CN108173806A - Distributed network system (DNS), isolating device, message transmitting method and the automobile of automobile - Google Patents

Distributed network system (DNS), isolating device, message transmitting method and the automobile of automobile Download PDF

Info

Publication number
CN108173806A
CN108173806A CN201711200898.7A CN201711200898A CN108173806A CN 108173806 A CN108173806 A CN 108173806A CN 201711200898 A CN201711200898 A CN 201711200898A CN 108173806 A CN108173806 A CN 108173806A
Authority
CN
China
Prior art keywords
message
control module
bus run
isolating device
transmitted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711200898.7A
Other languages
Chinese (zh)
Other versions
CN108173806B (en
Inventor
杨振业
文亮
伍昀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beiqi Foton Motor Co Ltd
Original Assignee
Beiqi Foton Motor Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beiqi Foton Motor Co Ltd filed Critical Beiqi Foton Motor Co Ltd
Priority to CN201711200898.7A priority Critical patent/CN108173806B/en
Publication of CN108173806A publication Critical patent/CN108173806A/en
Application granted granted Critical
Publication of CN108173806B publication Critical patent/CN108173806B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40006Architecture of a communication node
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/40273Bus for use in transportation systems the transportation system being a vehicle

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)

Abstract

The invention discloses a kind of distributed network system (DNS) of automobile, isolating device, message transmitting method and automobiles.Wherein, the distributed network system (DNS) of the automobile includes:Car diagnostic interface network, in-vehicle network and isolating device, wherein, isolating device is between car diagnostic interface network and in-vehicle network, for the message for being unsatisfactory for default safety condition to be isolated.The present invention is solved since distribution is become integrated network management system formula framework in the prior art, caused to design the technical issues of complicated of high cost.

Description

Distributed network system (DNS), isolating device, message transmitting method and the automobile of automobile
Technical field
The present invention relates to auto manufacturing technology application field, in particular to a kind of distributed network system (DNS) of automobile, Isolating device, message transmitting method and automobile.
Background technology
It is to pass through bus between each electronic control unit there is a large amount of electronic control unit in existing automobile Issuing for the transmission of data and interaction and control instruction is carried out, so there are one in the network architecture of entire vehicle bus The framework of kind distributed network.
The characteristics of framework of the distributed network is each controller by several bus network consistings, is led between each network It crosses several controllers and is forwarded communication, this mode does not have unified network management device to be scheduled, and final each item Network is connected directly on the diagnosis interface of vehicle, refers to Fig. 1, and Fig. 1 is the signal of the framework of distributed network in the prior art Figure.But this mode safety is low, can access interior all network and controller by car diagnostic interface, pass through This diagnosis interface malice sends interference message or forges the special message of controller, it is possible to reach interference or the interior communication of paralysis, Or make the serious consequences such as the improper enabling/closing of relevant in-vehicle function.
Based on the automobile market in the whole world, the vehicle fleet size with distributed network architecture is huge.But with to vehicle network Security requirement is higher and higher, and there is an urgent need to the safeties that specific aim promotes this network architecture.But according to current solution party Case is only again designed the network architecture, and distribution is become the capable realization of integrated network management system formula framework.But in this way If can involve a large amount of design alteration and change in the work, cost is very high.
For above-mentioned since distribution become integrated network management system formula framework in the prior art, caused design it is complicated into The problem of this is high, currently no effective solution has been proposed.
Invention content
An embodiment of the present invention provides a kind of distributed network system (DNS) of automobile, isolating device, message transmitting method and vapour Vehicle, at least to solve since distribution is become integrated network management system formula framework, the caused complicated cost of design in the prior art The technical issues of high.
One side according to embodiments of the present invention provides a kind of isolating device, including:Main control module route message Control module and bus run control module;Wherein, main control module, for carrying out enabled control, and root to routing module control The route test function of routing module control is activated or disabled from according to external power supply and communication input condition;It route message control mould Block, one end are connect with main control module, and the other end is connect with bus run control module, for what is forwarded to message in bus run Path is adjusted, and verifies whether the message in each bus run meets default safety condition;Bus run control module, One end is connect with routing message control module, is used for transmission the message for meeting default safety condition.
Optionally, isolating device further includes:Power supply and communication wake up line;Wherein, power supply is connect with main control module, is used for It powers to main control module;Communication wakes up line, is connect with main control module, enters communication pattern for waking up main control module.
Optionally, the corresponding bus run number of bus run control module is even number, and bus run control module Number it is identical with bus run.
Optionally, isolating device is located in the distributed network system (DNS) of automobile, wherein, the distributed network system (DNS) packet of automobile It includes:Car diagnostic interface network and in-vehicle network, isolating device are used between car diagnostic interface network and in-vehicle network Isolation is unsatisfactory for the message of default safety condition.
Other side according to embodiments of the present invention provides a kind of distributed network system (DNS) of automobile, including:It is vehicle-mounted Diagnose interface network, in-vehicle network and isolating device, wherein, isolating device be located at car diagnostic interface network and in-vehicle network it Between, for the message for being unsatisfactory for default safety condition to be isolated.
Wherein, isolating device includes a kind of isolating device provided in terms of said one.
Optionally, isolating device includes:Main control module route message control module and bus run control module;Wherein, Main control module for carrying out enabled control to routing module control, and according to external power supply and the activation of communication input condition or is prohibited The only route test function of routing module control;Message control module is route, one end is connect with main control module, the other end and bus Channel control module connects, and the path for being forwarded to message in bus run is adjusted, and verify in each bus run Message whether meet default safety condition;Bus run control module, one end is connect with routing message control module, for passing It is filled the message of the default safety condition of foot.
Further, optionally, isolating device further includes:Power supply and communication wake up line;Wherein, power supply, with main control module Connection, for powering to main control module;Communication wakes up line, is connect with main control module, enters communication mould for waking up main control module Formula.
Optionally, the corresponding bus run number of bus run control module is even number, and bus run control module Number it is identical with bus run.
Another aspect according to embodiments of the present invention provides a kind of message transmitting method, including:Pass through main control module Control routing message control module is adjusted the path of message forwarding to be transmitted in bus run;By routeing message control Whether the message to be transmitted in each bus run of module verification meets default safety condition;In routing message control module verification In the case that message to be transmitted in bus run meets default safety condition, met by the transmission of bus run control module pre- If the message to be transmitted of safety condition.
Optionally, whether met by the message to be transmitted routeing in each bus run of message control module verification default Safety condition includes:If it is judge the service identifiers in message to be transmitted whether be this channel the service mark needed after sale Know;If the service identifiers in message to be transmitted are the service identifiers needed after sale of this channel, whether service identifiers are judged Belong to the risk service in default safety condition;If it is confirmed that for risk service, then source node safety verification is carried out, and passed through total Line passage control module clearance be verified after the corresponding message to be transmitted of service identifiers;If source node safety verification loses It loses, then the access of message to be transmitted is forbidden by bus run control module and forbids forwarding.
Further, optionally, it if it is confirmed that for risk service, then carries out source node safety verification and includes:Service is marked Safety identification check code in knowledge and the secondary verification code that is obtained after secondary cryptographic calculation to check code is identified to carry out safely with Pre-stored values are verified.
Optionally, this method further includes:It is logical that if the message identification of message to be transmitted is not belonging to this in default safety condition The mark of the diagnosis message class in road, then forbid accessing or forbid forwarding by bus run control module.
Optionally, the message that default safety condition is met by the transmission of bus run control module includes:If service mark Know the risk service being not belonging in default safety condition, then message to be transmitted is sent by bus run control module.
Another aspect according to embodiments of the present invention provides a kind of automobile, including:The distributed network system of automobile System, wherein, the distributed network system (DNS) of automobile includes the distributed network system (DNS) of above-mentioned automobile.
In embodiments of the present invention, using the side that isolating device is set between car diagnostic interface network and in-vehicle network Formula route road of the message control module to message forwarding to be transmitted in bus run by the master control module controls in isolating device Diameter is adjusted;Verify whether the message to be transmitted in each bus run meets default safety by routeing message control module Condition;In the case that message to be transmitted in routing message control module verification bus run meets default safety condition, lead to The message to be transmitted that the transmission of bus run control module meets default safety condition is crossed, has reached reduction design complexities and cost Purpose, it is achieved thereby that on the basis of not changing existing network system realize network system safety technique effect, into And it solves since distribution is become integrated network management system formula framework, the caused complicated skill of high cost of design in the prior art Art problem.
Description of the drawings
Attached drawing described herein is used to provide further understanding of the present invention, and forms the part of the application, this hair Bright illustrative embodiments and their description do not constitute improper limitations of the present invention for explaining the present invention.In the accompanying drawings:
Fig. 1 is the schematic diagram of the system of distributed network in the prior art;
Fig. 2 is a kind of structure diagram of the distributed network system (DNS) of according to embodiments of the present invention one automobile;
Fig. 3 is the structure diagram of the distributed network system (DNS) of according to embodiments of the present invention one another automobile;
Fig. 4 be a kind of according to embodiments of the present invention one automobile distributed network system (DNS) in isolating device structural representation Figure;
Fig. 5 is a kind of flow diagram of according to embodiments of the present invention three message transmitting method;
Fig. 6 is the service message for judging to diagnose after sale needs in a kind of according to embodiments of the present invention three message transmitting method The schematic diagram of flow;
Fig. 7 is a kind of according to embodiments of the present invention three message transmitting method risk message source node security verification sequence Schematic diagram;
Fig. 8 be according to embodiments of the present invention three a kind of message transmitting method in source address information verification message format show It is intended to.
Specific embodiment
In order to which those skilled in the art is made to more fully understand the present invention program, below in conjunction in the embodiment of the present invention The technical solution in the embodiment of the present invention is clearly and completely described in attached drawing, it is clear that described embodiment is only The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people Member's all other embodiments obtained without making creative work should all belong to the model that the present invention protects It encloses.
It should be noted that term " first " in description and claims of this specification and above-mentioned attached drawing, " Two " etc. be the object for distinguishing similar, and specific sequence or precedence are described without being used for.It should be appreciated that it uses in this way Data can be interchanged in the appropriate case, so as to the embodiment of the present invention described herein can in addition to illustrating herein or Sequence other than those of description is implemented.In addition, term " comprising " and " having " and their any deformation, it is intended that cover Cover it is non-exclusive include, be not necessarily limited to for example, containing the process of series of steps or unit, method, system, product or equipment Those steps or unit clearly listed, but may include not listing clearly or for these processes, method, product Or the intrinsic other steps of equipment or unit.
Embodiment one
According to embodiments of the present invention, a kind of embodiment of the method for the distributed network system (DNS) of automobile is provided, needs to illustrate , step shown in the flowchart of the accompanying drawings can hold in the computer system of such as a group of computer-executable instructions Row, although also, show logical order in flow charts, it in some cases, can be to be different from sequence herein Perform shown or described step.
Fig. 2 is a kind of structure diagram of the distributed network system (DNS) of according to embodiments of the present invention one automobile, such as Fig. 2 institutes Show, the distributed network system (DNS) of the automobile includes:
Car diagnostic interface network 21, in-vehicle network 22 and isolating device 23, wherein, isolating device 23 is located at onboard diagnostics Between interface network 21 and in-vehicle network 22, for the message for being unsatisfactory for default safety condition to be isolated.
Specifically, the distributed network system (DNS) for the automobile that the application provides is different from the prior art, Fig. 3 is according to the present invention The structure diagram of the distributed network system (DNS) of another automobile of embodiment one, as shown in figure 3, isolating device 23 is positioned at vehicle-mounted It diagnoses between interface network 21 and in-vehicle network 22, the service message for diagnosing needs after sale having to only this channel could quilt It is transferred to in-vehicle network or lets pass to car diagnostic interface (that is, the isolation that the application provides is unsatisfactory for the report of default safety condition Text), while in order to further improve the security, xegregating unit can carry out source node safety to the equipment for connecting car diagnostic interface Verification, confirmation are just to allow to let pass after the diagnostic equipment that genuine is specified, otherwise similary denied access.
In embodiments of the present invention, using the side that isolating device is set between car diagnostic interface network and in-vehicle network Formula, by receiving message to be transmitted;Judge whether message to be transmitted meets default safety condition;It is transmitted according to judging result to be passed Defeated message has achieved the purpose that reduce design complexities and cost, it is achieved thereby that on the basis of not changing existing network system It realizes the technique effect of the safety of network system, and then solves and become distribution due in the prior art to concentrate network pipe Reason formula framework, it is caused to design the technical issues of complicated of high cost.
Specifically, Fig. 4 be a kind of according to embodiments of the present invention one automobile distributed network system (DNS) in isolating device Structure diagram, as shown in figure 4, the isolating device in the distributed network system (DNS) for the automobile that the application provides is specific as follows:
Optionally, isolating device 23 includes:Main control module 231 route message control module 232 and bus run control mould Block 233;Wherein, main control module 231, for carrying out enabled control to routing module control 232, and according to external power supply and communication Input condition is activated or disabled from the route test function of routing module control 232;It route message control module 232, one end and master Control module 231 connects, and the other end is connect with bus run control module 233, for the path forwarded to message in bus run It is adjusted, and verifies whether the message in each bus run meets default safety condition;Bus run control module 233, One end is connect with routing message control module 232, is used for transmission the message for meeting default safety condition.
Further, optionally, isolating device 23 further includes:Power supply 234 and communication wake up line 235;Wherein, power supply 234, It is connect with main control module 231, for powering to main control module 231;Communication wakes up line 235, connect, is used for main control module 231 It wakes up main control module and enters communication pattern.
Optionally, the corresponding bus run number of bus run control module is even number, and bus run control module Number it is identical with bus run.
To sum up, the isolating device 23 in the distributed network system (DNS) for the automobile that the application provides includes:Main control module 231, Message control module 232 and bus run control module 233 are route, wherein, as shown in figure 4, main control module 231 is labeled as 1, road By message control module 232 labeled as 2, bus run control module 233 is labeled as 3 to 8.
Wherein, isolating device 23 has bus run (one bus of each bus run correspondence of 2 or more (even number) Channel control module 233), being inserted into needs between in-vehicle network and car diagnostic interface network to be protected, each two bus run Between bind one by one, such as channel 1 can only communicate with channel 2, channel 3 can only communicate with channel 4, and so on.In order to facilitate reality Border uses, and the channel of binding can pass through software configuration change.Channel 1 can such as be made into communicate with channel 3, channel 2 communicates with channel 4 Deng.The isolating device 23 by communication wake up line 235 can supporting bus message wake up with rigid line wake up, after wake-up control routing report Literary control module 232 establishes rapidly the routing forwarding ability of message.Each bus run is established in isolating device 23 fair Perhaps the service message for diagnosing needs after sale that the message list let pass, only this channel have can just be transferred into in-vehicle network or put It goes to car diagnostic interface.
Simultaneously in order to further improve the security, isolating device 23 can be to vehicle-mounted examining in connection car diagnostic interface network The equipment of slave interrupt interface carries out source node safety verification, and confirmation is just to allow to let pass after the diagnostic equipment that genuine is specified, and is otherwise equally refused It accesses absolutely.
It should be noted that in depot's development phase, often needed in the stages such as functional verification, road tests by vehicle-mounted Diagnosis interface directly reads the message data of in-vehicle network, works for convenience of development phase, is configured permits in isolating device 23 at this time Perhaps the message name let pass is designed to configurable part, development phase can by software configuration into without filtering, this after It does not work from device 23.When entering volume production and follow-up operation and maintenance, isolating device 23 is enabled, isolating device 23 is sent out at this time Wave proper function.
The distributed network system (DNS) for the automobile that the application provides does not have to change original network system, original module it is soft or hard Under the premise of part designs and most harness can all remain unchanged, it is greatly saved cost, and by car diagnostic interface net Network is isolated with in-vehicle network, avoids unauthorized third party that from can accessing interior all networks by car diagnostic interface And controller, by malice send interference message or forge the special message of controller make relevant in-vehicle function it is improper enable/ The serious consequences such as closing.So as to improve the safety of distributed network system (DNS).
The distributed network system (DNS) for the automobile that the application provides can be without changing original network system, original module Design of hardware and software and most harness under the premise of, car diagnostic interface network with in-vehicle network is isolated, is kept away Interior all network and controller can be accessed by car diagnostic interface by exempting from unauthorized third party, be sent by malice dry Disturbing message or forging the special message of controller makes the serious consequences such as the improper enabling/closing of relevant in-vehicle function.Improve distribution The safety of formula network system.Bus run binding setting and filtering function can be by soft in the isolating device that the application provides Part is configured, therefore flexibility is high, while also can be extended in the network that other interior needs are isolated, and has very strong practicality Property.
Embodiment two
Other side according to embodiments of the present invention provides a kind of isolating device, including:Main control module, routing report Literary control module and bus run control module;Wherein, main control module, for carrying out enabled control to routing module control, and The route test function of routing module control is activated or disabled from according to external power supply and communication input condition;It route message control mould Block, one end are connect with main control module, and the other end is connect with bus run control module, for what is forwarded to message in bus run Path is adjusted, and verifies whether the message in each bus run meets default safety condition;Bus run control module One end with routing message control module connect, bus run control module, be used for transmission meet preset safety condition message.
The application provide isolating device corresponding embodiment one in isolating device 23, the application provide isolating device in Main control module corresponding embodiment one in main control module 231, the routing report in routing message control module corresponding embodiment one Literary control module 232, the bus run control module 233 in bus run control module corresponding embodiment one.The application provides Isolating device structure it is as shown in Figure 4.
Optionally, isolating device further includes:Power supply and communication wake up line interface;Wherein, power supply is connect with main control module, For powering to main control module;Communication wakes up line, is connect with main control module, enters communication pattern for waking up main control module.
Optionally, the corresponding bus run number of bus run control module is even number, and bus run control module Number it is corresponding with bus run.
Optionally, isolating device is located in the distributed network system (DNS) of automobile, wherein, the distributed network system (DNS) packet of automobile It includes:Car diagnostic interface network and in-vehicle network, isolating device are used between car diagnostic interface network and in-vehicle network Isolation is unsatisfactory for the message of default safety condition.
Embodiment three
Another aspect according to embodiments of the present invention provides a kind of message transmitting method, applied to one He of embodiment Isolating device in embodiment two, Fig. 5 are a kind of flow diagrams of according to embodiments of the present invention three message transmitting method, such as Shown in Fig. 5, including:
Step S502 route what message control module forwarded message to be transmitted in bus run by master control module controls Path is adjusted;
Step S504, it is pre- by the way that whether the message to be transmitted routeing in each bus run of message control module verification meets If safety condition;
Step S506, the message to be transmitted in routing message control module verification bus run meet default safety condition In the case of, the message to be transmitted for presetting safety condition is met by the transmission of bus run control module.
Specifically, the message transmitting method that the application provides can be applied to the distributed network of one corresponding automobile of embodiment Isolating device in network system and applied to two corresponding isolating device of embodiment, wherein, isolating device is receiving car After the message to be transmitted that network or onboard diagnostics network are sent, judge whether message to be transmitted meets default safety condition, and according to It is judged that result is to in-vehicle network or onboard diagnostics network transmission message to be transmitted.
In embodiments of the present invention, using the side that isolating device is set between car diagnostic interface network and in-vehicle network Formula route road of the message control module to message forwarding to be transmitted in bus run by the master control module controls in isolating device Diameter is adjusted;Verify whether the message to be transmitted in each bus run meets default safety by routeing message control module Condition;In the case that message to be transmitted in routing message control module verification bus run meets default safety condition, lead to The message to be transmitted that the transmission of bus run control module meets default safety condition is crossed, has reached reduction design complexities and cost Purpose, it is achieved thereby that on the basis of not changing existing network system realize network system safety technique effect, into And it solves since distribution is become integrated network management system formula framework, the caused complicated skill of high cost of design in the prior art Art problem.
Optionally, verify that the message to be transmitted in each bus run is by routeing message control module in step S504 The no default safety condition of satisfaction includes:
Step1, if it is judge the service identifiers in message to be transmitted whether be this channel the service needed after sale Mark;
Step2 if the service identifiers in message to be transmitted are the service identifiers needed after sale of this channel, judges to take Business identifies whether to belong to the risk service in default safety condition;
Step3 if it is confirmed that for risk service, then carries out source node safety verification, and pass through bus run control module The corresponding message to be transmitted of service identifiers let pass after being verified;
Step4 if source node safety verification fails, forbids the visit of message to be transmitted by bus run control module It asks about and forbids forwarding.
Specifically, as shown in fig. 6, Fig. 6 is judged after sale in a kind of according to embodiments of the present invention three message transmitting method Diagnose the schematic diagram of the service message flow needed.
Step S1, judges whether the message identification of message to be transmitted belongs to the diagnosis message of this channel in default safety condition The mark of class;
Step S2, if not then forbidding accessing or forbid forwarding;
Step S3, if it is judge the service identifiers in message to be transmitted whether be this channel the service needed after sale Mark;
Step S4, if not forbidding accessing or forbid forwarding;
Step S5, if it is judges whether service identifiers belong to the risk service in default safety condition;
Step S6, if not then allowing to let pass;
Step S7 if it is confirmed that for risk service, then carries out source node safety verification, and the service after being verified of letting pass Identify corresponding message to be transmitted;
Step S8 if source node safety verification fails, forbids the access of message to be transmitted and forbids forwarding.
Wherein, judge whether message to be transmitted meets default safety condition in the application, and treated according to judging result transmission Transmitting message includes:
First judge whether message identification ID belongs to the mark ID of the diagnosis message class of this channel, if not then forbidding It accesses or forwards.Judge the service ID in message whether be this channel the service needed after sale, if not also forbidding accessing Or forwarding.Judge whether this service is risk service again, if not then allowing to let pass.If it is confirmed that for risk service, then into Row source node safety verification.Just allow to let pass after being verified, otherwise equally forbid accessing and forwarding.
Further, optionally, it then carries out source node if it is confirmed that for risk service in above-mentioned steps Step3 and tests safely Card includes:
By the safety identification check code security verification code in service identifiers and to identifying school safely Test yard security verification code carry out the secondary verification code obtained after secondary cryptographic calculation and pre-stored values into Row verification.
Specifically, the application needs to increase source address information verification message after every risk message, wrapped in verification message The security verification code that are obtained containing diagnostic equipment according to this information of vehicles from after-sale service device and right Security verification code carry out the secondary verification code obtained after secondary cryptographic calculation.The report that the application provides The corresponding isolating device of message transmitting method need to security verification code and it is secondary verification code with it is interior The right value in portion is compared, and could pass through verification after whole is correct.Wherein, risk message source node security verification sequence is as schemed Shown in 7, Fig. 7 is a kind of according to embodiments of the present invention three message transmitting method risk message source node security verification sequence Schematic diagram, the message format of source address information verification here is as shown in figure 8, Fig. 8 is a kind of according to embodiments of the present invention three message The schematic diagram of source address information verification message format in transmission method.
Wherein, source address information verification message format in this vehicle security verification code according to Information of vehicles is obtained by diagnostic device from after-sale service device, wherein, the security verification code totally three words Section, i.e. position shown in Fig. 8 bends grid;Secondary verification code in source address information verification message format, that is, pass through It is obtained after carrying out special operation to security verification code, in fig. 8 the position shown in grid;Source address Serial number bit in the Information Authentication message format blank cell in Fig. 8, wherein, sequence number range 1-255, wherein, 1-255 marks Which frame is knowledge current sequence number be.
Optionally, the message transmitting method that the application provides further includes:
After above-mentioned Step1, before Step2, if the message identification of message to be transmitted is not belonging to default safety condition The mark of the diagnosis message class of middle channel, then forbid accessing or forbid forwarding by bus run control module.
Optionally, the message for meeting default safety condition in step S506 by the transmission of bus run control module includes:
After above-mentioned Step2, before Step3, if service identifiers are not belonging to the risk service in default safety condition, Message to be transmitted is then sent by bus run control module.
It should be noted that the above-mentioned risk message source node security verification sequence of the application and source address information verification report Literary form is only illustrated for above-mentioned, be subject to realize the application provide message transmitting method, do not limit specifically.
The application provide message transmitting method apply automobile distributed network system (DNS) can without change Under the premise of original network system, the design of hardware and software of original module and most harness, by car diagnostic interface net Network is isolated with in-vehicle network, avoids unauthorized third party that from can accessing interior all networks by car diagnostic interface And controller, by malice send interference message or forge the special message of controller make relevant in-vehicle function it is improper enable/ The serious consequences such as closing.Improve the safety of distributed network system (DNS).The application provide message transmitting method apply Bus run binding setting and filtering function can be configured by software in isolating device, therefore flexibility is high, while It can be extended in the network that other interior needs are isolated, there is very strong practicability.
Example IV
Another aspect according to embodiments of the present invention provides a kind of automobile, including:The distributed network system of automobile System, wherein, the distributed network system (DNS) of automobile includes the distributed network system (DNS) of above-mentioned automobile.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
In the above embodiment of the present invention, all emphasize particularly on different fields to the description of each embodiment, do not have in some embodiment The part of detailed description may refer to the associated description of other embodiment.
In several embodiments provided herein, it should be understood that disclosed technology contents can pass through others Mode is realized.Wherein, the apparatus embodiments described above are merely exemplary, such as the division of the unit, Ke Yiwei A kind of division of logic function, can there is an other dividing mode in actual implementation, for example, multiple units or component can combine or Person is desirably integrated into another system or some features can be ignored or does not perform.Another point, shown or discussed is mutual Between coupling, direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some interfaces, unit or module It connects, can be electrical or other forms.
The unit illustrated as separating component may or may not be physically separate, be shown as unit The component shown may or may not be physical unit, you can be located at a place or can also be distributed to multiple On unit.Some or all of unit therein can be selected according to the actual needs to realize the purpose of this embodiment scheme.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also That each unit is individually physically present, can also two or more units integrate in a unit.Above-mentioned integrated list The form that hardware had both may be used in member is realized, can also be realized in the form of SFU software functional unit.
If the integrated unit is realized in the form of SFU software functional unit and is independent product sale or uses When, it can be stored in a computer read/write memory medium.Based on such understanding, technical scheme of the present invention is substantially The part to contribute in other words to the prior art or all or part of the technical solution can be in the form of software products It embodies, which is stored in a storage medium, is used including some instructions so that a computer Equipment (can be personal computer, server or network equipment etc.) perform each embodiment the method for the present invention whole or Part steps.And aforementioned storage medium includes:USB flash disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited Reservoir (RAM, Random Access Memory), mobile hard disk, magnetic disc or CD etc. are various can to store program code Medium.
The above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications also should It is considered as protection scope of the present invention.

Claims (11)

1. a kind of isolating device, which is characterized in that including:
Main control module route message control module and bus run control module;
Wherein, the main control module, for carrying out enabled control to the routing module control, and according to external power supply and communication Input condition is activated or disabled from the route test function of the routing module control;
The routing message control module, one end are connect with the main control module, the other end and the bus run control module Connection, the path for being forwarded to message in bus run are adjusted, and verify that the message in each bus run is It is no to meet default safety condition;
The bus run control module, one end connect with the routing message control module, are used for transmission and meet described preset The message of safety condition.
2. isolating device according to claim 1, which is characterized in that the isolating device further includes:
Power supply and communication wake up line;
Wherein, the power supply is connect with the main control module, for powering to the main control module;
The communication wakes up line, is connect with the main control module, enters communication pattern for waking up the main control module.
3. isolating device according to claim 1, which is characterized in that the bus run control module is corresponding described total Line passage number is even number, and the number of the bus run control module is identical with the bus run.
4. isolating device according to any one of claim 1 to 3, which is characterized in that the isolating device is located at automobile Distributed network system (DNS) in, wherein, the distributed network system (DNS) of the automobile includes:Car diagnostic interface network and interior net Network, the isolating device are unsatisfactory for presetting between the car diagnostic interface network and the in-vehicle network for being isolated The message of safety condition.
5. a kind of distributed network system (DNS) of automobile, which is characterized in that including:
Car diagnostic interface network, in-vehicle network and isolating device, wherein,
The isolating device is unsatisfactory for presetting between the car diagnostic interface network and the in-vehicle network for being isolated The message of safety condition;
Wherein, the isolating device includes the isolating device described in any one in Claims 1-4.
6. a kind of message transmitting method, which is characterized in that including:
Message control module is route by master control module controls to be adjusted the path of message forwarding to be transmitted in bus run;
Verify whether the message to be transmitted in each bus run meets default peace by the routing message control module Full condition;
The message to be transmitted in the routing message control module verification bus run meets the default safety condition In the case of, the message to be transmitted for meeting the default safety condition is transmitted by bus run control module.
7. message transmitting method according to claim 6, which is characterized in that described to pass through the routing message control module Verify whether the message in each bus run meets the default safety condition and include:
Judge whether the message identification of the message to be transmitted belongs to the diagnosis message class of this channel in the default safety condition Mark;
If it is judge the service identifiers in the message to be transmitted whether be described channel the service mark needed after sale Know;
If the service identifiers in the message to be transmitted are the service identifiers needed after sale of described channel, described in judgement Whether service identifiers belong to the risk service in the default safety condition;
If it is confirmed that for risk service, then source node safety verification is carried out, and it is logical to pass through the clearance verification of bus run control module Later the corresponding message to be transmitted of the service identifiers;
If the source node safety verification failure, forbids the access of the message to be transmitted by bus run control module And forbid forwarding.
8. message transmitting method according to claim 7, which is characterized in that it is described if it is confirmed that for risk service, then into Row source node safety verification includes:
By the safety identification check code in the service identifiers and to identifying that check code obtains after carrying out secondary cryptographic calculation safely Secondary verification code verified with pre-stored values.
9. message transmitting method according to claim 7, which is characterized in that the method further includes:
If the message identification of the message to be transmitted is not belonging to the diagnosis message class of this channel in the default safety condition Mark, then forbid accessing or forbid forwarding by bus run control module.
10. message transmitting method according to claim 7, which is characterized in that described to be passed by bus run control module The message for being filled the foot default safety condition includes:
If the service identifiers are not belonging to the risk service in the default safety condition, pass through bus run control module Send the message to be transmitted.
11. a kind of automobile, which is characterized in that including:The distributed network system (DNS) of automobile, wherein, the distributed network of the automobile Network system includes the distributed network system (DNS) of the automobile described in claim 5.
CN201711200898.7A 2017-11-27 2017-11-27 Distributed network system of automobile, isolation device, message transmission method and automobile Active CN108173806B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711200898.7A CN108173806B (en) 2017-11-27 2017-11-27 Distributed network system of automobile, isolation device, message transmission method and automobile

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711200898.7A CN108173806B (en) 2017-11-27 2017-11-27 Distributed network system of automobile, isolation device, message transmission method and automobile

Publications (2)

Publication Number Publication Date
CN108173806A true CN108173806A (en) 2018-06-15
CN108173806B CN108173806B (en) 2020-12-08

Family

ID=62527663

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711200898.7A Active CN108173806B (en) 2017-11-27 2017-11-27 Distributed network system of automobile, isolation device, message transmission method and automobile

Country Status (1)

Country Link
CN (1) CN108173806B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111447165A (en) * 2018-12-29 2020-07-24 北京奇虎科技有限公司 Vehicle safety protection method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103809574A (en) * 2014-02-28 2014-05-21 北京经纬恒润科技有限公司 Method for improving security of remote control vehicle
CN106154903A (en) * 2015-04-16 2016-11-23 上海汽车集团股份有限公司 Carry out, with peripheral hardware, the system and method that information is mutual for car load network
CN106647682A (en) * 2015-10-29 2017-05-10 北汽福田汽车股份有限公司 Information obtaining method and device for vehicle fault diagnosis
US20170324817A1 (en) * 2016-05-05 2017-11-09 Veniam, Inc. Systems and Methods for Managing Vehicle OBD Data in a Network of Moving Things, for Example Including Autonomous Vehicle Data

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103809574A (en) * 2014-02-28 2014-05-21 北京经纬恒润科技有限公司 Method for improving security of remote control vehicle
CN106154903A (en) * 2015-04-16 2016-11-23 上海汽车集团股份有限公司 Carry out, with peripheral hardware, the system and method that information is mutual for car load network
CN106647682A (en) * 2015-10-29 2017-05-10 北汽福田汽车股份有限公司 Information obtaining method and device for vehicle fault diagnosis
US20170324817A1 (en) * 2016-05-05 2017-11-09 Veniam, Inc. Systems and Methods for Managing Vehicle OBD Data in a Network of Moving Things, for Example Including Autonomous Vehicle Data

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111447165A (en) * 2018-12-29 2020-07-24 北京奇虎科技有限公司 Vehicle safety protection method and device
CN111447165B (en) * 2018-12-29 2023-10-31 北京奇虎科技有限公司 Vehicle safety protection method and device

Also Published As

Publication number Publication date
CN108173806B (en) 2020-12-08

Similar Documents

Publication Publication Date Title
US11283601B2 (en) Update management method, update management system, and non-transitory recording medium
CN105009545B (en) There is the motor vehicles travelling behavior that can change subsequently through application program
CN109327307B (en) Automobile remote control method based on CAN bus
EP3316524B1 (en) Protection device from cyber attacks to a vehicle through a diagnostic connector and related method
CN110406485B (en) Illegal detection method and vehicle-mounted network system
Jafarnejad et al. A car hacking experiment: When connectivity meets vulnerability
KR101589217B1 (en) Method and system for providing vehicle security service
EP1582961B1 (en) Controlling data access to electronic control units in vehicles
CN106154903B (en) The system and method for carrying out information exchange for vehicle network and peripheral hardware
ITTO20090779A1 (en) METHOD AND SYSTEM FOR PROCESSING INFORMATION RELATING TO A VEHICLE
CN109688146A (en) A kind of data access method, gateway controller and automobile
CN106059754A (en) Vehicle data processing method and system, and devices
CN107817779A (en) The system and method for the unregistered device of Information Authentication based on Ethernet switch
CN106155043A (en) Vehicle data acquisition methods, device and equipment
CN106385405A (en) Vehicle activation method
CN108173820A (en) Vehicle authorization method and system based on particular account
JP7412506B2 (en) Fraud detection rule update method, fraud detection electronic control unit and in-vehicle network system
CN110545220A (en) Automobile diagnosis protocol detection method and related product
CN110113378A (en) Vehicle authentication method and its device
CN110493294A (en) Update method, system, readable storage medium storing program for executing and the terminal of vehicle electronic circuit module
CN106982213A (en) A kind of network attack defence method and relevant apparatus applied to mobile unit
CN108173806A (en) Distributed network system (DNS), isolating device, message transmitting method and the automobile of automobile
US11783302B2 (en) Authorization of vehicle repairs
CN111447589A (en) Vehicle-mounted Ethernet diagnosis system monitoring and authorized use method based on mobile communication
Stachowski et al. Cybersecurity research considerations for heavy vehicles

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant