271/2009-01-0126

Scopus

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbit/s. The new automotive protocol "10 Mbit/s CAN" is based on two changes to CAN
a star topology, in which nodes are physically connected using a multi-port gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the "10 Mbit/s CAN" protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of "10 Mbit/s CAN" are also reviewed briefly. © 2009 SAE International.

DOI： 10.4271/2009-01-0126

Scopus

記述言語：日本語   出版者・発行元：情報処理学会 ; 1960-  

本稿では，自動車制御システムを中心にその発展経緯を踏まえて，セーフティとセキュリティに関する現状を整理する．特に，情報処理の観点から，先進運転支援システムや自律走行システムの実用化に向けて，今後取り組むべき課題やその方向性について概説する．

CiNii Books

記述言語：日本語   出版者・発行元：自動車技術会  

CiNii Books

記述言語：日本語   出版者・発行元：日本信頼性学会  

CiNii Books

記述言語：日本語   出版者・発行元：技術情報協会  

記述言語：日本語   出版者・発行元：情報処理学会 ; 1960-  

近年，自動車に対する脆弱性事例が多数報告されており，自動車のセキュリティが注目されている．これまでに販売されている自動車の多くは機能安全規格に対応されつつあり故障などに対して安全ではあるものの，攻撃者からの意図的なサイバー攻撃に対しては対策されておらず，脆弱であることが指摘されている．また，リアルタイム性やコスト制約が厳しい車載制御システムでは情報セキュリティの対策技術をそのまま適用することができない場合があり，車載制御システムの特徴を生かしたセキュリティ対策技術が必要とされている．本解説記事では，車載制御システムに求められる安全性とセキュリティを概説する．

CiNii Books

記述言語：英語   掲載種別：研究発表ペーパー・要旨（全国大会，その他学術会議）  

記述言語：日本語   出版者・発行元：日本自動車工業会  

CiNii Books

記述言語：日本語   掲載種別：速報，短報，研究ノート等（学術雑誌）  

記述言語：日本語   出版者・発行元：電気評論社  

CiNii Books

記述言語：英語   掲載種別：研究発表ペーパー・要旨（全国大会，その他学術会議）  

記述言語：日本語  

記述言語：日本語   出版者・発行元：住友電気工業  

CiNii Books

記述言語：英語   掲載種別：研究発表ペーパー・要旨（全国大会，その他学術会議）  

記述言語：英語   掲載種別：研究発表ペーパー・要旨（全国大会，その他学術会議）  

記述言語：英語   掲載種別：研究発表ペーパー・要旨（全国大会，その他学術会議）   出版者・発行元：SAE Technical Papers  

Today, the Controller Area Network (CAN) is a widely used in-vehicle network. However, due to the constraint of the theoretical upper bound speed of CAN, we proposed Scalable-CAN (SCAN), which employs round-robin scheduling to improve upper bound speed while keeping the compatibility with traditional CAN. Moreover, we proposed the worst-case response time (WCRT) analysis for a single SCAN bus system and showed the real-time performance. In this paper, to apply SCAN to a next-generation in-vehicle network composed of a SCAN bus and a CAN bus, we first propose a schedulability analysis method for the integrated network system. Second, we show its real-time performance and highlight the effects of the bandwidth extension and throughput performance of the SCAN integrated system. Finally, we conclude that SCAN achieves lower latency, high schedulability, and high integrity toward a next-generation in-vehicle network. Copyright © 2013 SAE International.

DOI： 10.4271/2013-01-1182

Scopus

記述言語：英語  

記述言語：英語  

Controller Area Network (CAN) is widely used inside the automobiles. To decrease design complexity and cost, gateway is employed to realize the communication between different CAN buses. But its employment brings great challenges for worst-case response time (WCRT) analysis of CAN messages. We first analyzed the key challenges for WCRT analysis of messages. And then, based on existing method proposed for one single CAN, a new WCRT analysis method that considers the timing distance relations among messages is proposed for non-gateway messages. Furthermore, a division-based method that transforms the end to end WCRT analysis of gateway messages into the similar case with WCRT analysis of non-gateway messages is proposed for gateway messages. The correctness of the proposed method is proved and its usability is verified by comparing it with a full space searching based simulator as well.Controller Area Network (CAN) is widely used inside the automobiles. To decrease design complexity and cost, gateway is employed to realize the communication between different CAN buses. But its employment brings great challenges for worst-case response time (WCRT) analysis of CAN messages. We first analyzed the key challenges for WCRT analysis of messages. And then, based on existing method proposed for one single CAN, a new WCRT analysis method that considers the timing distance relations among messages is proposed for non-gateway messages. Furthermore, a division-based method that transforms the end to end WCRT analysis of gateway messages into the similar case with WCRT analysis of non-gateway messages is proposed for gateway messages. The correctness of the proposed method is proved and its usability is verified by comparing it with a full space searching based simulator as well.

CiNii Books

記述言語：日本語   出版者・発行元：情報処理学会  

現在，様々な機能を実現するために，車載ネットワークに流れるデータ量は急激に増加しており，広く採用されているController Area Network（CAN）では回線容量が不足している．しかしながら，CANの最大伝送速度はバス上での送信権の調停やACK応答メカニズムにより制約されており，最大伝送速度を向上させるためにはプロトコルの改良が必要となる．そこで，我々はCANを改良したスケーラブルCANプロトコルを提案している．本論では，スケーラブルCANプロトコルの最大遅れ時間解析手法を提案し，スケーラブルCANプロトコルがCANよりスループットを向上させたことにより，十分なメッセージ量を転送できる能力があることを示す．The Controller Area Network (CAN) is widely employed in in-vehicle networks to install new functions. However, CAN has significant restrictions on upper bound of maximum speed due to its bitwise arbitration and acknowledgement sequences. Therefore, we have proposed a new high-speed protocol &quot;Scalable CAN&quot; to improve upper bound speed of CAN. In this paper, we propose the worst-case response time analysis for &quot;Scalable CAN&quot;. According to our analysis, the Scalable CAN has achieved much higher throughput performance than CAN, and it has the ability to transfer a sufficient amount of message.

CiNii Books

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

車載制御システム向けのネットワークは,厳しいコスト制約や重量制約,高い信頼性やリアルタイム性などの要求から,一般の情報ネットワーク技術とは大きく異なる技術が用いられている.本稿では,まず,車載制御ネットワークの主な使途について述べた後,ネットワーク技術に課されている制約事項や要求事項について整理する.次に,現状の車載制御ネットワーク規格として,CANの概要について解説する.また,LINやFlexRayなど,その他のネットワーク規格についても概説する.最後に,車載制御ネットワーク技術の今後の発展性として,CANの高速化やイーサネットの導入の動き,光ファイバ化などの研究開発動向について紹介する.

CiNii Books

記述言語：日本語   出版者・発行元：自動車技術会  

DOI： 10.11351/jsaeronbun.43.509

記述言語：日本語   出版者・発行元：Society of Automotive Engineers of Japan  

Controller Area Network (CAN)の最大伝送速度を改善するために，CANプロトコルを改良したスケーラブルCANプロトコルを提案し評価する．

DOI： 10.11351/jsaeronbun.43.509

記述言語：日本語  

記述言語：日本語   出版者・発行元：情報処理学会  

これまでにオフセット付きCANメッセージの最大遅れ時間の解析手法が提案されている．しかしながら，従来の手法では計算量を抑え速く効率的に計算できる一方，悲観的に解析される場合がある．このため，本論では従来手法の問題点を指摘し，正確な最大遅れ時間を求めるための手法を提案する．提案する手法は，最大遅れ時間となりうるメッセージ送信シーケンスに着目し，限定した範囲に限り網羅的に解析を行うことで，正確な最大遅れ時間を導出する方法である．本提案手法の評価として自動車メーカから提供されるメッセージセットに適用した結果，十分に少ない組合せで正確な最大遅れ時間が得られた．The existing analysis for CAN messages with offsets can compute fast and efficient by reducing the amount of computation. However, it is pessimistic in some cases. The causes of the pessimism is that the cumulative accounting of maximum interference functions is overestimated much greater than a realistic situation. In this paper, we show the cause of this situation that existing analysis takes into account unrealistic interference in the cumulative accounting. Then, we propose the exact schedulability analysis which involves the partially exhaustive analysis. According to our experiments by using actually-used message sets, we can conclude that our approach can significantly reduce the combination of the critical interference function, and its can achieve an exact schedulability analysis.

CiNii Books

記述言語：日本語   出版者・発行元：情報処理学会  

CAN（Controller Area Network）は，自動車の制御系ネットワークとして広く使われているネットワーク規格である．近年，自動車の制御系ネットワークを流れるデータ量が急増しており，CANの帯域を効率的に使用するために，CAN上でのメッセージのスケジューリング手法が重要となっている．CAN上でのメッセージ送信タイミングに適切なオフセットを付けることで，メッセージのスケジュール可能性を高くできることが知られている．本論文では，CAN上のメッセージに対して適切なオフセットを付けるための手法を提案する．また，提案した手法の有効性を確認するために，実際の車載システムで使用されているメッセージセットなどを用いた評価を行い，従来のオフセット決定手法よりも優れていることを示す．The Controller Area Network (CAN) as a network standard is widely employed in control network of vehicle. ln the last few years, the amount of data has been increasing rapidly in automotive control system network. With the purpose of improving CAN broadband efficiency, scheduling is considered to be particularly important. As we know, an appropriate offset assignment method for CAN messages could enhance schedulability. In this study, we propose a new method that provide a suitable offset for every message in CAN system. And we demonstrated its effects by using message sets of real vehicle network, etc. Compare with previous methods, the new method reveals its remarkable priority.

CiNii Books

記述言語：英語   掲載種別：研究発表ペーパー・要旨（全国大会，その他学術会議）  

記述言語：日本語   出版者・発行元：情報処理学会  

これまでにオフセット付き CAN メッセージの最大遅れ時間の解析手法が提案されている．しかしながら，従来の手法では計算量を抑え速く効率的に計算出来る一方，悲観的に解析される場合がある．このため，本論では従来手法の問題点を指摘し，より正確な最大遅れ時間を求めるための手法について提案する．提案する手法は，クリティカルフレームに着目し限定した範囲に限り網羅的に解析を行うことで，厳密な最大遅れ時間を導出する方法である．本提案手法の評価として自動車メーカーから提供されるメッセージセットに適用した結果，十分に少ない組み合わせでより正確な解析結果がえられた．The existing analysis for CAN messages with offsets can compute fast and efficient by reducing the amount of computation. However, it is pessimisctic in some cases. The causes of the pessimism is that the cumulative accounting of maximum interference functions is overestimated much greater than a realistic situation. In this paper, we show the cause of this situation that existing analysis takes into account unrealistic interference in the cumulative accounting. Then, we propose the exact schedulability analysis which involves the partially exhaustive analysis. According to our experiments by using a actually-used messege sets, we can conclude that our approach can significantly reduce the conbination of the critical frames, and its can achieve an exact schedulability analysis.

CiNii Books

記述言語：日本語   出版者・発行元：住友電気工業  

CiNii Books

記述言語：日本語  

今日までに提案されている次世代車載プロトコルの多くは既存システムの再構成を強く要求しており，高い安全性が求められる自動車の制御ネットワークへ適用するには高いコストとリスクがともなう．そこで本論文では，自動車内の制御系ネットワークに広く使われるCANをベースとした新しい次世代車載プロトコル10 MbpsCANを提案する．10 MbpsCANプロトコルはスタートポロジへの変更と新しい衝突解決アルゴリズムにより高速化を実現した．さらにシミュレーション結果によれば，10 MbpsCANは従来CANに比べ十分なメッセージ量を送信できる能力を示した．最後に，10 MbpsCANコントローラの実装について説明する．Recently, automotive industry has atracted next genaration automotive protocols such as FlexRay. However, these solutions which shift to new applications will not meet the cost and risk requirements. In this paper, we propose a new automotive network protocol which can transmit data at a speed of 10 Mbps. The new automotive protocol &quot;10 MbpsCAN&quot; is based on several changes to CAN; a star topology, in which nodes are physically connected using a multiport gateway, and a new collision resolution algorithm which guarantees delivery of a message within a finite period of time. According to our analysis using a simulator, the &quot;10 MbpsCAN&quot; protocol demonstrated several advantages over throughput performance of a conventional CAN, including a maximum possible data transmission speed, high scalability, and reduction of priority inversion. The implementation considerations of &quot;10 MbpsCAN&quot; are also reviewed briefly.

CiNii Books

記述言語：日本語   出版者・発行元：情報処理学会  

CiNii Books

記述言語：日本語   出版者・発行元：情報処理学会  

車載システム向けソフトウェアプラットフォームである AUTOSAR はシングルコアのみを想定しており，マルチコア環境を考慮していない．車載システムは相互に通信を行うことで協調制御するため，通信処理を実現するミドルウェアのマルチコア対応が必須である．本研究では，マルチコア環境での AUTOSAR 通信ミドルウェアの実現方法と評価を行う．まず，通信をコア内通信，コア間通信，チップ外通信の 3 つに分類し，それぞれの実現方法を検討する．チップ外通信については，ロック方式，通信サーバ方式の 2 方式を提案する．既存の通信ミドルウェアを 2 方式で拡張し，それぞれの送信処理時間の比較を行った．シングルコア環境に比べ，ロック方式は 41%，通信サーバ方式は 29% のオーバヘッドで実現可能であることがわかった．AUTOSAR, a software platform for automotive systems, assumes only an ECU with a single core processor, and does not consider an ECU with a multicore processor. It is necessary that a communication on a multicore processor because ECUs communicate each other for cooperative control. There are three communication types: a inside core, a inter core, and a outside chip communications. This paper proposes two methods for outside chip communication: a lock method and a server method. An existing communication middleware is extended as the two methods. Compared to a single core processor, the results of extended middleware show that transmission time overheads of the lock method and the server method are 41% and 29%, respectively.

CiNii Books

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

スケーラブルCANプロトコルとは,従来のCAN (Controller Area Network)プロトコルを改良し,最高通信速度を10倍以上に高速化した通信プロトコルである.本論文では,スケーラブルCANプロトコルのビットエラー時における振る舞いをモデル検査の手法を用いて解析する.まず,エラーのない通信路上のスケーラブルCANプロトコルのモデルをSMV言語により記述し,記述したモデルが妥当であること,すなわち,所望の性質を有することをモデル検査ツールNuSMVを用いて検証する.次に,通信路をビットエラー通信路に置き換えたモデルで,再度,妥当性検証を行う.その結果として得られる反例を解析することによって,ビットエラー時にもスケーラブルCANプロトコルが正しく振る舞うように修正するための示唆を与える.

CiNii Books

記述言語：日本語   掲載種別：研究発表ペーパー・要旨（全国大会，その他学術会議）  

記述言語：日本語   出版者・発行元：一般社団法人情報処理学会  

現在，自動車内の制御系ネットワークにおいて，事実上の標準として使われている CAN (Control Area Network) プロトコルは，現在の制御システムにおいてもその通信容量は限界に達しているとされる．CAN はメッセージ送信時，１ビットずつ同期させることで送信権の調停や ACK の返却を行ってきたが，高速化の限界は，伝搬遅延の影響によりそれらが成立しないことにある．本研究では，高速化への限界と課題について整理し，トポロジの変更及び衝突検知アルゴリズムを用いることで，CAN 高速化への手法を提案する．Today, the data capacity in automotive control network has reached the limits of CAN (maximum data rates for 1 megabits per second). Speed of CAN is affected by the propagation delay, because of using bit synchronous transmission. For increasing data transmission speed, we must change arbitration process and ACK process. We propose the 10 megabits per second CAN architecture for improved bandwidth by using a new collision detection algorithm and topology change.

CiNii Books

出願人：国立大学法人東海国立大学機構

出願番号：特願2017-120830  出願日：2017年6月

公開番号：特開2019-009509  公開日：2019年1月

特許番号/登録番号：特許第6754325号  登録日：2020年8月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2017-009633  出願日：2017年1月

公開番号：特開2018-121120  公開日：2018年8月

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2016-146714  出願日：2016年7月

公開番号：特開2016-208536  公開日：2016年12月

特許番号/登録番号：特許第6267596号  登録日：2018年1月 

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：JP2015082349  出願日：2015年11月

公開番号：WO2016-080422  公開日：2016年5月

公表番号：WO2016-080422  公表日：2016年5月

特許番号/登録番号：特許第6306206号  登録日：2018年3月 

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2015-171190  出願日：2015年8月

公開番号：特開2017-050643  公開日：2017年3月

特許番号/登録番号：特許第6525824号  登録日：2019年5月 

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2015-171191  出願日：2015年8月

公開番号：特開2017-050644  公開日：2017年3月

特許番号/登録番号：特許第6525825号  登録日：2019年5月 

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2015-100994  出願日：2015年5月

公開番号：特開2016-219944  公開日：2016年12月

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2015-100994  出願日：2015年5月

公開番号：特開2016-219944  公開日：2016年12月

特許番号/登録番号：特許第6284903号  登録日：2018年2月  発行日：2018年2月

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2015-005260  出願日：2015年1月

公開番号：特開2016-131325  公開日：2016年7月

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2014-235781  出願日：2014年11月

公開番号：特開2016-100725  公開日：2016年5月

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2014-235783  出願日：2014年11月

公開番号：特開2016-100726  公開日：2016年5月

特許番号/登録番号：特許第6282216号  登録日：2018年2月  発行日：2018年2月

J-GLOBAL

出願人：国立大学法人名古屋大学, 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社

出願番号：特願2014-235783  出願日：2014年11月

公開番号：特開2016-100726  公開日：2016年5月

特許番号/登録番号：特許第5717240号  登録日：2015年3月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2014-139074  出願日：2014年7月

公開番号：特開2016-019054  公開日：2016年2月

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2011-025240  出願日：2011年2月

公開番号：特開2011-130486  公開日：2011年6月

特許番号/登録番号：特許第5190901号  登録日：2013年2月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2009-121152  出願日：2009年5月

公開番号：特開2010-272971  公開日：2010年12月

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2008-180685  出願日：2008年7月

公開番号：特開2010-021805  公開日：2010年1月

特許番号/登録番号：特許第4581037号  登録日：2010年9月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2007-232734  出願日：2007年9月

公開番号：特開2009-065518  公開日：2009年3月

特許番号/登録番号：特許第5219120号  登録日：2013年3月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2007-216392  出願日：2007年8月

公開番号：特開2009-049929  公開日：2009年3月

特許番号/登録番号：特許第4784838号  登録日：2011年7月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2007-216393  出願日：2007年8月

公開番号：特開2009-049930  公開日：2009年3月

特許番号/登録番号：特許第4919192号  登録日：2012年2月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2007-216433  出願日：2007年8月

公開番号：特開2009-049933  公開日：2009年3月

特許番号/登録番号：特許第5007904号  登録日：2012年6月 

J-GLOBAL

出願人：国立大学法人名古屋大学

出願番号：特願2007-153298  出願日：2007年6月

公開番号：特開2008-306592  公開日：2008年12月

特許番号/登録番号：特許第5057304号  登録日：2012年8月 

J-GLOBAL