| CPC G06F 21/554 (2013.01) [G06F 21/53 (2013.01); G06F 2221/033 (2013.01)] | 18 Claims |
|
1. A system for configuring an intrusion detection system, the system comprising:
an input device,
a display device, and
an electronic processor, the electronic processor configured to
receive input, via the input device, including a previous configuration file, a data bus configuration file, and user input,
obtain configuration values from the user input, wherein the configuration values define conditions associated with messages and signals, and the conditions are a basis for detection of an anomaly associated with the messages and the signals,
run, with an intrusion detection system configuration tool, a simulation of communication on a vehicle communication system based on the input received,
generate log errors of the simulation associated with anomalies, wherein the log errors are at least one selected from the group consisting of a detected false positive and a detected false negative,
repeatedly determine an adjustment to configuration values based on the log errors of the simulation associated with anomalies, until no false positives and no false negatives occur in results of running the simulation,
display, on the display device, the results of running the simulation with the intrusion detection system configuration tool, and
output a new configuration file and a file configured to be uploaded to a vehicle.
|