CN114550340B - Method and system for remote diagnosis of controller - Google Patents

Method and system for remote diagnosis of controller Download PDF

Info

Publication number
CN114550340B
CN114550340B CN202210177322.8A CN202210177322A CN114550340B CN 114550340 B CN114550340 B CN 114550340B CN 202210177322 A CN202210177322 A CN 202210177322A CN 114550340 B CN114550340 B CN 114550340B
Authority
CN
China
Prior art keywords
box
tsp platform
platform
certificate
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210177322.8A
Other languages
Chinese (zh)
Other versions
CN114550340A (en
Inventor
文海鸥
赵曜
贺涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Deep Blue Automotive Technology Co ltd
Original Assignee
Deep Blue Automotive Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Deep Blue Automotive Technology Co ltd filed Critical Deep Blue Automotive Technology Co ltd
Priority to CN202210177322.8A priority Critical patent/CN114550340B/en
Publication of CN114550340A publication Critical patent/CN114550340A/en
Application granted granted Critical
Publication of CN114550340B publication Critical patent/CN114550340B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C5/00Registering or indicating the working of vehicles
    • G07C5/08Registering or indicating performance data other than driving, working, idle, or waiting time, with or without registering driving, working, idle or waiting time
    • G07C5/0808Diagnosing performance data
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B23/00Testing or monitoring of control systems or parts thereof
    • G05B23/02Electric testing or monitoring
    • G05B23/0205Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
    • G05B23/0208Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterized by the configuration of the monitoring system
    • G05B23/0213Modular or universal configuration of the monitoring system, e.g. monitoring system having modules that may be combined to build monitoring program; monitoring system that can be applied to legacy systems; adaptable monitoring system; using different communication protocols
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C5/00Registering or indicating the working of vehicles
    • G07C5/008Registering or indicating the working of vehicles communicating information to a remotely located station
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Selective Calling Equipment (AREA)

Abstract

The invention relates to a method and a system for remote diagnosis of a controller, wherein the method comprises the following steps: s01: when the whole vehicle controller fails and the T-box is in an un-dormant state, the whole vehicle controller transmits failure information to the T-box through a CAN signal; s02: the T-box encrypts the fault information and uploads the fault information to the TSP platform; s03: the TSP platform transmits the received encrypted fault information to the big data platform through a legal interface; s04: the big data platform decrypts the fault information sent by the TSP platform; s05: the big data platform analyzes and counts the possible fault ID of the controller by using modeling data of related faults of each vehicle type in the big database and issues a collection ID to the T-box through a configuration file. The invention can rapidly locate faults and inform relevant demand personnel of diagnostic result forming reports.

Description

Method and system for remote diagnosis of controller
Technical Field
The invention belongs to the technical field of automobile electronics, and particularly relates to a remote diagnosis controller technology.
Background
Along with the development of the automobile industry, modern electronic control technology has penetrated into each component part of the automobile, the structure of the automobile becomes more and more complex, the degree of automation is also higher and higher, the mode of solving various problems of the automobile on the spot is gradually eliminated, and along with the development of the Internet, remote diagnosis technology is gradually applied to the automobile field.
The Chinese patent document with publication number of CN110928271A discloses a technology named as an automobile self-help diagnosis method and system, which diagnoses related controller fault DTCs remotely, avoids the problem that the technology only adopts the existing personnel analysis mode before, but has the following problems: when a certain controller of the whole vehicle breaks down, uploading the fault DTC only supports the analysis of the controller, and in an actual case, the direct cause of the fault is often caused by other controllers instead of uploading the fault controller, so that the problem can not be well analyzed and positioned by collecting the DTC of the certain fault controller.
Disclosure of Invention
The invention aims to provide a remote diagnosis control method and a remote diagnosis control system, which solve the technical problems that: when a certain controller of the whole vehicle breaks down, uploading fault DTCs (diagnostic fault codes) only support the analysis of the controllers, and in actual cases, direct reasons for faults are often caused not by uploading the fault controllers but by other controllers, and the faults cannot be accurately analyzed and positioned by collecting the DTCs of the certain fault controllers.
In order to solve the technical problems, the invention adopts the following technical scheme: a method of remotely diagnosing a controller, comprising the steps of:
s01: when the whole vehicle controller fails and the T-box is in an un-dormant state, the whole vehicle controller transmits failure information to the T-box through a CAN signal;
s02: the T-box encrypts the fault information and uploads the fault information to a TSP platform;
s03: the TSP platform transmits the received encrypted fault information to a big data platform through a legal interface;
s04: the big data platform decrypts the fault information sent by the TSP platform;
s05: the large data platform analyzes and counts the possible fault ID of the controller by using modeling data of related faults of each vehicle type in a large database and issues a collection ID to the T-box through a configuration file;
s06: the T-box screens the IDs stored locally according to the requirements of the collected IDs issued by the big data platform, the screened IDs are packaged and compressed according to the time points before and after the issued configuration, the safe encryption and signature are carried out after the compression is completed, the safe encryption and signature are transmitted to the TSP platform through a compressed data transmission interface, and the TSP platform transmits the encrypted and signed packaged compressed data to the big data platform.
S07: the big data platform decompresses and decrypts the encrypted and signed packed compressed data, and automatically identifies the cause of the problem by using the database and forms a report.
Preferably, the method comprises the steps of,
and the big data platform and the TSP platform are communicated with each other by adopting a formulated interface calling mode.
Preferably, the method comprises the steps of,
the handshake precondition before the T-box end and the TSP platform end establish communication is as follows:
the T-box end uses GPRS, CDMA or LTE modes, and adopts TCP/IP protocol based on TLSv1.2 to communicate with the TSP platform end;
when the T-box end leaves a factory, a root certificate of a certificate authority trusted by a third party needs to be built in to serve as a trust certificate library;
downloading a digital certificate which is self-signed by an automobile manufacturer as a T-box end certificate when the T-box end registers;
the TSP platform end binds a common certificate issued by a certificate issuing mechanism, and the common certificate is inherited to a root certificate;
and the TSP platform end stores a root certificate which is self-signed by an automobile manufacturer as a trust certificate library.
Preferably, the method comprises the steps of,
when the T-box end communicates with the TSP platform end for the first time or after the certificate expires, the common certificate is downloaded from the TSP platform end, and the validity of the common certificate is verified by using the root certificate, and the handshake process between the T-box end and the TSP platform end is as follows:
a01: the T-box end sends a protocol version number, a random number and an encryption method to the TSP platform end;
a02: the TSP platform end confirms the encryption method and sends the digital certificate and the random number to the T-box end;
a03: the T-box end confirms that the digital certificate is valid, generates a new random number, encrypts the new random number by using a public key in the digital certificate, and sends the encrypted new random number to the TSP platform end, and meanwhile, the T-box end generates a dialogue key by using the random number in A01, the random number in A02 and the encrypted new random number;
a04: the TSP platform end uses a private key to acquire a random number sent by the T-box end;
a05: and the T-box end and the TSP platform end generate a session key by using the random number in A01, the random number in A02 and the encrypted new random number according to a contracted encryption method, and encrypt the subsequent whole session process by using the session key.
Preferably, the method comprises the steps of,
the T-box end and the TSP platform end are interacted in a long connection mode: the T-box end initiates TCP connection, and after the T-box end is connected with the TSP platform end, the T-box end keeps connection by timing heartbeat; after the T-box end detects that the connection is disconnected, the connection is immediately restarted, and if the connection establishment fails, the connection is retried every set value; the long connection supports the T-box end to send data to the TSP platform end and the TSP platform end to actively send data to the T-box end;
the data interaction between the T-box end and the TSP platform end is a request-response mode.
The present invention also provides a system for remote diagnosis of a controller, comprising:
the first transmission module is used for transmitting fault information to the T-box through a CAN signal when the whole vehicle controller fails and the T-box is in an un-dormant state;
the uploading module is used for encrypting the fault information by the T-box and uploading the fault information to the TSP platform;
the second transmission module is used for transmitting the received encrypted fault information to the big data platform through a legal interface by the TSP platform;
the decryption module is used for decrypting the fault information sent by the TSP platform by the big data platform;
the issuing module is used for analyzing and counting the possible fault ID of the controller by utilizing modeling data of related faults of each vehicle type in the big database and issuing a collection ID to the T-box through a configuration file;
the screening module is used for screening the IDs stored locally according to the requirement of the collected IDs issued by the big data platform, packaging and compressing the screened IDs according to the time points before and after the issued configuration, carrying out secure encryption and signature after the compression is completed, and transmitting the encrypted and signed packaged compressed data to the TSP platform through a specific compressed data transmission interface, wherein the TSP platform transmits the encrypted and signed packaged compressed data to the big data platform.
And the problem identification module is used for decompressing and decrypting the encrypted and signed packed compressed data by the big data platform, and automatically identifying the cause of the problem by utilizing the database and forming a report.
Preferably, the method comprises the steps of,
and the big data platform and the TSP platform are communicated with each other by adopting a designated interface calling mode.
Preferably, the method comprises the steps of,
the handshake precondition before the T-box end and the TSP platform end establish communication is as follows:
the T-box end uses GPRS, CDMA or LTE as a main mode, and adopts TCP/IP protocol based on TLSv1.2 to communicate with the TSP platform end;
when the T-box end leaves a factory, a root certificate of a certificate authority trusted by a third party needs to be built in to serve as a trust certificate library;
downloading a digital certificate which is self-signed by an automobile manufacturer as a T-box end certificate when the T-box end registers;
the TSP platform end binds a common certificate issued by a certificate issuing mechanism, and the common certificate is inherited to a root certificate;
and the TSP platform end stores a root certificate which is self-signed by an automobile manufacturer as a trust certificate library.
Preferably, the method comprises the steps of,
when the T-box end communicates with the TSP platform end for the first time or after the certificate expires, the common certificate is downloaded from the TSP platform end, and the validity of the common certificate is verified by using the root certificate, and the handshake process between the T-box end and the TSP platform end is as follows:
first: the T-box end sends a protocol version number, a random number and an encryption method to the TSP platform end;
second,: the TSP platform end confirms the encryption method and sends the digital certificate and the random number to the T-box end;
third,: the T-box end confirms that the digital certificate is valid, generates a new random number, encrypts the new random number by using a public key in the digital certificate, and sends the encrypted new random number to the TSP platform end, and meanwhile, the T-box end generates a dialogue key by using the random number in the first process, the random number in the second process and the encrypted new random number;
fourth,: the TSP platform end uses a private key to acquire a random number sent by the T-box end;
fifth,: and the T-box end and the TSP platform end generate a session key by using the random number in the first and the random number in the second and the encrypted new random number according to a contracted encryption method, and encrypt the subsequent whole session process by using the session key.
Preferably, the method comprises the steps of,
the T-box end and the TSP platform end are interacted in a long connection mode: the T-box end initiates TCP connection, and after the T-box end is connected with the TSP platform end, the T-box end keeps connection by timing heartbeat; after the T-box end detects that the connection is disconnected, the connection is immediately restarted, and if the connection establishment fails, the connection is retried every set value; the long connection supports the T-box end to send data to the TSP platform end and the TSP platform end to actively send data to the T-box end;
the data interaction between the T-box end and the TSP platform end is a request-response mode.
By adopting the technical scheme, the invention has the following beneficial technical effects: when the whole vehicle is in any gear and under the T-box awakening condition, the T-box directly receives fault information sent by each controller through an internal CAN transceiver, the T-box transmits the fault information to a module through an internal SPI, the module packs diagnostic data and then transmits the diagnostic data to a TSP platform through a special interface, the TSP platform finally transmits the fault information to a big data platform through an interactive interface, the big data platform calculates the ID (identity) of the current fault information to be packed according to a database and transmits the ID to the T-box through a configuration file, so that data diagnosis and packing are realized. The invention provides a method for acquiring a fault message when a vehicle controller fails in a remote diagnosis mode; the big data platform generates a controller ID according to the faults and diagnoses the required packaged whole vehicle ID by combining a case library; the invention utilizes the database to automatically identify the cause of the problem and feeds the diagnosis result back to the related demand personnel.
Drawings
FIG. 1 is a unitary frame diagram of the present invention;
FIG. 2 is a diagram showing a handshake precondition before a terminal T-box establishes communication with a server;
FIG. 3 is a diagram showing the connection established after the initial wake-up of the TSP server and the terminal (T-box);
fig. 4 is a long connection diagram of a TSP server and a terminal (T-box) transmitting remote diagnostic data;
FIG. 5 is a flow chart of a remote diagnostic implementation of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings.
As shown in fig. 1, the system of the remote diagnosis controller provided by the invention comprises a big data platform, a TSP platform, a T-box and a whole vehicle controller.
The big data platform is mainly responsible for remote diagnosis data receiving, remote diagnosis inquiry, package ID issuing required by fault diagnosis, configuration file issuing and diagnosis report outputting.
The TSP platform is mainly responsible for CAN protocol forwarding, big data issuing channel, T-box uploading channel and decryption and encryption management of a security encryption algorithm of remote diagnosis.
The T-box is mainly responsible for collecting, storing and packaging the whole vehicle message, responding to configuration information issued by the TSP platform, detecting a fault message of the designated controller, and storing and encrypting the fault message.
The operator is primarily responsible for the communication of vehicle information to and from the platform.
The T-box is communicated with HU, IP, AC, BCM through the information CAN, the T-box is communicated with BCU, VCU, BMS through the new energy CAN, the T-box is communicated with ESP, ABS, SRS, ACC through the chassis CAN, the T-box is connected with an operator through 4G and communicated with the operator through a limited network, and the big data platform is communicated with the TSP platform through the limited network. The T-box is internally provided with an MCU, a module and a WIFI module.
Communication between the big data platform and the TSP is established firstly to execute subsequent operation, and the big data platform and the TSP adopt a formulated interface calling mode to communicate.
Communication establishment between T-box and TSP platform: the T-box uses GPRS, CDMA or LTE as a main communication mode, TCP/IP protocol communication based on TLSv1.2 is adopted (https is adopted for services such as terminal registration, upgrading and the like), the TSP platform is used as a server end, and the terminal (T-box) is used as a client end.
As shown in fig. 2, the premise of TLS/https handshake communication is a bidirectional authentication mode: when the T-box leaves the factory, a root certificate of a certificate authority which is internally provided with third party trust is required to be used as a trust certificate library; when the T-box is registered, downloading a digital certificate which is self-signed by an automobile manufacturer as a client certificate; the server end needs to bind the common certificate issued by the certificate issuing mechanism, and the common certificate is inherited to the root certificate; the server stores the self-signed root certificate of the automobile manufacturer as a trust certificate library.
As shown in fig. 3, when the T-box communicates with the server for the first time or after the certificate expires, the common certificate is downloaded from the server and its validity is verified using the root certificate.
The handshake phase is divided into five steps:
in the first step, the T-box gives the protocol version number, a Client generated random number (Client random) and the encryption method supported by the Client.
Second, the TSP platform confirms the encryption method used by both parties and gives a digital certificate and a Server generated random number (Server random).
Thirdly, the T-box end confirms the validity of the digital certificate, then generates a new random number (Premastersecret), encrypts the random number by using a public key in the digital certificate, sends the encrypted random number to the TSP platform end, and simultaneously generates a session key at the client end by using 3 random numbers.
And fourthly, the TSP platform end uses the private key of the TSP platform end to acquire the random number (namely Premaster secret) sent by the T-box end.
And fifthly, the T-box end and the TSP platform end generate a session key by using the three random numbers according to the agreed encryption method, and the session key is used for encrypting the following whole session process. The above process is automatically completed by the TLS channel. After successful hand covering, all dialogues which are carried out by the T-box end and the TSP end are in encryption protection, and only ciphertext data can be obtained by monitoring the network.
Based on the TLS protocol, the T-box end and the TSP platform end are interacted in a long connection mode.
The TCP connection is initiated by a terminal (T-box), and after the connection between the T-box end and the TSP platform end, the connection is maintained by the T-box end timing heartbeat.
After the T-box end detects the disconnection of the connection, the connection is immediately restarted, if the connection establishment fails, the connection is retried every 10 seconds, and the actual value is set according to the test result.
The long connection supports both the T-box end to send data to the TSP platform end and the TSP platform end to actively send data to the T-box end.
As shown in fig. 4, the data interaction between the T-box end and the TSP platform end is in a request-response mode, i.e., the data, whether initiated from the T-box end or the TSP end, must be a response received after the request is initiated.
The T-box end is awakened, and the T-box end and the TSP platform end establish TCP connection (TLS 1.2); the method comprises the steps that a T-box end sends a terminal request message a, a TSP platform end processes the message a, the TSP platform end sends a server end response message a, the TSP platform end sends a server end request message b, the T-box end processes the message b, the T-box end sends a terminal response message b, the T-box end sends an interrupt request message c, the TSP platform end processes the message c, the TSP platform end sends a server end response message c, the connection between the T-box end and the TSP platform end is abnormal or disconnected, and the T-box end reestablishes connection with the TSP platform end.
As shown in fig. 5, which is a flowchart of the present invention, the present invention provides a method for remotely diagnosing controllers, first, a fault diagnosis information base of each controller of a vehicle is established; secondly, collecting the finished test cases of each controller and converting the test cases into a fault ID information query database; then establishing a unified configuration standard issuing file (xml file); thirdly, when one or more controllers of the vehicle fail, the fault is transmitted to a big data platform in a transparent transmission mode; then the big data platform issues the required packaged whole vehicle ID according to the uploading background fault ID, and the big data automatically calculates the required acquisition ID according to the vehicle type; the T-box packs the required ID and uploads the ID to a big data platform; the big data automatically identifies the cause of the problem by using the database and feeds the diagnosis result back to the related demand personnel.
Specifically, in the first step, when the whole vehicle controller fails and the T-box is in an un-dormant state, the whole vehicle controller transmits failure information to the T-box through a CAN signal.
In the second step, the T-box encrypts the fault information and uploads it to the TSP platform, and the encryption algorithm recommends SHA256.
And thirdly, the TSP platform transmits the received encrypted fault information to the big data platform through a legal interface.
And fourthly, decrypting the fault information sent by the TSP platform by the big data platform.
The above procedure completes the uploading of the fault point data, and special attention needs to be paid to the fact that the decompression algorithm needs to be matched with the compression algorithm and the decryption algorithm needs to be matched with the encryption algorithm.
And fifthly, the big data platform analyzes and counts the possible fault ID of the controller by using modeling data of related faults of each vehicle type in the big database and issues a collected ID to the T-box through a configuration file.
And fifthly, a large data platform self-diagnosis message.
When a car fails, a single failure message may not be able to be located at a certain moment, and often, important messages before and after the car need to be checked.
And sixthly, screening the locally stored IDs by the T-box according to the mobile phone ID requirement issued by the big data platform, packaging and compressing the screened IDs according to the time points before and after the configuration is issued, carrying out secure encryption and signature after the locking is completed, and transmitting the encrypted and signed packaged compressed data to the TSP platform through a specific compressed data transmission interface, wherein the TSP platform transmits the encrypted and signed packaged compressed data to the big data platform. Likewise, the encryption algorithm recommends SHA256.
And seventhly, decompressing and decrypting the encrypted and signed packed compressed data by the big data platform, and automatically identifying the cause of the problem by utilizing a database and forming a report. The decompression algorithm needs to be matched with the compression algorithm, and the decryption algorithm needs to be matched with the encryption algorithm.
The present invention also provides a system for remote diagnosis of a controller, comprising:
the first transmission module is used for transmitting fault information to the T-box through a CAN signal when the whole vehicle controller fails and the T-box is in an un-dormant state;
the uploading module is used for encrypting the fault information by the T-box and uploading the fault information to the TSP platform;
a second transfer module is provided for transferring the first and second substrates, the system comprises a TSP platform, a large data platform and a data processing platform, wherein the TSP platform is used for transmitting the received encrypted fault information to the large data platform through a legal interface;
the decryption module is used for decrypting the fault information sent by the TSP platform by the big data platform;
the issuing module is used for analyzing and counting the possible fault ID of the controller by utilizing modeling data of related faults of each vehicle type in the large database by the large data platform and issuing a collected ID to the T-box through the configuration file;
the screening module is used for screening the IDs stored locally according to the requirement of the collected IDs issued by the big data platform by the T-box, packaging and compressing the screened IDs according to the time points before and after the issued configuration, carrying out secure encryption and signature after the compression is completed, and transmitting the encrypted and signed packaged compressed data to the TSP platform through a specific compressed data transmission interface, wherein the TSP platform transmits the encrypted and signed packaged compressed data to the big data platform.
And the problem identification module is used for decompressing and decrypting the encrypted and signed packed compressed data by the big data platform, automatically identifying the cause of the problem by utilizing the database and forming a report.
In particular, the method comprises the steps of,
the big data platform and the TSP platform are communicated with each other by adopting a designated interface calling mode.
In particular, the method comprises the steps of,
the handshake precondition before the T-box end and the TSP platform end establish communication is as follows:
the T-box end uses GPRS, CDMA or LTE as a main mode, and adopts TCP/IP protocol based on TLSv1.2 to communicate with the TSP platform end;
when leaving the factory, the T-box end needs to be internally provided with a root certificate of a certificate authority trusted by a third party as a trust certificate library;
downloading a digital certificate which is self-signed by an automobile manufacturer as a T-box end certificate when the T-box end registers;
the TSP platform end binds a common certificate issued by a certificate issuing mechanism, and the common certificate is inherited to a root certificate;
the TSP platform end stores the self-signed root certificate of the automobile manufacturer as a trust certificate library.
In particular, the method comprises the steps of,
when the T-box end communicates with the TSP platform end for the first time or after the certificate expires, the common certificate is downloaded from the TSP platform end, the validity of the common certificate is verified by using the root certificate, and the handshake process between the T-box end and the TSP platform end is as follows:
first: the T-box end sends the protocol version number, the random number and the encryption method to the TSP platform end;
second,: the TSP platform end confirms the encryption method and sends the digital certificate and the random number to the T-box end;
third,: the T-box end confirms that the digital certificate is valid, generates a new random number, encrypts the new random number by using a public key in the digital certificate, and sends the encrypted new random number to the TSP platform end, and meanwhile, the T-box end generates a dialogue key by using the random number in the first process, the random number in the second process and the encrypted new random number;
fourth,: the TSP platform end uses a private key to acquire a random number sent by the T-box end;
fifth,: and the T-box end and the TSP platform end generate a session key by using the random number in the first and the random number in the second and the encrypted new random number according to a contracted encryption method, and encrypt the subsequent whole session process by using the session key.
In particular, the method comprises the steps of,
the T-box end and the TSP platform end are interacted in a long connection mode: the T-box end initiates TCP connection, and after the T-box end is connected with the TSP platform end, the T-box end keeps connection by timing the heartbeat; after the T-box end detects that the connection is disconnected, the connection is immediately restarted, and if the connection establishment fails, the connection is retried every set value; the long connection supports the T-box end to send data to the TSP platform end and the TSP platform end to actively send data to the T-box end;
the data interaction between the T-box end and the TSP platform end is a request-response mode.

Claims (10)

1. A method of remotely diagnosing a controller, comprising the steps of:
s01: when the whole vehicle controller fails and the T-box is in an un-dormant state, the whole vehicle controller transmits failure information to the T-box through a CAN signal;
s02: the T-box encrypts the fault information and uploads the fault information to a TSP platform;
s03: the TSP platform transmits the received encrypted fault information to a big data platform through a legal interface;
s04: the big data platform decrypts the fault information sent by the TSP platform;
s05: the large data platform analyzes and counts the possible fault ID of the controller by using modeling data of related faults of each vehicle type in a large database and issues a collection ID to the T-box through a configuration file;
s06: the T-box screens the IDs stored locally according to the requirement of the collected IDs issued by the big data platform, the screened IDs are packed and compressed according to the time points before and after the issued configuration, the safe encryption and signature are carried out after the compression is completed and the compressed data are transmitted to the TSP platform through a compressed data transmission interface, and the TSP platform transmits the encrypted and signed packed compressed data to the big data platform;
s07: the big data platform decompresses and decrypts the encrypted and signed packed compressed data, and automatically identifies the cause of the problem by using the database and forms a report.
2. The method of remote diagnostic control of claim 1, wherein,
and the big data platform and the TSP platform are communicated with each other by adopting a formulated interface calling mode.
3. The method of remote diagnostic control of claim 1, wherein,
the handshake precondition before the T-box end and the TSP platform end establish communication is as follows:
the T-box end uses GPRS, CDMA or LTE modes, and adopts TCP/IP protocol based on TLSv1.2 to communicate with the TSP platform end;
when the T-box end leaves a factory, a root certificate of a certificate authority trusted by a third party needs to be built in to serve as a trust certificate library;
downloading a digital certificate which is self-signed by an automobile manufacturer as a T-box end certificate when the T-box end registers;
the TSP platform end binds a common certificate issued by a certificate issuing mechanism, and the common certificate is inherited to a root certificate;
and the TSP platform end stores a root certificate which is self-signed by an automobile manufacturer as a trust certificate library.
4. The method of remote diagnostic control of claim 3, wherein,
when the T-box end communicates with the TSP platform end for the first time or after the certificate expires, the common certificate is downloaded from the TSP platform end, and the validity of the common certificate is verified by using the root certificate, and the handshake process between the T-box end and the TSP platform end is as follows:
a01: the T-box end sends a protocol version number, a random number and an encryption method to the TSP platform end;
a02: the TSP platform end confirms the encryption method and sends the digital certificate and the random number to the T-box end;
a03: the T-box end confirms that the digital certificate is valid, generates a new random number, encrypts the new random number by using a public key in the digital certificate, and sends the encrypted new random number to the TSP platform end, and meanwhile, the T-box end generates a dialogue key by using the random number in A01, the random number in A02 and the encrypted new random number;
a04: the TSP platform end uses a private key to acquire a random number sent by the T-box end;
a05: and the T-box end and the TSP platform end generate a session key by using the random number in A01, the random number in A02 and the encrypted new random number according to a contracted encryption method, and encrypt the subsequent whole session process by using the session key.
5. The method of remote diagnostic control of claim 4, wherein,
the T-box end and the TSP platform end are interacted in a long connection mode: the T-box end initiates TCP connection, and after the T-box end is connected with the TSP platform end, the T-box end keeps connection by timing heartbeat; after the T-box end detects that the connection is disconnected, the connection is immediately restarted, and if the connection establishment fails, the connection is retried every set value; the long connection supports the T-box end to send data to the TSP platform end and the TSP platform end to actively send data to the T-box end;
the data interaction between the T-box end and the TSP platform end is a request-response mode.
6. A system for remotely diagnosing a controller, comprising:
the first transmission module is used for transmitting fault information to the T-box through a CAN signal when the whole vehicle controller fails and the T-box is in an un-dormant state;
the uploading module is used for encrypting the fault information by the T-box and uploading the fault information to the TSP platform;
the second transmission module is used for transmitting the received encrypted fault information to the big data platform through a legal interface by the TSP platform;
the decryption module is used for decrypting the fault information sent by the TSP platform by the big data platform;
the issuing module is used for analyzing and counting the possible fault ID of the controller by utilizing modeling data of related faults of each vehicle type in the big database and issuing a collection ID to the T-box through a configuration file;
the screening module is used for screening the IDs stored locally according to the requirement of the collected IDs issued by the big data platform, packaging the screened IDs according to the time points before and after the issued configuration, compressing the IDs, carrying out secure encryption and signature after the compression, and transmitting the compressed data to the TSP platform through a specific compressed data transmission interface, wherein the TSP platform transmits the encrypted and signed packaged compressed data to the big data platform;
and the problem identification module is used for decompressing and decrypting the encrypted and signed packed compressed data by the big data platform, and automatically identifying the cause of the problem by utilizing the database and forming a report.
7. The system of a remote diagnostic controller as claimed in claim 6,
and the big data platform and the TSP platform are communicated with each other by adopting a designated interface calling mode.
8. The system of a remote diagnostic controller as claimed in claim 6,
the handshake precondition before the T-box end and the TSP platform end establish communication is as follows:
the T-box end uses GPRS, CDMA or LTE as a main mode, and adopts TCP/IP protocol based on TLSv1.2 to communicate with the TSP platform end;
when the T-box end leaves a factory, a root certificate of a certificate authority trusted by a third party needs to be built in to serve as a trust certificate library;
downloading a digital certificate which is self-signed by an automobile manufacturer as a T-box end certificate when the T-box end registers;
the TSP platform end binds a common certificate issued by a certificate issuing mechanism, and the common certificate is inherited to a root certificate;
and the TSP platform end stores a root certificate which is self-signed by an automobile manufacturer as a trust certificate library.
9. The system of a remote diagnostic controller according to claim 8,
when the T-box end communicates with the TSP platform end for the first time or after the certificate expires, the common certificate is downloaded from the TSP platform end, and the validity of the common certificate is verified by using the root certificate, and the handshake process between the T-box end and the TSP platform end is as follows:
first: the T-box end sends a protocol version number, a random number and an encryption method to the TSP platform end;
second,: the TSP platform end confirms the encryption method and sends the digital certificate and the random number to the T-box end;
third,: the T-box end confirms that the digital certificate is valid, generates a new random number, encrypts the new random number by using a public key in the digital certificate, and sends the encrypted new random number to the TSP platform end, and meanwhile, the T-box end generates a dialogue key by using the random number in the first process, the random number in the second process and the encrypted new random number;
fourth,: the TSP platform end uses a private key to acquire a random number sent by the T-box end;
fifth,: and the T-box end and the TSP platform end generate a session key by using the random number in the first and the random number in the second and the encrypted new random number according to a contracted encryption method, and encrypt the subsequent whole session process by using the session key.
10. The system of a remote diagnostic controller according to claim 9, wherein,
the T-box end and the TSP platform end the interaction between the two parts adopts a long connection mode: the T-box end initiates TCP connection, and after the T-box end is connected with the TSP platform end, the T-box end keeps connection by timing heartbeat; after the T-box end detects that the connection is disconnected, the connection is immediately restarted, and if the connection establishment fails, the connection is retried every set value; the long connection supports the T-box end to send data to the TSP platform end and the TSP platform end to actively send data to the T-box end;
the data interaction between the T-box end and the TSP platform end is a request-response mode.
CN202210177322.8A 2022-02-24 2022-02-24 Method and system for remote diagnosis of controller Active CN114550340B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210177322.8A CN114550340B (en) 2022-02-24 2022-02-24 Method and system for remote diagnosis of controller

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210177322.8A CN114550340B (en) 2022-02-24 2022-02-24 Method and system for remote diagnosis of controller

Publications (2)

Publication Number Publication Date
CN114550340A CN114550340A (en) 2022-05-27
CN114550340B true CN114550340B (en) 2023-07-18

Family

ID=81679034

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210177322.8A Active CN114550340B (en) 2022-02-24 2022-02-24 Method and system for remote diagnosis of controller

Country Status (1)

Country Link
CN (1) CN114550340B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115189925A (en) * 2022-06-22 2022-10-14 一汽奔腾轿车有限公司 OTA secure communication method based on TLS bidirectional authentication
CN115291594B (en) * 2022-10-09 2023-03-24 苏州挚途科技有限公司 Remote diagnosis system and method for vehicle-mounted domain controller

Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004058777A (en) * 2002-07-26 2004-02-26 Hitachi Ltd Remote failure diagnosis system of vehicle
CN102385378A (en) * 2011-09-19 2012-03-21 重庆长安汽车股份有限公司 Offline-detection auxiliary apparatus for new energy automobiles
WO2014057643A1 (en) * 2012-10-09 2014-04-17 株式会社デンソー Relay device
CN103792093A (en) * 2012-10-29 2014-05-14 北京开元智信通软件有限公司 Automobile diagnosis method, server and system
CN104917808A (en) * 2015-04-10 2015-09-16 北京远特科技有限公司 Rescue scheduling method based on Internet of vehicles and rescue scheduling system
CN105929815A (en) * 2016-05-30 2016-09-07 长安大学 Large-scale vehicle real-time monitoring and diagnosis, remote service and comprehensive processing method
CN106790367A (en) * 2016-11-15 2017-05-31 山东省科学院自动化研究所 The vehicle safety hidden danger early warning of big data treatment and accident reproduction system and method
CN106980269A (en) * 2017-05-26 2017-07-25 周传浩 It is a kind of to ensure the intelligent home furnishing control method of communication security
CN107272649A (en) * 2017-07-05 2017-10-20 东南(福建)汽车工业有限公司 Malfunction remote diagnosis system and method
WO2017214990A1 (en) * 2016-06-17 2017-12-21 华为技术有限公司 Method and device for processing accident information
CN109218331A (en) * 2018-10-18 2019-01-15 北京长城华冠汽车技术开发有限公司 Remote user's vehicle fault detection method and apparatus
CN110109447A (en) * 2019-05-29 2019-08-09 重庆长安新能源汽车科技有限公司 A kind of new-energy automobile remote fault diagnosis method and system
CN110381070A (en) * 2019-07-24 2019-10-25 成都大运汽车集团有限公司 A kind of automobile intelligent controlling terminal system and method
CN111555953A (en) * 2020-05-29 2020-08-18 北京经纬恒润科技有限公司 Remote diagnosis method, device and system based on vehicle-mounted Ethernet and TSP (Total suspended particulate) server
CN111552277A (en) * 2020-05-29 2020-08-18 上海挚达科技发展有限公司 Vehicle fault diagnosis method based on Internet of things
CN112233278A (en) * 2020-12-09 2021-01-15 智道网联科技(北京)有限公司 Remote fault analysis method, vehicle-mounted terminal, server, device and medium
CN213007425U (en) * 2020-08-06 2021-04-20 奇瑞商用车(安徽)有限公司 Remote static tire pressure monitoring and reminding system
CN112947372A (en) * 2021-02-05 2021-06-11 重庆长安汽车股份有限公司 Remote diagnosis method based on active reporting of fault codes

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10665040B2 (en) * 2010-08-27 2020-05-26 Zonar Systems, Inc. Method and apparatus for remote vehicle diagnosis
CN105976074A (en) * 2015-10-21 2016-09-28 乐卡汽车智能科技(北京)有限公司 Vehicle health parameter generation and presentation method and device
US20190228322A1 (en) * 2018-01-25 2019-07-25 Noregon Systems, Inc. Vehicle repair guidance system

Patent Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004058777A (en) * 2002-07-26 2004-02-26 Hitachi Ltd Remote failure diagnosis system of vehicle
CN102385378A (en) * 2011-09-19 2012-03-21 重庆长安汽车股份有限公司 Offline-detection auxiliary apparatus for new energy automobiles
WO2014057643A1 (en) * 2012-10-09 2014-04-17 株式会社デンソー Relay device
CN103792093A (en) * 2012-10-29 2014-05-14 北京开元智信通软件有限公司 Automobile diagnosis method, server and system
CN104917808A (en) * 2015-04-10 2015-09-16 北京远特科技有限公司 Rescue scheduling method based on Internet of vehicles and rescue scheduling system
CN105929815A (en) * 2016-05-30 2016-09-07 长安大学 Large-scale vehicle real-time monitoring and diagnosis, remote service and comprehensive processing method
WO2017214990A1 (en) * 2016-06-17 2017-12-21 华为技术有限公司 Method and device for processing accident information
CN106790367A (en) * 2016-11-15 2017-05-31 山东省科学院自动化研究所 The vehicle safety hidden danger early warning of big data treatment and accident reproduction system and method
CN106980269A (en) * 2017-05-26 2017-07-25 周传浩 It is a kind of to ensure the intelligent home furnishing control method of communication security
CN107272649A (en) * 2017-07-05 2017-10-20 东南(福建)汽车工业有限公司 Malfunction remote diagnosis system and method
CN109218331A (en) * 2018-10-18 2019-01-15 北京长城华冠汽车技术开发有限公司 Remote user's vehicle fault detection method and apparatus
CN110109447A (en) * 2019-05-29 2019-08-09 重庆长安新能源汽车科技有限公司 A kind of new-energy automobile remote fault diagnosis method and system
CN110381070A (en) * 2019-07-24 2019-10-25 成都大运汽车集团有限公司 A kind of automobile intelligent controlling terminal system and method
CN111555953A (en) * 2020-05-29 2020-08-18 北京经纬恒润科技有限公司 Remote diagnosis method, device and system based on vehicle-mounted Ethernet and TSP (Total suspended particulate) server
CN111552277A (en) * 2020-05-29 2020-08-18 上海挚达科技发展有限公司 Vehicle fault diagnosis method based on Internet of things
CN213007425U (en) * 2020-08-06 2021-04-20 奇瑞商用车(安徽)有限公司 Remote static tire pressure monitoring and reminding system
CN112233278A (en) * 2020-12-09 2021-01-15 智道网联科技(北京)有限公司 Remote fault analysis method, vehicle-mounted terminal, server, device and medium
CN112947372A (en) * 2021-02-05 2021-06-11 重庆长安汽车股份有限公司 Remote diagnosis method based on active reporting of fault codes

Also Published As

Publication number Publication date
CN114550340A (en) 2022-05-27

Similar Documents

Publication Publication Date Title
CN114550340B (en) Method and system for remote diagnosis of controller
CN108243259B (en) Method, device and system for transmitting Internet of vehicles data
US8327146B2 (en) Wireless communication using compact certificates
CN112585549B (en) Fault diagnosis method and device and vehicle
US8582775B2 (en) Method of securing and authenticating data using micro-certificates
KR100926327B1 (en) Modem with acoustic coupling
CN107682334B (en) OBD interface data safety protection system and data safety protection method
CN110708388B (en) Vehicle body safety anchor node device, method and network system for providing safety service
WO2020211016A1 (en) Device upgrade method and related device
CN106941491B (en) Safety application data link layer equipment of electricity utilization information acquisition system and communication method
KR20170129427A (en) Method of providing security for controller using encryption and appratus for implementing the same
CN111277610A (en) Gateway control system, method, intelligent device and intelligent device server
CN113541939B (en) Internet of vehicles digital certificate issuing method and system
WO2017152875A1 (en) Secure communication method and apparatus for vehicle, vehicle multimedia system, and vehicle
CN115664691B (en) Communication security car networking system
CN113439425A (en) Message transmission method and device
CN113141593A (en) Detection method and detection system for vehicle virtual key and upper computer
CN112398810B (en) Identity authentication system and method of OBD (on-Board diagnostics) equipment
CN112688800B (en) Remote maintenance method and system for intelligent power grid intelligent equipment based on script technology
CN112003867B (en) Communication method of vehicle-mounted T-BOX and cloud server and related equipment
WO2022120581A1 (en) Vehicle diagnosis system, method and apparatus
US8612751B1 (en) Method and apparatus for entitled data transfer over the public internet
CN110650477B (en) Interaction method, platform, server and storage medium of NB-IOT equipment
CN113014592B (en) Automatic registration system and method for Internet of things equipment
WO2024032438A1 (en) Secure access method and system for vehicle, and related apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 401133 room 208, 2 house, 39 Yonghe Road, Yu Zui Town, Jiangbei District, Chongqing

Applicant after: Deep Blue Automotive Technology Co.,Ltd.

Address before: 401133 room 208, 2 house, 39 Yonghe Road, Yu Zui Town, Jiangbei District, Chongqing

Applicant before: CHONGQING CHANGAN NEW ENERGY AUTOMOBILE TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant