CN111769942A

CN111769942A - Industrial intelligent robot safety communication method and device and electronic equipment

Info

Publication number: CN111769942A
Application number: CN202010911456.9A
Authority: CN
Inventors: 王滨; 林克章; 王星; 万里; 徐文渊; 冀晓宇; 李俊; 王冲
Original assignee: Hangzhou Hikvision Digital Technology Co Ltd
Current assignee: Hangzhou Hikvision Digital Technology Co Ltd
Priority date: 2020-09-02
Filing date: 2020-09-02
Publication date: 2020-10-13
Anticipated expiration: 2040-09-02
Also published as: CN111769942B

Abstract

The application provides a safe communication method and device for an industrial intelligent robot and electronic equipment, wherein the method comprises the following steps: when the equipment is determined to be at a specified position based on the position information of the equipment, first authentication information is sent to target robot control equipment associated with the specified position; receiving second authentication information sent by the target robot control device; decrypting the second encrypted information by using the public key of the target robot control device, and determining that the bidirectional authentication is passed when successful decryption is performed and data obtained by decryption meets a second preset condition; negotiating a secure communication key with the target robotic control device and performing task communication with the target robotic control device based on the secure communication key upon entering an area controlled by the target robotic control device. The method can improve the safety of communication between the industrial intelligent robot and the robot control equipment.

Description

Industrial intelligent robot safety communication method and device and electronic equipment

Technical Field

The application relates to the field of industrial internet security, in particular to a safe communication method and device for an industrial intelligent robot and electronic equipment.

Background

The industrial internet is an industry and application ecology formed by the omnibearing deep integration of the internet, a new generation information technology and an industrial system, and is a key comprehensive information infrastructure for industrial intelligent development. The essence of the industrial internet is the revolution of intelligent control, operation optimization and generation organization modes by means of deep perception, real-time transmission and exchange, rapid calculation and processing and advanced modeling analysis of industrial data on the basis of network interconnection of machines, raw material control systems, information systems, products and people.

An industrial intelligent robot belongs to a popular industrial internet application, and can execute a preset work task under the control of a robot control device.

The control of the robot control equipment on the industrial intelligent robot needs to be realized based on a wireless network, the wireless network coverage of single robot control equipment is limited, and when the area involved in task execution is large, the robot control equipment used for controlling the industrial intelligent robot needs to be switched in the task execution process, so that cross-domain access of the industrial intelligent robot is realized.

However, practice shows that cross-domain Access of the industrial intelligent robot is often realized through roaming and switching of a wireless AP (Access Point). Due to the openness of the wireless network, the industrial intelligent robot is easy to hijack and control illegally in the switching process. Meanwhile, in the cross-domain access process, the authorization information and the key information of the industrial intelligent robot are reconfigured. Due to the lack of an effective security mechanism, attackers can exploit security flaws in access control and key management mechanisms to hack into the control network by forging devices.

Disclosure of Invention

In view of the above, the present application provides a method and an apparatus for secure communication of an industrial intelligent robot, and an electronic device.

Specifically, the method is realized through the following technical scheme:

according to a first aspect of embodiments of the present application, there is provided an industrial intelligent robot secure communication method, applied to an industrial intelligent robot, the method including:

when the equipment is determined to be at the designated position based on the position information of the equipment, sending first authentication information to target robot control equipment associated with the designated position, wherein the first authentication information carries first encryption information obtained by encrypting a private key based on the equipment;

receiving second authentication information sent by the target robot control equipment, wherein the second authentication information carries second encryption information obtained by encrypting based on a private key of the target robot control equipment; the second authentication information is sent when the target robot control device successfully decrypts the first encrypted information by using the public key of the industrial intelligent robot and determines that the data obtained by decryption meets a first preset condition;

decrypting the second encrypted information by using the public key of the target robot control device, and determining that the bidirectional authentication is passed when successful decryption is performed and data obtained by decryption meets a second preset condition;

negotiating a secure communication key with the target robotic control device and performing task communication with the target robotic control device based on the secure communication key upon entering an area controlled by the target robotic control device.

According to a second aspect of the embodiments of the present application, there is provided an industrial intelligent robot secure communication method applied to a robot control device, the method including:

receiving first authentication information sent by an industrial intelligent robot, wherein the first authentication information carries first encryption information obtained by encrypting based on a private key of the industrial intelligent robot; the first authentication information is sent when the industrial intelligent robot is determined to be at a specified position and the robot control equipment is the robot control equipment associated with the specified position;

decrypting the first encrypted information by using the public key of the industrial intelligent robot, and sending second authentication information to the industrial intelligent robot when successful decryption is carried out and the data obtained by decryption meets a first preset condition, wherein the second authentication information carries second encrypted information obtained by encrypting the private key based on the equipment;

and when the bidirectional authentication is determined to pass, negotiating a secure communication key with the industrial intelligent robot, and when the equipment is determined to be the robot control equipment for controlling the industrial intelligent robot, performing task communication with the industrial intelligent robot based on the secure communication key.

According to a third aspect of embodiments of the present application, there is provided an industrial intelligent robot security communication apparatus applied to an industrial intelligent robot, the apparatus including:

the bidirectional authentication unit is used for sending first authentication information to target robot control equipment associated with the specified position when the equipment is determined to be at the specified position based on the position information of the equipment, wherein the first authentication information carries first encryption information obtained by encrypting a private key based on the equipment;

the bidirectional authentication unit is further configured to receive second authentication information sent by the target robot control device, where the second authentication information carries second encryption information obtained by encrypting a private key based on the target robot control device; the second authentication information is sent when the target robot control device successfully decrypts the first encrypted information by using the public key of the industrial intelligent robot and determines that the data obtained by decryption meets a first preset condition;

the bidirectional authentication unit is further configured to decrypt the second encrypted information by using the public key of the target robot control device, and when successful decryption is performed and it is determined that the data obtained by decryption satisfies a second preset condition, it is determined that bidirectional authentication is passed;

a communication unit for negotiating a secure communication key with the target robot control device and performing task communication with the target robot control device based on the secure communication key when entering an area controlled by the target robot control device.

According to a fourth aspect of embodiments of the present application, there is provided an industrial intelligent robot secure communication apparatus, the apparatus including:

the bidirectional authentication unit is used for receiving first authentication information sent by the industrial intelligent robot, and the first authentication information carries first encryption information obtained by encrypting based on a private key of the industrial intelligent robot; the first authentication information is sent when the industrial intelligent robot is determined to be at a specified position and the robot control equipment is the robot control equipment associated with the specified position;

the bidirectional authentication unit is further configured to decrypt the first encrypted information by using the public key of the industrial intelligent robot, and send second authentication information to the industrial intelligent robot when successful decryption is performed and it is determined that data obtained by decryption meets a first preset condition, where the second authentication information carries second encrypted information obtained by encrypting with a private key based on the device;

and the communication unit is used for negotiating a safety communication key with the industrial intelligent robot when the bidirectional authentication is determined to pass, and carrying out task communication with the industrial intelligent robot based on the safety communication key when the equipment is determined to be robot control equipment for controlling the industrial intelligent robot.

According to a fifth aspect of embodiments of the present application, there is provided an electronic apparatus, including:

a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor; the processor is used for executing machine executable instructions to realize the industrial intelligent robot safety communication method.

According to the safe communication method of the industrial intelligent robot, when the industrial intelligent robot determines that the equipment is located at the designated position based on the position information of the equipment, first authentication information carrying first encryption information is sent to target robot control equipment associated with the designated position; the target robot control equipment decrypts the first encrypted information by using the public key of the industrial intelligent robot, and sends second authentication information carrying second encrypted information to the industrial intelligent robot when successful decryption is performed and the data obtained by decryption meets a first preset condition; the industrial intelligent robot utilizes the public key of the target robot control equipment to decrypt the second encrypted information, and when the decryption is successful, and the data obtained by the decryption is determined to meet the second preset condition, the bidirectional authentication is determined to pass, the safety communication key is negotiated with the target robot control equipment, and when the area controlled by the target robot control equipment is entered, the task communication is carried out based on the safety communication key and the target robot control equipment, and the safety of the communication between the industrial intelligent robot and the robot control equipment is improved.

Drawings

Fig. 1 is a schematic flow chart of a secure communication method for an industrial intelligent robot according to an exemplary embodiment of the present application;

fig. 2 is a schematic flowchart illustrating an exemplary embodiment of determining that data obtained by decryption satisfies a second predetermined condition;

fig. 3 is a flowchart illustrating a method for secure communication of an industrial intelligent robot according to an exemplary embodiment of the present application;

fig. 4 is a schematic flowchart illustrating a process of determining that data obtained by decryption satisfies a first preset condition according to an exemplary embodiment of the present application;

fig. 5 is a schematic diagram illustrating an architecture of an industrial intelligent robot secure communication system according to an exemplary embodiment of the present application;

fig. 6 is a schematic structural diagram of an industrial intelligent robot safety communication device according to an exemplary embodiment of the present application;

fig. 7 is a schematic structural diagram of an industrial intelligent robot safety communication device according to an exemplary embodiment of the present application;

fig. 8 is a schematic diagram of a hardware structure of the apparatus shown in fig. 6 or fig. 7 according to an exemplary embodiment of the present application.

Detailed Description

Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.

In order to make those skilled in the art better understand the technical solution provided by the embodiments of the present application, the following first describes an industrial intelligent robot system architecture.

An exemplary industrial intelligent robot system architecture mainly comprises a business layer, a management layer and an execution layer, wherein:

1. and (4) a service layer: the business layer is mainly responsible for processing specific business of enterprises, divides the specific business into different tasks according to functions, flows and granularity, and sends the tasks to each management layer system. Meanwhile, the service layer can control the whole service processing flow and the corresponding state.

2. And (3) a management layer: the management layer comprises various services and systems related to robot management and control, and specifically comprises but is not limited to:

2.1, a scheduling system: and providing a stable service processing protocol interface, and processing, scheduling and managing the tasks issued by the upper layer.

2.2, monitoring system: the monitoring system is responsible for monitoring the running state of the whole industrial intelligent robot system, including task monitoring, robot terminal monitoring and alarm monitoring.

2.3, robot control service: the RCS (Robot Control Service) directly interacts with the Robot terminal and is responsible for issuing instructions of the Robot terminal (such as an industrial intelligent Robot). Meanwhile, a corresponding algorithm library is integrated in the service, so that the optimal solution executed by the robot is ensured.

2.4, alarm management service: and the management of alarm information, including alarm caching, alarm filtering and alarm pushing, is in charge. The alarm information in the industrial intelligent robot system mainly comprises equipment alarm, service alarm and algorithm alarm.

2.5, industrial environment equipment control service: and the robot is responsible for controlling industrial environment equipment and ensuring the cooperative work with the robot terminal.

3. An execution layer: the execution layer comprises a robot terminal (such as an industrial intelligent robot) and industrial environment equipment. The industrial environment equipment and the robot terminal work cooperatively, and the design, the process, the production and the manufacture, the storage and the distribution of parts are combined to realize large-scale integrated manufacture.

The SM9 algorithm is briefly described below.

In the SM9 system, a device may use an identifier of the device as a public Key, and a private Key is generated by KGC (Key generation center) and distributed to a corresponding device through a secure channel.

1) System master key establishment

The system master key is the key in KGC and the master key pair is (s, Ppub). Wherein s is generated randomly, and Ppub is generated according to s according to a certain rule. Where s is 32 bytes, Ppub is the point (X, Y) on the elliptic curve, and X and Y are each 64 bytes.

2) Device key generation

KGC public private key generation function identifier hid, hid being 1 byte;

any equipment can obtain a public key QA of the equipment according to the calculation of (equipment identification ID + hid + Ppub);

the device private key is obtained by computing the KGC, and the device private key dA is obtained by computing according to the device identification ID + hid + s and is safely distributed to the corresponding device. dA is (XdA, YdA), XdA and YdA bytes each.

In order to make the aforementioned objects, features and advantages of the embodiments of the present application more comprehensible, embodiments of the present application are described in detail below with reference to the accompanying drawings.

Referring to fig. 1, a flow chart of a secure communication method for an industrial intelligent robot according to an embodiment of the present disclosure is schematically illustrated, where the secure communication method for an industrial intelligent robot can be applied to an industrial intelligent robot, and as shown in fig. 1, the secure communication method for an industrial intelligent robot can include the following steps:

step S100, when the device is determined to be at the designated position based on the position information of the device, first authentication information is sent to the target robot control device associated with the designated position, and the first authentication information carries first encryption information obtained by encrypting based on a private key of the device.

In the embodiment of the application, the industrial intelligent robot can acquire the position information of the equipment in real time or at regular time, and determine the robot control equipment related to the area where the equipment is located based on the position information of the equipment and the task information issued by the equipment control system.

For example, the task information issued by the device control system may include, but is not limited to, a running track of the industrial intelligent robot and related information of a robot control device used for controlling the industrial intelligent robot in the running track, and based on the task information, the industrial intelligent robot may obtain the running track when executing the task and the robot control device controlling the device in the process of executing the task.

For example, when the range of the task execution area is large, the industrial intelligent robot may be controlled by a plurality of robot control devices during the task execution process, that is, control switching is required during the task execution process (a position where control switching is required may be referred to as a switching point).

For example, if the starting point (task execution starting point) of the movement track of the industrial intelligent robot is a and the end point (task execution end point) is B, the movement from a to B needs to pass C, the movement of a → C is controlled by the robot control device 1, and the movement of C → B is controlled by the robot control device 2, when the industrial intelligent robot reaches C, control switching (i.e., C is a switching point) needs to be performed, and the switching is controlled by the robot control device 1 and the robot control device 2.

For example, the designated location may be a task execution start point or a switch point.

In the embodiment of the present application, when the industrial intelligent robot determines that the device is located at the specified position based on the acquired position information of the device, authentication information (referred to as first authentication information herein) may be sent to a robot control device (referred to as a target robot control device herein) associated with the specified position, where the first authentication information may carry encryption information (referred to as first encryption information herein) obtained by encrypting a private key of the device.

In one example, the first encrypted information is generated by the industrial intelligent robot by encrypting with a private key of the industrial intelligent robot based on the first digest information and the first random number; the first abstract information is generated by the industrial intelligent robot by using a preset abstract algorithm based on the first random number and an authorization token issued by the equipment control system.

For example, when the industrial intelligent robot system is deployed, a public and private key pair can be preset for each robot control device and each industrial intelligent robot. Such as a public-private key pair generated using the SM9 algorithm.

When a task requirement exists, the device control system can determine the robot control device and the industrial intelligent robot related in the operation track based on the determined operation track, and generate a corresponding authorization TOKEN (TOKEN), the authorization task executes the related robot control device and the industrial intelligent robot to complete the work task, and the authorization TOKEN is distributed in a safe manner.

It should be noted that the authorization token is mainly used for verifying the authorization identity of the industrial intelligent robot or the robot control device to indicate that the device has the authority to participate in the task scheduling of the work.

In addition, for the robot control device and the industrial intelligent robot related to task execution, the device control system may issue the public key of the robot control device to the industrial intelligent robot, and issue the public key of the industrial intelligent robot to the robot control device.

When the task is executed or the control switching is needed, the industrial intelligent robot needs to perform bidirectional authentication with the robot control equipment for controlling the equipment, and after the authentication is determined to pass, the control of the robot control equipment is used for executing the work task issued by the equipment control system, so that the safety of the industrial intelligent robot system is improved.

For example, when authentication is required, the industrial intelligent robot may generate a random number (referred to as a first random number herein), generate digest information (referred to as first digest information herein) by using a preset digest algorithm based on the first random number and an authorization token issued by the device control system, encrypt the first digest information and the first random number by using a private key of the device to obtain first encrypted information, and send first authentication information carrying the first encrypted information to the target robot control device.

For example, when the target robot control device receives the first authentication information, the industrial intelligent robot may be authenticated based on the first authentication information, and a specific processing flow of the industrial intelligent robot may refer to relevant description in the embodiment shown in fig. 3, which is not described herein again.

Step S110, receiving second authentication information sent by the target robot control equipment, wherein the second authentication information carries second encryption information obtained by encrypting based on a private key of the target robot control equipment; the second authentication information is sent when the target robot control device successfully decrypts the first encrypted information by using the public key of the industrial intelligent robot and determines that the data obtained by decryption meets a first preset condition.

In the embodiment of the present application, when the target robot control device passes authentication of the industrial intelligent robot, authentication information (referred to as second authentication information herein) may be sent to the industrial intelligent robot, where the second authentication information carries encryption information (referred to as second encryption information herein) obtained by encrypting based on a private key of the target robot control device.

For example, a specific processing flow of the target robot control device sending the second authentication information to the industrial intelligent robot may refer to the related description in the embodiment shown in fig. 3, and details of the embodiment of the present application are not repeated herein.

And S120, decrypting the second encrypted information by using the public key of the target robot control equipment, and determining that the bidirectional authentication is passed when successful decryption is performed and the data obtained by decryption meets a second preset condition.

In the embodiment of the application, when the industrial intelligent robot receives the second authentication information sent by the target robot control equipment, the second encryption information carried in the second authentication information can be acquired, and the public key of the target robot control equipment is utilized to decrypt the second encryption information.

When the decryption is successful, it may be determined whether the decrypted data satisfies a preset condition (referred to herein as a second preset condition), and when it is determined that the decrypted data satisfies the second preset condition, it is determined that the mutual authentication is passed.

It should be noted that, when the industrial intelligent robot fails to decrypt the second encrypted information using the public key of the target robot control device, or the decrypted data does not satisfy the second preset condition, it may be determined that the authentication has failed, and at this time, exception handling may be performed based on a preset exception handling policy, for example, an alarm is performed to the device control system, and the specific implementation of the method is not limited in this application.

And S130, negotiating a safety communication key with the target robot control equipment, and carrying out task communication with the target robot control equipment based on the safety communication key when entering an area controlled by the target robot control equipment.

In the embodiment of the application, the industrial intelligent robot determines the robot control equipment for controlling the equipment, the bidirectional authentication is completed with the robot control equipment, and when the authentication passes, the industrial intelligent robot can negotiate the safety communication key with the target robot control equipment.

When the industrial intelligent robot determines to enter the area controlled by the target robot control device, task communication is carried out with the target robot control device based on the safety communication key negotiated with the target robot control device.

For example, when the designated position in step S100 is a task execution starting point, the target robot control device is the first robot control device in the operation trajectory corresponding to the work task to control the industrial smart robot, and when the industrial smart robot negotiates with the target robot control device with a completely secure communication key, task communication with the target robot control device can be performed based on the secure communication key.

In one possible embodiment, as shown in fig. 2, the step S120 of determining that the decrypted data satisfies the second preset condition may be implemented by:

step S121, generating third digest information by using a preset digest algorithm based on a second random number obtained by decrypting the second encrypted information and an authorization token issued by the device control system.

And S122, comparing the third summary information, decrypting the second encrypted information to obtain second summary information, and determining that the decrypted data meets a second preset condition when the second summary information is consistent with the second summary information.

Illustratively, the authorization token issued by the device control system is the same for the robot control device and the industrial intelligent robot involved in the same work task.

When the industrial intelligent robot successfully decrypts the second encrypted information, the industrial intelligent robot may generate digest information (referred to as third digest information herein) by using the preset digest algorithm based on a second random number obtained by decrypting the second encrypted information and an authorization token issued by the device control system, compare the third digest information with the second digest information obtained by decrypting the second encrypted information, and determine that the decrypted data satisfies a second preset condition when the third digest information and the second digest information are consistent with each other.

In a possible embodiment, the specified position is a preset position in a preset switching buffer, the preset switching buffer is in a coverage area of a wireless network of the first robot control device and in a coverage area of a wireless network of the second robot control device, the first robot control device is a robot control device currently controlling the industrial intelligent robot determined based on the task information, the second robot control device is a robot control device next controlling the industrial intelligent robot determined based on the task information, and the target robot control device is the second robot control device.

For example, when the industrial intelligent robot performs control switching, bidirectional authentication and secure communication key agreement with a robot control device that controls the industrial intelligent robot after switching are required, and a work task is executed under the control of the robot control device based on the agreed secure communication key after the authentication is passed.

Accordingly, an area (herein, referred to as a handover buffer area) for bidirectional authentication and secure communication key agreement between the industrial intelligent robot and the robot control device that controls the industrial intelligent robot after handover may be set, so as to reduce the time for the industrial intelligent robot to pause during control handover or avoid the industrial intelligent robot to pause during control handover while ensuring security.

Illustratively, the preset switch buffer is a segment of a control area (associated area) currently controlling the industrial intelligent robot.

Since the industrial intelligent robot needs to perform task communication with the robot control device (referred to as a first robot control device) currently controlling the industrial intelligent robot and perform bidirectional authentication with the robot control device (referred to as a second robot control device) controlling the industrial intelligent robot after switching when the industrial intelligent robot is in the preset switching buffer, the preset switching buffer needs to be in the coverage of the wireless network of the first robot control device and in the coverage of the wireless network of the second robot control device.

Illustratively, the target robot control apparatus in step S100 is a second robot control apparatus.

For example, still taking the example in step S100 as an example, assuming that the preset switching buffer is D → C (i.e. the running track includes a → D → C → B, and C is the switching point), the industrial intelligent robot can perform bidirectional authentication with the robot control device 2 when the industrial intelligent robot is at the preset position of the preset switching buffer, for example, the starting point (i.e. D) of the preset switching buffer.

For example, when the switching buffer is set, the industrial intelligent robot and the robot control device may perform bidirectional authentication in the switching buffer, negotiate a secure communication key when the authentication is passed, and perform task communication based on the negotiated secure communication key when the control switching is completed.

It should be noted that, in the embodiment of the present application, if the length of the preset buffer is too short, when the industrial intelligent robot passes through the preset buffer (e.g., D → C in the above example), the industrial intelligent robot cannot complete mutual authentication and secure communication key agreement with the second robot control device, and further, after the control handover, a pause still occurs; if the length of the preset buffer zone is too long, the industrial intelligent robot needs to be covered by the second robot control device wireless network when being in the preset buffer zone, so that the requirement on the wireless network coverage range of the robot control device can be improved, and the cost is increased. Thus, the length of the pre-set buffer needs to be balanced against performance requirements and cost requirements.

In one example, the length of the preset buffer may be set based on the moving speed of the industrial smart robot and the average mutual authentication duration (which may include the time for secure communication key agreement) of the industrial smart robot and the robot control device.

For example, the length d of the preset switching buffer can be determined by the following strategy:

d=v*Ts*r

v is the moving speed of the industrial intelligent robot, Ts is the average bidirectional authentication duration of the industrial intelligent robot and the robot control equipment, and r is a reliability guarantee factor.

Preferably, 1< r < 2.

In one example, after the industrial intelligent robot enters the preset switching buffer, if it is determined that the first robot control device is abnormal, for example, the industrial intelligent robot does not receive the information sent by the first robot control device for a continuous preset time, the industrial intelligent robot may complete bidirectional authentication with the second robot control device, and after the authentication passes, may switch to the second robot control device in advance for control.

Referring to fig. 3, a flow chart of an industrial intelligent robot safety communication method provided in an embodiment of the present application is schematically illustrated, where the industrial intelligent robot safety communication method can be applied to a robot control device, for example, a target robot control device in the flow chart of the method shown in fig. 1, and as shown in fig. 3, the industrial intelligent robot safety communication method can include the following steps:

step S300, first authentication information sent by the industrial intelligent robot is received, wherein the first authentication information carries first encryption information obtained by encrypting based on a private key of the industrial intelligent robot.

In the embodiment of the present application, specific implementation of sending the first authentication information to the robot control device by the industrial intelligent robot may refer to relevant description in the method flow shown in fig. 1, and details of the embodiment of the present application are not described herein again.

And S310, decrypting the first encrypted information by using the public key of the industrial intelligent robot, and sending second authentication information to the industrial intelligent robot when successful decryption is performed and the data obtained by decryption meets a first preset condition, wherein the second authentication information carries second encrypted information obtained by encrypting the private key based on the equipment.

In this embodiment of the application, when the robot control device receives the first authentication information sent by the industrial intelligent robot, the public key of the industrial intelligent robot may be used to decrypt the first encrypted information.

When the decryption is successful, whether the decrypted data meets a preset condition (referred to as a first preset condition herein) or not can be determined, and when the decrypted data meets the first preset condition, the industrial intelligent robot is determined to be authenticated.

It should be noted that, when the industrial intelligent robot fails to decrypt the first encrypted information by using the public key of the industrial intelligent robot, or the decrypted data does not satisfy the first preset condition, it may be determined that the authentication fails, and at this time, exception handling may be performed based on a preset exception handling policy, for example, an alarm is performed to the device control system, and a specific implementation of the method is not limited in this application.

In the embodiment of the application, when the robot control device determines that the data obtained by decryption meets the first preset condition, second authentication information can be sent to the industrial intelligent robot, and the second authentication information carries second encryption information obtained by encrypting the data based on the private key of the robot control device.

For example, the processing flow when the industrial intelligent robot receives the second authentication notification information sent by the robot control device may refer to the related description in the method flow shown in fig. 1, and the embodiment of the present application is not described herein again.

And S320, when the bidirectional authentication is determined to pass, negotiating a secure communication key with the industrial intelligent robot, and when the equipment is determined to be robot control equipment for controlling the industrial intelligent robot, performing task communication with the industrial intelligent robot based on the secure communication key.

In the embodiment of the present application, when the industrial intelligent robot completes authentication of the robot control device based on the received second authentication information transmitted by the robot control device, the industrial intelligent robot may transmit an authentication result notification message to the robot control device to notify the robot control device of the authentication result (pass or fail)

When the robot control device determines that the mutual authentication is passed, a secure communication key may be negotiated with the industrial intelligent robot, and when it is determined that the device is a robot control device that controls the industrial intelligent robot, for example, when position information reported by the industrial intelligent robot is received, task communication may be performed with the industrial intelligent robot based on the secure communication key negotiated with the industrial intelligent robot.

For example, when the industrial intelligent robot passes mutual authentication with a certain robot control device and enters an area controlled by the robot control device, the industrial intelligent robot may report position information (position information of the industrial intelligent robot) to the robot control device. When the robot control device receives the position information reported by the industrial intelligent robot, the device can be determined to be the robot control device for controlling the industrial intelligent robot.

It should be noted that, when the industrial intelligent robot enters the preset switching buffer and it is determined that the robot control device (such as the first robot control device) currently controlling the industrial intelligent robot is abnormal, the industrial intelligent robot may perform control switching in advance and report position information to the next robot control device (such as the second robot control device) controlling the industrial intelligent robot. At this time, the robot control device (the second robot control device described above) that receives the position information reported by the industrial intelligent robot may determine that the device is the robot control device that controls the industrial intelligent robot, and implement control switching in advance.

In one example, the second encrypted information is generated by the robot control device through encryption by using a private key of the robot control device based on second digest information and a second random number, and the second digest information is generated by the robot control device through a preset digest algorithm based on the second random number and an authorization token issued by a device control system.

Illustratively, the robot control device uses the same digest algorithm as that used by the industrial intelligent robot.

In one possible embodiment, as shown in fig. 4, in step S310, determining that the decrypted data satisfies the first preset condition may be implemented by:

step S311 is to generate fourth digest information by using a preset digest algorithm based on the first random number obtained by decrypting the first encrypted information and the authorization token issued by the device control system.

Step S312, comparing the fourth digest information, and decrypting the first encrypted information to obtain first digest information, and when the fourth digest information and the first encrypted information are consistent, determining that the decrypted data satisfies a first preset condition.

When the robot control device successfully decrypts the first encrypted information, the robot control device may generate digest information (referred to as fourth digest information herein) by using the preset digest algorithm based on a first random number obtained by decrypting the first encrypted information and an authorization token issued by the device control system, compare the fourth digest information with the first digest information obtained by decrypting the first encrypted information, and determine that the decrypted data satisfies a first preset condition when the fourth digest information and the first digest information are identical to each other.

In order to enable those skilled in the art to better understand the technical solutions provided by the embodiments of the present application, the technical solutions provided by the embodiments of the present application are described below with reference to specific examples.

Take the robot control device as the RCS device and the industrial intelligent robot as the AGV (automatic guided vehicle) as an example.

Referring to fig. 5, an architecture schematic diagram of an industrial intelligent robot secure communication system provided in an embodiment of the present application is shown in fig. 5, where the industrial intelligent robot secure communication system may include an ECS (Equipment control system), an RCS device, and an AGV.

For example, in fig. 5, the RCS devices involved in one work task include RCS1 and RCS 2.

Based on the industrial intelligent robot secure communication system shown in fig. 5, the industrial intelligent robot secure communication method provided by the embodiment of the application has the following implementation flow:

1. when the system is deployed, a public and private key pair generated by an SM9 algorithm is preset for each RCS, AGV and the like.

2. When the ECS receives a work task, planning a corresponding running track through an Artificial Intelligence (AI) algorithm, setting RCS and AGV involved in the running track, generating a corresponding authorization TOKEN TOKEN, authorizing the relevant RCS and AGV to complete the work task, and distributing the authorization TOKEN TOKEN in a safe mode.

Illustratively, the TOKEN is mainly used to verify the authorized identity of the industrial intelligent robot or the robot control device, so as to indicate that the device has the authority to participate in the task scheduling.

3. And the ECS schedules the corresponding AGV and issues the corresponding TOKEN and each related RCS public key, and the AGV is online and goes to the corresponding execution task starting point.

4. The ECS issues the corresponding authorization TOKEN TOKEN and the public key of the AGV to each RCS (e.g., RCS1, RCS2 in FIG. 5).

For example, after the distribution of the TOKEN and the public key is completed, the ECS may not need to participate in subsequent work, thereby improving the reliability of the system and ensuring that the task execution is not affected when the ECS is busy or the network is interrupted.

5. RCS1 and AGV carry out two-way safety certification, begin to take over control AGV after the certification is passed, specific certification process is as follows:

5.1, the AGV generates RND1 (namely a first random number) through a secure random number, generates abstracts HMAC (TOKEN, RND1) (namely first abstract information) for the RND1 and the TOKEN by using HMAC (namely a preset abstraction algorithm), encrypts the HMAC (TOKEN, RND1) and the RND1 by using a private key (which can be called SK) of the AGV to generate RCS1SK (HMAC (TOKEN, RND1), RND1) (namely first encrypted information), and sends authentication information (namely first authentication information) carrying the RCS1SK (HMAC (TOKEN, RND1) and RND1) to the AGV by the RCS 1;

5.2, after receiving the first authentication information, the RCS1 decrypts the first encrypted information by using the public key of the RCS1 to obtain HMAC (TOKEN, RND1) and RND1, and uses the local TOKEN to generate HMAC' (TOKEN, RND1) by using the HMAC algorithm to compare with the decrypted HMAC (TOKEN, RND1), if the two are consistent, it is determined that the AGV is legal, and if the two are not the same, authentication failure is returned.

5.3, after the RCS1 determines that the AGV is legal, generating an RND2 (namely a second random number) through a secure random number, generating abstracts HMAC (TOKEN, RND 2) by using HMAC to the RND2 and TOKEN (namely second abstract information), encrypting the HMAC (TOKEN, RND 2) and RND2 by using a private key of the RCS1 to generate AVGsk (HMAC (TOKEN, RND 2) and RND 2) (namely second encryption information), and sending authentication information (namely second authentication information) carrying the AVGsk (HMAC (TOKEN, RND 2) and RND 2) to the AGC by the RCS 1;

5.4, when the AGC receives the second authentication information, the public key of the RCS1 is used for decrypting the second encrypted information to obtain HMAC (TOKEN, RND 2) and RND2, the local TOKEN is used for generating HMAC '(TOKEN, RND 2) by using an HMAC algorithm and comparing the HMAC' with the decrypted HMAC (TOKEN, RND 2), if the two are consistent, the RCS1 is determined to be legal, the bidirectional authentication is successful, and if the two are not consistent, the authentication is returned to fail;

5.5, after the identities of the RCS1 and the AVGV are legal, the RCS1 and the AVGV use a preset key derivation algorithm and take the RND1 and the RND2 as parameters to generate an encryption key (namely, a secure communication key) RCS1_ AVGsk for the secure communication of the two parties.

In the embodiment, the nodes involved in completing the task are authorized by the TOKEN, so that the validity of each node in the task is ensured;

in addition, the RCS and the AGV ensure the legality of the respective identity through bidirectional authentication, in addition, TOKEN verification is added in the authentication process, the node is also a node participating in completing the task, and illegal nodes are prevented from entering;

moreover, a corresponding secure communication password is negotiated through the generated secure random number in the authentication process, so that the security of subsequent communication is ensured.

6. The AGV walks under the control of the RCS1 to a preset switching buffer, and the RCS2 and the AGV start to perform security authentication and generation of a security communication key in the switching buffer, specifically referring to the RCS1 and the AGV authentication method in step 5.

For example, assuming that the traveling speed of the AGV is v, and the average bidirectional authentication duration of the AGV and the RCS is Ts, the length of the buffer is d:

d=v*Ts*r

r is a reliability assurance factor, and 1< r < 2.

In this embodiment, by setting the switching buffer, it can be effectively ensured that the AGV and the RCS2 can perform mutual authentication in advance when the RCS1 and the RCS2 are switched across domains, and a security key used for subsequent communication is negotiated, so that the AGV does not stop when control is switched, and the outside is unaware (not aware of control switching).

7. After the AGV reaches the RCS2 takeover control area, the AGV is taken over by the RCS2 and performs task execution under the control of the RCS 2.

8. And when the AGV walks to the corresponding task execution end point, the task is ended.

The methods provided herein are described above. The following describes the apparatus provided in the present application:

referring to fig. 6, a schematic structural diagram of an industrial intelligent robot safety communication device according to an embodiment of the present disclosure is shown, where the industrial intelligent robot safety communication device may be applied to an industrial intelligent robot in the foregoing embodiment, and as shown in fig. 6, the industrial intelligent robot safety communication device may include:

In one embodiment, the first encrypted information is generated by the industrial intelligent robot through encryption by using a private key of the industrial intelligent robot based on first digest information and a first random number, and the first digest information is generated by the industrial intelligent robot through a preset digest algorithm based on the first random number and an authorization token issued by an equipment control system;

the second encrypted information is generated by the target robot control device through encryption by a private key of the target robot control device based on second digest information and a second random number, and the second digest information is generated by the target robot control device through a preset digest algorithm based on an authorization token issued by the second random number and a device control system.

In one embodiment, the bidirectional authentication unit determines that the decrypted data satisfies a second preset condition, including:

generating third digest information by using the preset digest algorithm based on a second random number obtained by decrypting the second encrypted information and an authorization token issued by the equipment control system;

and comparing the third abstract information with second abstract information obtained by decrypting the second encrypted information, and determining that the data obtained by decryption meets a second preset condition when the third abstract information is consistent with the second abstract information.

In one embodiment, the designated position is a preset position in a preset switching buffer, the preset switching buffer is in a coverage of a wireless network of a first robot control device and in a coverage of a wireless network of a second robot control device, the first robot control device is a robot control device currently controlling the industrial intelligent robot determined based on task information, the second robot control device is a robot control device controlling the industrial intelligent robot next determined based on the task information, and the target robot control device is the second robot control device.

Referring to fig. 7, a schematic structural diagram of an industrial intelligent robot safety communication device according to an embodiment of the present disclosure is provided, where the industrial intelligent robot safety communication device may be applied to a robot control device in the foregoing embodiments, and as shown in fig. 7, the industrial intelligent robot safety communication device may include:

the second encrypted information is generated by the robot control device through encryption by using a private key of the robot control device based on second digest information and a second random number, and the second digest information is generated by the robot control device through a preset digest algorithm based on the second random number and an authorization token issued by a device control system.

In one embodiment, the bidirectional authentication unit determines that the decrypted data satisfies a first preset condition, and includes:

generating fourth digest information by using the preset digest algorithm based on a first random number obtained by decrypting the first encrypted information and an authorization token issued by the equipment control system;

and comparing the fourth abstract information with the first abstract information obtained by decrypting the first encrypted information, and determining that the data obtained by decryption meets a first preset condition when the fourth abstract information is consistent with the first abstract information.

In one embodiment, the designated position is a preset position in a preset switching buffer, the preset switching buffer is located in a coverage area of a wireless network of a first robot control device and in a coverage area of a wireless network of a second robot control device, the first robot control device is a robot control device which currently controls the industrial intelligent robot and is determined based on task information, the second robot control device is a robot control device which next controls the industrial intelligent robot and is determined based on the task information, and the robot control device is the second robot control device.

Correspondingly, the application also provides a hardware structure of the device shown in fig. 6 or 7. Referring to fig. 8, the hardware structure may include: a processor and a machine-readable storage medium having stored thereon machine-executable instructions executable by the processor; the processor is configured to execute machine-executable instructions to implement the methods disclosed in the above examples of the present application.

Based on the same application concept as the method, embodiments of the present application further provide a machine-readable storage medium, where several computer instructions are stored, and when the computer instructions are executed by a processor, the method disclosed in the above example of the present application can be implemented.

The machine-readable storage medium may be, for example, any electronic, magnetic, optical, or other physical storage device that can contain or store information such as executable instructions, data, and the like. For example, the machine-readable storage medium may be: a RAM (random Access Memory), a volatile Memory, a non-volatile Memory, a flash Memory, a storage drive (e.g., a hard drive), a solid state drive, any type of storage disk (e.g., an optical disk, a dvd, etc.), or similar storage medium, or a combination thereof.

It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.

Claims

1. The safe communication method for the industrial intelligent robot is applied to the industrial intelligent robot and comprises the following steps:

2. The method of claim 1, wherein the first encrypted information is generated by the industrial intelligent robot through encryption by a private key of the industrial intelligent robot based on first digest information and a first random number, and the first digest information is generated by the industrial intelligent robot through a preset digest algorithm based on the first random number and an authorization token issued by a device control system;

3. The method according to claim 2, wherein the determining that the decrypted data satisfies a second preset condition includes:

4. The method of any of claims 1-3, wherein the designated location is a preset location in a preset switching buffer, the preset switching buffer being in a coverage area of a wireless network of a first robot control device and in a coverage area of a wireless network of a second robot control device, the first robot control device being the robot control device currently controlling the industrial smart robot determined based on task information, the second robot control device being the robot control device next controlling the industrial smart robot determined based on the task information, the target robot control device being the second robot control device.

5. An industrial intelligent robot safety communication method is applied to a robot control device, and comprises the following steps:

6. The method of claim 5, wherein the first encrypted information is generated by the industrial intelligent robot through encryption by a private key of the industrial intelligent robot based on first digest information and a first random number, and the first digest information is generated by the industrial intelligent robot through a preset digest algorithm based on the first random number and an authorization token issued by a device control system;

7. The method according to claim 6, wherein the determining that the decrypted data satisfies a first preset condition includes:

8. The method of any of claims 5-7, wherein the designated location is a preset location in a preset switching buffer, the preset switching buffer being in a coverage area of a wireless network of a first robot control device and in a coverage area of a wireless network of a second robot control device, the first robot control device being the robot control device currently controlling the industrial smart robot determined based on task information, the second robot control device being the robot control device next controlling the industrial smart robot determined based on the task information, the robot control device being the second robot control device.

9. An industrial intelligent robot safety communication device is applied to an industrial intelligent robot, and the device comprises:

10. An industrial intelligent robot safety communication device is applied to a robot control device, and the device comprises:

11. An electronic device, comprising:

a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor; the processor is configured to execute machine executable instructions to perform the method steps of any of claims 1-8.