CN108207039B - Safe transmission method of vehicle-mounted data, external equipment and vehicle-mounted gateway - Google Patents
Safe transmission method of vehicle-mounted data, external equipment and vehicle-mounted gateway Download PDFInfo
- Publication number
- CN108207039B CN108207039B CN201611179934.1A CN201611179934A CN108207039B CN 108207039 B CN108207039 B CN 108207039B CN 201611179934 A CN201611179934 A CN 201611179934A CN 108207039 B CN108207039 B CN 108207039B
- Authority
- CN
- China
- Prior art keywords
- vehicle
- message
- external device
- gateway
- mounted gateway
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/16—Gateway arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention provides a safe transmission method of vehicle-mounted data, external equipment and a vehicle-mounted gateway, wherein the method comprises the following steps: the external equipment sends a first message for requesting verification to the vehicle-mounted gateway; the vehicle-mounted gateway is arranged between the vehicle network and the vehicle-mounted diagnosis interface; the external device receives a second message carrying the check information and fed back by the vehicle-mounted gateway; the external device sends a third message carrying verification information to the vehicle-mounted gateway, so that the vehicle-mounted gateway judges whether the external device is legal or not according to the received verification information and the verification information sent to the external device; the external equipment legally acquires the target data from the vehicle-mounted gateway. According to the invention, the vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically separated, the legality of the external equipment needs to be determined through the vehicle-mounted gateway before data is sent to the external equipment, and the data transmission with the external equipment is carried out after the external equipment is legal, so that the safety of the transmission of vehicle-mounted data is improved.
Description
Technical Field
The invention relates to the field of train communication, in particular to a safe transmission method of vehicle-mounted data, external equipment and a vehicle-mounted gateway.
Background
Existing On-Board electronic devices, such as combination meters, multimedia systems, electronic parking, etc., can send data to an On-Board Diagnostic interface (OBD) via an On-Board communication network. Data transmission is mainly performed between the vehicle-mounted communication Network and the OBD by a Controller Area Network (CAN) bus. And the CAN bus transmits data based on a broadcast mode, so that some malicious or illegal data acquisition equipment CAN easily acquire data on the vehicle through the OBD.
Although the communication protocol of the vehicle-mounted electronic device is encrypted in order to improve the security of data transmission, some hackers or cracking teams can crack the relevant communication protocol from the acquired data, so that the electronic device on the vehicle can be successfully mastered and controlled, for example, corresponding information can be simulated to open a vehicle door, even the vehicle is started, and the security of the vehicle is low.
Disclosure of Invention
The present invention is directed to solving, at least to some extent, one of the technical problems in the related art.
Therefore, one object of the present invention is to provide a method for securely transmitting vehicle-mounted data, in which a vehicle-mounted gateway is arranged between a vehicle network and an OBD, the legitimacy of an external device is determined through the vehicle-mounted gateway, and data is transmitted to the external device only after the external device is legal, so as to solve the problem that some data acquisition devices in the prior art easily acquire communication data on a vehicle through the OBD.
Another object of the present invention is to provide a method for securely transmitting vehicle-mounted data.
Another objective of the present invention is to provide an external device.
Another object of the present invention is to provide a vehicular gateway.
In order to achieve the above object, an embodiment of the first aspect of the present invention provides a method for securely transmitting vehicle-mounted data, including:
the external equipment sends a first message for requesting verification to the vehicle-mounted gateway; the vehicle-mounted gateway is arranged between the vehicle network and the vehicle-mounted diagnosis interface;
the external device receives a second message carrying verification information and fed back by the vehicle-mounted gateway;
the external device sends a third message carrying the check information to the vehicle-mounted gateway so that the vehicle-mounted gateway judges whether the external device is legal or not according to the received check information and the check information sent to the external device;
and the external equipment acquires target data from the vehicle-mounted gateway after the vehicle-mounted gateway judges that the external equipment is legal.
In the method for securely transmitting vehicle-mounted data provided in the embodiment of the first aspect of the present invention, a vehicle-mounted gateway is disposed between a vehicle communication network and an OBD, so that the vehicle-mounted communication network and the OBD are physically isolated from each other, and before data is sent to an external device, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway.
In order to achieve the above object, a method for securely transmitting vehicle-mounted data according to an embodiment of a second aspect of the present invention includes:
the method comprises the steps that a vehicle-mounted gateway receives a first message which is sent by an external device and is checked by a request; the vehicle-mounted gateway is arranged between the vehicle-mounted communication network and the vehicle-mounted diagnosis interface;
the vehicle-mounted gateway sends a second message carrying verification information to the external equipment;
the vehicle-mounted gateway receives a third message which is sent by the external equipment and carries the check information;
the vehicle-mounted gateway judges whether the external equipment is legal or not according to the received verification information and the verification information sent to the external equipment;
and when the external equipment is legal, the vehicle-mounted gateway sends target data to the external equipment.
In the method for securely transmitting the vehicle-mounted data provided in the embodiment of the second aspect of the present invention, the vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated from each other, and before data is sent to the external device, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway.
In order to achieve the above object, an external device according to a third aspect of the present invention includes:
the first sending module is used for sending a first message for requesting verification to the vehicle-mounted gateway; wherein the on-board gateway is disposed between a vehicle network and an on-board diagnostic interface;
the receiving module is used for receiving a second message which carries the check information and is fed back by the vehicle-mounted gateway;
the second sending module is used for sending a third message carrying the check information to the vehicle-mounted gateway so that the vehicle-mounted gateway judges whether the external equipment is legal or not according to the received check information and the check information sent to the external equipment;
and the acquisition module is used for acquiring target data from the vehicle-mounted gateway after the vehicle-mounted gateway judges that the vehicle-mounted gateway is legal.
In the external device provided in the third aspect of the present invention, the vehicle-mounted gateway is disposed between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated from each other, and before sending data to the external device, the legitimacy of the external device needs to be determined by the vehicle-mounted gateway.
In order to achieve the above object, a vehicle gateway according to a fourth aspect of the present invention includes:
the first receiving module is used for receiving a first message which is sent by the external equipment and is checked by using the request;
the first sending module is used for sending a second message carrying verification information to the external equipment;
the second receiving module is used for receiving a third message which is sent by the external equipment and carries the check information;
the checking module is used for judging whether the external equipment is legal or not according to the received checking information and the checking information sent to the external equipment;
and the second sending module is used for sending the target data to the external equipment when the external equipment is legal.
In the vehicle-mounted gateway provided by the embodiment of the fourth aspect of the present invention, the vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated from each other, and before sending data to the external device, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway, and when the external device is legal, data transmission is performed with the external device, so that the security of vehicle-mounted data transmission is improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic flow chart of a method for securely transmitting vehicle-mounted data according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a connection relationship between an external device, a vehicle-mounted gateway, and an OBD according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of another method for securely transmitting vehicle-mounted data according to an embodiment of the present invention;
fig. 4 is a schematic flow chart of another method for securely transmitting vehicle-mounted data according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an external device according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a vehicle-mounted gateway according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a second sending module according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of another second sending module according to an embodiment of the present invention;
fig. 9 is a schematic structural diagram of a system for securely transmitting vehicle-mounted data according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar modules or modules having the same or similar functionality throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention. On the contrary, the embodiments of the invention include all changes, modifications and equivalents coming within the spirit and terms of the claims appended hereto.
Fig. 1 is a schematic flow chart of a method for securely transmitting vehicle-mounted data according to an embodiment of the present invention. The safe transmission method of the vehicle-mounted data comprises the following steps:
s101, the external device sends a first message for requesting verification to the vehicle-mounted gateway.
Wherein the on-board gateway is disposed between a vehicle network and an on-board diagnostics interface.
In order to avoid malicious or illegal data acquisition equipment, the communication data on the vehicle is acquired through the on-vehicle OBD, in this embodiment, a vehicle-mounted gateway is arranged between the OBD and the vehicle communication network, so that the OBD and the vehicle network are physically separated, the malicious or illegal data acquisition equipment can be physically isolated, and the communication data is acquired through the OBD directly connected with the vehicle network.
The external device related to the vehicle needs to perform data transmission to the device or equipment on the vehicle through the vehicle-mounted communication network, and because the vehicle-mounted gateway is arranged in the embodiment, the external device related to the vehicle needs to access the vehicle-mounted communication network through the vehicle-mounted gateway and then performs data transmission with the device or equipment on the vehicle.
In this embodiment, in order to ensure that the external device accessing the vehicle-mounted communication network is a legal device, the legitimacy of the external device needs to be determined by the vehicle-mounted gateway before accessing the vehicle-mounted communication network.
In order to acquire required information from the vehicle-mounted communication network, the external device first needs to send a first message for requesting verification to the vehicle-mounted gateway. In this embodiment, in order to implement communication between the external device and the vehicle-mounted gateway, a first communication protocol is preset for the external device, and the external device needs to construct a first message according to a rule in the first communication protocol. The first communication protocol may specify information to be carried in a packet, such as a sending node that sends the packet, a receiving node that receives the packet, and a packet type identifier, where the packet type identifier may indicate the packet type. The first communication protocol may specify the position of the information to be carried in the message and the allowed number of bytes.
Specifically, the external device writes an identification code of the external device, an identification code of a message type, and an identification code of the vehicle-mounted gateway into the first message according to a specification in the first communication protocol. The identification code of the external device is used for indicating a sending node corresponding to the first message, and the identification code of the vehicle-mounted gateway is used for indicating a receiving node corresponding to the first message. And the message type identification code is used for indicating that the first message is a message requiring verification.
S102, the external device receives a second message carrying the check information and fed back by the vehicle-mounted gateway.
After the external device sends the first message to the vehicle-mounted gateway, the vehicle-mounted gateway can learn that the external device requests to check the legality of the external device according to the first message. The vehicle-mounted gateway correspondingly carries the verification information in a second message and sends the second message to the external equipment, and the external equipment can receive the second message carrying the verification information and fed back by the vehicle-mounted gateway.
S103, the external device sends a third message carrying the check information to the vehicle-mounted gateway, so that the vehicle-mounted gateway judges whether the external device is legal or not according to the received check information and the check information sent to the external device.
Specifically, after receiving the second packet carrying the check information, the external device may parse the second packet and extract the check information. Further, in order to enable the vehicle-mounted gateway to recognize the legitimacy of the external device, the external device needs to resend the extracted verification information to the vehicle-mounted gateway, and the external device carries the extracted verification information in a third message and sends the third message to the vehicle-mounted gateway. The external device needs to construct a third message according to the specification in the first communication protocol.
Correspondingly, after receiving the third message, the vehicle-mounted gateway can analyze the third message to obtain the check information sent by the external device. Further, the vehicle-mounted gateway judges whether the external device is legal or not according to the received verification information and the verification information sent to the external device. Specifically, the vehicle-mounted gateway may compare the two pieces of verification information, and when the two pieces of verification information are consistent, it is determined that the external device is a legal device.
Further, in order to ensure the security of data transmission, the external device may encrypt the first message and the third message, where the first message and the third message carry encrypted information, and the vehicle-mounted gateway may obtain the data carried in the first message and the third message after decrypting according to an agreed decryption rule.
Further, a second message sent by the vehicle-mounted gateway to the external device is encrypted, and after the external device receives the second message, the external device decrypts the second message according to an agreed decryption rule, so that the verification information carried in the second message can be obtained.
And S104, the external device acquires the target data from the vehicle-mounted gateway after the vehicle-mounted gateway judges that the external device is legal.
In this embodiment, only when the external device is determined as a legal device by the vehicle-mounted gateway, the external device can acquire the required information, i.e., the target data, from the vehicle-mounted gateway. Specifically, the external device may send a message carrying gateway for requesting data to the vehicle-mounted gateway, acquire corresponding data according to a message requesting the data, and send the acquired data to the external device as target data.
In this embodiment, the external device communicates with the vehicle-mounted gateway through the OBD. Fig. 2 is a schematic diagram of a connection relationship between an external device, a vehicle-mounted gateway, and an OBD pin according to an embodiment of the present invention. The external device and the vehicle-mounted gateway are connected with the 11 pin and the 13 pin of the OBD, and through the connection mode, the external gateway can establish a communication channel with the vehicle-mounted gateway. Data transmission between the external device and the vehicle-mounted gateway needs to be forwarded through the OBD. Data are transmitted between the external equipment and the OBD through the CAN bus.
In the method for securely transmitting vehicle-mounted data provided by this embodiment, a first message for requesting verification is sent to a vehicle-mounted gateway through an external device, the vehicle-mounted gateway is disposed between a vehicle network and a vehicle-mounted diagnosis interface, the external device receives a second message carrying verification information fed back by the vehicle-mounted gateway, and sends a third message carrying the verification information to the vehicle-mounted gateway, so that the vehicle-mounted gateway determines whether the external device is legal according to the received verification information and the verification information sent to the external device, and the external device obtains target data from the vehicle-mounted gateway after determining that the external device is legal by the vehicle-mounted gateway. In this embodiment, a vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway before data is sent to the external device, and data transmission can be performed with the external device only after the external device is legal, so that the security of transmission of vehicle-mounted data is improved.
Fig. 3 is a schematic flow chart of another method for securely transmitting vehicle-mounted data according to an embodiment of the present invention. The safe transmission method of the vehicle-mounted data comprises the following steps:
s201, the vehicle-mounted gateway receives a first message which is sent by the external equipment and is checked by using the request.
Wherein the vehicle-mounted gateway is arranged between the vehicle-mounted communication network and the vehicle-mounted diagnosis interface.
In order to avoid malicious or illegal data acquisition equipment, the communication data on the vehicle is acquired through the on-vehicle OBD, in this embodiment, a vehicle-mounted gateway is arranged between the OBD and the vehicle communication network, so that the OBD and the vehicle network are physically separated, the malicious or illegal data acquisition equipment can be physically isolated, and the communication data is acquired through the OBD directly connected with the vehicle network.
The external device related to the vehicle needs to perform data transmission to the device or equipment on the vehicle through the vehicle-mounted communication network, and because the vehicle-mounted gateway is arranged in the embodiment, the external device related to the vehicle needs to access the vehicle-mounted communication network through the vehicle-mounted gateway and then performs data transmission with the device or equipment on the vehicle.
In this embodiment, in order to ensure that the external device accessing the vehicle-mounted communication network is a legal device, the legitimacy of the external device needs to be determined by the vehicle-mounted gateway before accessing the vehicle-mounted communication network. In order to acquire required information from the vehicle-mounted communication network, the external device first needs to send a first message for requesting verification to the vehicle-mounted gateway. The vehicle-mounted gateway receives a first message sent by the external equipment, and after receiving the first message, the vehicle-mounted gateway analyzes the first message to obtain that the external equipment requests to carry out validity check on the first message.
The external device needs to construct the first packet according to the specification in the first communication protocol, and for the description of the first packet, reference may be made to the description of relevant contents in the foregoing embodiments, which is not described herein again.
S202, the vehicle-mounted gateway sends a second message carrying the check information to the external device.
The vehicle-mounted gateway carries the check information corresponding to the external device in a second message and sends the second message to the external device, and the external device can receive the second message carrying the check information and fed back by the vehicle-mounted gateway.
In this embodiment, in order to implement communication between the vehicle-mounted gateway and the external device, a second communication protocol is preset for the vehicle-mounted gateway, and the vehicle-mounted gateway needs to construct a second message according to a specification in the second communication protocol. The second communication protocol may specify information to be carried in one packet, such as a sending node that sends the packet, a receiving node that receives the packet, and data that needs to be returned. The second communication protocol may specify the position of the information to be carried in the message and the allowed number of bytes.
Specifically, the vehicle-mounted gateway writes the identification code of the vehicle-mounted gateway, the check information and the identification code of the external device into a second message according to the rules in the preset second communication protocol, and the vehicle-mounted gateway sends the second message to the external device. The identification code of the vehicle-mounted gateway is used for indicating a sending node corresponding to the second message, the identification code of the external device is used for indicating a receiving node corresponding to the second message, and the check information is data required to be returned by the second message.
S203, the vehicle-mounted gateway receives a third message which is sent by the external device and carries the check information.
Specifically, after receiving the second packet carrying the check information, the external device may parse the second packet and extract the check information. Further, in order to enable the vehicle-mounted gateway to recognize the legitimacy of the external device, the external device needs to resend the extracted verification information to the vehicle-mounted gateway, and the external device carries the extracted verification information in a third message and sends the third message to the vehicle-mounted gateway. The external device needs to construct a third message according to the specification in the first communication protocol. For the description of the third packet, reference may be made to the description of the related contents in the above embodiments, and details are not described here.
And S204, the vehicle-mounted gateway judges whether the external equipment is legal or not according to the received verification information and the verification information sent to the external equipment.
After receiving the third message, the vehicle-mounted gateway may parse the third message to obtain the check information sent by the external device. Further, the vehicle-mounted gateway judges whether the external device is legal or not according to the received verification information and the verification information sent to the external device. Specifically, the vehicle-mounted gateway compares the two pieces of verification information, and when the received verification information is consistent with the verification information sent to the external device, it indicates that the external device is a legal device, and S205 is executed; otherwise, S206 is executed.
S205, the vehicle-mounted gateway sends the target data to the external device.
In this embodiment, only when the external device is determined as a legal device by the vehicle-mounted gateway, the external device can acquire the required information, i.e., the target data, from the vehicle-mounted gateway. Specifically, the external device may send a message for requesting data to the vehicle-mounted gateway, and the vehicle-mounted gateway obtains corresponding data according to the message for requesting data, and sends the obtained data to the external device as target data.
S206, the vehicle-mounted gateway discards the message sent by the external device.
When the vehicle-mounted gateway judges that the external equipment is illegal, the external equipment can be marked, and the message sent by the external equipment is lost.
In the method for securely transmitting vehicle-mounted data provided by this embodiment, a vehicle-mounted gateway receives a first message that is sent by an external device and used for requesting verification, the vehicle-mounted gateway is disposed between a vehicle network and a vehicle-mounted diagnostic interface, the vehicle-mounted gateway feeds back a second message carrying verification information to the external device, the vehicle-mounted gateway receives a third message carrying verification information sent by the external device, the vehicle-mounted gateway determines whether the external device is legal or not according to the received verification information and the verification information sent to the external device, and the vehicle-mounted gateway sends target data to the external device after determining that the external device is legal. In this embodiment, a vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway before data is sent to the external device, and data transmission can be performed with the external device only after the external device is legal, so that the security of transmission of vehicle-mounted data is improved.
Fig. 4 is a schematic flow chart of another method for securely transmitting vehicle-mounted data according to an embodiment of the present invention. The safe transmission method of the vehicle-mounted data comprises the following steps:
s301, the external device sends a first message for requesting verification to the vehicle-mounted gateway through the OBD.
Wherein the on-board gateway is disposed between the vehicle communication network and the on-board diagnostics interface. In this embodiment, the vehicle-mounted gateway is connected to the external device through the OBD, and the vehicle-mounted gateway communicates with the external device in a CAN bus-based manner.
Specifically, in order to ensure that the external device accessing the vehicle-mounted communication network is a legal device, the legitimacy of the external device needs to be judged by the vehicle-mounted gateway before accessing the vehicle-mounted communication network.
In order to acquire required information from a vehicle-mounted communication network, the external device firstly needs to send a first message for requesting verification to the vehicle-mounted gateway, and the external device sends the first message to the vehicle-mounted gateway through the OBD based on the CAN bus. In this embodiment, in order to implement communication between the external device and the vehicle-mounted gateway, a first communication protocol is preset for the external device, and the external device needs to construct a first message according to a rule in the first communication protocol.
Specifically, the external device writes an identification code of the external device, an identification code of a message type, and an identification code of the vehicle-mounted gateway into the first message according to a specification in the first communication protocol. The identification code of the external device is used for indicating a sending node corresponding to the first message, and the identification code of the vehicle-mounted gateway is used for indicating a receiving node corresponding to the first message. And the message type identification code is used for indicating that the first message is a message requiring verification.
In practical application, the external devices related to the vehicle may be classified into different device types, the verification grades corresponding to different device types are different, and the encryption rules used in different verification grades are different. In this embodiment, the external device may be classified into three types, i.e., an automotive electrical product diagnosis device, a data acquisition device, and an external function device.
The vehicle electric appliance product diagnosis equipment is used for acquiring software, hardware version information and current fault information of various products on the vehicle on one hand, and updating software states of various products on the vehicle on the other hand. The encryption verification method used by the equipment is the simplest and belongs to the third level because of the openness related to data interaction and the large authority required.
The data acquisition equipment is mainly used for providing a product design engineer to continuously acquire and track and analyze some parameter information of the product. The device is mainly used for improving the product characteristics or analyzing the product fault defects through data, so that the devices are mostly used by engineers familiar with vehicle network protocols and only receive data without any operation on vehicle electrical appliances, and the encryption verification mode used by the devices belongs to a second level;
the external functional equipment is applied to the function of an extended vehicle, and belongs to external vehicle electric appliances, such as vehicle-mounted cloud services, Bluetooth keys and other functional products. Such devices need to acquire partial product data on the vehicle and also need to send corresponding operation instructions to make the relevant products on the vehicle execute actions, so that the encryption rules used by such devices are the most complex and belong to the first level.
In order to improve the security of data transmission, the first message may be encrypted, and an effective time range may be set for the first message, so that the first message may further include the device type, the encryption information, and the time information of the external device, where the time information includes a timestamp and an effective time length when the external device sends the first message.
In this embodiment, a first communication protocol preset for the external device is as shown in table 1 below:
TABLE 1
The external device may construct a first message according to the specification in the first communication protocol, and write information to be carried into the first message according to the specification in the first communication protocol.
S302, the vehicle-mounted gateway determines the device type of the external device according to the first message.
The vehicle-mounted gateway can preset a mapping relation between the identification code of the external equipment and the equipment type, after receiving the first message, the vehicle-mounted gateway analyzes the first message to obtain the identification code of the external equipment, and the mapping relation is inquired to obtain the equipment type corresponding to the identification code of the external equipment.
When the first message carries the device type of the external device, the vehicle-mounted gateway analyzes the first message after receiving the first message, and then the device type of the external device can be directly obtained.
For the safety of data transmission, the first message also includes first encryption information, and after receiving the first message, the vehicle-mounted gateway needs to decrypt the first message according to an agreed decryption rule and the first encryption information, and then extracts data to be transmitted from the first message. Further, the first message also includes first time information, and the vehicle-mounted gateway determines whether the first message is a valid message, that is, whether the first message exceeds an effective period, according to the first time information.
S303, the vehicle-mounted gateway encrypts the second message according to the encryption rule corresponding to the equipment type.
And S304, the vehicle-mounted gateway sends the encrypted second message to the external equipment through the OBD.
Because the encryption rules of different device types are different, after the device type of the external device is determined, the vehicle-mounted gateway can acquire the encryption rule corresponding to the device type, and then encrypt the second message by using the encryption rule.
In this embodiment, in order to implement communication between the vehicle-mounted gateway and the external device, a second communication protocol is preset for the vehicle-mounted gateway, and the vehicle-mounted gateway needs to construct a second message according to a specification in the second communication protocol. The second communication protocol may specify information to be carried in one packet, such as a sending node that sends the packet, a receiving node that receives the packet, and data that needs to be returned. The second communication protocol may specify the position of the information to be carried in the message and the allowed number of bytes.
Specifically, the vehicle-mounted gateway writes the identification code of the vehicle-mounted gateway, the check information and the identification code of the external device into a second message according to the rules in the preset second communication protocol, and the vehicle-mounted gateway sends the second message to the external device. The identification code of the vehicle-mounted gateway is used for indicating a sending node corresponding to the second message, and the identification code of the external device is used for indicating a receiving node of the second message.
Further, in order to ensure the security of data transmission, the second message may further include second encryption information and second time information, where the second time information includes a timestamp and a second effective time length when the vehicle-mounted gateway sends the second message.
In this embodiment, the second communication protocol preset for the vehicle-mounted gateway is as shown in table 2 below:
the vehicle-mounted gateway CAN construct a second message according to the specification in the second communication protocol, write information to be carried into the second message according to the specification in the second communication protocol, and then send the information to the external device through the OBD based on the CAN bus.
S305, the external device acquires the check information from the second message.
Specifically, after receiving the second message, the external device may decrypt the second message according to the agreed decryption rule and the second encryption information to obtain the verification information. Further, the external device may determine whether the second packet is within the validity period according to the second time information. Further, when the second message is valid, the external device may extract the verification information from the second message.
And S306, the external equipment carries the verification information in a third message and sends the third message to the vehicle-mounted gateway through the OBD.
Specifically, the external device writes information to be carried in the third message into the third message according to the specification in the first communication protocol, and sends the information to the vehicle-mounted gateway through the OBD based on the CAN bus. And the external equipment writes the identification code of the external equipment, the identification code of the message type, the verification information and the identification code of the vehicle-mounted gateway into the third message according to the regulation in the first communication protocol. The identification code of the external device is used for indicating a sending node corresponding to the third message, and the identification code of the vehicle-mounted gateway is used for indicating a receiving node corresponding to the third message. And the message type identification code is used for indicating that the third message is a message for sending the check information.
In order to improve the security of data transmission, the third message may be encrypted, and an effective time range may be set for the third message, and the third message may further include first encryption information and first time information, where the first time information includes a timestamp and an effective time length when the external device sends the third message.
And S307, the vehicle-mounted gateway judges whether the external equipment is legal or not according to the received verification information and the sent verification information.
Specifically, after receiving the third message, the vehicle-mounted gateway may decrypt the third message according to the agreed decryption rule and the first encryption information to obtain the verification information. Further, the vehicle-mounted gateway may determine whether the third packet is within the validity period according to the first time information. Further, when the third message is valid, the vehicle-mounted gateway may extract the verification information from the third message. The vehicle-mounted gateway compares the received verification information with the sent verification information, and if the two verification information are consistent, the external equipment is judged to be legal, and S308 is executed; otherwise, the vehicle-mounted gateway discards the message sent by the external equipment.
And S308, the vehicle-mounted gateway sends a message carrying a verification success indication to the external equipment through the OBD.
S309, the external device sends a message of requesting data to the vehicle-mounted gateway through the OBD.
In this embodiment, the message requesting data sent by the external device is constructed according to the specification in the first communication protocol. And the external equipment sends a message of requesting data to the vehicle-mounted gateway through the OBD based on the CAN bus.
And S310, the vehicle-mounted gateway acquires target data from the vehicle communication network according to the message of the request data and sends the target data to the external equipment through the OBD.
And the vehicle-mounted gateway receives a request data message transmitted by the external equipment and forwarded by the OBD based on the CAN bus. The vehicle-mounted gateway acquires data corresponding to the data request from the vehicle-mounted communication network as target data, and then sends the target data to the OBD through the CAN bus, and the OBD forwards the target data to the external equipment based on the CAN bus.
In this embodiment, the data packing modes corresponding to different device types are also different, and when the vehicle-mounted gateway sends the target data to the external device, the target data can be packed according to the device type of the external device in a packing mode consistent with the device type. Accordingly, the external device needs to unpack the target data in a manner consistent with the type of the device.
In the method for securely transmitting vehicle-mounted data provided by this embodiment, a first message for requesting verification is sent to a vehicle-mounted gateway through an external device, the vehicle-mounted gateway is disposed between a vehicle network and a vehicle-mounted diagnostic interface, the vehicle-mounted gateway feeds back a second message carrying verification information to the external device, the external device sends a third message carrying the verification information to the vehicle-mounted gateway, the vehicle-mounted gateway determines whether the external device is legal according to the received verification information and the verification information sent to the external device, and the external device obtains target data from the vehicle-mounted gateway after determining that the external device is legal by the vehicle-mounted gateway. In this embodiment, a vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway before data is sent to the external device, and data transmission can be performed with the external device only after the external device is legal, so that the security of transmission of vehicle-mounted data is improved.
Further, the vehicle-mounted gateway selects an encryption rule matched with the type of the external device according to the type of the external device, and encrypts the verification information sent to the external device, so that the security of data transmission is guaranteed.
Fig. 5 is a schematic structural diagram of an external device according to an embodiment of the present invention. The external device 1 includes: a first sending module 11, a receiving module 12, a second sending module 13 and an obtaining module 14.
The first sending module 11 is configured to send a first message for requesting verification to the vehicle-mounted gateway; wherein the on-board gateway is disposed between a vehicle network and an on-board diagnostic interface.
And the receiving module 12 is configured to receive the second message carrying the verification information and fed back by the vehicle-mounted gateway.
The second sending module 13 is configured to send a third message carrying the check information to the vehicle-mounted gateway, so that the vehicle-mounted gateway determines whether the external device is legal or not according to the received check information and the check information sent to the external device.
And the obtaining module 14 is configured to obtain the target data from the vehicle-mounted gateway after the vehicle-mounted gateway judges that the vehicle-mounted gateway is legal.
Further, the first sending module 11 is specifically configured to write the identification code of the external device, the message type identification code of the first message, and the identification code of the vehicle-mounted gateway into the first message according to a rule in a preset first communication protocol.
Further, the second sending module 13 is specifically configured to write the identification code of the external device, the type identification code of the third message, the check information, and the identification code of the vehicle-mounted gateway into the third message according to a rule in a preset first communication protocol.
Further, the first message and the third message further include a device type, encryption information, and time information of the external device, where the time information includes a timestamp and an effective time length when the external device sends the message.
Further, the second sending module 13 is further configured to extract the check information from the received second message according to a decryption rule negotiated with the vehicle-mounted gateway before sending the third message carrying the check information to the vehicle-mounted gateway.
In this embodiment, the external device communicates with the vehicle-mounted gateway through the vehicle-mounted diagnosis interface.
In this embodiment, a vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway before data is sent to the external device, and data transmission can be performed with the external device only after the external device is legal, so that the security of transmission of vehicle-mounted data is improved.
Further, the vehicle-mounted gateway selects an encryption rule matched with the type of the external device according to the type of the external device, and encrypts the verification information sent to the external device, so that the security of data transmission is guaranteed.
Fig. 6 is a schematic structural diagram of a vehicle-mounted gateway according to an embodiment of the present invention. The on-board gateway 2 is provided between the on-board communication network and the on-board diagnostic interface, and includes: a first receiving module 21, a first transmitting module 22, a second receiving module 23, a verifying module 24 and a second transmitting module 25.
The first receiving module 21 is configured to receive a first message that is sent by the external device and is checked with a request.
The first sending module 22 is configured to send a second message carrying the check information to the external device.
The second receiving module 23 is configured to receive a third message that is sent by the external device and carries the check information.
And the checking module 24 is configured to determine whether the external device is legal or not according to the received checking information and the checking information sent to the external device.
The second sending module 25 is configured to send the target data to the external device when the external device is legal.
A first transmitting module 22 comprising: a writing unit 221 and a transmitting unit 222.
The writing unit 221 is configured to write the identification code of the vehicle-mounted gateway, the verification information, and the identification code of the external device into the second message according to a rule in a preset second communication protocol.
A sending unit 222, configured to send the second message to the external device.
Further, when the first message includes the identification code of the external device, the first sending module 22 further includes: a first encryption unit 223, as shown in fig. 7. Fig. 7 is a schematic structural diagram of a second sending module according to an embodiment of the present invention. The first encryption unit 223 is configured to determine the device type of the external device according to the identifier of the external device, and encrypt the second packet according to an encryption rule corresponding to the device type.
A sending unit 222, configured to send the encrypted second message to the external device.
Further, when the first message further includes a device type of the external device, the first sending module 22 further includes: a second encryption unit 224, as shown in fig. 8. Fig. 8 is a schematic structural diagram of a second sending module according to an embodiment of the present invention. And the second message is encrypted according to an encryption rule corresponding to the device type.
The sending unit 222 is specifically configured to send the encrypted second message to the external device.
Further, the first message and the third message both include first encryption information and first time information, where the first time information includes a timestamp and an effective time length of a message sent by the external device;
the first receiving module 21 is further configured to decrypt the first packet and/or the third packet according to a decryption rule negotiated with the external device and the first encryption information, and determine whether the first packet and/or the third packet are within a validity period according to the first time information.
Further, the second message further includes second encryption information and second time information, where the second time information includes a timestamp and a second effective time length when the vehicle-mounted gateway sends the second message.
Further, the second sending module 25 is specifically configured to receive a data request message sent by the external device, acquire the target data from a vehicle communication network according to the data request message, and send the target data to the external device.
In this embodiment, the vehicle-mounted gateway communicates with the external device through the vehicle-mounted diagnosis interface.
In this embodiment, a vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway before data is sent to the external device, and data transmission can be performed with the external device only after the external device is legal, so that the security of transmission of vehicle-mounted data is improved.
Further, the vehicle-mounted gateway selects an encryption rule matched with the type of the external device according to the type of the external device, and encrypts the verification information sent to the external device, so that the security of data transmission is guaranteed.
Fig. 9 is a schematic structural diagram of a system for securely transmitting vehicle-mounted data according to an embodiment of the present invention. The safe transmission system of the vehicle-mounted data comprises: the external device 1 in the above embodiment, the in-vehicle gateway 2, the OBD 3, and the in-vehicle communication network 4 in the above embodiment. The vehicle-mounted gateway 2 is used for physically blocking the connection between the OBD 3 and the vehicle-mounted communication network 4. In the present embodiment, the on-board communication network 4 is represented by a data bus, which is only an example here. Vehicle-mounted electronic devices such as airbags, combination instruments, a vehicle body control module, a multimedia System, an air conditioning System, an anti-lock Brake System (ABS), an engine management module, an electronic parking System, a transmission management System, and a vehicle anti-theft System are connected to the vehicle-mounted communication network 4, and transmit data through the vehicle-mounted communication network 4.
In this embodiment, a vehicle-mounted gateway is arranged between the vehicle communication network and the OBD, so that the vehicle-mounted communication network and the OBD are physically isolated, the legitimacy of the external device needs to be determined through the vehicle-mounted gateway before data is sent to the external device, and data transmission can be performed with the external device only after the external device is legal, so that the security of transmission of vehicle-mounted data is improved.
Further, the vehicle-mounted gateway selects an encryption rule matched with the type of the external device according to the type of the external device, and encrypts the verification information sent to the external device, so that the security of data transmission is guaranteed.
It should be noted that the terms "first," "second," and the like in the description of the present invention are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. In addition, in the description of the present invention, "a plurality" means two or more unless otherwise specified.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that the invention can be implemented in various modules or combinations thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.
Claims (18)
1. A safe transmission method of vehicle-mounted data is characterized by comprising the following steps:
the external equipment sends a first message for requesting verification to the vehicle-mounted gateway; the vehicle-mounted gateway is arranged between the vehicle network and the vehicle-mounted diagnosis interface; the external device is communicated with the vehicle-mounted gateway through the vehicle-mounted diagnosis interface, and the first message comprises an identification code of the external device;
the external device receives a second message carrying verification information and fed back by the vehicle-mounted gateway, wherein the second message is obtained by encrypting the vehicle-mounted gateway according to an encryption rule corresponding to the device type determined by the identification code of the external device; the external device extracts the check information from the received second message according to a decryption rule negotiated with the vehicle-mounted gateway; the external device sends a third message carrying the check information to the vehicle-mounted gateway, so that the vehicle-mounted gateway judges whether the external device is legal or not according to the received check information and the check information sent to the external device;
and the external equipment acquires target data from the vehicle-mounted gateway after the vehicle-mounted gateway judges that the external equipment is legal.
2. The method for securely transmitting the vehicle-mounted data according to claim 1, wherein the sending, by the external device, the first message for requesting verification to the vehicle-mounted gateway includes:
and the external equipment writes the identification code of the external equipment, the message type identification code of the first message and the identification code of the vehicle-mounted gateway into the first message according to the rules in a preset first communication protocol.
3. The method for securely transmitting in-vehicle data according to claim 2,
and the external equipment writes the identification code of the external equipment, the type identification code of the third message, the verification information and the identification code of the vehicle-mounted gateway into the third message according to the rules in a preset first communication protocol.
4. The method for securely transmitting the vehicle-mounted data according to claim 3, wherein the first message and the third message further include a device type, encryption information and time information of the external device, and the time information includes a timestamp and an effective time length when the external device sends the message.
5. A safe transmission method of vehicle-mounted data is characterized by comprising the following steps:
the method comprises the steps that a vehicle-mounted gateway receives a first message which is sent by an external device and used for requesting verification; the vehicle-mounted gateway is arranged between the vehicle-mounted communication network and the vehicle-mounted diagnosis interface; the vehicle-mounted gateway is communicated with the external equipment through the vehicle-mounted diagnosis interface;
the vehicle-mounted gateway sends a second message carrying verification information to the external equipment;
the vehicle-mounted gateway receives a third message which is sent by the external equipment and carries the check information;
the first message and the third message both comprise first encryption information and first time information, and the first time information comprises a timestamp and an effective time length when the external device sends the message;
the vehicle-mounted gateway decrypts the first message and/or the third message according to a decryption rule negotiated with the external device and the first encryption information;
the vehicle-mounted gateway determines whether the first message and/or the third message are/is in the valid period according to the first time information;
the vehicle-mounted gateway judges whether the external equipment is legal or not according to the received verification information and the verification information sent to the external equipment;
when the external equipment is legal, the vehicle-mounted gateway sends target data to the external equipment;
if the first message includes the identification code of the external device, the vehicle-mounted gateway sends a second message carrying verification information to the external device, and the second message includes:
the vehicle-mounted gateway determines the equipment type of the external equipment according to the identification code of the external equipment;
the vehicle-mounted gateway encrypts the second message according to an encryption rule corresponding to the equipment type;
and the vehicle-mounted gateway sends the encrypted second message to the external equipment.
6. The method for securely transmitting the vehicle-mounted data according to claim 5, wherein the sending, by the vehicle-mounted gateway, the second message carrying the verification information to the external device includes:
the vehicle-mounted gateway writes the identification code of the vehicle-mounted gateway, the verification information and the identification code of the external equipment into the second message according to the provisions in a preset second communication protocol;
and the vehicle-mounted gateway sends the second message to the external equipment.
7. The method according to claim 6, wherein the first message further includes a device type of the external device, and the sending, by the vehicle gateway, a second message carrying verification information to the external device includes:
the vehicle-mounted gateway encrypts the second message according to an encryption rule corresponding to the equipment type;
and the vehicle-mounted gateway sends the encrypted second message to the external equipment.
8. The method for securely transmitting vehicle-mounted data according to claim 5, wherein the second message further includes second encryption information and second time information, and the second time information includes a timestamp and a second effective time length when the vehicle-mounted gateway transmits the second message.
9. The method for securely transmitting vehicle-mounted data according to claim 5, wherein when the external device is a legal device, the sending, by the vehicle-mounted gateway, the target data to the external device includes:
the vehicle-mounted gateway receives a message of request data sent by the external equipment;
and the vehicle-mounted gateway acquires the target data from a vehicle communication network according to the message of the request data and sends the target data to the external equipment.
10. An external device, comprising:
the first sending module is used for sending a first message for requesting verification to the vehicle-mounted gateway; wherein the on-board gateway is disposed between a vehicle network and an on-board diagnostic interface; the external device is communicated with the vehicle-mounted gateway through the vehicle-mounted diagnosis interface, and the first message comprises an identification code of the external device;
the receiving module is used for receiving a second message which carries verification information and is fed back by the vehicle-mounted gateway, wherein the second message is obtained by encrypting the second message according to an encryption rule corresponding to the equipment type determined by the vehicle-mounted gateway according to the identification code of the external equipment;
the second sending module is used for sending a third message carrying the check information to the vehicle-mounted gateway so that the vehicle-mounted gateway judges whether the external equipment is legal or not according to the received check information and the check information sent to the external equipment; before sending a third message carrying the check information to the vehicle-mounted gateway, extracting the check information from the received second message according to a decryption rule negotiated with the vehicle-mounted gateway;
and the acquisition module is used for acquiring target data from the vehicle-mounted gateway after the vehicle-mounted gateway judges that the vehicle-mounted gateway is legal.
11. The external device according to claim 10, wherein the first sending module is specifically configured to write an identification code of the external device, a message type identification code of the first message, and an identification code of the vehicle-mounted gateway into the first message according to a specification in a preset first communication protocol.
12. The external device according to claim 11, wherein the second sending module is specifically configured to write an identification code of the external device, a type identification code of the third packet, the check information, and an identification code of the vehicle-mounted gateway into the third packet according to a specification in a preset first communication protocol.
13. The external device according to claim 12, wherein the first message and the third message further include a device type, encryption information, and time information of the external device, and the time information includes a timestamp and an effective time length when the external device sends the message.
14. An in-vehicle gateway, characterized in that the in-vehicle gateway is provided between an in-vehicle communication network and an in-vehicle diagnostic interface, comprising:
the first receiving module is used for receiving a first message which is sent by the external equipment and used for requesting verification; the vehicle-mounted gateway is communicated with the external equipment through the vehicle-mounted diagnosis interface;
the first sending module is used for sending a second message carrying verification information to the external equipment;
the second receiving module is used for receiving a third message which is sent by the external equipment and carries the check information;
the first message and the third message both comprise first encryption information and first time information, and the first time information comprises a timestamp and an effective time length when the external device sends the message;
the first receiving module is further configured to decrypt the first packet and/or the third packet according to a decryption rule negotiated with the external device and the first encryption information, and determine whether the first packet and/or the third packet are within a validity period according to the first time information;
the checking module is used for judging whether the external equipment is legal or not according to the received checking information and the checking information sent to the external equipment;
the second sending module is used for sending target data to the external equipment when the external equipment is legal;
if the first message includes the identification code of the external device, the first sending module further includes:
the first encryption unit is used for determining the equipment type of the external equipment according to the identification code of the external equipment and encrypting the second message according to an encryption rule corresponding to the equipment type;
and the sending unit is specifically configured to send the encrypted second message to the external device.
15. The vehicular gateway of claim 14, wherein the first sending module comprises:
the writing unit is used for writing the identification code of the vehicle-mounted gateway, the verification information and the identification code of the external equipment into the second message according to the provisions in a preset second communication protocol;
and the sending unit is used for sending the second message to the external equipment.
16. The vehicle gateway of claim 15, wherein if the first message further includes a device type of the external device, the first sending module further includes:
a second encryption unit, configured to encrypt the second packet according to an encryption rule corresponding to the device type;
the sending unit is specifically configured to send the encrypted second message to the external device.
17. The vehicular gateway according to claim 14, wherein the second packet further includes second encryption information and second time information, and the second time information includes a timestamp and a second valid time length when the vehicular gateway transmits the second packet.
18. The vehicle gateway according to claim 14, wherein the second sending module is specifically configured to receive a data request message sent by the external device, obtain the target data from a vehicle communication network according to the data request message, and send the target data to the external device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611179934.1A CN108207039B (en) | 2016-12-19 | 2016-12-19 | Safe transmission method of vehicle-mounted data, external equipment and vehicle-mounted gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611179934.1A CN108207039B (en) | 2016-12-19 | 2016-12-19 | Safe transmission method of vehicle-mounted data, external equipment and vehicle-mounted gateway |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108207039A CN108207039A (en) | 2018-06-26 |
| CN108207039B true CN108207039B (en) | 2021-05-14 |
Family
ID=62602924
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611179934.1A Active CN108207039B (en) | 2016-12-19 | 2016-12-19 | Safe transmission method of vehicle-mounted data, external equipment and vehicle-mounted gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108207039B (en) |
Families Citing this family (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109033829B (en) * | 2018-07-27 | 2021-08-27 | 北京梆梆安全科技有限公司 | Vehicle network intrusion detection auxiliary method, device and system |
| CN110784431A (en) * | 2018-07-30 | 2020-02-11 | 比亚迪股份有限公司 | Vehicle-mounted Ethernet secure access method, system, vehicle-mounted gateway and network equipment |
| CN113709123B (en) * | 2018-10-31 | 2023-07-28 | 百度在线网络技术(北京)有限公司 | Security control method and device and computer equipment |
| CN111224866B (en) * | 2018-11-23 | 2022-07-05 | 上海汽车集团股份有限公司 | Vehicle-mounted gateway equipment |
| CN109917775A (en) * | 2019-04-02 | 2019-06-21 | 东风汽车有限公司 | Automobile security gateway data transmission method and electronic equipment |
| CN111835627B (en) * | 2019-04-23 | 2022-04-26 | 华为技术有限公司 | Communication method of vehicle-mounted gateway, vehicle-mounted gateway and intelligent vehicle |
| CN112015158B (en) * | 2019-05-30 | 2022-03-18 | 比亚迪股份有限公司 | Vehicle gateway control system and method and vehicle |
| US11488404B2 (en) | 2019-10-14 | 2022-11-01 | Ford Global Technologies, Llc | Session unique access token for communications with a vehicle |
| CN110855532B (en) * | 2019-11-28 | 2021-11-26 | 安徽江淮汽车集团股份有限公司 | Vehicle-mounted gateway testing method, device, equipment and storage medium |
| CN111565182B (en) * | 2020-04-29 | 2022-08-19 | 深圳市元征科技股份有限公司 | Vehicle diagnosis method and device and storage medium |
| CN111865901A (en) * | 2020-06-03 | 2020-10-30 | 一汽奔腾轿车有限公司 | Information encryption transmission method based on CAN bus |
| CN112738222A (en) * | 2020-12-28 | 2021-04-30 | 嬴彻科技(浙江)有限公司 | Vehicle diagnosis system and method, vehicle and gateway thereof, and storage medium |
| CN112422392B (en) * | 2021-01-25 | 2021-07-02 | 武汉格罗夫氢能汽车有限公司 | Whole-vehicle network system of hydrogen energy automobile |
| CN113132417A (en) * | 2021-06-16 | 2021-07-16 | 国能信控互联技术有限公司 | Multi-protocol conversion encryption industrial intelligent gateway and operation method thereof |
| CN115701034A (en) * | 2021-07-26 | 2023-02-07 | 华为技术有限公司 | Bus control method and related device |
| CN113960978A (en) * | 2021-09-29 | 2022-01-21 | 岚图汽车科技有限公司 | Vehicle diagnosis method, device and storage medium |
| CN114338073A (en) * | 2021-11-09 | 2022-04-12 | 江铃汽车股份有限公司 | Protection method, system, storage medium and equipment for vehicle-mounted network |
| CN114422208A (en) * | 2021-12-30 | 2022-04-29 | 上海集度汽车有限公司 | Vehicle safety communication method, device, microprocessor and storage medium |
| CN115130114B (en) * | 2022-08-31 | 2022-12-23 | 杭州云动智能汽车技术有限公司 | Gateway secure starting method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105388893A (en) * | 2015-12-25 | 2016-03-09 | 安徽江淮汽车股份有限公司 | CAN communication data monitoring method and system based on OBD interface |
| CN105827656A (en) * | 2016-05-30 | 2016-08-03 | 宇龙计算机通信科技(深圳)有限公司 | Identity authentication method based on NFC payment and device |
| CN105847405A (en) * | 2016-04-30 | 2016-08-10 | 北京智驾互联信息服务有限公司 | Information processing device |
| CN106034127A (en) * | 2014-10-17 | 2016-10-19 | 现代自动车株式会社 | Method and system for providing vehicle security service |
| CN106154903A (en) * | 2015-04-16 | 2016-11-23 | 上海汽车集团股份有限公司 | Carry out, with peripheral hardware, the system and method that information is mutual for car load network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106059754A (en) * | 2016-06-23 | 2016-10-26 | 北京汽车股份有限公司 | Vehicle data processing method and system, and devices |
-
2016
- 2016-12-19 CN CN201611179934.1A patent/CN108207039B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106034127A (en) * | 2014-10-17 | 2016-10-19 | 现代自动车株式会社 | Method and system for providing vehicle security service |
| CN106154903A (en) * | 2015-04-16 | 2016-11-23 | 上海汽车集团股份有限公司 | Carry out, with peripheral hardware, the system and method that information is mutual for car load network |
| CN105388893A (en) * | 2015-12-25 | 2016-03-09 | 安徽江淮汽车股份有限公司 | CAN communication data monitoring method and system based on OBD interface |
| CN105847405A (en) * | 2016-04-30 | 2016-08-10 | 北京智驾互联信息服务有限公司 | Information processing device |
| CN105827656A (en) * | 2016-05-30 | 2016-08-03 | 宇龙计算机通信科技(深圳)有限公司 | Identity authentication method based on NFC payment and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108207039A (en) | 2018-06-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108207039B (en) | Safe transmission method of vehicle-mounted data, external equipment and vehicle-mounted gateway | |
| JP7197638B2 (en) | Security processing method and server | |
| Liu et al. | In-vehicle network attacks and countermeasures: Challenges and future directions | |
| Jo et al. | A survey of attacks on controller area networks and corresponding countermeasures | |
| Choi et al. | Identifying ecus using inimitable characteristics of signals in controller area networks | |
| CN109257374B (en) | Security control method and device and computer equipment | |
| WO2019142458A1 (en) | Vehicle monitoring device, fraud detection server, and control method | |
| US20150180840A1 (en) | Firmware upgrade method and system thereof | |
| CN106458112B (en) | It updates management method, update management system and computer-readable recording medium | |
| US9992178B2 (en) | Method, apparatus and system for dynamically controlling secure vehicle communication based on ignition | |
| CN111279310A (en) | Vehicle-mounted equipment upgrading method and related equipment | |
| CN112367318B (en) | Security processing method and computer | |
| CN109314640B (en) | Vehicle information collection system, vehicle-mounted computer, vehicle information collection device, vehicle information collection method, and recording medium | |
| US9923722B2 (en) | Message authentication library | |
| CN110365486B (en) | Certificate application method, device and equipment | |
| US9998476B2 (en) | Data distribution apparatus, communication system, moving object, and data distribution method | |
| CN105897669A (en) | Data sending method, data receiving method, sending terminal, receiving terminal and CAN bus network | |
| CN109190362B (en) | Secure communication method and related equipment | |
| CN105450645A (en) | Data transmission method for vehicle-mounted automatic diagnosis system | |
| US20180310173A1 (en) | Information processing apparatus, information processing system, and information processing method | |
| Frassinelli et al. | I know where you parked last summer: Automated reverse engineering and privacy analysis of modern cars | |
| CN111565182B (en) | Vehicle diagnosis method and device and storage medium | |
| CN112883382A (en) | Vehicle flashing method, vehicle networking box, vehicle and storage medium | |
| JP6299039B2 (en) | Vehicle information collection system, data security device, vehicle information collection method, and computer program | |
| Mokhadder et al. | Evaluation of vehicle system performance of an SAE J1939-91C network security implementation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |