def create_aut_env(self): # Spaeter on Button Click z.B. ''' this method creates the simulation''' api_log_path = os.path.join(os.path.dirname(__file__), "../logs/api.log") api.show_logging(logging.INFO, api_log_path, True) my_env = api.create_environment(2500) ecu_spec = SimpleECUSpec([], 200, 200) ecu_group_1 = api.set_ecus(my_env, 10, 'SecureECU', ecu_spec) ecu_spec = SimpleECUSpec(['SEC 1'], 200, 200) ecu_spec.set_ecu_setting('t_ecu_auth_trigger_process', 100) ecu_spec.set_ecu_setting('t_ecu_auth_trigger_intervall', 1000) sec_mod_group = api.set_ecus(my_env, 1, 'SecLwAuthSecurityModule', ecu_spec) bus_spec = SimpleBusSpec(['CAN_0']) bus_group = api.set_busses(my_env, 1, 'StdCANBus', bus_spec) api.connect_bus_by_obj(my_env, 'CAN_0', ecu_group_1 + sec_mod_group) api.register_ecu_groups_to_secmod(my_env, sec_mod_group[0].ecu_id, [ecu_group_1]) certeros = api.create_cert_manager() for ecu in APICore()._ecu_list_from_groups([[ecu_group_1]]): # UNINTENDED HACK api.generate_valid_ecu_cert_cfg(certeros, ecu.ecu_id, CAEnum.CA_L313, 'SEC 1', 0, float('inf')) api.generate_valid_sec_mod_cert_cfg(certeros, 'SEC 1', CAEnum.CA_L313, 0, float('inf')) api.apply_certification(my_env, certeros) stream_1 = MessageStream(my_env.get_env(), 'SecureECU_0', ['SecureECU_1', 'SecureECU_4', 'SecureECU_5'], 13, float('inf'), 0, float('inf')) stream_2 = MessageStream(my_env.get_env(), 'SecureECU_1', ['SecureECU_3', 'SecureECU_2', 'SecureECU_5'], 12, float('inf'), 0, float('inf')) stream_3 = MessageStream(my_env.get_env(), 'SecureECU_0', ['SecureECU_4', 'SecureECU_1', 'SecureECU_5'], 222, float('inf'), 0, float('inf')) stream_4 = MessageStream(my_env.get_env(), 'SecureECU_3', ['SecureECU_0', 'SecureECU_1', 'SecureECU_5'], 11, float('inf'), 0, float('inf')) stream_5 = MessageStream(my_env.get_env(), 'SecureECU_4', ['SecureECU_2', 'SecureECU_1', 'SecureECU_3'], 500, float('inf'), 0, float('inf')) api.add_allowed_stream(my_env, 'SEC 1', stream_1) api.add_allowed_stream(my_env, 'SEC 1', stream_2) api.add_allowed_stream(my_env, 'SEC 1', stream_3) api.add_allowed_stream(my_env, 'SEC 1', stream_4) api.add_allowed_stream(my_env, 'SEC 1', stream_5) t_set = TimingFunctionSet() ecu_func_set = StdSecurLwSecModTimingFunctions(main_library_tag='CyaSSL') t_set.set_mapping_from_function_set('SEC 1', ecu_func_set) api.apply_timing_functions_set(my_env, 'SEC 1', t_set) t_set2 = TimingFunctionSet() ecu_func_set = StdSecurECUTimingFunctions(main_library_tag='CyaSSL') for ecu in APICore()._ecu_list_from_groups([[ecu_group_1]]): # UNINTENDED HACK t_set2.set_mapping_from_function_set(ecu.ecu_id, ecu_func_set) api.apply_timing_functions_set(my_env, ecu.ecu_id, t_set2) api.connect_monitor(my_env, self.monitor, 50) api.build_simulation(my_env) ''' start this in a new thread''' sim = SimulationThread(self, my_env) sim.start()
# create another gateway with same specification gateway_group_2 = api.set_ecus(sim_env, 1, 'CANGateway', ecu_spec) #=============================================================================== # Create Architecture #=============================================================================== # create the bus specifications bus_spec = SimpleBusSpec(['CAN_0', 'CAN_1', 'CAN_2']) bus_group = api.set_busses(sim_env, 3, 'StdCANBus', bus_spec) # Connect ECUs and Gateways to the busses # Connect CAN 0 via GW1 to CAN 1 // Connect CAN 1 via GW 2 to CAN 2 api.connect_bus_by_obj(sim_env, 'CAN_0', ecu_group_1 + gateway_group_1) api.connect_bus_by_obj(sim_env, 'CAN_1', gateway_group_1 + ecu_group_3 + gateway_group_2) api.connect_bus_by_obj(sim_env, 'CAN_2', ecu_group_4 + gateway_group_2) #=========================================================================== # Monitoring and Export of Results #=========================================================================== # create a Monitor and connect it to the environment monitor = Monitor() monitor.set_sample_time(0.48) api.connect_monitor(sim_env, monitor, 0.5) # create a Result Reader that is used to export the # simulation results to the GUI or to a file
#=============================================================================== # GATEWAY CREATION ecu_spec = SimpleBusCouplerSpec([]) ecu_spec.set_ecu_setting('t_transition_process', 2) # Delay of the gateway # ecu_spec.set_filter(can_registration.AUTH_MESSAGES + [can_registration.CAN_TEST_MSG, 500, 16]) # Add a filter to the gateway. Generally blocks those ids// do not use in combination with api.gateway_filter_bus gateway_group_1 = api.set_ecus(my_env, 1, 'CANGateway', ecu_spec) gateway_group_2 = api.set_ecus(my_env, 1, 'CANGateway', ecu_spec) # BUS CREATION bus_spec = SimpleBusSpec(['CAN_0', 'CAN_1', 'CAN_2']) bus_group = api.set_busses(my_env, 3, 'NoArbitCANBus', bus_spec) # CONNECT 7 ECUs and the SEC MOD to CAN 0 and 2 ECUs to CAN_1 and 2 ECUs to CAN 2 # CONNECT CAN 0 via GW1 to CAN 1 // CONNECT CAN 1 via GW 2 to CAN 2 api.connect_bus_by_obj(my_env, 'CAN_0', ecu_group_1 + sec_mod_group + gateway_group_1) api.connect_bus_by_obj(my_env, 'CAN_1', gateway_group_1 + ecu_group_3) api.connect_bus_by_obj(my_env, 'CAN_2', ecu_group_4 + gateway_group_1) # GATEWAY BUS DEPENDENT FILTER # filters incoming messages, so all messages in fst that are coming from bus CAN_0 are allowed the rest is filtered # GW1 allows only CAN_TEST_MSG to be forwarded when coming from can_0 # fst = [can_registration.CAN_TEST_MSG] # scd = can_registration.AUTH_MESSAGES + [500] # api.gateway_filter_bus(gateway_group_1, {'CAN_0':[1,2,3,4,5], 'CAN_1':[1,2,3,4,5,2730,511]}) # api.gateway_filter_sending_bus(gateway_group_1, {'CAN_0':[1, 2, 3, 4, 2730, 5, 6, 7, 8, 9], 'CAN_1':[1, 2, 3, 4, 5, 6, 7, 8, 9, 2730, 511], 'CAN_2':[1, 2, 3, 4, 5, 6, 7, 8, 9, 2730, 511]}) api.register_ecu_groups_to_secmod(my_env, sec_mod_group[0].ecu_id, [ecu_group_1 + ecu_group_3 + ecu_group_4 ]) certeros = api.create_cert_manager()
ecu_spec = RegularECUSpec(["TEST ECU 11", "TEST ECU 12"], 20000, 20000) ecu_spec.set_apply_jitter(0.0000001) # ecu_spec.set_ecu_setting('t_prf_for_key_legitimation', 0) # NOTE: If this value has a realistic value this is not working or better to say it works with a extreme delay # ecu_spec.set_ecu_setting('t_generate_compare_mac', 0) # NOTE: If this value has a realistic value this is not working or better to say it works with a extreme delay ecu_spec.add_sending_actions(250, 0.2, can_registration.CAN_TEST_MSG_2, "TEST STRING A", 80) ecu_group_4 = api.set_ecus(sim_env, 2, 'TeslaECU', ecu_spec) # create gateways ecu_spec = SimpleBusCouplerSpec([]) ecu_spec.set_ecu_setting('t_transition_process', 2) gateway_group_1 = api.set_ecus(sim_env, 1, 'CANGateway', ecu_spec) gateway_group_2 = api.set_ecus(sim_env, 1, 'CANGateway', ecu_spec) # create buses and connect ECUs bus_spec = SimpleBusSpec(['CAN_0', 'CAN_1', 'CAN_2']) bus_group = api.set_busses(sim_env, 1, 'StdCANBus', bus_spec) api.connect_bus_by_obj(sim_env, 'CAN_0', ecu_group_1 + ecu_group_3 + ecu_group_4) # set timing functions t_set2 = TimingFunctionSet() ecu_func_set = StdTeslaECUTimingFunctions(main_library_tag='CyaSSL') for ecu in api.ecu_list_from_groups([[ecu_group_1 + ecu_group_3 + ecu_group_4]]): t_set2.set_mapping_from_function_set(ecu.ecu_id, ecu_func_set) api.apply_timing_functions_set(sim_env, ecu.ecu_id, t_set2) # Define streams: Attention this definition of MessageStream objects has to be conform with the # definition of the sending_actions of the ecus. See above # Note: the disclosure delay defines the delay with which the message can be verified. Defined in # sending intervals stream_1 = MessageStream('RegularSecureECU_15', ['TEST ECU 9', 'TEST ECU 10'], can_registration.CAN_TEST_MSG, start_time=160, sending_interval=0.1, disclosure_delay=1) stream_2 = MessageStream('TEST ECU 11', ['TEST ECU 9'], can_registration.CAN_TEST_MSG_2, start_time=150, sending_interval=0.2, disclosure_delay=1)
ecu_spec = TLSECUSpec(["TEST ECU 11", "TEST ECU 12"], 20000, 20000) ecu_spec.set_apply_jitter(0.0001) ecu_spec.add_sending_actions(0.4, 0.8, can_registration.CAN_TEST_MSG_2, "A", 20) ecu_group_4 = api.set_ecus(sim_env, 2, 'TLSECU', ecu_spec) # create gateways ecu_spec = SimpleBusCouplerSpec([]) ecu_spec.set_ecu_setting('t_transition_process', 2) # Delay of the gateway gateway_group_1 = api.set_ecus(sim_env, 1, 'CANGateway', ecu_spec) gateway_group_2 = api.set_ecus(sim_env, 1, 'CANGateway', ecu_spec) # create buses and connect ECUs bus_spec = SimpleBusSpec(['CAN_0', 'CAN_1', 'CAN_2']) bus_group = api.set_busses(sim_env, 1, 'StdCANBus', bus_spec) api.connect_bus_by_obj(sim_env, 'CAN_0', ecu_group_1 + ecu_group_3 + ecu_group_4) # set timing functions t_set2 = TimingFunctionSet() ecu_func_set = StdTLSECUTimingFunctions(main_library_tag='CyaSSL') for ecu in api.ecu_list_from_groups([[ecu_group_1 + ecu_group_3 + ecu_group_4]]): t_set2.set_mapping_from_function_set(ecu.ecu_id, ecu_func_set) api.apply_timing_functions_set(sim_env, ecu.ecu_id, t_set2) # define streams stream_1 = MessageStream('RegularSecureECU_15', ['TEST ECU 9', 'TEST ECU 10'], can_registration.CAN_TEST_MSG) stream_2 = MessageStream('TEST ECU 11', ['TEST ECU 10'], can_registration.CAN_TEST_MSG_2) api.set_stream(sim_env, stream_1) api.set_stream(sim_env, stream_2)
# create another gateway with same specification gateway_group_2 = api.set_ecus(sim_env, 1, 'CANGateway', ecu_spec) #=============================================================================== # Create Architecture #=============================================================================== # create the bus specifications bus_spec = SimpleBusSpec(['CAN_0', 'CAN_1', 'CAN_2']) bus_group = api.set_busses(sim_env, 3, 'StdCANBus', bus_spec) # Connect ECUs and Gateways to the busses # Connect CAN 0 via GW1 to CAN 1 // Connect CAN 1 via GW 2 to CAN 2 api.connect_bus_by_obj(sim_env, 'CAN_0', ecu_group_1 + gateway_group_1) api.connect_bus_by_obj(sim_env, 'CAN_1', gateway_group_1 + ecu_group_3 + gateway_group_2) api.connect_bus_by_obj(sim_env, 'CAN_2', ecu_group_4 + gateway_group_2) #=========================================================================== # Monitoring and Export of Results # # Structure: # environment connected to monitor object # monitor object connected to ResultReader object # ResultReader publishes data to the Interpreters # Interpreters pass the data to connected GUI and/or to Files #=========================================================================== # create a Monitor and connect it to the environment monitor = Monitor()
def prepare_configuration(self, simpy_env, life_time): ''' this method prepares the configuration on the side of the ECU simulation. It sets up the defined environment by mapping the ECU Ids as they are defined in the battery management system on the ECUs and the defined specs. So the constellation used is implemented here. Input: simpy_env simpy.Environment environment used in the battery management system life_time float life time of the simulation Output: - ''' # lifetime life_time = 50000 # logging # api_log_path = os.path.join(os.path.dirname(__file__), "../logs/api.log") # api.show_logging(logging.INFO, api_log_path, True) # create environment sim_env = api.create_environment(life_time) sim_env.set_env(simpy_env) ecu_list = [] # generate a ecu from the ECU specs setting the adapter for ecu_id in self.available_can_adapters(): # logging.info("ECU ID %s: " % ecu_id) # define individual ECU Spec ecu_spec = copy.deepcopy(self._ecu_spec) ecu_class_name = self._ecu_class_name if ecu_id in self._individual_spec: ecu_spec = self._individual_spec[ecu_id][0] ecu_class_name = self._individual_spec[ecu_id][1] ecu_spec.ecu_id_list = [str(ecu_id)] # create ecu ecu = api.set_ecus(sim_env, 1, ecu_class_name, ecu_spec)[0] ecu_list += [ecu] # connect ecu to adapter ecu.connect_adapter(self.can_bus_adapter[ecu_id]) # add security module # create ECU specification ecu_spec = SimpleECUSpec(['SEC 1'], 200000, 200000) # 200 KB ecu_spec.set_ecu_setting('t_ecu_auth_trigger_process', 0) ecu_spec.set_ecu_setting('t_ecu_auth_trigger_intervall', 80000) ecu_spec.set_apply_jitter(0.0001) sec_mod_group = api.set_ecus(sim_env, 1, 'SecLwAuthSecurityModule', ecu_spec) security_module = sec_mod_group[0] # connect to one bus # create the bus specifications bus_spec = SimpleBusSpec(['CAN_0']) api.set_busses(sim_env, 1, 'StdCANBus', bus_spec) api.connect_bus_by_obj(sim_env, 'CAN_0', ecu_list + sec_mod_group) # security constellation all_ecu_groups = [ecu_list] api.register_ecu_groups_to_secmod(sim_env, sec_mod_group[0].ecu_id, all_ecu_groups) certificate_manager = api.create_cert_manager() all_created_ecus = api.ecu_list_from_groups([all_ecu_groups]) ecu_ids = [str(ecu.ecu_id) for ecu in all_created_ecus] for ecu_id in ecu_ids: api.generate_valid_ecu_cert_cfg(certificate_manager, ecu_id, CAEnum.CA_L313, security_module.ecu_id, 0, float('inf')) api.generate_valid_sec_mod_cert_cfg(certificate_manager, security_module.ecu_id, CAEnum.CA_L313, ecu_ids, 0, float('inf')) api.apply_certification(sim_env, certificate_manager) # define allowed streams -------------------------------------------------------------- TODO very IMPORTANT for broadcast_stream_id in [0x0080, 0x0081, 0x0082, 0x0083, 0x0012, 0x0013, 0x0020, 0x00A0, 0x00A1 ]: for ecu_id in ecu_ids: lst = copy.deepcopy(ecu_ids) lst.remove(ecu_id) stream = MessageStream(ecu_id, lst, broadcast_stream_id, float('inf'), 0, float('inf')) api.add_allowed_stream(sim_env, security_module.ecu_id, stream) # -------------------------------------------------------------- TODO very IMPORTANT # set gateways api.autoset_gateway_filters(sim_env, sec_mod_group[0].ecu_id) # set timing functions function_set = TimingFunctionSet() ecu_func_set = StdSecurLwSecModTimingFunctions(main_library_tag='CyaSSL') ecu_func_set.library_tags['t_ecu_auth_reg_msg_validate_cert'] = 'Crypto_Lib_SW' function_set.set_mapping_from_function_set(security_module.ecu_id, ecu_func_set) api.apply_timing_functions_set(sim_env, security_module.ecu_id, function_set) function_set_2 = TimingFunctionSet() ecu_func_set = StdSecurECUTimingFunctions(main_library_tag='CyaSSL') ecu_func_set.library_tags['t_adv_msg_secmodcert_enc'] = 'Crypto_Lib_SW' for ecu_id in ecu_ids: function_set_2.set_mapping_from_function_set(ecu_id, ecu_func_set) api.apply_timing_functions_set(sim_env, ecu_id, function_set_2) # add monitor if self._monitor and self._result_reader: api.connect_monitor(sim_env, self._monitor, 0.5) api.connect_result_reader(sim_env, self._monitor, self._result_reader) # run view if defined if self._view: self._view.show(self._result_reader, self._view_options, self.q_application) # run simulation api.open_simulation_stop_button(sim_env) api.build_simulation(sim_env) api.run_simulation(sim_env)
#=============================================================================== # GATEWAY CREATION ecu_spec = SimpleBusCouplerSpec([]) ecu_spec.set_ecu_setting('t_transition_process', 2) # Delay of the gateway # ecu_spec.set_filter(can_registration.AUTH_MESSAGES + [can_registration.CAN_TEST_MSG, 500, 16]) # Add a filter to the gateway. Generally blocks those ids// do not use in combination with api.gateway_filter_bus gateway_group_1 = api.set_ecus(my_env, 1, 'CANGateway', ecu_spec) gateway_group_2 = api.set_ecus(my_env, 1, 'CANGateway', ecu_spec) # BUS CREATION bus_spec = SimpleBusSpec(['CAN_0', 'CAN_1', 'CAN_2']) bus_group = api.set_busses(my_env, 3, 'NoArbitCANBus', bus_spec) # CONNECT 7 ECUs and the SEC MOD to CAN 0 and 2 ECUs to CAN_1 and 2 ECUs to CAN 2 # CONNECT CAN 0 via GW1 to CAN 1 // CONNECT CAN 1 via GW 2 to CAN 2 api.connect_bus_by_obj(my_env, 'CAN_0', ecu_group_1 + sec_mod_group + gateway_group_1) api.connect_bus_by_obj(my_env, 'CAN_1', gateway_group_1 + ecu_group_3) api.connect_bus_by_obj(my_env, 'CAN_2', ecu_group_4 + gateway_group_1) # GATEWAY BUS DEPENDENT FILTER # filters incoming messages, so all messages in fst that are coming from bus CAN_0 are allowed the rest is filtered # GW1 allows only CAN_TEST_MSG to be forwarded when coming from can_0 # fst = [can_registration.CAN_TEST_MSG] # scd = can_registration.AUTH_MESSAGES + [500] # api.gateway_filter_bus(gateway_group_1, {'CAN_0':[1,2,3,4,5], 'CAN_1':[1,2,3,4,5,2730,511]}) # api.gateway_filter_sending_bus(gateway_group_1, {'CAN_0':[1, 2, 3, 4, 2730, 5, 6, 7, 8, 9], 'CAN_1':[1, 2, 3, 4, 5, 6, 7, 8, 9, 2730, 511], 'CAN_2':[1, 2, 3, 4, 5, 6, 7, 8, 9, 2730, 511]}) api.register_ecu_groups_to_secmod(my_env, sec_mod_group[0].ecu_id, [ecu_group_1 + ecu_group_3 + ecu_group_4])