Example #1
0
    def create_aut_env(self):  # Spaeter on Button Click z.B.
        ''' this method creates the simulation'''               
        
        api_log_path = os.path.join(os.path.dirname(__file__), "../logs/api.log")
        api.show_logging(logging.INFO, api_log_path, True)
        my_env = api.create_environment(2500)
        
        ecu_spec = SimpleECUSpec([], 200, 200)
        ecu_group_1 = api.set_ecus(my_env, 10, 'SecureECU', ecu_spec)
        
        ecu_spec = SimpleECUSpec(['SEC 1'], 200, 200)
        ecu_spec.set_ecu_setting('t_ecu_auth_trigger_process', 100)
        ecu_spec.set_ecu_setting('t_ecu_auth_trigger_intervall', 1000)
        
        sec_mod_group = api.set_ecus(my_env, 1, 'SecLwAuthSecurityModule', ecu_spec)
        
        bus_spec = SimpleBusSpec(['CAN_0'])
        bus_group = api.set_busses(my_env, 1, 'StdCANBus', bus_spec)
        api.connect_bus_by_obj(my_env, 'CAN_0', ecu_group_1 + sec_mod_group)
        
        api.register_ecu_groups_to_secmod(my_env, sec_mod_group[0].ecu_id, [ecu_group_1])
        
        certeros = api.create_cert_manager()
        for ecu in APICore()._ecu_list_from_groups([[ecu_group_1]]):  # UNINTENDED HACK
            api.generate_valid_ecu_cert_cfg(certeros, ecu.ecu_id, CAEnum.CA_L313, 'SEC 1', 0, float('inf'))
        api.generate_valid_sec_mod_cert_cfg(certeros, 'SEC 1', CAEnum.CA_L313, 0, float('inf'))
        api.apply_certification(my_env, certeros)
        
        
        stream_1 = MessageStream(my_env.get_env(), 'SecureECU_0', ['SecureECU_1', 'SecureECU_4', 'SecureECU_5'], 13, float('inf'), 0, float('inf'))
        stream_2 = MessageStream(my_env.get_env(), 'SecureECU_1', ['SecureECU_3', 'SecureECU_2', 'SecureECU_5'], 12, float('inf'), 0, float('inf'))
        stream_3 = MessageStream(my_env.get_env(), 'SecureECU_0', ['SecureECU_4', 'SecureECU_1', 'SecureECU_5'], 222, float('inf'), 0, float('inf'))
        stream_4 = MessageStream(my_env.get_env(), 'SecureECU_3', ['SecureECU_0', 'SecureECU_1', 'SecureECU_5'], 11, float('inf'), 0, float('inf'))
        stream_5 = MessageStream(my_env.get_env(), 'SecureECU_4', ['SecureECU_2', 'SecureECU_1', 'SecureECU_3'], 500, float('inf'), 0, float('inf'))
        api.add_allowed_stream(my_env, 'SEC 1', stream_1)
        api.add_allowed_stream(my_env, 'SEC 1', stream_2)
        api.add_allowed_stream(my_env, 'SEC 1', stream_3)
        api.add_allowed_stream(my_env, 'SEC 1', stream_4)
        api.add_allowed_stream(my_env, 'SEC 1', stream_5)
        
        t_set = TimingFunctionSet()
        ecu_func_set = StdSecurLwSecModTimingFunctions(main_library_tag='CyaSSL')
        t_set.set_mapping_from_function_set('SEC 1', ecu_func_set)
        api.apply_timing_functions_set(my_env, 'SEC 1', t_set)
          
        t_set2 = TimingFunctionSet() 
        ecu_func_set = StdSecurECUTimingFunctions(main_library_tag='CyaSSL')
        
        for ecu in APICore()._ecu_list_from_groups([[ecu_group_1]]):  # UNINTENDED HACK
            t_set2.set_mapping_from_function_set(ecu.ecu_id, ecu_func_set) 
            api.apply_timing_functions_set(my_env, ecu.ecu_id, t_set2)

        api.connect_monitor(my_env, self.monitor, 50)
        api.build_simulation(my_env)
        
        ''' start this in a new thread'''
        sim = SimulationThread(self, my_env)
        sim.start()
Example #2
0
# scd = can_registration.AUTH_MESSAGES + [500]
 
# api.gateway_filter_bus(gateway_group_1, {'CAN_0':[1,2,3,4,5], 'CAN_1':[1,2,3,4,5,2730,511]})  
# api.gateway_filter_sending_bus(gateway_group_1, {'CAN_0':[1, 2, 3, 4, 2730, 5, 6, 7, 8, 9], 'CAN_1':[1, 2, 3, 4, 5, 6, 7, 8, 9, 2730, 511], 'CAN_2':[1, 2, 3, 4, 5, 6, 7, 8, 9, 2730, 511]})  
 
api.register_ecu_groups_to_secmod(my_env, sec_mod_group[0].ecu_id, [ecu_group_1 + ecu_group_3 + ecu_group_4 ])
 
certeros = api.create_cert_manager()
ecu_ids = []
for ecu in APICore()._ecu_list_from_groups([[ecu_group_1 + ecu_group_3 + ecu_group_4]]):  # UNINTENDED HACK
    if isinstance(ecu, CANGateway):
        continue   
    ecu_ids += [ecu.ecu_id]
    api.generate_valid_ecu_cert_cfg(certeros, ecu.ecu_id, CAEnum.CA_L313, 'SEC 1', 0, float('inf'))
api.generate_valid_sec_mod_cert_cfg(certeros, 'SEC 1', CAEnum.CA_L313, ecu_ids, 0, float('inf'))
api.apply_certification(my_env, certeros)
 
 
stream_1 = MessageStream('RegularSecureECU_15', ['SecureECU_1', 'TEST ECU 9', 'TEST ECU 11'], can_registration.CAN_TEST_MSG, float('inf'), 0, float('inf'))
stream_2 = MessageStream('RegularSecureECU_15', ['SecureECU_1', 'TEST ECU 12', 'SecureECU_5'], 16, float('inf'), 0, float('inf'))
# stream_3 = MessageStream('SecureECU_0', ['SecureECU_4', 'SecureECU_1', 'SecureECU_5'], 222, float('inf'), 0, float('inf'))
# stream_4 = MessageStream('SecureECU_3', ['SecureECU_0', 'SecureECU_1', 'SecureECU_5'], AbstractBusMessage.CAN_TEST_MSG_2, float('inf'), 0, float('inf'))
# stream_5 = MessageStream('SecureECU_4', ['TEST ECU 9', 'SecureECU_1', 'SecureECU_3'], 500, float('inf'), 0, float('inf'))
# stream_6 = MessageStream('RegularSecureECU_15', ["TEST ECU 10", 'SecureECU_1'], 16, float('inf'), 0, float('inf'))
 
api.add_allowed_stream(my_env, 'SEC 1', stream_1)
api.add_allowed_stream(my_env, 'SEC 1', stream_2)
# api.add_allowed_stream(my_env, 'SEC 1', stream_3)
# api.add_allowed_stream(my_env, 'SEC 1', stream_4)
# api.add_allowed_stream(my_env, 'SEC 1', stream_5)
# api.add_allowed_stream(my_env, 'SEC 1', stream_6)
Example #3
0
certificate_manager = api.create_cert_manager()

# create a certificate signed by CA CAEnum.CA_L313 defined in the CAHierarchy() that was defined in the 
# certificate manager. A custom CAHierarchy can be passed to the api.create_cert_manager() class
all_created_ecus = api.ecu_list_from_groups([all_ecu_groups])
ecu_ids = [ecu.ecu_id for ecu in all_created_ecus]

# generate certificates for the ECUs and setting root certificates to the corresponding security module
for ecu_id in ecu_ids:
    api.generate_valid_ecu_cert_cfg(certificate_manager, ecu_id, CAEnum.CA_L313, security_module.ecu_id, 0, float('inf'))

# generate a certificate in the security module and setting root certificates to all ecus passed in the list ecu_ids
api.generate_valid_sec_mod_cert_cfg(certificate_manager, security_module.ecu_id, CAEnum.CA_L313, ecu_ids, 0, float('inf'))

# apply the certification
api.apply_certification(sim_env, certificate_manager)
 

#===============================================================================
#     Setup the streams
#===============================================================================

# add allowed streams to the to the security module which is responsible for managing requested streams
stream_1 = MessageStream('RegularSecureECU_15', ['RegularSecureECU_1', 'RegularSecureECU_18'], can_registration.CAN_TEST_MSG, float('inf'), 0, float('inf'))
stream_2 = MessageStream('RegularSecureECU_15', ['Any_ECU_Name'], 16, float('inf'), 0, float('inf'))
  
api.add_allowed_stream(sim_env, security_module.ecu_id, stream_1)
api.add_allowed_stream(sim_env, security_module.ecu_id, stream_2)

# this method defines the gateway filter in the following way
# only streams are let pass that are headed in the right direction
Example #4
0
    def prepare_configuration(self, simpy_env, life_time):
        ''' this method prepares the configuration on the side of the 
            ECU simulation. It sets up the defined environment by mapping
            the ECU Ids as they are defined in the battery management system
            on the ECUs and the defined specs. So the constellation used is
            implemented here.
            
            Input:  simpy_env    simpy.Environment        environment used in the battery management system
                    life_time    float                    life time of the simulation
            Output: -
        '''
        # lifetime
        life_time = 50000
                
        # logging
#         api_log_path = os.path.join(os.path.dirname(__file__), "../logs/api.log")
#         api.show_logging(logging.INFO, api_log_path, True)
        
        # create environment
        sim_env = api.create_environment(life_time)
        sim_env.set_env(simpy_env)
        ecu_list = []
        
        # generate a ecu from the ECU specs setting the adapter
        for ecu_id in self.available_can_adapters():            
            # logging.info("ECU ID %s: " % ecu_id)
            
            # define individual ECU Spec 
            ecu_spec = copy.deepcopy(self._ecu_spec)
            ecu_class_name = self._ecu_class_name
            if ecu_id in self._individual_spec:
                ecu_spec = self._individual_spec[ecu_id][0]
                ecu_class_name = self._individual_spec[ecu_id][1]
            ecu_spec.ecu_id_list = [str(ecu_id)]
            
            # create ecu            
            ecu = api.set_ecus(sim_env, 1, ecu_class_name, ecu_spec)[0]
            ecu_list += [ecu]
            
            # connect ecu to adapter
            ecu.connect_adapter(self.can_bus_adapter[ecu_id])
        
        # add security module
        # create ECU specification
        ecu_spec = SimpleECUSpec(['SEC 1'], 200000, 200000)  # 200 KB
        ecu_spec.set_ecu_setting('t_ecu_auth_trigger_process', 0)  
        ecu_spec.set_ecu_setting('t_ecu_auth_trigger_intervall', 80000)  
        ecu_spec.set_apply_jitter(0.0001)
        sec_mod_group = api.set_ecus(sim_env, 1, 'SecLwAuthSecurityModule', ecu_spec)
        security_module = sec_mod_group[0]
        
        # connect to one bus
        # create the bus specifications
        bus_spec = SimpleBusSpec(['CAN_0'])
        api.set_busses(sim_env, 1, 'StdCANBus', bus_spec)
        api.connect_bus_by_obj(sim_env, 'CAN_0', ecu_list + sec_mod_group) 
                
        # security constellation
        all_ecu_groups = [ecu_list]
        api.register_ecu_groups_to_secmod(sim_env, sec_mod_group[0].ecu_id, all_ecu_groups)         
        certificate_manager = api.create_cert_manager()
        all_created_ecus = api.ecu_list_from_groups([all_ecu_groups])
        ecu_ids = [str(ecu.ecu_id) for ecu in all_created_ecus]        
        for ecu_id in ecu_ids:
            api.generate_valid_ecu_cert_cfg(certificate_manager, ecu_id, CAEnum.CA_L313, security_module.ecu_id, 0, float('inf'))
        api.generate_valid_sec_mod_cert_cfg(certificate_manager, security_module.ecu_id, CAEnum.CA_L313, ecu_ids, 0, float('inf'))
        api.apply_certification(sim_env, certificate_manager)
         
        # define allowed streams -------------------------------------------------------------- TODO very IMPORTANT
        for broadcast_stream_id in [0x0080, 0x0081, 0x0082, 0x0083, 0x0012, 0x0013, 0x0020, 0x00A0, 0x00A1 ]:
            for ecu_id in ecu_ids:
                lst = copy.deepcopy(ecu_ids)
                lst.remove(ecu_id)                
                stream = MessageStream(ecu_id, lst, broadcast_stream_id, float('inf'), 0, float('inf'))
                api.add_allowed_stream(sim_env, security_module.ecu_id, stream)
        #  -------------------------------------------------------------- TODO very IMPORTANT
        
        # set gateways
        api.autoset_gateway_filters(sim_env, sec_mod_group[0].ecu_id)

        # set timing functions
        function_set = TimingFunctionSet()        
        ecu_func_set = StdSecurLwSecModTimingFunctions(main_library_tag='CyaSSL')        
        ecu_func_set.library_tags['t_ecu_auth_reg_msg_validate_cert'] = 'Crypto_Lib_SW'
        function_set.set_mapping_from_function_set(security_module.ecu_id, ecu_func_set)
        api.apply_timing_functions_set(sim_env, security_module.ecu_id, function_set)
        function_set_2 = TimingFunctionSet() 
        ecu_func_set = StdSecurECUTimingFunctions(main_library_tag='CyaSSL')
        ecu_func_set.library_tags['t_adv_msg_secmodcert_enc'] = 'Crypto_Lib_SW'
        for ecu_id in ecu_ids:
            function_set_2.set_mapping_from_function_set(ecu_id, ecu_func_set) 
            api.apply_timing_functions_set(sim_env, ecu_id, function_set_2)
             
        # add monitor
        if self._monitor and self._result_reader:
            api.connect_monitor(sim_env, self._monitor, 0.5)  
            api.connect_result_reader(sim_env, self._monitor, self._result_reader)
             
            # run view if defined 
            if self._view:
                self._view.show(self._result_reader, self._view_options, self.q_application)                

        # run simulation
        api.open_simulation_stop_button(sim_env)
        api.build_simulation(sim_env)
        api.run_simulation(sim_env)
Example #5
0
File: main.py Project: xding/IVNS
api.register_ecu_groups_to_secmod(my_env, sec_mod_group[0].ecu_id,
                                  [ecu_group_1 + ecu_group_3 + ecu_group_4])

certeros = api.create_cert_manager()
ecu_ids = []
for ecu in APICore()._ecu_list_from_groups(
    [[ecu_group_1 + ecu_group_3 + ecu_group_4]]):  # UNINTENDED HACK
    if isinstance(ecu, CANGateway):
        continue
    ecu_ids += [ecu.ecu_id]
    api.generate_valid_ecu_cert_cfg(certeros, ecu.ecu_id, CAEnum.CA_L313,
                                    'SEC 1', 0, float('inf'))
api.generate_valid_sec_mod_cert_cfg(certeros, 'SEC 1', CAEnum.CA_L313, ecu_ids,
                                    0, float('inf'))
api.apply_certification(my_env, certeros)

stream_1 = MessageStream('RegularSecureECU_15',
                         ['SecureECU_1', 'TEST ECU 9', 'TEST ECU 11'],
                         can_registration.CAN_TEST_MSG, float('inf'), 0,
                         float('inf'))
stream_2 = MessageStream('RegularSecureECU_15',
                         ['SecureECU_1', 'TEST ECU 12', 'SecureECU_5'], 16,
                         float('inf'), 0, float('inf'))
# stream_3 = MessageStream('SecureECU_0', ['SecureECU_4', 'SecureECU_1', 'SecureECU_5'], 222, float('inf'), 0, float('inf'))
# stream_4 = MessageStream('SecureECU_3', ['SecureECU_0', 'SecureECU_1', 'SecureECU_5'], AbstractBusMessage.CAN_TEST_MSG_2, float('inf'), 0, float('inf'))
# stream_5 = MessageStream('SecureECU_4', ['TEST ECU 9', 'SecureECU_1', 'SecureECU_3'], 500, float('inf'), 0, float('inf'))
# stream_6 = MessageStream('RegularSecureECU_15', ["TEST ECU 10", 'SecureECU_1'], 16, float('inf'), 0, float('inf'))

api.add_allowed_stream(my_env, 'SEC 1', stream_1)
api.add_allowed_stream(my_env, 'SEC 1', stream_2)