CN111817849A - Electronic control unit ECU and safe communication method and system thereof - Google Patents
Electronic control unit ECU and safe communication method and system thereof Download PDFInfo
- Publication number
- CN111817849A CN111817849A CN202010615120.8A CN202010615120A CN111817849A CN 111817849 A CN111817849 A CN 111817849A CN 202010615120 A CN202010615120 A CN 202010615120A CN 111817849 A CN111817849 A CN 111817849A
- Authority
- CN
- China
- Prior art keywords
- ecu
- key
- ecus
- data
- initial
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Abstract
The invention discloses an Electronic Control Unit (ECU) and a safe communication method and system thereof. The secure communication method comprises the following steps: after the whole vehicle is electrified and started, one ECU in the whole vehicle ECU randomly generates a communication key and records the communication key as a first key, wherein the ECU which randomly generates the communication key is recorded as an initial ECU; the initial ECU encrypts the first key to obtain first encrypted data; the initial ECU sends the first encrypted data to other ECUs respectively; other ECUs decrypt the first encrypted data to obtain a first secret key; each ECU performs encrypted communication using the first key. According to the safety communication method, the communication safety between the vehicle parts is guaranteed on the premise of not depending on a server or a diagnostic instrument through mutual authentication between the vehicle parts.
Description
Technical Field
The invention relates to the technical field of automobiles, in particular to an Electronic Control Unit (ECU) and a safe communication method and system thereof.
Background
With the popularization of the automobile aftermarket, a vehicle owner can easily install non-original factory parts for a vehicle after the vehicle is sold, the non-original factory parts are likely to use immature or defective software, so that great hidden danger is brought to the safe communication of the vehicle, the existing technology for guaranteeing the safe communication of the vehicle completely depends on the safe operation of a server, and if the server has problems, the vehicle cannot perform the safe communication.
Disclosure of Invention
The present invention is directed to solving, at least to some extent, one of the technical problems in the related art. To this end, a first object of the present invention is to provide a secure communication method of an electronic control unit ECU, which can secure communication between parts of a vehicle without depending on a server or a diagnostic instrument.
A second object of the present invention is to propose a secure communication system of an electronic control unit ECU.
A third object of the present invention is to propose an electronic control unit ECU.
In order to achieve the above object, an embodiment of a first aspect of the present invention proposes a secure communication method of an electronic control unit ECU, the vehicle including a plurality of ECUs, the secure communication method including the steps of: after the whole vehicle is electrified and started, one ECU in the plurality of ECUs randomly generates a communication key and records the communication key as a first key, wherein the ECU generating the communication key is recorded as an initial ECU; the initial ECU encrypts the first secret key to obtain first encrypted data; the initial ECU respectively sends the first encrypted data to other ECUs; the other ECUs decrypt the first encrypted data to obtain the first secret key; each ECU performs encrypted communication using the first key.
According to the secure communication method of the electronic control unit ECU, the initial ECU randomly generates a first secret key and encrypts the first secret key to obtain first encrypted data, the initial ECU sends the first encrypted data to other ECUs, and the other ECUs decrypt the first encrypted data to obtain the first secret key and conduct encrypted communication through the first secret key. Therefore, through mutual authentication between the vehicle parts, the communication safety between the vehicle parts is guaranteed on the premise of not depending on a server or a diagnostic instrument.
In addition, the secure communication method of the electronic control unit ECU according to the present invention may further have the following additional technical features:
according to one embodiment of the present invention, each ECU is provided with a private key, public keys of all ECUs, and ID values, and the initial ECU performs encryption processing on the first key, including: the initial ECU adds the ID value of the initial ECU to the first secret key to obtain first data; the initial ECU encrypts the first data by adopting a private key of the initial ECU to obtain second data; the initial ECU adds the ID value of the initial ECU to the second data to obtain third data; and the initial ECU respectively encrypts the third data by adopting the public keys of the other ECUs to obtain a plurality of fourth data.
According to an embodiment of the present invention, the first encrypted data includes the plurality of fourth data, and the initial ECU transmits the first encrypted data to the other ECUs, respectively, including: and the initial ECU correspondingly sends the plurality of fourth data to corresponding ECUs respectively.
According to an embodiment of the present invention, the other ECU performs decryption processing on the first encrypted data, including: the other ECUs decrypt the received fourth data by adopting own private keys to obtain fifth data; the other ECUs analyze the fifth data to obtain a first ID value and sixth data; the other ECUs decrypt the sixth data by adopting the public key of the initial ECU to obtain seventh data; and the other ECUs analyze the seventh data to obtain a second ID value and a second key.
According to an embodiment of the present invention, the secure communication method of the electronic control unit ECU further includes: the other ECU comparing a relationship between the first ID value and the second ID value; and if the first ID value is equal to the second ID value, the other ECUs determine that the ECU is a safe and reliable ECU installed in the original factory, and record a second key as the first key.
According to an embodiment of the present invention, the secure communication method of the electronic control unit ECU further includes: after a newly added ECU is connected to the vehicle, the newly added ECU sends a public key and an ID value of the newly added ECU and identity information of the vehicle to a server or a diagnostic instrument; the server or the diagnostic instrument performs identity authentication on the newly added ECU, acquires public keys and ID values of all current ECUs of the vehicle according to the identity information after the identity authentication is passed, encrypts the public keys and the ID values of the newly added ECU to obtain second encrypted data, and encrypts the public keys and the ID values of all current ECUs of the vehicle to obtain third encrypted data; the server or the diagnostic instrument sends the second encrypted data to all current ECUs of the vehicle so that all current ECUs record public keys and ID values of the newly added ECUs; and the server or the diagnostic instrument sends the third encrypted data to the newly added ECU so that the newly added ECU records the public keys and the ID values of all current ECUs of the vehicle.
In order to achieve the above object, a second aspect of the present invention provides a secure communication system of an electronic control unit ECU, where the secure communication system includes an initial ECU and at least one target ECU, where the initial ECU is configured to randomly generate a communication key, which is recorded as a first key, after a finished vehicle is powered on and started; encrypting the first key to obtain first encrypted data; and transmitting the first encrypted data to each of the target ECUs; the target ECU is used for decrypting the first encrypted data to obtain the first secret key; after the target ECU obtains the first key, the initial ECU and each target ECU as well as each target ECU carry out encrypted communication by adopting the first key.
In the secure communication system of the electronic control unit ECU, the initial ECU randomly generates a first secret key after the whole vehicle is powered on, the first secret key is encrypted to obtain first encrypted data, the first encrypted data are sent to the target ECU, the target ECU decrypts the first encrypted data to obtain the first secret key, and the ECUs are in encrypted communication by adopting the first secret key. Therefore, through mutual authentication between the vehicle parts, the communication safety between the vehicle parts is guaranteed on the premise of not depending on a server or a diagnostic instrument.
In addition, the safety communication system of the electronic control unit ECU according to the present invention may further have the following additional technical features:
according to an embodiment of the present invention, the secure communication system of the electronic control unit ECU further includes: the initial ECU and the target ECU are both provided with private keys, and public keys and ID values of the initial ECU and the target ECU.
According to an embodiment of the present invention, the secure communication system of the electronic control unit ECU further includes: the system comprises a newly-added ECU, a server or a diagnostic instrument, wherein the newly-added ECU is used for sending a private key, a public key and an ID value of the newly-added ECU and identity information of the vehicle to the server or the diagnostic instrument after the newly-added ECU is accessed to the vehicle; the server or the diagnostic instrument is used for performing identity authentication on the newly added ECU and acquiring public keys and ID values of the initial ECU and the target ECU according to the identity information after the identity authentication is passed; encrypting the public key and the ID value of the newly added ECU to obtain second encrypted data, and encrypting the public key and the ID value of the initial ECU and the target ECU to obtain third encrypted data; sending the second encrypted data to the initial ECU and the target ECU, and sending the third encrypted data to the new ECU; the newly added ECU is also used for recording public keys and ID values of the initial ECU and the target ECU; the initial ECU and the target ECU are also used for recording the public key and the ID value of the newly added ECU.
In order to achieve the above object, a third embodiment of the present invention provides an ECU, which includes a generating module, configured to generate a communication key, which is recorded as a first key, after a whole vehicle is powered on and started; the encryption module is used for encrypting the first secret key to obtain first encrypted data, and encrypting communication data by adopting the first secret key after all ECUs of the vehicle obtain the first secret key; the communication module is used for respectively sending the first encrypted data to other ECUs to enable the other ECUs to decrypt the first encrypted data to obtain the first secret key and transmit the communication data encrypted by the first secret key; and the decryption module is used for decrypting the encrypted data received by the communication module.
The electronic control unit ECU of the embodiment of the invention can ensure the communication safety between parts of the vehicle on the premise of not depending on a server or a diagnostic instrument by realizing the safe communication method of the electronic control unit ECU.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
Fig. 1 is a flowchart of a secure communication method of an electronic control unit ECU according to one embodiment of the present invention;
FIG. 2 is a flow diagram of an encryption process for a first key according to one embodiment of the invention;
FIG. 3 is a flow diagram of a process for decrypting first encrypted data according to one embodiment of the invention;
fig. 4 is a flowchart of a secure communication method of an electronic control unit ECU according to another embodiment of the present invention;
fig. 5 is a block diagram of a secure communication system of an electronic control unit ECU according to an embodiment of the present invention;
fig. 6 is a block diagram of a secure communication system of an electronic control unit ECU according to another embodiment of the present invention;
fig. 7 is a block diagram of the electronic control unit ECU of the embodiment of the invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
An electronic control unit ECU, a secure communication method thereof, and a system thereof according to embodiments of the present invention are described below with reference to the accompanying drawings.
In the embodiment of the invention, the vehicle comprises a plurality of ECUs, when the vehicle leaves a factory, private keys, public keys and ID values of all ECUs are arranged in all ECUs and communication modules of the vehicle, the public keys and the ID values of all ECUs of the vehicle are stored in a server or a diagnostic instrument, and each part produced by a vehicle factory as a spare part is also provided with the private key of the part, and the public key and the ID value of at least one server or diagnostic instrument.
Fig. 1 is a flowchart of a secure communication method of an electronic control unit ECU according to one embodiment of the present invention.
It should be noted that in an embodiment of the present invention, the ECUs may perform mutual authentication and secure communication via the local area network of the vehicle itself, without depending on a server or a diagnostic device.
As shown in fig. 1, a secure communication method of an electronic control unit ECU according to an embodiment of the present invention includes the steps of:
and S11, after the whole vehicle is powered on and started, one ECU in the plurality of ECUs randomly generates a communication key and records the communication key as a first key, wherein the ECU generating the communication key is recorded as an initial ECU.
Optionally, the vehicle may select one ECU from all ECUs of the vehicle when leaving the factory, and record the selected ECU as an initial ECU; the vehicle can also randomly select one ECU from all the ECUs of the vehicle every time the whole vehicle is powered on and started, and the ECU is recorded as an initial ECU.
S12, the initial ECU performs an encryption process on the first key to obtain first encrypted data.
Specifically, each ECU is provided with a private key, public keys of all ECUs, and ID values, and after one ECU is recorded as an initial ECU, it encrypts the first key according to the internally provided private key, public keys of all ECUs, and ID values.
As an example, as shown in fig. 2, the flow of the encryption process of the first key by the initial ECU may be as follows:
s21, the initial ECU appends its ID value to the first key, resulting in first data.
And S22, the initial ECU encrypts the first data by using the private key of the initial ECU to obtain second data.
Specifically, the initial ECU encrypts the first data with its own private key, so that the other ECUs can confirm that the initial ECU is not a third-party ECU according to the private key.
S23, the initial ECU appends its ID value to the second data, resulting in third data.
And S24, the initial ECU respectively encrypts the third data by adopting the public keys of other ECUs to obtain a plurality of fourth data.
Specifically, the initial ECU encrypts the third data one by one using the public keys of all other ECUs stored inside the initial ECU, the public key of each of the other ECUs stored inside the initial ECU is used for encryption to generate fourth data corresponding to the public key, all the fourth data are merged into one data packet, and further, the data packet is made to be the first encrypted data. Therefore, the third-party ECU or other equipment cannot decrypt the data, and the third-party ECU or other equipment is prevented from obtaining the third data.
S13, the initial ECU transmits the first encrypted data to the other ECUs, respectively.
Specifically, the first encrypted data includes a plurality of fourth data, and the initial ECU transmits the first encrypted data to the other ECUs, respectively, including: and the initial ECU correspondingly sends the plurality of fourth data to the corresponding ECUs respectively.
S14, the other ECU decrypts the first encrypted data to obtain the first key.
As an example, as shown in fig. 3, the flow of the decryption process of the first encrypted data by the other ECUs may be as follows:
and S31, the other ECUs decrypt the received fourth data by adopting own private keys to obtain fifth data.
Specifically, after receiving the first encrypted data, the other ECUs decrypt each fourth data in the received first encrypted data one by using their own private keys, and since the initial ECU encrypts the third data by using the public keys of all the other ECUs to obtain the first encrypted data, each of the other ECUs can only decrypt one fourth data in the received first encrypted data, and the fourth data corresponds to the public key and the private key of the ECU, and the ECU decrypts the fourth data to obtain the fifth data, and the fourth data that cannot be decrypted is directly discarded.
And S32, the other ECUs analyze the fifth data to obtain a first ID value and sixth data.
And S33, the other ECUs decrypt the sixth data by adopting the public key of the initial ECU to obtain seventh data.
And S34, the other ECUs analyze the seventh data to obtain a second ID value and a second key.
S35, the other ECU compares the relationship between the first ID value and the second ID value.
And S36, if the first ID value is equal to the second ID value, the other ECUs determine that the ECU is a safe and reliable ECU installed in the original factory, and record that the second key is the first key.
Specifically, if the first ID value and the second ID value are equal, it may be determined that the ECU that transmitted the key is the ECU of the host vehicle, and the second key obtained by decrypting the seventh data is regarded as the first key.
S15, each ECU performs encrypted communication using the first key.
Specifically, the communication between the initial ECU and the other ECUs is encrypted using the first key, and the communication between the other ECUs is also encrypted using the first key.
Fig. 4 is a flowchart of a secure communication method of an electronic control unit ECU according to another embodiment of the present invention.
As shown in fig. 4, a secure communication method of an electronic control unit ECU according to another embodiment of the present invention includes the steps of:
and S41, when the newly added ECU is connected to the vehicle, the newly added ECU sends the public key and the ID value of the newly added ECU and the identity information of the vehicle to a server or a diagnostic instrument.
The newly added ECU encrypts the public key, the ID value and the identity information of the vehicle through the preset public key of the server or the diagnostic instrument, and sends the encrypted data to the server or the diagnostic instrument.
And S42, the server or the diagnostic instrument performs identity authentication on the newly added ECU, and after the authentication is passed, the public keys and the ID values of all the current ECUs of the vehicle are obtained according to the identity information, the public keys and the ID values of the newly added ECU are encrypted to obtain second encrypted data, and the public keys and the ID values of all the current ECUs of the vehicle are encrypted to obtain third encrypted data.
The server or the diagnostic instrument confirms the vehicle accessed by the newly added ECU through the identity information of the vehicle, confirms the identity of the newly added ECU through the ID of the newly added ECU, and further obtains the public keys and the ID values of all the ECUs of the vehicle through the data stored in the server or the diagnostic instrument.
Optionally, the server or the diagnostic apparatus may perform encryption processing by using a private key of an encryption algorithm stored in the server or the diagnostic apparatus to obtain second encrypted data and third encrypted data, and public keys of the encryption algorithm are stored in all current ECUs and newly added ECUs of the vehicle; the server or the diagnostic instrument can also adopt public keys of all current ECUs of the vehicle to perform encryption processing to obtain second encrypted data, and adopt the public key of the newly added ECU to perform encryption processing to obtain third encrypted data.
And S43, the server or the diagnostic instrument sends the second encrypted data to all current ECUs of the vehicle, so that all current ECUs record the public key and the ID value of the newly added ECU.
And S44, the server or the diagnostic instrument sends the third encrypted data to the newly added ECU so that the newly added ECU records the public keys and the ID values of all current ECUs of the vehicle.
In summary, according to the secure communication method of the ECU according to the embodiment of the present invention, the communication security between the vehicle components is ensured without depending on the server or the diagnostic device by the mutual authentication between the vehicle components. Through mutual authentication between the vehicle and the parts, the parts of non-original factories are prevented from being installed on the vehicle.
Fig. 5 is a block diagram of a secure communication system of the electronic control unit ECU according to one embodiment of the present invention.
As shown in fig. 5, the secure communication system 100 includes an initial ECU101 and a target unit 102, wherein the target unit 102 includes at least one target ECU.
Specifically, the initial ECU101 is configured to randomly generate a communication key, which is recorded as a first key, after the entire vehicle is powered on and started; encrypting the first key to obtain first encrypted data; and sending the first encrypted data to each target ECU; the target ECU is used for decrypting the first encrypted data to obtain a first key; after the target ECU obtains the first key, the initial ECU101 performs encrypted communication with each target ECU and each target ECU by using the first key.
The safety communication system ensures the communication safety between the vehicle parts on the premise of not depending on a server or a diagnostic instrument through mutual authentication between the vehicle parts.
In one embodiment of the present invention, the initial ECU101 is specifically configured to: the initial ECU101 appends its own ID value to the first key, resulting in first data; the initial ECU101 encrypts the first data by adopting a private key thereof to obtain second data; the initial ECU101 appends its own ID value to the second data, resulting in third data; the initial ECU101 encrypts the third data with the public key of each target ECU, respectively, to obtain a plurality of fourth data.
Further, the initial ECU101 transmits a plurality of fourth data to the target ECU 102.
In an embodiment of the present invention, the target unit 102 is specifically configured to: the target ECU decrypts the received fourth data by adopting a private key thereof to obtain fifth data; the target ECU analyzes the fifth data to obtain a first ID value and sixth data; the target ECU decrypts the sixth data by adopting the public key of the initial ECU101 to obtain seventh data; and the target ECU analyzes the seventh data to obtain a second ID value and a second key.
Further, the target ECU compares the relationship between the first ID value and the second ID value; if the first ID value and the second ID value are equal, the target ECU records the second key as the first key.
In one embodiment of the present invention, both the initial ECU101 and the target ECU are provided with a private key, and the public key and ID values of the initial ECU101 and the target ECU.
Fig. 6 is a block diagram of a secure communication system of an electronic control unit ECU according to another embodiment of the present invention.
As shown in fig. 6, the secure communication system 200 of the electronic control unit ECU includes the secure communication system 100 of the electronic control unit ECU, a newly added ECU201, a server, or a diagnostic instrument 202.
Specifically, the newly added ECU201 is configured to send a public key and an ID value of the ECU and identity information of the vehicle to the server or the diagnostic apparatus 202 after the vehicle is accessed; the server or the diagnostic apparatus 202 is used for performing identity authentication on the newly added ECU201, and acquiring public keys and ID values of the initial ECU101 and the target ECU according to the identity information after the identity authentication is passed; encrypting the public key and the ID value of the newly added ECU201 to obtain second encrypted data, and encrypting the public key and the ID value of the initial ECU101 and the target ECU to obtain third encrypted data; sending the second encrypted data to the initial ECU101 and the target ECU, and sending the third encrypted data to the new ECU 201; the newly added ECU201 is also used for recording public keys and ID values of the initial ECU101 and the target ECU; the initial ECU101 and the target ECU are also used for recording the public key and the ID value of the newly added ECU 201.
The safety communication system prevents the parts of the non-original factory from being installed on the vehicle through mutual authentication between the vehicle and the parts.
For another specific implementation of the secure communication system of the electronic control unit ECU according to the embodiment of the present invention, reference may be made to the secure communication method of the electronic control unit ECU according to the above-described embodiment.
In summary, the secure communication system of the ECU according to the embodiment of the present invention ensures the communication security between the vehicle components without depending on the server or the diagnostic device by the mutual authentication between the vehicle components. Through mutual authentication between the vehicle and the parts, the parts of non-original factories are prevented from being installed on the vehicle.
Further, the invention provides an Electronic Control Unit (ECU).
Fig. 7 is a block diagram of the electronic control unit ECU of the embodiment of the invention.
As shown in fig. 7, the electronic control unit ECU300 includes a generation module 301, an encryption module 302, a communication module 303, and a decryption module 304.
The electronic control unit ECU of the embodiment of the invention can ensure the communication safety between the parts of the vehicle on the premise of not depending on a server or a diagnostic instrument and prevent the parts of an original factory from being installed on the vehicle through the safety communication system of the electronic control unit ECU.
It should be noted that the logic and/or steps represented in the flowcharts or otherwise described herein, such as an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
In the description of the present invention, it is to be understood that the terms "central," "longitudinal," "lateral," "length," "width," "thickness," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," "clockwise," "counterclockwise," "axial," "radial," "circumferential," and the like are used in the orientations and positional relationships indicated in the drawings for convenience in describing the invention and to simplify the description, and are not intended to indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and are therefore not to be considered limiting of the invention.
Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
In the present invention, unless otherwise expressly stated or limited, the terms "mounted," "connected," "secured," and the like are to be construed broadly and can, for example, be fixedly connected, detachably connected, or integrally formed; can be mechanically or electrically connected; they may be directly connected or indirectly connected through intervening media, or they may be connected internally or in any other suitable relationship, unless expressly stated otherwise. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
In the present invention, unless otherwise expressly stated or limited, the first feature "on" or "under" the second feature may be directly contacting the first and second features or indirectly contacting the first and second features through an intermediate. Also, a first feature "on," "over," and "above" a second feature may be directly or diagonally above the second feature, or may simply indicate that the first feature is at a higher level than the second feature. A first feature being "under," "below," and "beneath" a second feature may be directly under or obliquely under the first feature, or may simply mean that the first feature is at a lesser elevation than the second feature.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.
Claims (10)
1. A secure communication method of an electronic control unit ECU, characterized in that a vehicle includes a plurality of ECUs, the secure communication method comprising the steps of:
after the whole vehicle is electrified and started, one ECU in the plurality of ECUs randomly generates a communication key and records the communication key as a first key, wherein the ECU generating the communication key is recorded as an initial ECU;
the initial ECU encrypts the first secret key to obtain first encrypted data;
the initial ECU respectively sends the first encrypted data to other ECUs;
the other ECUs decrypt the first encrypted data to obtain the first secret key;
each ECU performs encrypted communication using the first key.
2. The method of secure communication of electronic control units, ECUs, according to claim 1, wherein each of the ECUs is provided with a private key, a public key of all ECUs, and an ID value, and the initial ECU performs an encryption process on the first key, including:
the initial ECU adds the ID value of the initial ECU to the first secret key to obtain first data;
the initial ECU encrypts the first data by adopting a private key of the initial ECU to obtain second data;
the initial ECU adds the ID value of the initial ECU to the second data to obtain third data;
and the initial ECU respectively encrypts the third data by adopting the public keys of the other ECUs to obtain a plurality of fourth data.
3. The secure communication method of an electronic control unit ECU according to claim 2, wherein the first encrypted data includes the plurality of fourth data, and the initial ECU transmits the first encrypted data to the other ECUs, respectively, including:
and the initial ECU correspondingly sends the plurality of fourth data to corresponding ECUs respectively.
4. The secure communication method of an electronic control unit ECU according to claim 2, wherein the other ECU performs decryption processing of the first encrypted data, including:
the other ECUs decrypt the received fourth data by adopting own private keys to obtain fifth data;
the other ECUs analyze the fifth data to obtain a first ID value and sixth data;
the other ECUs decrypt the sixth data by adopting the public key of the initial ECU to obtain seventh data;
and the other ECUs analyze the seventh data to obtain a second ID value and a second key.
5. The secure communication method of an Electronic Control Unit (ECU) according to claim 4, further comprising:
the other ECU comparing a relationship between the first ID value and the second ID value;
and if the first ID value is equal to the second ID value, the other ECUs determine that the ECU is a safe and reliable ECU installed in the original factory, and record a second key as the first key.
6. The secure communication method of an electronic control unit ECU according to claim 1, characterized by further comprising:
after a newly added ECU is connected to the vehicle, the newly added ECU sends a public key and an ID value of the newly added ECU and identity information of the vehicle to a server or a diagnostic instrument;
the server or the diagnostic instrument performs identity authentication on the newly added ECU, acquires public keys and ID values of all current ECUs of the vehicle according to the identity information after the identity authentication is passed, encrypts the public keys and the ID values of the newly added ECU to obtain second encrypted data, and encrypts the public keys and the ID values of all current ECUs of the vehicle to obtain third encrypted data;
the server or the diagnostic instrument sends the second encrypted data to all current ECUs of the vehicle so that all current ECUs record public keys and ID values of the newly added ECUs;
and the server or the diagnostic instrument sends the third encrypted data to the newly added ECU so that the newly added ECU records the public keys and the ID values of all current ECUs of the vehicle.
7. A secure communication system of an electronic control unit ECU, characterized by comprising: an initial ECU and at least one target ECU, wherein,
the initial ECU is used for randomly generating a communication key which is recorded as a first key after the whole vehicle is electrified and started; encrypting the first key to obtain first encrypted data; and transmitting the first encrypted data to each of the target ECUs;
the target ECU is used for decrypting the first encrypted data to obtain the first secret key;
after the target ECU obtains the first key, the initial ECU and each target ECU as well as each target ECU carry out encrypted communication by adopting the first key.
8. The secure communication system of electronic control units, ECUs, according to claim 7, wherein the initial ECU and the target ECU are each provided with a private key, and public keys and ID values of the initial ECU and the target ECU.
9. The secure communication system of an electronic control unit ECU according to claim 8, characterized by further comprising: an ECU, a server or a diagnostic instrument is newly added, wherein,
the newly-added ECU is used for sending a public key and an ID value of the ECU and identity information of the vehicle to the server or the diagnostic instrument after the vehicle is accessed;
the server or the diagnostic instrument is used for performing identity authentication on the newly added ECU and acquiring public keys and ID values of the initial ECU and the target ECU according to the identity information after the identity authentication is passed; encrypting the public key and the ID value of the newly added ECU to obtain second encrypted data, and encrypting the public key and the ID value of the initial ECU and the target ECU to obtain third encrypted data; sending the second encrypted data to the initial ECU and the target ECU, and sending the third encrypted data to the new ECU;
the newly added ECU is also used for recording public keys and ID values of the initial ECU and the target ECU;
the initial ECU and the target ECU are also used for recording the public key and the ID value of the newly added ECU.
10. An Electronic Control Unit (ECU), comprising:
the generating module is used for generating a communication key which is recorded as a first key after the whole vehicle is powered on and started;
the encryption module is used for encrypting the first secret key to obtain first encrypted data, and encrypting communication data by adopting the first secret key after all ECUs of the vehicle obtain the first secret key;
the communication module is used for respectively sending the first encrypted data to other ECUs to enable the other ECUs to decrypt the first encrypted data to obtain the first secret key and transmit the communication data encrypted by the first secret key;
and the decryption module is used for decrypting the encrypted data received by the communication module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010615120.8A CN111817849A (en) | 2020-06-30 | 2020-06-30 | Electronic control unit ECU and safe communication method and system thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010615120.8A CN111817849A (en) | 2020-06-30 | 2020-06-30 | Electronic control unit ECU and safe communication method and system thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111817849A true CN111817849A (en) | 2020-10-23 |
Family
ID=72855238
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010615120.8A Pending CN111817849A (en) | 2020-06-30 | 2020-06-30 | Electronic control unit ECU and safe communication method and system thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111817849A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113162928A (en) * | 2021-04-19 | 2021-07-23 | 广州小鹏汽车科技有限公司 | Communication method, communication device, ECU, vehicle and storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103404112A (en) * | 2011-03-04 | 2013-11-20 | 丰田自动车株式会社 | Vehicle network system |
| CN106533655A (en) * | 2016-10-27 | 2017-03-22 | 江苏大学 | Method for secure communication of ECUs (Electronic control unit) in a vehicle network |
| JP2017208731A (en) * | 2016-05-19 | 2017-11-24 | Kddi株式会社 | Management system, management device, on-vehicle computer, management method, and computer program |
| CN108259465A (en) * | 2017-12-08 | 2018-07-06 | 清华大学 | A kind of authentication encryption method of intelligent automobile internal network |
| CN108377184A (en) * | 2018-01-09 | 2018-08-07 | 清华大学 | A kind of intelligent automobile internal network distributed authentication encryption method |
| US20190238555A1 (en) * | 2018-01-29 | 2019-08-01 | Nagravision S.A. | Secure communication between in-vehicle electronic control units |
| CN110912690A (en) * | 2019-11-01 | 2020-03-24 | 中国第一汽车股份有限公司 | Data encryption and decryption method, vehicle and storage medium |
| US20200112439A1 (en) * | 2018-10-03 | 2020-04-09 | Panasonic Automotive Systems Company Of America, Division Of Panasonic Corporation Of North America | Secure controller area network in vehicles |
| CN111194033A (en) * | 2020-01-08 | 2020-05-22 | 浙江吉利汽车研究院有限公司 | In-vehicle secure communication method, system and computer storage medium |
-
2020
- 2020-06-30 CN CN202010615120.8A patent/CN111817849A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103404112A (en) * | 2011-03-04 | 2013-11-20 | 丰田自动车株式会社 | Vehicle network system |
| JP2017208731A (en) * | 2016-05-19 | 2017-11-24 | Kddi株式会社 | Management system, management device, on-vehicle computer, management method, and computer program |
| CN106533655A (en) * | 2016-10-27 | 2017-03-22 | 江苏大学 | Method for secure communication of ECUs (Electronic control unit) in a vehicle network |
| CN108259465A (en) * | 2017-12-08 | 2018-07-06 | 清华大学 | A kind of authentication encryption method of intelligent automobile internal network |
| CN108377184A (en) * | 2018-01-09 | 2018-08-07 | 清华大学 | A kind of intelligent automobile internal network distributed authentication encryption method |
| US20190238555A1 (en) * | 2018-01-29 | 2019-08-01 | Nagravision S.A. | Secure communication between in-vehicle electronic control units |
| US20200112439A1 (en) * | 2018-10-03 | 2020-04-09 | Panasonic Automotive Systems Company Of America, Division Of Panasonic Corporation Of North America | Secure controller area network in vehicles |
| CN110912690A (en) * | 2019-11-01 | 2020-03-24 | 中国第一汽车股份有限公司 | Data encryption and decryption method, vehicle and storage medium |
| CN111194033A (en) * | 2020-01-08 | 2020-05-22 | 浙江吉利汽车研究院有限公司 | In-vehicle secure communication method, system and computer storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113162928A (en) * | 2021-04-19 | 2021-07-23 | 广州小鹏汽车科技有限公司 | Communication method, communication device, ECU, vehicle and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109257374B (en) | Security control method and device and computer equipment | |
| US9992178B2 (en) | Method, apparatus and system for dynamically controlling secure vehicle communication based on ignition | |
| CN111131313B (en) | Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile | |
| CN106658493B (en) | Key management method, device and system | |
| CN106302379B (en) | Authentication method, system and device for vehicle-mounted electric appliance | |
| JP5310761B2 (en) | Vehicle network system | |
| CN110708388B (en) | Vehicle body safety anchor node device, method and network system for providing safety service | |
| KR20150074414A (en) | Firmware upgrade method and system thereof | |
| CN109976770B (en) | ECU (electronic control Unit) flashing method and system and related equipment | |
| JP2019009688A (en) | Maintenance system and maintenance method | |
| JP6260068B1 (en) | Maintenance device, maintenance method, and computer program | |
| CN112883382A (en) | Vehicle flashing method, vehicle networking box, vehicle and storage medium | |
| CN108116367B (en) | Keyless system matching method and keyless matching system | |
| CN111817849A (en) | Electronic control unit ECU and safe communication method and system thereof | |
| CN116781263B (en) | Identity authentication and secret key self-updating method among in-vehicle ECUs and readable storage medium | |
| CN116488813B (en) | Vehicle, communication security authentication method and device thereof, electronic equipment and storage medium | |
| CN114692095A (en) | Vehicle-mounted software authorization method, storage medium, electronic device and vehicle | |
| CN113115255A (en) | Certificate issuing method, secret key authentication method, vehicle unlocking method, equipment and storage medium | |
| CN116456336A (en) | External equipment access security authentication method, system, automobile, equipment and storage medium | |
| JP2018050255A (en) | Vehicle information collecting system, data security device, vehicle information collecting method, and computer program | |
| JP6188744B2 (en) | Management system, vehicle and management method | |
| CN114599030A (en) | Vehicle, remote control method thereof, storage medium and terminal device | |
| JP6464466B2 (en) | Maintenance device, maintenance method, and computer program | |
| CN112702170A (en) | Management method, management system, viewing method and viewing terminal for vehicle data | |
| JP2018057044A (en) | Vehicle information gathering system, data safety device, vehicle information gathering device, vehicle information gathering method, and computer program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20201023 |