WO2019157943A1 - Vehicle-mounted data transmission method and device, and vehicle-mounted telematics box - Google Patents

Vehicle-mounted data transmission method and device, and vehicle-mounted telematics box Download PDF

Info

Publication number
WO2019157943A1
WO2019157943A1 PCT/CN2019/073426 CN2019073426W WO2019157943A1 WO 2019157943 A1 WO2019157943 A1 WO 2019157943A1 CN 2019073426 W CN2019073426 W CN 2019073426W WO 2019157943 A1 WO2019157943 A1 WO 2019157943A1
Authority
WO
WIPO (PCT)
Prior art keywords
network card
virtual network
data
virtual
vehicle
Prior art date
Application number
PCT/CN2019/073426
Other languages
French (fr)
Chinese (zh)
Inventor
张震
Original Assignee
西安中兴新软件有限责任公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 西安中兴新软件有限责任公司 filed Critical 西安中兴新软件有限责任公司
Publication of WO2019157943A1 publication Critical patent/WO2019157943A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Definitions

  • the present disclosure relates to, but is not limited to, communication techniques.
  • the present disclosure provides an in-vehicle data transmission method, comprising the steps of: establishing two virtual data paths on a physical universal serial bus (USB), respectively enumerating the first virtual network card and the second virtual network a network card; the first virtual network card is disposed in the first local area network, and the second virtual network card is disposed in the second local area network; configured to route data coming in from the first virtual network card to the first packet data
  • the network routes the data coming in from the second virtual network card to the policy route of the second packet data network; and after receiving the data, performs data transmission according to the policy route.
  • the present disclosure also provides a telematics telescope (T-BOX), comprising: an enumeration module configured to establish two virtual data paths on a physical USB, respectively enumerating the first virtual a network card and a second virtual network card; a setting module configured to set the first virtual network card in the first local area network, the second virtual network card in the second local area network; and a configuration module configured to perform configuration Routing data from the first virtual network card to a first packet data network, routing data coming in from the second virtual network card to a policy route of a second packet data network; and routing module configured to receive After the data, data transmission is performed according to the policy route.
  • T-BOX telematics telescope
  • the present disclosure also provides an in-vehicle telematics processor T-BOX, comprising: a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor implements the program
  • T-BOX comprising: a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor implements the program
  • the present disclosure also provides an in-vehicle data transmission method, including: when detecting the insertion of the in-vehicle telematics processor T-BOX, enumerating the first virtual network card and the second virtual network card; and the first virtual network card and the The second virtual network card performs parameter configuration; and performs configuration to transmit data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and The data of the second virtual network card is sent to the second packet data network.
  • the present disclosure further provides an in-vehicle data transmission device, comprising: an enumeration module configured to enumerate a first virtual network card and a second virtual network card when the insertion of the in-vehicle telematics processor T-BOX is detected; It is configured to perform parameter configuration on the first virtual network card and the second virtual network card; and a routing module configured to perform routing configuration to route data of the first virtual network card to the first packet data network, Binding an application that controls the vehicle to the second virtual network card, and routing data of the second virtual network card to the second packet data network.
  • the present disclosure also provides an in-vehicle data transmission apparatus, comprising: a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor executes the program to implement the following steps: detecting When the vehicle telematics processor T-BOX is inserted, the first virtual network card and the second virtual network card are enumerated; parameter configuration is performed on the first virtual network card and the second virtual network card; and configuration is performed to The data of the first virtual network card is sent to the first packet data network, the application for controlling the vehicle is bound to the second virtual network card, and the data of the second virtual network card is sent to the second packet data network.
  • the present disclosure also provides an Infotainment Head Unit (IHU) including the above apparatus.
  • IHU Infotainment Head Unit
  • FIG. 1 is a schematic structural diagram of an in-vehicle data transmission system in some cases
  • FIG. 2 is a flowchart of an in-vehicle data transmission method on an in-vehicle T-BOX side according to an embodiment of the present disclosure
  • FIG. 3 is a flowchart of an in-vehicle data transmission method on the IHU side according to an embodiment of the present disclosure
  • FIG. 4 is a schematic structural diagram of an in-vehicle data transmission system according to an embodiment of the present disclosure
  • FIG. 5 is a schematic diagram of an in-vehicle T-BOX according to an embodiment of the present disclosure
  • FIG. 6 is a schematic diagram of an in-vehicle data transmission device according to an embodiment of the present disclosure.
  • FIG. 7 is a flowchart of establishing two virtual paths on a vehicle T-BOX side according to an embodiment of the present disclosure
  • FIG. 8 is a flowchart of data transmission by an IHU according to an embodiment of the present disclosure.
  • the car networking system consists of four parts: the mainframe, the telematics processor (Teletons BOX, T-BOX), the mobile application (Application, APP) and the back-end system.
  • the host is mainly used for video entertainment and vehicle information display.
  • the vehicle T-BOX is mainly used for communicating with the background system/mobile APP, and realizes display and control of vehicle information through the mobile phone APP.
  • the cloud service platform (CSP) background sends a monitoring request command to the vehicle T-BOX; after obtaining the control command, the vehicle passes the controller local area network (Controller)
  • the Area Network (CAN) bus sends control messages and controls the vehicle, and feeds the operation results back to the user's mobile APP. This can help the user to remotely start the vehicle, open and/or lock the door, turn on the air conditioner, adjust the seat to the proper position, and so on.
  • FIG. 1 is a schematic diagram of the architecture of an in-vehicle data transmission system in some cases.
  • the car T-BOX is connected to the IHU on the car via a USB cable, and a network card name is T-BOX inside the IHU.
  • the IHU on the car has Wireless Fidelity (Wi-Fi). Hotspots, users use the network card T-BOX as a Wide Area Network (WAN) port to access the Internet via Wi-Fi.
  • WAN Wide Area Network
  • the application of the control vehicle inside the IHU also uses the network card T-BOX to interact with the CSP server.
  • T-BOX There are two data paths inside the vehicle T-BOX: one is a control path between the T-BOX and the CSP service for receiving and/or transmitting control commands, that is, a private packet data network (PDN) path; The other is the Internet data path for users connected via Wi-Fi via IHU, the public PDN path. Based on the destination address of the data packet, the T-BOX decides whether to send the data packet to the private channel or the public channel.
  • PDN packet data network
  • the soft isolation of the public and private channels is implemented inside the T-BOX, but within the IHU, since the Wi-Fi hotspot and the IHU internal application share a WAN card T-BOX, the IHU internal application can listen to the network card T- The IP address of the BOX, therefore, the user of the Wi-Fi hotspot can access the IHU internal application (which is used to control the vehicle) by accessing the IP address of the network card T-BOX, so that the vehicle can be controlled without going through the CSP server. This is a security risk.
  • embodiments of the present disclosure propose a transmission method in which two USB lines are established by software in two virtual paths, so that two paths can exist on one USB line and the two paths are softly isolated.
  • FIG. 2 is a flowchart of an in-vehicle data transmission method on an in-vehicle T-BOX side according to an embodiment of the present disclosure. As shown in Figure 2, the method includes the following steps 11-14.
  • step 11 two virtual data paths are established on one physical USB line, and the first virtual network card and the second virtual network card are respectively enumerated.
  • step 12 the first virtual network card is set in the first local area network, and the second virtual network card is set in the second local area network.
  • policy routing is configured to route data coming in from the first virtual network card to the first packet data network, and data coming in from the second virtual network card is routed to the second packet data network.
  • step 14 data is transmitted according to the policy route after receiving the data.
  • FIG. 3 is a flowchart of an in-vehicle data transmission method on the IHU side according to an embodiment of the present disclosure. As shown in FIG. 3, the method includes the following steps 21-23.
  • step 21 when it is detected that the in-vehicle telematics processor T-BOX is inserted, the first virtual network card and the second virtual network card are enumerated.
  • step 22 parameter configuration is performed on the first virtual network card and the second virtual network card.
  • step 23 configuration is performed to transmit data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and configure the second virtual network card The data is sent to the second packet data network.
  • the usb0 network card (shown in FIG. 1) inside the T-BOX is enumerated into two network cards usb0.1 and usb0.2, and in the IHU.
  • the WAN network port tbox is mapped to two WAN ports, tbox1 and tbox2.
  • the Wi-Fi user's Internet data passes through a WAN port, which is the virtual USB path of the tbox1
  • the data that the IHU internal application interacts with the CSP server passes through another WAN port, which is the virtual USB path of the tbox2.
  • the data that Wi-Fi users use to access the IP on the tbox1 NIC will not reach the IHU internal application.
  • the NICs usb0.1 and usb0.2 inside the T-BOX corresponding to the tbox1 and tbox2 NICs cannot be in the same LAN, because if so, Wi-Fi users can also access the IP of the tbox2 NIC to access the IHU internal application. Therefore, two bridges bridge0 and bridge1 can be established inside the T-BOX, and two gateways bridge0 and bridge1 are respectively configured with different gateway IPs to establish two local area networks, wherein usb0.1 is hung in the bridge bridge0. , usb0.2 is hung in bridge bridge1. Thereby, the public path and the private path can be completely separated, and the safety performance of the T-BOX product can be improved.
  • the foregoing step 11 may include the following steps: configuring, by the two virtual data paths, port combination information driven by a plurality of network card character devices, where the port combination information driven by the plurality of network card character devices includes Information of the virtual network card and the second virtual network card; and registering the multi-NIC character device, performing resource binding according to the registration information of the multi-NIC character device and the port combination information, and enumerating the first virtual The network card and the second virtual network card, wherein the first virtual network card and the second virtual network card respectively correspond to the two virtual data paths.
  • the foregoing step 12 may include the steps of: establishing a first bridge and a second bridge; configuring a first gateway IP address for the first bridge, and configuring a second gateway for the second bridge
  • the IP address, the first gateway IP address and the second gateway IP address are respectively gateway IP addresses corresponding to the first local area network and the second local area network; and the first virtual network card is hung in the office Under the first bridge, the second virtual network card is hung under the second bridge.
  • the method may include the following steps: allocating a first address pool to the first local area network, listening to the first bridge, and assigning an IP address from the first address pool to And the second virtual network card is allocated to the second local area network, and the second network bridge is monitored, and an IP address is allocated from the second address pool to the second virtual network card.
  • the first address pool is different from the second address pool.
  • the foregoing step 14 may include the following steps: after receiving the data, the virtual network card according to the data applies a corresponding label to the data; and the data is routed according to the policy and the label. Route.
  • the step 22 may include the following steps: after detecting that the network port status of the first virtual network card and the second virtual network card is in an open state, respectively, by using the first virtual network card and the first The second virtual network card applies for an IP address to the in-vehicle T-BOX, and configures the applied IP address to the first virtual network card and the second virtual network card respectively.
  • the step of applying for an IP address to the in-vehicle T-BOX by using the first virtual network card and the second virtual network card respectively includes the following steps: respectively adopting the first virtual network card and the The second virtual network card sends a dynamic host setup protocol DHCP discovery message to the in-vehicle T-BOX to apply for an IP address to the in-vehicle T-BOX.
  • FIG. 5 is a schematic diagram of an in-vehicle T-BOX according to an embodiment of the present disclosure.
  • the in-vehicle T-BOX of the embodiment of the present disclosure includes an enumeration module 501, a setting module 502, a configuration module 503, and a routing module 504.
  • the enumeration module 501 is configured to establish two virtual data paths on one physical USB line, and enumerate the first virtual network card and the second virtual network card respectively.
  • the setting module 502 is configured to set the first virtual network card in a first local area network, and set the second virtual network card in a second local area network.
  • the configuration module 503 is configured to be configured to route data coming in from the first virtual network card to a first packet data network, and route data from the second virtual network card to a policy route of a second packet data network .
  • the routing module 504 is configured to perform data transmission according to the policy route after receiving data.
  • the enumeration module 501 is configured to establish two virtual data paths on one physical USB line by enumerating the first virtual network card and the second virtual network card respectively:
  • the data path configures port combination information driven by the multi-NIC character device, the port combination information driven by the multi-NIC character device includes information about the first virtual network card and the second virtual network card; and registering the multi-network card character device And performing resource binding according to the registration information of the multi-NIC character device and the port combination information, and enumerating the first virtual network card and the second virtual network card, where the first virtual network card and the second The virtual network cards respectively correspond to the two virtual data paths.
  • the setting module 502 is configured to: set the first virtual network card in a first local area network, and set the second virtual network card in a second local area network by: establishing a first bridge And a second bridge; configuring a first gateway IP address for the first bridge, and configuring a second gateway IP address for the second bridge, where the first gateway IP address and the second gateway IP address are respectively a gateway IP address corresponding to the first local area network and the second local area network; and hanging the first virtual network card under the first bridge, and hanging the second virtual network card in the first Under the second bridge.
  • the setting module 502 is further configured to: allocate a first address pool to the first local area network, listen to the first bridge, and take an IP address from the first address pool. Allocating to the first virtual network card; and allocating a second address pool to the second local area network, listening to the second bridge, and assigning an IP address from the second address pool to the second virtual network card The first address pool is different from the second address pool.
  • the routing module 504 is configured to perform routing according to the policy route after receiving data: after receiving the data, the virtual network card according to the data is marked with a corresponding label; The policy route and the tag route the data.
  • An embodiment of the present disclosure further provides an in-vehicle T-BOX, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the following steps: Establishing two virtual data paths on one physical USB line, respectively enumerating the first virtual network card and the second virtual network card; setting the first virtual network card in the first local area network, and setting the second virtual network card In the second local area network; configuring to route data coming in from the first virtual network card to the first packet data network, and routing data coming in from the second virtual network card to a policy route of the second packet data network; And receiving data according to the policy route for data transmission.
  • T-BOX including: a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the following steps: Establishing two virtual data paths on one physical USB line, respectively enumerating the first virtual network card and the second virtual network card; setting the first virtual network card
  • FIG. 6 is a schematic diagram of an in-vehicle data transmission device according to an embodiment of the present disclosure.
  • the apparatus of the embodiment of the present disclosure includes: an enumeration module 601, a configuration module 602, and a routing module 603.
  • the enumeration module 601 is configured to enumerate the first virtual network card and the second virtual network card when detecting the insertion of the in-vehicle telematics processor T-BOX.
  • the configuration module 602 is configured to perform parameter configuration on the first virtual network card and the second virtual network card.
  • the routing module 603 is configured to perform routing configuration to route data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and The data of the second virtual network card is routed to the second packet data network.
  • the parameter includes at least one of the following: a maximum transmission unit, an IP address, a closed state, or an open state of the network ports of the first virtual network card and the second virtual network card, name.
  • the first virtual network card and the second virtual network card respectively correspond to two virtual network cards in the in-vehicle T-BOX.
  • the term "network port” may be used interchangeably with “network card”. In other embodiments, the term “network port” may refer to a network port, one end of a network path.
  • the configuration module 602 is configured to perform parameter configuration on the first virtual network card and the second virtual network card according to the following operations: detecting the first virtual network card and the second virtual network card After the network port state is the open state, the first virtual network card and the second virtual network card respectively apply for an IP address to the in-vehicle T-BOX, and the applied IP addresses are respectively configured to the first virtual network card. And the second virtual network card.
  • An embodiment of the present disclosure further provides an in-vehicle data transmission apparatus, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the following steps: When detecting the insertion of the in-vehicle telematics processor T-BOX, enumerating the first virtual network card and the second virtual network card; performing parameter configuration on the first virtual network card and the second virtual network card; and configuring to The data of the first virtual network card is sent to the first packet data network, the application for controlling the vehicle is bound to the second virtual network card, and the data of the second virtual network card is sent to the second packet data network.
  • T-BOX When detecting the insertion of the in-vehicle telematics processor T-BOX, enumerating the first virtual network card and the second virtual network card; performing parameter configuration on the first virtual network card and the second virtual network card; and configuring to The data of the first virtual network card is sent to the first packet data network,
  • Embodiments of the present disclosure also provide an IHU that includes the above-described in-vehicle data transmission device.
  • an onboard data transmission system may include: a Dynamic Host Configuration Protocol (DHCP) client module, a router module, and a network card driver.
  • the module of the T-BOX side may include: a DHCP server module, a routing module, and a virtual USB (Virtual USB, VUSB) module.
  • the combination of the NIC driver module and the DHCP client module is equivalent to the combination of the enumeration module 601 and the configuration module 602 above.
  • the combination of the VUSB module and the DHCP server module is equivalent to the combination of the enumeration module 501, the setting module 502, and the configuration module 503 above.
  • the USB cable between the T-BOX and the IHU is only a physical path, and there is no need to change it; two virtual paths are established on the one USB line, and the routing module will Different data is routed into the corresponding path.
  • the network card driving module configures two virtual path mapping network card tbox1 and tbox2 parameters for the internal VUSB module of the T-BOX, such as a maximum transmission unit of the network port of the network card (Maximum Transmission Unit) , MTU), IP address, Down, and/or UP status, name, etc.; after detecting that the tbox1 and tbox2 NIC status is UP, the DHCP client module sends DHCP Discovery through the tbox1 and tbox2 NICs respectively.
  • a maximum transmission unit of the network port of the network card Maximum Transmission Unit
  • MTU maximum Transmission Unit
  • IP address IP address
  • Down Down
  • UP status IP address
  • the message request the IP address from the T-BOX, and then configure the applied IP addresses IP1 and IP2 to tbox1 and tbox2 respectively; the routing module performs the routing function and configures a path from tbox1 to the public PDN.
  • the application that interacts with the CSP inside the IHU is bound to the tbox2 NIC to be sent from the private network path.
  • the VUSB module enumerates two virtual network cards usb0.1 and usb0.2 in one USB cable to establish two virtual data links;
  • the DHCP server module is in T - BOX internally opens two DHCP server functions, respectively configuring the address pool and the gateway, so that the two gateways are in different local area networks (bridges bridge0 and bridge1 are respectively in the different local area networks), and the two DHCP servers respectively monitor the network.
  • Bridges bridge0 and bridge1 respectively, configure the IP addresses of different LANs for the devices on bridge0 and bridge1;
  • the routing module is mainly responsible for performing routing functions, routing data coming in from usb0.1 to the public network PDN path, coming in from usb0.2 The data is routed to the private network PDN path.
  • the routing module needs to use the policy routing function, and the data sent via usb0.1 and usb0.2 are respectively tagged by iptables, and the routing module separately sends the data with different labels. Go to the public network PDN path or the private network PDN path.
  • the on-board T-BOX side implements the creation of two virtual paths at the VUSB module, and the path from the Wi-Fi user to the network (internet) and the path from the IHU internal application to the CSP server are two.
  • the non-interfering paths of the intersections ensure the security of the data used to control the vehicle through the CSP server, and prevent the IHU's Wi-Fi hotspot from being cracked, and then control the vehicle through Wi-Fi.
  • the configuration of the multi-NIC character device is mainly performed at the kernel layer.
  • the detailed process of establishing two virtual paths is as shown in FIG. 7, and includes the following steps 101-108.
  • step 101 the port combination information of the multi-NIC character device driver is configured in the kernel driver, and the kernel driver starts to parse according to the port combination information. If the port combination information is found to be a multi-NIC character device driver, it is determined whether there is any in the kernel. Register the information of the multi-NIC character device with yourself.
  • the port combination information driven by the multi-NIC character device may include: a network card name (for example, usb0.1 and usb0.2), and a network card type.
  • a multi-NIC character device is registered.
  • Add the registration of the multi-NIC character device in the kernel driver layer can only be done by registering with the other character devices of the kernel.
  • step 103 when the kernel driver detects the registration information of the multi-NIC character device, the resource binding operation is performed, and the information of the data path and the control path of the character device is filled and reported to the host.
  • step 104 after the resources are bound, the character device driver sets some operation functions according to the multi-NIC character device driver port combination information, such as reading and writing and opening the path of the character device.
  • step 105 two bridges bridge0 and bridge1 are established in the T-BOX by the command 'brctl addbr bridge0', 'brctl addbr bridge1', and through ifconfig (used in linux for displaying or configuring network devices (network interface cards) Command) Configure different gateway IP addresses for the two bridges.
  • step 106 the brctl addif command is used to hang the usb0.1 and usb0.2 NICs under bridge0 and bridge bridges respectively, so that tbox1 and tbox2 mapped by usb0.1 and usb0.2 are inside different LANs.
  • step 107 two DHCP server processes are started at the same time, and different address pools are respectively configured to monitor bridge0 and bridge1 respectively, and assign IP addresses to the tbox1 and tbox2 network cards.
  • step 108 the policy routing is configured, the iptables rule is added, the data coming in from the usb0.1 network card is tagged 1, and the data coming in from the usb0.2 network card is tagged 2. Policy routing is added such that data with tag 1 is sent from the public PDN to the network, and data with tag 2 is sent from the private PDN to the network.
  • the flow includes the following steps 201-203.
  • step 201 the network card driver automatically enumerates the tbox1 and tbox2 network cards when detecting that the T-BOX is inserted into the IHU, and the network card driver notifies the upper application that the USB cable is inserted.
  • step 202 after receiving the USB cable insertion event, the upper application starts two DHCP client processes respectively, starts a DHCP process from the tbox1 and tbox2 network cards, obtains an IP address, and configures the IP addresses to the network cards tbox1 and tbox2, respectively.
  • the default route is configured to configure the default route from tbox1WAN.
  • the NIC goes out and sends via the public network PDN path.
  • the IHU internal application (for example, for controlling the vehicle) is bound to the tbox2 NIC and sent through the path to the private network PDN.
  • Embodiments of the present disclosure also provide a computer readable storage medium storing computer executable instructions that, when executed, implement the onboard data transmission method.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Provided are a vehicle-mounted data transmission method and device, and a vehicle-mounted Telematics BOX (TBOX). The method comprises the following steps: establishing two virtual data paths on a physical universal serial bus (USB) in which a first virtual network card and a second virtual network card are respectively enumerated; setting the first virtual network card in a first local area network, and setting the second virtual network card in a second local area network; configuring a policy routing to route data from the first virtual network card to a first packet data network, and to route data from the second virtual network card to a second packet data network; and carrying out data transmission according to the policy routing after receiving the data.

Description

车载数据传输方法及装置、车载远程信息处理器Vehicle data transmission method and device, vehicle telematics processor 技术领域Technical field
本公开涉及但不限于通信技术。The present disclosure relates to, but is not limited to, communication techniques.
背景技术Background technique
车联网的发展带来了各种便利,但是也可能导致汽车被远程攻击、控制的可能。例如,汽车内部网络看似一个相对安全的封闭网络,但其中存在很多可被攻击的安全漏洞。这些漏洞一旦被利用和攻击,可能导致隐私泄露或者更严重的问题。The development of the Internet of Vehicles brings various conveniences, but it may also lead to the possibility of the car being attacked and controlled remotely. For example, a car's internal network appears to be a relatively secure closed network, but there are many security vulnerabilities that can be exploited. Once exploited and exploited, these vulnerabilities can lead to privacy breaches or more serious problems.
因此,保证车联网的安全具有重要意义。Therefore, ensuring the safety of the Internet of Vehicles is of great significance.
发明内容Summary of the invention
本公开提供了一种车载数据传输方法,包括以下步骤:在一根物理通用串行总线(Universal Serial Bus,USB)上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡;将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中;进行配置以将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网的策略路由;以及接收到数据后根据所述策略路由进行数据传输。The present disclosure provides an in-vehicle data transmission method, comprising the steps of: establishing two virtual data paths on a physical universal serial bus (USB), respectively enumerating the first virtual network card and the second virtual network a network card; the first virtual network card is disposed in the first local area network, and the second virtual network card is disposed in the second local area network; configured to route data coming in from the first virtual network card to the first packet data The network routes the data coming in from the second virtual network card to the policy route of the second packet data network; and after receiving the data, performs data transmission according to the policy route.
本公开还提供了一种车载远程信息处理器(Telematics BOX,T-BOX),包括:枚举模块,其设置为在一根物理USB上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡;设置模块,其设置为将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中;配置模块,其设置为进行配置以将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网的策略路由;以及路由模块,其设置为接收到数据后根据所述策略路由进行数据传输。The present disclosure also provides a telematics telescope (T-BOX), comprising: an enumeration module configured to establish two virtual data paths on a physical USB, respectively enumerating the first virtual a network card and a second virtual network card; a setting module configured to set the first virtual network card in the first local area network, the second virtual network card in the second local area network; and a configuration module configured to perform configuration Routing data from the first virtual network card to a first packet data network, routing data coming in from the second virtual network card to a policy route of a second packet data network; and routing module configured to receive After the data, data transmission is performed according to the policy route.
本公开还提供了一种车载远程信息处理器T-BOX,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其中, 所述处理器执行所述程序时实现以下步骤:在一根物理USB上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡;将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中;配置将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网的策略路由;以及接收到数据后根据所述策略路由进行数据传输。The present disclosure also provides an in-vehicle telematics processor T-BOX, comprising: a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor implements the program The following steps: establishing two virtual data paths on one physical USB, respectively enumerating the first virtual network card and the second virtual network card; setting the first virtual network card in the first local area network, and the second virtual The network card is disposed in the second local area network; configured to route data coming in from the first virtual network card to the first packet data network, and route data from the second virtual network card to a policy route of the second packet data network; And receiving data according to the policy route for data transmission.
本公开还提供了一种车载数据传输方法,包括:检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡;对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置;以及进行配置,以将所述第一虚拟网卡的数据发送给第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据发送给第二分组数据网。The present disclosure also provides an in-vehicle data transmission method, including: when detecting the insertion of the in-vehicle telematics processor T-BOX, enumerating the first virtual network card and the second virtual network card; and the first virtual network card and the The second virtual network card performs parameter configuration; and performs configuration to transmit data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and The data of the second virtual network card is sent to the second packet data network.
本公开还提供了一种车载数据传输装置,包括:枚举模块,其设置为检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡;配置模块,其设置为对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置;以及路由模块,其设置为进行路由配置,以将所述第一虚拟网卡的数据路由到第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据路由到第二分组数据网。The present disclosure further provides an in-vehicle data transmission device, comprising: an enumeration module configured to enumerate a first virtual network card and a second virtual network card when the insertion of the in-vehicle telematics processor T-BOX is detected; It is configured to perform parameter configuration on the first virtual network card and the second virtual network card; and a routing module configured to perform routing configuration to route data of the first virtual network card to the first packet data network, Binding an application that controls the vehicle to the second virtual network card, and routing data of the second virtual network card to the second packet data network.
本公开还提供了一种车载数据传输装置,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其中,所述处理器执行所述程序时实现以下步骤:检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡;对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置;以及进行配置,以将所述第一虚拟网卡的数据发送给第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据发送给第二分组数据网。The present disclosure also provides an in-vehicle data transmission apparatus, comprising: a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor executes the program to implement the following steps: detecting When the vehicle telematics processor T-BOX is inserted, the first virtual network card and the second virtual network card are enumerated; parameter configuration is performed on the first virtual network card and the second virtual network card; and configuration is performed to The data of the first virtual network card is sent to the first packet data network, the application for controlling the vehicle is bound to the second virtual network card, and the data of the second virtual network card is sent to the second packet data network.
本公开还提供了一种信息娱乐主机(Infotainment Head Unit,IHU),包括上述的装置。The present disclosure also provides an Infotainment Head Unit (IHU) including the above apparatus.
附图说明DRAWINGS
图1为在一些情况下的车载数据传输系统的架构示意图;1 is a schematic structural diagram of an in-vehicle data transmission system in some cases;
图2为根据本公开实施例的车载T-BOX侧的车载数据传输方法的流程图;2 is a flowchart of an in-vehicle data transmission method on an in-vehicle T-BOX side according to an embodiment of the present disclosure;
图3为根据本公开实施例的IHU侧的车载数据传输方法的流程图;3 is a flowchart of an in-vehicle data transmission method on the IHU side according to an embodiment of the present disclosure;
图4为根据本公开实施例的车载数据传输系统的架构示意图;4 is a schematic structural diagram of an in-vehicle data transmission system according to an embodiment of the present disclosure;
图5为根据本公开实施例的车载T-BOX的示意图;FIG. 5 is a schematic diagram of an in-vehicle T-BOX according to an embodiment of the present disclosure; FIG.
图6为根据本公开实施例的车载数据传输装置的示意图;6 is a schematic diagram of an in-vehicle data transmission device according to an embodiment of the present disclosure;
图7为根据本公开实施例的车载T-BOX侧建立两个虚拟通路的流程图;以及7 is a flowchart of establishing two virtual paths on a vehicle T-BOX side according to an embodiment of the present disclosure;
图8为根据本公开实施例的IHU进行数据传输的流程图。FIG. 8 is a flowchart of data transmission by an IHU according to an embodiment of the present disclosure.
具体实施方式Detailed ways
为使本公开的目的、技术方案和优点更加清楚明白,下文中将结合附图对本公开的实施例进行详细说明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互任意组合。The embodiments of the present disclosure will be described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments in the present application may be arbitrarily combined with each other.
车联网系统包含四部分:主机、车载远程信息处理器(Telematics BOX,T-BOX)、手机应用程序(Application,APP)及后台系统。所述主机主要用于影音娱乐以及车辆信息显示。所述车载T-BOX主要用于和后台系统/手机APP通信,实现通过手机APP对车辆信息的显示与控制。The car networking system consists of four parts: the mainframe, the telematics processor (Teletons BOX, T-BOX), the mobile application (Application, APP) and the back-end system. The host is mainly used for video entertainment and vehicle information display. The vehicle T-BOX is mainly used for communicating with the background system/mobile APP, and realizes display and control of vehicle information through the mobile phone APP.
具体地,当用户通过手机APP发送控制命令后,云服务平台(Cloud Service Platform,CSP)后台会发出监控请求指令到车载T-BOX;车辆在获取到控制命令后,通过控制器局域网络(Controller Area Network,CAN)总线发送控制报文并实现对车辆的控制,并将操作结果反馈到用户的手机APP上。这可以帮助用户远程启动车辆、开和/或锁车门、开启空调、调整座椅至合适位置等。Specifically, after the user sends a control command through the mobile phone APP, the cloud service platform (CSP) background sends a monitoring request command to the vehicle T-BOX; after obtaining the control command, the vehicle passes the controller local area network (Controller) The Area Network (CAN) bus sends control messages and controls the vehicle, and feeds the operation results back to the user's mobile APP. This can help the user to remotely start the vehicle, open and/or lock the door, turn on the air conditioner, adjust the seat to the proper position, and so on.
图1为在一些情况下的车载数据传输系统的架构示意图。如图所示,车载T-BOX通过一根USB线与车上的IHU连接,在IHU内部枚 举一个网卡名称为T-BOX,车上的IHU具有无线保真(Wireless Fidelity,Wi-Fi)热点,用户经由Wi-Fi,使用网卡T-BOX作为广域网(Wide Area Network,WAN)口来上网。IHU内部的控制车辆的应用也使用网卡T-BOX与CSP服务器交互。在车载T-BOX内部有两条数据通路:一条是T-BOX与CSP服务之间的用于接收和/或发送控制命令的控制通路,即私有分组数据网(Packet Data Network,PDN)通路;另一条是用于经由IHU的Wi-Fi连接的用户的上网数据通路,即公有PDN通路。T-BOX根据数据报文的目的地址,决定将数据报文发送到私有通路还是公有通路。FIG. 1 is a schematic diagram of the architecture of an in-vehicle data transmission system in some cases. As shown in the figure, the car T-BOX is connected to the IHU on the car via a USB cable, and a network card name is T-BOX inside the IHU. The IHU on the car has Wireless Fidelity (Wi-Fi). Hotspots, users use the network card T-BOX as a Wide Area Network (WAN) port to access the Internet via Wi-Fi. The application of the control vehicle inside the IHU also uses the network card T-BOX to interact with the CSP server. There are two data paths inside the vehicle T-BOX: one is a control path between the T-BOX and the CSP service for receiving and/or transmitting control commands, that is, a private packet data network (PDN) path; The other is the Internet data path for users connected via Wi-Fi via IHU, the public PDN path. Based on the destination address of the data packet, the T-BOX decides whether to send the data packet to the private channel or the public channel.
在一些情况下,在T-BOX内部实现公有通路和私有通路的软隔离,但是在IHU内部,由于Wi-Fi热点和IHU内部应用公用一个WAN网卡T-BOX,IHU内部应用可以监听网卡T-BOX的IP地址,因此,Wi-Fi热点的用户通过访问网卡T-BOX的IP地址就可以访问IHU内部应用(其用于控制车辆),从而可以不经过CSP服务器就能够控制车辆。这存在安全风险。In some cases, the soft isolation of the public and private channels is implemented inside the T-BOX, but within the IHU, since the Wi-Fi hotspot and the IHU internal application share a WAN card T-BOX, the IHU internal application can listen to the network card T- The IP address of the BOX, therefore, the user of the Wi-Fi hotspot can access the IHU internal application (which is used to control the vehicle) by accessing the IP address of the network card T-BOX, so that the vehicle can be controlled without going through the CSP server. This is a security risk.
对此,本公开实施例提出一种传输方法,其中,将一根USB线路通过软件方式建立两条虚拟通路,从而一根USB线上可以存在两条通路并且两条通路之间被软隔离。In this regard, embodiments of the present disclosure propose a transmission method in which two USB lines are established by software in two virtual paths, so that two paths can exist on one USB line and the two paths are softly isolated.
图2为根据本公开实施例的车载T-BOX侧的车载数据传输方法的流程图。如图2所示,所述方法包括以下步骤11-14。2 is a flowchart of an in-vehicle data transmission method on an in-vehicle T-BOX side according to an embodiment of the present disclosure. As shown in Figure 2, the method includes the following steps 11-14.
在步骤11,在一根物理USB线上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡。In step 11, two virtual data paths are established on one physical USB line, and the first virtual network card and the second virtual network card are respectively enumerated.
在步骤12,将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中。In step 12, the first virtual network card is set in the first local area network, and the second virtual network card is set in the second local area network.
在步骤13,配置策略路由,以将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网。At step 13, policy routing is configured to route data coming in from the first virtual network card to the first packet data network, and data coming in from the second virtual network card is routed to the second packet data network.
在步骤14,接收到数据后根据所述策略路由进行数据传输。At step 14, data is transmitted according to the policy route after receiving the data.
图3为根据本公开实施例的IHU侧的车载数据传输方法的流程图。如图3所示,所述方法包括以下步骤21-23。FIG. 3 is a flowchart of an in-vehicle data transmission method on the IHU side according to an embodiment of the present disclosure. As shown in FIG. 3, the method includes the following steps 21-23.
在步骤21,检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡。In step 21, when it is detected that the in-vehicle telematics processor T-BOX is inserted, the first virtual network card and the second virtual network card are enumerated.
在步骤22,对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置。In step 22, parameter configuration is performed on the first virtual network card and the second virtual network card.
在步骤23,进行配置,以将所述第一虚拟网卡的数据发送给第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据发送给第二分组数据网。In step 23, configuration is performed to transmit data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and configure the second virtual network card The data is sent to the second packet data network.
根据本公开实施例的方法,两条虚拟通路建立后,在T-BOX内部的例如usb0网卡(如图1所示)会枚举变成usb0.1和usb0.2两个网卡,并且在IHU内部将WAN网口tbox映射成tbox1和tbox2两个WAN口。如图4所示,Wi-Fi用户的上网数据通过一条WAN口是tbox1的虚拟USB通路,而IHU内部应用与CSP服务器交互的数据通过另一条WAN口是tbox2的虚拟USB通路。由此,Wi-Fi用户用于访问tbox1网卡上的IP的数据就不会到达IHU内部应用。According to the method of the embodiment of the present disclosure, after the two virtual paths are established, for example, the usb0 network card (shown in FIG. 1) inside the T-BOX is enumerated into two network cards usb0.1 and usb0.2, and in the IHU. Internally, the WAN network port tbox is mapped to two WAN ports, tbox1 and tbox2. As shown in FIG. 4, the Wi-Fi user's Internet data passes through a WAN port, which is the virtual USB path of the tbox1, and the data that the IHU internal application interacts with the CSP server passes through another WAN port, which is the virtual USB path of the tbox2. As a result, the data that Wi-Fi users use to access the IP on the tbox1 NIC will not reach the IHU internal application.
与tbox1和tbox2网卡对应的T-BOX内部的网卡usb0.1和usb0.2不能在同一局域网内,因为如果这样,Wi-Fi用户同样可以访问tbox2网卡上的IP,从而访问IHU内部应用。因此,可以在T-BOX内部建立两个网桥bridge0和bridge1,并给两个网桥bridge0和bridge1分别配置不同的网关IP,以建立两个局域网,其中,usb0.1挂在网桥bridge0中,usb0.2挂在网桥bridge1中。由此,能够实现公有通路和私有通路全部分离开,提高T-BOX产品安全性能。The NICs usb0.1 and usb0.2 inside the T-BOX corresponding to the tbox1 and tbox2 NICs cannot be in the same LAN, because if so, Wi-Fi users can also access the IP of the tbox2 NIC to access the IHU internal application. Therefore, two bridges bridge0 and bridge1 can be established inside the T-BOX, and two gateways bridge0 and bridge1 are respectively configured with different gateway IPs to establish two local area networks, wherein usb0.1 is hung in the bridge bridge0. , usb0.2 is hung in bridge bridge1. Thereby, the public path and the private path can be completely separated, and the safety performance of the T-BOX product can be improved.
在一个实施例中,上述步骤11可以包括以下步骤:对所述两条虚拟数据通路配置多网卡字符设备驱动的端口组合信息,所述多网卡字符设备驱动的端口组合信息包括关于所述第一虚拟网卡和所述第二虚拟网卡的信息;以及注册所述多网卡字符设备,根据所述多网卡字符设备的注册信息和所述端口组合信息进行资源绑定,枚举出所述第一虚拟网卡和所述第二虚拟网卡,其中,所述第一虚拟网卡和第二虚拟网卡分别与所述两条虚拟数据通路相对应。In an embodiment, the foregoing step 11 may include the following steps: configuring, by the two virtual data paths, port combination information driven by a plurality of network card character devices, where the port combination information driven by the plurality of network card character devices includes Information of the virtual network card and the second virtual network card; and registering the multi-NIC character device, performing resource binding according to the registration information of the multi-NIC character device and the port combination information, and enumerating the first virtual The network card and the second virtual network card, wherein the first virtual network card and the second virtual network card respectively correspond to the two virtual data paths.
在一个实施例中,上述步骤12可以包括以下步骤:建立第一网桥和第二网桥;为所述第一网桥配置第一网关IP地址,为所述第二 网桥配置第二网关IP地址,所述第一网关IP地址和所述第二网关IP地址分别为与所述第一局域网和所述第二局域网相对应的网关IP地址;以及将所述第一虚拟网卡挂在所述第一网桥下,将所述第二虚拟网卡挂在所述第二网桥下。In an embodiment, the foregoing step 12 may include the steps of: establishing a first bridge and a second bridge; configuring a first gateway IP address for the first bridge, and configuring a second gateway for the second bridge The IP address, the first gateway IP address and the second gateway IP address are respectively gateway IP addresses corresponding to the first local area network and the second local area network; and the first virtual network card is hung in the office Under the first bridge, the second virtual network card is hung under the second bridge.
在一个实施例中,在上述步骤12之后可以包括以下步骤:为所述第一局域网分配第一地址池,监听所述第一网桥,从所述第一地址池中取一IP地址分配给所述第一虚拟网卡;以及为所述第二局域网分配第二地址池,监听所述第二网桥,从所述第二地址池中取一IP地址分配给所述第二虚拟网卡,所述第一地址池与所述第二地址池不相同。In an embodiment, after the step 12, the method may include the following steps: allocating a first address pool to the first local area network, listening to the first bridge, and assigning an IP address from the first address pool to And the second virtual network card is allocated to the second local area network, and the second network bridge is monitored, and an IP address is allocated from the second address pool to the second virtual network card. The first address pool is different from the second address pool.
在一个实施例中,上述步骤14可以包括以下步骤:接收到数据后,根据所述数据进来的虚拟网卡对所述数据打上对应的标签;以及根据所述策略路由和所述标签对所述数据进行路由。In an embodiment, the foregoing step 14 may include the following steps: after receiving the data, the virtual network card according to the data applies a corresponding label to the data; and the data is routed according to the policy and the label. Route.
在一个实施例中,上述步骤22可以包括以下步骤:检测到所述第一虚拟网卡和所述第二虚拟网卡的网口状态是开启状态后,分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX申请IP地址,将申请到的IP地址分别配置到所述第一虚拟网卡和所述第二虚拟网卡。在一个实施例中,所述分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX申请IP地址的步骤包括以下步骤:分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX发送动态主机设置协议DHCP发现消息来向所述车载T-BOX申请IP地址。In an embodiment, the step 22 may include the following steps: after detecting that the network port status of the first virtual network card and the second virtual network card is in an open state, respectively, by using the first virtual network card and the first The second virtual network card applies for an IP address to the in-vehicle T-BOX, and configures the applied IP address to the first virtual network card and the second virtual network card respectively. In an embodiment, the step of applying for an IP address to the in-vehicle T-BOX by using the first virtual network card and the second virtual network card respectively includes the following steps: respectively adopting the first virtual network card and the The second virtual network card sends a dynamic host setup protocol DHCP discovery message to the in-vehicle T-BOX to apply for an IP address to the in-vehicle T-BOX.
图5为根据本公开实施例的车载T-BOX的示意图。如图5所示,本公开实施例的车载T-BOX包括:枚举模块501、设置模块502、配置模块503和路由模块504。FIG. 5 is a schematic diagram of an in-vehicle T-BOX according to an embodiment of the present disclosure. As shown in FIG. 5, the in-vehicle T-BOX of the embodiment of the present disclosure includes an enumeration module 501, a setting module 502, a configuration module 503, and a routing module 504.
所述枚举模块501设置为在一根物理USB线上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡。The enumeration module 501 is configured to establish two virtual data paths on one physical USB line, and enumerate the first virtual network card and the second virtual network card respectively.
所述设置模块502设置为将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中。The setting module 502 is configured to set the first virtual network card in a first local area network, and set the second virtual network card in a second local area network.
所述配置模块503设置为进行配置以将从所述第一虚拟网卡进 来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网的策略路由。The configuration module 503 is configured to be configured to route data coming in from the first virtual network card to a first packet data network, and route data from the second virtual network card to a policy route of a second packet data network .
所述路由模块504设置为接收到数据后根据所述策略路由进行数据传输。The routing module 504 is configured to perform data transmission according to the policy route after receiving data.
在一实施例中,枚举模块501设置为通过以下操作来在一根物理USB线上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡:对所述两条虚拟数据通路配置多网卡字符设备驱动的端口组合信息,所述多网卡字符设备驱动的端口组合信息包括关于所述第一虚拟网卡和所述第二虚拟网卡的信息;以及注册所述多网卡字符设备,根据所述多网卡字符设备的注册信息和所述端口组合信息进行资源绑定,枚举出所述第一虚拟网卡和所述第二虚拟网卡,其中,所述第一虚拟网卡和第二虚拟网卡分别与所述两条虚拟数据通路相对应。In an embodiment, the enumeration module 501 is configured to establish two virtual data paths on one physical USB line by enumerating the first virtual network card and the second virtual network card respectively: The data path configures port combination information driven by the multi-NIC character device, the port combination information driven by the multi-NIC character device includes information about the first virtual network card and the second virtual network card; and registering the multi-network card character device And performing resource binding according to the registration information of the multi-NIC character device and the port combination information, and enumerating the first virtual network card and the second virtual network card, where the first virtual network card and the second The virtual network cards respectively correspond to the two virtual data paths.
在一实施例中,所述设置模块502设置为通过以下操作来将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中:建立第一网桥和第二网桥;为所述第一网桥配置第一网关IP地址,为所述第二网桥配置第二网关IP地址,所述第一网关IP地址和所述第二网关IP地址分别为与所述第一局域网和所述第二局域网相对应的网关IP地址;以及将所述第一虚拟网卡挂在所述第一网桥下,将所述第二虚拟网卡挂在所述第二网桥下。In an embodiment, the setting module 502 is configured to: set the first virtual network card in a first local area network, and set the second virtual network card in a second local area network by: establishing a first bridge And a second bridge; configuring a first gateway IP address for the first bridge, and configuring a second gateway IP address for the second bridge, where the first gateway IP address and the second gateway IP address are respectively a gateway IP address corresponding to the first local area network and the second local area network; and hanging the first virtual network card under the first bridge, and hanging the second virtual network card in the first Under the second bridge.
在一实施例中,所述设置模块502还设置为进行以下操作:为所述第一局域网分配第一地址池,监听所述第一网桥,从所述第一地址池中取一IP地址分配给所述第一虚拟网卡;以及为所述第二局域网分配第二地址池,监听所述第二网桥,从所述第二地址池中取一IP地址分配给所述第二虚拟网卡,所述第一地址池与所述第二地址池不相同。In an embodiment, the setting module 502 is further configured to: allocate a first address pool to the first local area network, listen to the first bridge, and take an IP address from the first address pool. Allocating to the first virtual network card; and allocating a second address pool to the second local area network, listening to the second bridge, and assigning an IP address from the second address pool to the second virtual network card The first address pool is different from the second address pool.
在一实施例中,所述路由模块504设置为通过以下操作来在接收到数据后根据所述策略路由进行路由:接收到数据后,根据所述数据进来的虚拟网卡打上对应的标签;以及根据所述策略路由和所述标签对所述数据进行路由。In an embodiment, the routing module 504 is configured to perform routing according to the policy route after receiving data: after receiving the data, the virtual network card according to the data is marked with a corresponding label; The policy route and the tag route the data.
本公开实施例还提供一种车载T-BOX,包括:存储器、处理器及 存储在存储器上并可在处理器上运行的计算机程序,其中,所述处理器执行所述程序时实现以下步骤:在一根物理USB线上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡;将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中;进行配置以将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网的策略路由;以及接收到数据后根据所述策略路由进行数据传输。An embodiment of the present disclosure further provides an in-vehicle T-BOX, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the following steps: Establishing two virtual data paths on one physical USB line, respectively enumerating the first virtual network card and the second virtual network card; setting the first virtual network card in the first local area network, and setting the second virtual network card In the second local area network; configuring to route data coming in from the first virtual network card to the first packet data network, and routing data coming in from the second virtual network card to a policy route of the second packet data network; And receiving data according to the policy route for data transmission.
图6为根据本公开实施例的车载数据传输装置的示意图。如图6所示,本公开实施例的装置包括:枚举模块601、配置模块602和路由模块603。FIG. 6 is a schematic diagram of an in-vehicle data transmission device according to an embodiment of the present disclosure. As shown in FIG. 6, the apparatus of the embodiment of the present disclosure includes: an enumeration module 601, a configuration module 602, and a routing module 603.
所述枚举模块601设置为检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡。The enumeration module 601 is configured to enumerate the first virtual network card and the second virtual network card when detecting the insertion of the in-vehicle telematics processor T-BOX.
所述配置模块602设置为对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置。The configuration module 602 is configured to perform parameter configuration on the first virtual network card and the second virtual network card.
所述路由模块603设置为进行路由配置,以将所述第一虚拟网卡的数据路由到第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据路由到第二分组数据网。The routing module 603 is configured to perform routing configuration to route data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and The data of the second virtual network card is routed to the second packet data network.
在一实施例中,所述参数包括以下各项中的至少一项:所述第一虚拟网卡和所述第二虚拟网卡的网口的最大传输单元、IP地址、处于关闭状态还是开启状态、名称。在一实施例中,所述第一虚拟网卡和第二虚拟网卡分别与所述车载T-BOX中的两个虚拟网卡相对应。在一些实施例中,术语“网口”可以与“网卡”互换使用,在另一些实施例中,术语“网口”可以指的是网络端口、网络路径的一端。In an embodiment, the parameter includes at least one of the following: a maximum transmission unit, an IP address, a closed state, or an open state of the network ports of the first virtual network card and the second virtual network card, name. In an embodiment, the first virtual network card and the second virtual network card respectively correspond to two virtual network cards in the in-vehicle T-BOX. In some embodiments, the term "network port" may be used interchangeably with "network card". In other embodiments, the term "network port" may refer to a network port, one end of a network path.
在一实施例中,所述配置模块602设置为根据以下操作来对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置:检测到所述第一虚拟网卡和所述第二虚拟网卡的网口状态是开启状态后,分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX申请IP地址,将申请到的IP地址分别配置到所述第一虚拟网卡和所述第二虚拟网卡。In an embodiment, the configuration module 602 is configured to perform parameter configuration on the first virtual network card and the second virtual network card according to the following operations: detecting the first virtual network card and the second virtual network card After the network port state is the open state, the first virtual network card and the second virtual network card respectively apply for an IP address to the in-vehicle T-BOX, and the applied IP addresses are respectively configured to the first virtual network card. And the second virtual network card.
本公开实施例还提供一种车载数据传输装置,包括:存储器、 处理器及存储在存储器上并可在处理器上运行的计算机程序,其中,所述处理器执行所述程序时实现以下步骤:检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡;对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置;以及进行配置,以将所述第一虚拟网卡的数据发送给第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据发送给第二分组数据网。An embodiment of the present disclosure further provides an in-vehicle data transmission apparatus, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the following steps: When detecting the insertion of the in-vehicle telematics processor T-BOX, enumerating the first virtual network card and the second virtual network card; performing parameter configuration on the first virtual network card and the second virtual network card; and configuring to The data of the first virtual network card is sent to the first packet data network, the application for controlling the vehicle is bound to the second virtual network card, and the data of the second virtual network card is sent to the second packet data network.
本公开实施例还提供一种IHU,其包括上述的车载数据传输装置。Embodiments of the present disclosure also provide an IHU that includes the above-described in-vehicle data transmission device.
在又一实施例中,还提供一种车载数据传输系统,其中,IHU侧的功能模块可以包括:动态主机设置协议(Dynamic Host Configuration Protocol,DHCP)客户端模块、路由(Router)模块、网卡驱动模块;T-BOX侧的功能模块可以包括:DHCP服务器模块、路由模块、虚拟USB(Virtual USB,VUSB)模块。网卡驱动模块和DHCP客户端模块的组合相当于上文的枚举模块601和配置模块602的组合。VUSB模块和DHCP服务器模块的组合相当于上文的枚举模块501、设置模块502和配置模块503的组合。In another embodiment, an onboard data transmission system is further provided, wherein the functional module on the IHU side may include: a Dynamic Host Configuration Protocol (DHCP) client module, a router module, and a network card driver. The module of the T-BOX side may include: a DHCP server module, a routing module, and a virtual USB (Virtual USB, VUSB) module. The combination of the NIC driver module and the DHCP client module is equivalent to the combination of the enumeration module 601 and the configuration module 602 above. The combination of the VUSB module and the DHCP server module is equivalent to the combination of the enumeration module 501, the setting module 502, and the configuration module 503 above.
在所述车载数据传输系统中,T-BOX与IHU之间的USB线只是一根物理通路,不需要度其进行改变;在所述一根USB线上建立两条虚拟通路,通过路由模块将不同的数据路由到相应的通路内。In the in-vehicle data transmission system, the USB cable between the T-BOX and the IHU is only a physical path, and there is no need to change it; two virtual paths are established on the one USB line, and the routing module will Different data is routed into the corresponding path.
在所述IHU设备内,所述网卡驱动模块对T-BOX内部VUSB模块建立两条虚拟通路映射的网卡tbox1和tbox2参数进行配置,所述参数例如网卡的网口的最大传输单元(Maximum Transmission Unit,MTU)、IP地址、Down(关闭)和/或UP(开启)状态、名称等;所述DHCP客户端模块在检测到tbox1和tbox2网卡状态是UP后,分别通过tbox1和tbox2网卡发送DHCP Discovery(发现)消息,从T-BOX内部申请IP地址,然后,把申请到的IP地址IP1和IP2分别配置到tbox1和tbox2上;所述路由模块执行路由功能,配置一条从tbox1到公有PDN的通路,而将IHU内部的与CSP交互的应用绑定到tbox2网卡,以从私网通路进行发送。In the IHU device, the network card driving module configures two virtual path mapping network card tbox1 and tbox2 parameters for the internal VUSB module of the T-BOX, such as a maximum transmission unit of the network port of the network card (Maximum Transmission Unit) , MTU), IP address, Down, and/or UP status, name, etc.; after detecting that the tbox1 and tbox2 NIC status is UP, the DHCP client module sends DHCP Discovery through the tbox1 and tbox2 NICs respectively. (Discover) the message, request the IP address from the T-BOX, and then configure the applied IP addresses IP1 and IP2 to tbox1 and tbox2 respectively; the routing module performs the routing function and configures a path from tbox1 to the public PDN. The application that interacts with the CSP inside the IHU is bound to the tbox2 NIC to be sent from the private network path.
在所述T-BOX设备内,所述VUSB模块在一根USB线内枚举出两 张虚拟网卡usb0.1和usb0.2,从而建立两条虚拟数据链路;所述DHCP服务器模块在T-BOX内部开启两个DHCP服务器功能,分别配置地址池和网关,使得两个网关在不同的局域网(网桥bridge0和bridge1分别在所述不同的局域网内)内,并且两个DHCP服务器分别监听网桥bridge0和bridge1,给bridge0和bridge1上的设备分别配置不同局域网的IP地址;所述路由模块主要负责执行路由功能,将从usb0.1进来的数据路由到公网PDN通路,从usb0.2进来的数据路由到私网PDN通路,该路由模块需要用到策略路由功能,通过iptables分别对经由usb0.1和usb0.2进来的数据打上不同的标签,路由模块再对具有不同标签的数据分别发送到公网PDN通路或私网PDN通路。In the T-BOX device, the VUSB module enumerates two virtual network cards usb0.1 and usb0.2 in one USB cable to establish two virtual data links; the DHCP server module is in T - BOX internally opens two DHCP server functions, respectively configuring the address pool and the gateway, so that the two gateways are in different local area networks (bridges bridge0 and bridge1 are respectively in the different local area networks), and the two DHCP servers respectively monitor the network. Bridges bridge0 and bridge1, respectively, configure the IP addresses of different LANs for the devices on bridge0 and bridge1; the routing module is mainly responsible for performing routing functions, routing data coming in from usb0.1 to the public network PDN path, coming in from usb0.2 The data is routed to the private network PDN path. The routing module needs to use the policy routing function, and the data sent via usb0.1 and usb0.2 are respectively tagged by iptables, and the routing module separately sends the data with different labels. Go to the public network PDN path or the private network PDN path.
在本公开实施例中,车载T-BOX侧在VUSB模块处实现两条虚拟通路的创建,从Wi-Fi用户到网络(internet)的通路以及从IHU内部应用到CSP服务器的通路是两条没有交点的互不干扰的通路,这保证了用于通过CSP服务器来控制车辆的数据的安全,防止IHU的Wi-Fi热点遭到破解后,通过Wi-Fi来控制车辆。In the embodiment of the present disclosure, the on-board T-BOX side implements the creation of two virtual paths at the VUSB module, and the path from the Wi-Fi user to the network (internet) and the path from the IHU internal application to the CSP server are two. The non-interfering paths of the intersections ensure the security of the data used to control the vehicle through the CSP server, and prevent the IHU's Wi-Fi hotspot from being cracked, and then control the vehicle through Wi-Fi.
在VUSB模块中,对多网卡字符设备的配置主要在内核层进行,建立两个虚拟通路的详细过程如图7所示,包括以下步骤101-108。In the VUSB module, the configuration of the multi-NIC character device is mainly performed at the kernel layer. The detailed process of establishing two virtual paths is as shown in FIG. 7, and includes the following steps 101-108.
在步骤101,在内核驱动中配置多网卡字符设备驱动的端口组合信息,内核驱动启动时根据此端口组合信息进行解析,若发现该端口组合信息是多网卡字符设备驱动,则判断内核中是否有向自己注册该多网卡字符设备的信息。In step 101, the port combination information of the multi-NIC character device driver is configured in the kernel driver, and the kernel driver starts to parse according to the port combination information. If the port combination information is found to be a multi-NIC character device driver, it is determined whether there is any in the kernel. Register the information of the multi-NIC character device with yourself.
多网卡字符设备驱动的端口组合信息可以包括:网卡名称(例如,usb0.1和usb0.2)、网卡类型。The port combination information driven by the multi-NIC character device may include: a network card name (for example, usb0.1 and usb0.2), and a network card type.
在步骤102,注册多网卡字符设备。At step 102, a multi-NIC character device is registered.
在内核驱动层中添加该多网卡字符设备的注册。在一个示例中,只需要按照内核的其它字符设备的注册方式注册就可以完成添加。Add the registration of the multi-NIC character device in the kernel driver layer. In one example, the addition can only be done by registering with the other character devices of the kernel.
在步骤103,内核驱动检测到有该多网卡字符设备的注册信息时,进行资源绑定操作,将该字符设备的一些数据通路和控制通路的信息进行填充和上报给主机。In step 103, when the kernel driver detects the registration information of the multi-NIC character device, the resource binding operation is performed, and the information of the data path and the control path of the character device is filled and reported to the host.
在步骤104,当资源绑定好之后,字符设备驱动根据多网卡字符 设备驱动端口组合信息来设置一些操作函数,以例如读写和开启该字符设备的通路等。In step 104, after the resources are bound, the character device driver sets some operation functions according to the multi-NIC character device driver port combination information, such as reading and writing and opening the path of the character device.
当这些信息配置完成后,需要自定义该字符设备在应用层需要调用的字符名称。一旦字符名称确定后,网络层和物理层均可以配置该网卡驱动。When this information is configured, you need to customize the character name that the character device needs to call at the application layer. Once the character name is determined, both the network layer and the physical layer can configure the NIC driver.
虚拟通路建立成功后,在T-BOX内部就会出现usb0.1和usb0.2两个网卡,然后需要将这两个网卡加入不同的局域网中。After the virtual path is established successfully, two NICs usb0.1 and usb0.2 will appear inside the T-BOX, and then the two NICs need to be added to different LANs.
在步骤105,在T-BOX内部通过命令‘brctl addbr bridge0’、‘brctl addbr bridge1’建立两个网桥bridge0和bridge1,并通过ifconfig(linux中用于显示或配置网络设备(网络接口卡)的命令)分别给两个网桥配置不同的网关IP地址。In step 105, two bridges bridge0 and bridge1 are established in the T-BOX by the command 'brctl addbr bridge0', 'brctl addbr bridge1', and through ifconfig (used in linux for displaying or configuring network devices (network interface cards) Command) Configure different gateway IP addresses for the two bridges.
在步骤106,通过brctl addif命令,分别将usb0.1和usb0.2网卡挂在bridge0和bridge网桥下,这样usb0.1和usb0.2映射出来的tbox1和tbox2就在不同的局域网内部。In step 106, the brctl addif command is used to hang the usb0.1 and usb0.2 NICs under bridge0 and bridge bridges respectively, so that tbox1 and tbox2 mapped by usb0.1 and usb0.2 are inside different LANs.
在步骤107,同时启动两个DHCP服务器进程,分别配置不同的地址池,分别监听bridge0和bridge1,给tbox1和tbox2网卡分配IP地址。In step 107, two DHCP server processes are started at the same time, and different address pools are respectively configured to monitor bridge0 and bridge1 respectively, and assign IP addresses to the tbox1 and tbox2 network cards.
在步骤108,配置策略路由,添加iptables规则,使从usb0.1网卡进来的数据打上标签1,从usb0.2网卡进来的数据打上标签2。添加策略路由,使得具有标签1的数据从公有PDN发送到网络,具有标签2的数据从私有PDN发送到网路。In step 108, the policy routing is configured, the iptables rule is added, the data coming in from the usb0.1 network card is tagged 1, and the data coming in from the usb0.2 network card is tagged 2. Policy routing is added such that data with tag 1 is sent from the public PDN to the network, and data with tag 2 is sent from the private PDN to the network.
上述步骤完成后,T-BOX内部已建立两条完全隔离的通路。After the above steps are completed, two completely isolated paths have been established inside the T-BOX.
下面简单介绍IHU内部实现流程。如图8所示,所述流程包括以下步骤201-203。The following is a brief introduction to the internal implementation process of IHU. As shown in FIG. 8, the flow includes the following steps 201-203.
在步骤201,网卡驱动在检测到T-BOX插入IHU时,自动枚举出tbox1和tbox2网卡,网卡驱动通知上层应用USB线已插入。In step 201, the network card driver automatically enumerates the tbox1 and tbox2 network cards when detecting that the T-BOX is inserted into the IHU, and the network card driver notifies the upper application that the USB cable is inserted.
在步骤202,上层应用收到USB线插入事件后,分别启动两个DHCP客户端进程,从tbox1和tbox2网卡上启动DHCP流程,获取IP地址,并把IP地址分别配置到网卡tbox1和tbox2上。In step 202, after receiving the USB cable insertion event, the upper application starts two DHCP client processes respectively, starts a DHCP process from the tbox1 and tbox2 network cards, obtains an IP address, and configures the IP addresses to the network cards tbox1 and tbox2, respectively.
在步骤203,默认路由配置,将默认路由配置为从tbox1WANIn step 203, the default route is configured to configure the default route from tbox1WAN.
网卡出去并经由到公网PDN通路进行发送,IHU内部应用(其例如用于控制车辆)绑定在tbox2网卡上,并通过到私网PDN的通路进行发送。The NIC goes out and sends via the public network PDN path. The IHU internal application (for example, for controlling the vehicle) is bound to the tbox2 NIC and sent through the path to the private network PDN.
本公开实施例还提供了一种计算机可读存储介质,其存储有计算机可执行指令,所述计算机可执行指令被执行时实现所述车载数据传输方法。Embodiments of the present disclosure also provide a computer readable storage medium storing computer executable instructions that, when executed, implement the onboard data transmission method.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件完成,所述程序可以存储于计算机可读存储介质中,如只读存储器、磁盘或光盘等。上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现。相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。本公开不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art will appreciate that all or a portion of the steps described above can be accomplished by a program that instructs the associated hardware, such as a read-only memory, a magnetic or optical disk, and the like. All or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the foregoing embodiment may be implemented in the form of hardware or in the form of a software function module. The present disclosure is not limited to any specific form of combination of hardware and software.
以上仅为本公开的示例性实施例,并且,本公开还可有其他多种实施例。在不背离本公开的实质的情况下,熟悉本领域的技术人员可根据本公开做出各种相应的改变和变形,这些相应的改变和变形都应落入本公开所附的权利要求书的保护范围。The above are merely exemplary embodiments of the present disclosure, and the present disclosure may have other various embodiments. A person skilled in the art can make various corresponding changes and modifications in accordance with the present disclosure without departing from the spirit of the disclosure, and the corresponding changes and modifications should fall within the scope of the appended claims. protected range.

Claims (20)

  1. 一种车载数据传输方法,包括以下步骤:An in-vehicle data transmission method includes the following steps:
    在一根物理通用串行总线USB上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡;Establishing two virtual data paths on a physical universal serial bus USB, respectively enumerating the first virtual network card and the second virtual network card;
    将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中;Setting the first virtual network card in the first local area network, and setting the second virtual network card in the second local area network;
    配置策略路由,以将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网;以及Configuring policy routing to route data coming in from the first virtual network card to a first packet data network, routing data coming in from the second virtual network card to a second packet data network;
    接收到数据后根据所述策略路由进行数据传输。After receiving the data, the data is transmitted according to the policy route.
  2. 如权利要求1所述的方法,其中,所述在一根物理USB上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡的步骤包括以下步骤:The method of claim 1, wherein the step of establishing two virtual data paths on one physical USB and enumerating the first virtual network card and the second virtual network card respectively comprises the following steps:
    对所述两条虚拟数据通路配置多网卡字符设备驱动的端口组合信息,所述多网卡字符设备驱动的端口组合信息包括关于所述第一虚拟网卡和所述第二虚拟网卡的信息;以及Port combination information driven by the plurality of network card character devices is configured on the two virtual data paths, and the port combination information driven by the multi-NIC character device includes information about the first virtual network card and the second virtual network card;
    注册所述多网卡字符设备,根据所述多网卡字符设备的注册信息和所述端口组合信息进行资源绑定,枚举出所述第一虚拟网卡和所述第二虚拟网卡,Registering the multi-NIC character device, performing resource binding according to the registration information of the multi-NIC character device and the port combination information, and enumerating the first virtual network card and the second virtual network card,
    其中,所述第一虚拟网卡和第二虚拟网卡分别与所述两条虚拟数据通路相对应。The first virtual network card and the second virtual network card respectively correspond to the two virtual data paths.
  3. 如权利要求1所述的方法,其中,所述将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中的步骤包括以下步骤:The method of claim 1, wherein the step of setting the first virtual network card in a first local area network and the second virtual network card in a second local area network comprises the steps of:
    建立第一网桥和第二网桥;Establishing a first bridge and a second bridge;
    为所述第一网桥配置第一网关IP地址,为所述第二网桥配置第二网关IP地址,所述第一网关IP地址和所述第二网关IP地址分别 为与所述第一局域网和所述第二局域网相对应的网关IP地址;以及Configuring a first gateway IP address for the first bridge, and configuring a second gateway IP address for the second bridge, where the first gateway IP address and the second gateway IP address are respectively the first a gateway IP address corresponding to the local area network and the second local area network;
    将所述第一虚拟网卡挂在所述第一网桥下,将所述第二虚拟网卡挂在所述第二网桥下。Hanging the first virtual network card under the first bridge and hanging the second virtual network card under the second bridge.
  4. 如权利要求3所述的方法,其中,在将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中的步骤后,还包括以下步骤:The method of claim 3, wherein after the step of setting the first virtual network card in the first local area network and the second virtual network card in the second local area network, the method further comprises the following steps:
    为所述第一局域网分配第一地址池,监听所述第一网桥,从所述第一地址池中取一IP地址分配给所述第一虚拟网卡;以及Allocating a first address pool to the first local area network, listening to the first bridge, and assigning an IP address from the first address pool to the first virtual network card;
    为所述第二局域网分配第二地址池,监听所述第二网桥,从所述第二地址池中取一IP地址分配给所述第二虚拟网卡,所述第一地址池与所述第二地址池不相同。Allocating a second address pool to the second local area network, listening to the second network bridge, and assigning an IP address from the second address pool to the second virtual network card, where the first address pool is The second address pool is different.
  5. 如权利要求1-4中任一项所述的方法,其中,所述接收到数据后根据所述策略路由进行路由的步骤包括以下步骤:The method according to any one of claims 1 to 4, wherein the step of routing according to the policy route after receiving the data comprises the following steps:
    接收到数据后,根据所述数据进来的虚拟网卡对所述数据打上对应的标签;以及After receiving the data, the virtual network card that comes in according to the data marks the data with a corresponding label;
    根据所述策略路由和所述标签对所述数据进行路由。The data is routed according to the policy route and the tag.
  6. 一种车载远程信息处理器T-BOX,包括:A vehicle telematics processor T-BOX, comprising:
    枚举模块,其设置为在一根物理通用串行总线USB上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡;An enumeration module configured to establish two virtual data paths on a physical universal serial bus USB, and enumerate the first virtual network card and the second virtual network card respectively;
    设置模块,其设置为将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中;a setting module, configured to set the first virtual network card in a first local area network, and set the second virtual network card in a second local area network;
    配置模块,其设置为进行配置以将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网的策略路由;以及a configuration module configured to be configured to route data coming in from the first virtual network card to a first packet data network, and to route data coming in from the second virtual network card to a policy route of a second packet data network; as well as
    路由模块,其设置为接收到数据后根据所述策略路由进行数据传输。The routing module is configured to perform data transmission according to the policy route after receiving the data.
  7. 如权利要求6所述的车载T-BOX,其中,所述枚举模块设置为通过以下步骤来在一根物理USB上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡:The in-vehicle T-BOX according to claim 6, wherein the enumeration module is configured to establish two virtual data paths on one physical USB by the following steps, respectively enumerating the first virtual network card and the second virtual Network card:
    对所述两条虚拟数据通路配置多网卡字符设备驱动的端口组合信息,所述多网卡字符设备驱动的端口组合信息包括关于所述第一虚拟网卡和所述第二虚拟网卡的信息;以及Port combination information driven by the plurality of network card character devices is configured on the two virtual data paths, and the port combination information driven by the multi-NIC character device includes information about the first virtual network card and the second virtual network card;
    注册所述多网卡字符设备,根据所述多网卡字符设备的注册信息和所述端口组合信息进行资源绑定,枚举出所述第一虚拟网卡和所述第二虚拟网卡,Registering the multi-NIC character device, performing resource binding according to the registration information of the multi-NIC character device and the port combination information, and enumerating the first virtual network card and the second virtual network card,
    其中,所述第一虚拟网卡和第二虚拟网卡分别与所述两条虚拟数据通路相对应。The first virtual network card and the second virtual network card respectively correspond to the two virtual data paths.
  8. 如权利要求6所述的车载T-BOX,其中,所述设置模块设置为通过以下步骤来将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中:The in-vehicle T-BOX according to claim 6, wherein the setting module is configured to set the first virtual network card in a first local area network and the second virtual network card in a second local area network by the following steps in:
    建立第一网桥和第二网桥;为所述第一网桥配置第一网关IP地址,为所述第二网桥配置第二网关IP地址,所述第一网关IP地址和所述第二网关IP地址分别为与所述第一局域网和所述第二局域网相对应的网关IP地址;以及Establishing a first bridge and a second bridge; configuring a first gateway IP address for the first bridge, and configuring a second gateway IP address for the second bridge, the first gateway IP address and the first The second gateway IP address is a gateway IP address corresponding to the first local area network and the second local area network, respectively;
    将所述第一虚拟网卡挂在所述第一网桥下,将所述第二虚拟网卡挂在所述第二网桥下。Hanging the first virtual network card under the first bridge and hanging the second virtual network card under the second bridge.
  9. 如权利要求8所述的车载T-BOX,其中,所述设置模块还设置为:The in-vehicle T-BOX of claim 8, wherein the setting module is further configured to:
    为所述第一局域网分配第一地址池,监听所述第一网桥,从所述第一地址池中取一IP地址分配给所述第一虚拟网卡;以及Allocating a first address pool to the first local area network, listening to the first bridge, and assigning an IP address from the first address pool to the first virtual network card;
    为所述第二局域网分配第二地址池,监听所述第二网桥,从所述第二地址池中取一IP地址分配给所述第二虚拟网卡,所述第一地址池与所述第二地址池不相同。Allocating a second address pool to the second local area network, listening to the second network bridge, and assigning an IP address from the second address pool to the second virtual network card, where the first address pool is The second address pool is different.
  10. 如权利要求6-9任一项所述的车载T-BOX,其中,所述路由模块设置为通过以下步骤来在接收到数据后根据所述策略路由进行路由:The in-vehicle T-BOX according to any one of claims 6-9, wherein the routing module is configured to route according to the policy route after receiving data by:
    接收到数据后,根据所述数据进来的虚拟网卡对所述数据打上对应的标签;以及After receiving the data, the virtual network card that comes in according to the data marks the data with a corresponding label;
    根据所述策略路由和所述标签对所述数据进行路由。The data is routed according to the policy route and the tag.
  11. 一种车载远程信息处理器T-BOX,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其中,所述处理器执行所述程序时实现以下步骤:An in-vehicle telematics processor T-BOX includes: a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor performs the following steps when executing the program:
    在一根物理通用串行总线USB上建立两条虚拟数据通路,分别枚举出第一虚拟网卡和第二虚拟网卡;Establishing two virtual data paths on a physical universal serial bus USB, respectively enumerating the first virtual network card and the second virtual network card;
    将所述第一虚拟网卡设置在第一局域网中,将所述第二虚拟网卡设置在第二局域网中;Setting the first virtual network card in the first local area network, and setting the second virtual network card in the second local area network;
    配置策略路由,以将从所述第一虚拟网卡进来的数据路由到第一分组数据网,将从所述第二虚拟网卡进来的数据路由到第二分组数据网;以及Configuring policy routing to route data coming in from the first virtual network card to a first packet data network, routing data coming in from the second virtual network card to a second packet data network;
    接收到数据后根据所述策略路由进行数据传输。After receiving the data, the data is transmitted according to the policy route.
  12. 一种车载数据传输方法,包括以下步骤:An in-vehicle data transmission method includes the following steps:
    检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡;When detecting the insertion of the in-vehicle telematics processor T-BOX, enumerating the first virtual network card and the second virtual network card;
    对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置;以及Parameterizing the first virtual network card and the second virtual network card; and
    进行配置,以将所述第一虚拟网卡的数据发送给第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据发送给第二分组数据网。Configuring to transmit data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and send data of the second virtual network card to the first Two packet data networks.
  13. 如权利要求12所述的方法,其中,所述参数包括以下各项中的至少一项:The method of claim 12, wherein the parameter comprises at least one of the following:
    所述第一虚拟网卡和所述第二虚拟网卡的网口的最大传输单元、 IP地址、处于关闭状态还是开启状态、名称,a maximum transmission unit, an IP address, a closed state, an open state, and a name of the network ports of the first virtual network card and the second virtual network card,
    并且其中,所述第一虚拟网卡和第二虚拟网卡分别与所述车载T-BOX中的两个虚拟网卡相对应。And wherein the first virtual network card and the second virtual network card respectively correspond to two virtual network cards in the in-vehicle T-BOX.
  14. 如权利要求13所述的方法,其中,所述对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置的步骤包括以下步骤:The method of claim 13, wherein the step of parameter configuring the first virtual network card and the second virtual network card comprises the steps of:
    检测到所述第一虚拟网卡和所述第二虚拟网卡的网口状态是开启状态后,分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX申请IP地址,将申请到的IP地址分别配置到所述第一虚拟网卡和所述第二虚拟网卡。After detecting that the network port status of the first virtual network card and the second virtual network card is in an open state, apply for an IP address to the in-vehicle T-BOX through the first virtual network card and the second virtual network card, respectively. The applied IP addresses are respectively configured to the first virtual network card and the second virtual network card.
  15. 如权利要求14所述的方法,其中,所述分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX申请IP地址的步骤包括以下步骤:The method of claim 14, wherein the step of requesting an IP address from the first virtual network card and the second virtual network card to the in-vehicle T-BOX comprises the following steps:
    分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX发送动态主机设置协议DHCP发现消息来向所述车载T-BOX申请IP地址。And sending, by the first virtual network card and the second virtual network card, a dynamic host setting protocol DHCP discovery message to the in-vehicle T-BOX to apply for an IP address to the in-vehicle T-BOX.
  16. 一种车载数据传输装置,包括:An in-vehicle data transmission device comprising:
    枚举模块,其设置为检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡;An enumeration module configured to enumerate the first virtual network card and the second virtual network card when detecting the insertion of the in-vehicle telematics processor T-BOX;
    配置模块,其设置为对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置;以及a configuration module, configured to perform parameter configuration on the first virtual network card and the second virtual network card;
    路由模块,其设置为进行路由配置,以将所述第一虚拟网卡的数据路由到第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据路由到第二分组数据网。a routing module configured to perform routing configuration to route data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and bind the second The data of the virtual network card is routed to the second packet data network.
  17. 如权利要求16所述的装置,其中,所述参数包括以下各项中的至少一项:The apparatus of claim 16 wherein said parameter comprises at least one of the following:
    所述第一虚拟网卡和所述第二虚拟网卡的网口的最大传输单元、 IP地址、处于关闭状态还是开启状态以及名称,a maximum transmission unit, an IP address, a closed state, an open state, and a name of the network ports of the first virtual network card and the second virtual network card,
    并且其中,所述第一虚拟网卡和第二虚拟网卡分别与所述车载T-BOX中的两个虚拟网卡相对应。And wherein the first virtual network card and the second virtual network card respectively correspond to two virtual network cards in the in-vehicle T-BOX.
  18. 如权利要求17所述的装置,其中,所述配置模块设置为通过以下步骤来对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置:The apparatus of claim 17, wherein the configuration module is configured to parameterize the first virtual network card and the second virtual network card by the following steps:
    检测到所述第一虚拟网卡和所述第二虚拟网卡的网口状态是开启状态后,分别通过所述第一虚拟网卡和所述第二虚拟网卡向所述车载T-BOX申请IP地址,将申请到的IP地址分别配置到所述第一虚拟网卡和所述第二虚拟网卡。After detecting that the network port status of the first virtual network card and the second virtual network card is in an open state, apply for an IP address to the in-vehicle T-BOX through the first virtual network card and the second virtual network card, respectively. The applied IP addresses are respectively configured to the first virtual network card and the second virtual network card.
  19. 一种车载数据传输装置,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其中,所述处理器执行所述程序时实现以下步骤:An in-vehicle data transmission apparatus includes: a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor executes the program to implement the following steps:
    检测到插入车载远程信息处理器T-BOX时,枚举出第一虚拟网卡和第二虚拟网卡;When detecting the insertion of the in-vehicle telematics processor T-BOX, enumerating the first virtual network card and the second virtual network card;
    对所述第一虚拟网卡和所述第二虚拟网卡进行参数配置;以及Parameterizing the first virtual network card and the second virtual network card; and
    进行配置,以将所述第一虚拟网卡的数据发送给第一分组数据网,将控制车辆的应用绑定在所述第二虚拟网卡上,并将所述第二虚拟网卡的数据发送给第二分组数据网。Configuring to transmit data of the first virtual network card to the first packet data network, bind an application for controlling the vehicle to the second virtual network card, and send data of the second virtual network card to the first Two packet data networks.
  20. 一种信息娱乐主机IHU,包括如权利要求16-19中任一项所述的装置。An infotainment host IHU comprising the apparatus of any of claims 16-19.
PCT/CN2019/073426 2018-02-13 2019-01-28 Vehicle-mounted data transmission method and device, and vehicle-mounted telematics box WO2019157943A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810150827.9A CN110149614B (en) 2018-02-13 2018-02-13 Vehicle-mounted data transmission method and device and vehicle-mounted TBOX
CN201810150827.9 2018-02-13

Publications (1)

Publication Number Publication Date
WO2019157943A1 true WO2019157943A1 (en) 2019-08-22

Family

ID=67589163

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/073426 WO2019157943A1 (en) 2018-02-13 2019-01-28 Vehicle-mounted data transmission method and device, and vehicle-mounted telematics box

Country Status (2)

Country Link
CN (1) CN110149614B (en)
WO (1) WO2019157943A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111726774A (en) * 2020-06-28 2020-09-29 北京百度网讯科技有限公司 Method, device, equipment and storage medium for defending attack
CN112659845A (en) * 2020-12-17 2021-04-16 武汉格罗夫氢能汽车有限公司 Method for remotely starting hydrogen fuel cell to start air conditioner based on Internet of vehicles
CN113115350A (en) * 2021-03-22 2021-07-13 江铃汽车股份有限公司 Offline detection method for T-BOX
CN114153663A (en) * 2022-02-08 2022-03-08 宁波均联智行科技股份有限公司 USB communication line switching device and vehicle-mounted TBOX
CN115221161A (en) * 2021-11-25 2022-10-21 广州汽车集团股份有限公司 Whole vehicle buried point data acquisition method and T-BOX
WO2023221708A1 (en) * 2022-05-16 2023-11-23 深圳市广和通无线通信软件有限公司 Pdn dialing method, system and apparatus, multi-pdn dialing configuration method, system and apparatus, and device and storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7430795B2 (en) * 2019-12-16 2024-02-13 華為技術有限公司 Emergency call method, device, and system
CN113746878A (en) * 2020-05-28 2021-12-03 广州汽车集团股份有限公司 System and method for vehicle-mounted T-Box and vehicle-mounted equipment to access external network
CN113870603A (en) * 2020-06-30 2021-12-31 宝能汽车集团有限公司 Vehicle navigation map image projection method, system and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104917830A (en) * 2015-05-28 2015-09-16 惠州华阳通用电子有限公司 Mobile communication module sharing system and method in vehicular environment
US20170092126A1 (en) * 2015-09-28 2017-03-30 Renesas Electronics Corporation Data processing device and in-vehicle communication device
CN106571945A (en) * 2015-10-13 2017-04-19 中兴通讯股份有限公司 Control surface and business surface separating method and system, server and cloud calculating platform
CN107154896A (en) * 2016-03-02 2017-09-12 华为技术有限公司 A kind of data transmission method and forwarding unit
CN107682148A (en) * 2017-10-12 2018-02-09 华东师范大学 Security access system and method between a kind of vehicle bus and internet communication system

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ITRM20100078U1 (en) * 2010-05-06 2011-11-07 Viasat Spa "MODULAR TERMINAL DEVICE FOR THE SUPPLY OF CAR SERVICES, CAR FLEETS AND INDUSTRIAL VEHICLES, AS A RESULT OF THE USE OF THE SAME"
CN102131304B (en) * 2011-02-10 2015-08-12 中兴通讯股份有限公司 A kind of method for connecting network and communicating terminal
CN102801695B (en) * 2011-05-27 2015-10-14 华耀(中国)科技有限公司 Virtual private network (VPN) communication equipment and data pack transmission method thereof
CN103068067A (en) * 2012-12-27 2013-04-24 惠州市德赛西威汽车电子有限公司 Vehicle-mounted 3rd generation telecommunication (3G) method for wideband code division multiple access (WCDMA)
CN103152256B (en) * 2013-02-22 2017-05-03 浪潮电子信息产业股份有限公司 Virtual routing network design method based on cloud computing data center
CN105656747A (en) * 2015-11-11 2016-06-08 乐卡汽车智能科技(北京)有限公司 Multi-link data transmission method and apparatus
CN105898471A (en) * 2015-11-11 2016-08-24 乐卡汽车智能科技(北京)有限公司 Vehicle-mounted audio and video transmission method and system, vehicle-mounted terminal and server
CN107222637B (en) * 2017-06-30 2021-05-04 百度在线网络技术(北京)有限公司 Connection method and device, vehicle-mounted system, terminal and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104917830A (en) * 2015-05-28 2015-09-16 惠州华阳通用电子有限公司 Mobile communication module sharing system and method in vehicular environment
US20170092126A1 (en) * 2015-09-28 2017-03-30 Renesas Electronics Corporation Data processing device and in-vehicle communication device
CN106571945A (en) * 2015-10-13 2017-04-19 中兴通讯股份有限公司 Control surface and business surface separating method and system, server and cloud calculating platform
CN107154896A (en) * 2016-03-02 2017-09-12 华为技术有限公司 A kind of data transmission method and forwarding unit
CN107682148A (en) * 2017-10-12 2018-02-09 华东师范大学 Security access system and method between a kind of vehicle bus and internet communication system

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111726774A (en) * 2020-06-28 2020-09-29 北京百度网讯科技有限公司 Method, device, equipment and storage medium for defending attack
CN111726774B (en) * 2020-06-28 2023-09-05 阿波罗智联(北京)科技有限公司 Method, device, equipment and storage medium for defending attack
US11797674B2 (en) 2020-06-28 2023-10-24 Apollo Intelligent Connectivity (Beijing) Technology Co., Ltd. Method and apparatus for defending against attacks, device and storage medium
CN112659845A (en) * 2020-12-17 2021-04-16 武汉格罗夫氢能汽车有限公司 Method for remotely starting hydrogen fuel cell to start air conditioner based on Internet of vehicles
CN112659845B (en) * 2020-12-17 2023-08-04 武汉格罗夫氢能汽车有限公司 Method for starting air conditioner by remotely starting hydrogen fuel cell based on Internet of vehicles
CN113115350A (en) * 2021-03-22 2021-07-13 江铃汽车股份有限公司 Offline detection method for T-BOX
CN115221161A (en) * 2021-11-25 2022-10-21 广州汽车集团股份有限公司 Whole vehicle buried point data acquisition method and T-BOX
CN115221161B (en) * 2021-11-25 2024-03-01 广州汽车集团股份有限公司 Whole vehicle buried point data acquisition method and T-BOX
CN114153663A (en) * 2022-02-08 2022-03-08 宁波均联智行科技股份有限公司 USB communication line switching device and vehicle-mounted TBOX
CN114153663B (en) * 2022-02-08 2022-06-17 宁波均联智行科技股份有限公司 USB communication line switching device and vehicle-mounted TBOX
WO2023221708A1 (en) * 2022-05-16 2023-11-23 深圳市广和通无线通信软件有限公司 Pdn dialing method, system and apparatus, multi-pdn dialing configuration method, system and apparatus, and device and storage medium

Also Published As

Publication number Publication date
CN110149614A (en) 2019-08-20
CN110149614B (en) 2021-09-21

Similar Documents

Publication Publication Date Title
WO2019157943A1 (en) Vehicle-mounted data transmission method and device, and vehicle-mounted telematics box
US11838203B2 (en) Multipath data transmission method and device
US9705930B2 (en) Method and system for using virtual tunnel end-point registration and virtual network identifiers to manage virtual extensible local area network access
US7876765B2 (en) Method for supporting IP network interconnectivity between partitions in a virtualized environment
US9294443B2 (en) Secure integration of hybrid clouds with enterprise networks
JP4579819B2 (en) Device or user authentication system and method in home network
US9515890B2 (en) Method, system and controlling bridge for obtaining port extension topology information
TWI549452B (en) Systems and methods for application-specific access to virtual private networks
CN102737177B (en) The device based on SOC and packet filter method thereof for packet filtering
CN102664972B (en) Method and device for mapping address in virtual network
JP5595405B2 (en) Virtualization platform
JP2005518117A (en) How to initiate a connection through a firewall and NAT
US8812633B2 (en) Method for managing address spaces at an opening of a communications tunnel, corresponding tunnel end-point, and storage means
JP4146886B2 (en) Communication module and application program including this communication module
CN103152256A (en) Virtual routing network design method based on cloud computing data center
CN104468368B (en) Configure the method and device of bgp neighbor
JP2013511207A (en) Smart client routing
US9143480B2 (en) Encrypted VPN connection
EP2792126B1 (en) Virtual interface applications
US20120300776A1 (en) Method for creating virtual link, communication network element, and ethernet network system
CN110430478B (en) Networking communication method, device, terminal equipment and storage medium
JP2012070225A (en) Network relay device and transfer control system
US20060047784A1 (en) Method, apparatus and system for remotely and dynamically configuring network elements in a network
CN112751816B (en) Tunnel establishment method, device, equipment and computer readable storage medium
CN105991351B (en) A kind of IPSec configuration method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19754486

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19754486

Country of ref document: EP

Kind code of ref document: A1