CN112383506A - Network control device, method, equipment and medium of non-original module - Google Patents
Network control device, method, equipment and medium of non-original module Download PDFInfo
- Publication number
- CN112383506A CN112383506A CN202011100285.8A CN202011100285A CN112383506A CN 112383506 A CN112383506 A CN 112383506A CN 202011100285 A CN202011100285 A CN 202011100285A CN 112383506 A CN112383506 A CN 112383506A
- Authority
- CN
- China
- Prior art keywords
- module
- original
- area network
- original module
- gateway
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000003745 diagnosis Methods 0.000 claims description 21
- 230000006870 function Effects 0.000 claims description 16
- 238000002955 isolation Methods 0.000 claims description 6
- 238000009434 installation Methods 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 abstract description 20
- 230000006854 communication Effects 0.000 abstract description 16
- 238000004891 communication Methods 0.000 abstract description 15
- 238000004422 calculation algorithm Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 9
- 230000008054 signal transmission Effects 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 125000004122 cyclic group Chemical group 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L12/40006—Architecture of a communication node
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0061—Error detection codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a network control device, a method, equipment and a medium of a non-original module, wherein the device comprises the following components: the system comprises an original module, a non-original module, a control local area network and a gateway module. The original module is connected with the control local area network of the original module, the non-original module is connected with the control local area network of the non-original module, and the control local area network of the original module and the control local area network of the non-original module are both connected with the gateway module. When data transmission is carried out between the original module and the non-original module, the gateway module needs to authenticate the non-original module, data transmission can be continued when authentication is successful, and data transmission of the non-original module to the original module is forbidden when authentication is unsuccessful. The method has the advantages that the control local area network of the non-original module is separated, the mutual interference between the non-original module and the original module is avoided, the communication quality of the control local area network is guaranteed, and the safety of data transmission is guaranteed in a mode of authenticating the non-original module.
Description
Technical Field
The present invention relates to the field of controller area networks, and in particular, to a network control apparatus, method, device, and medium for a non-native module.
Background
A controller area network is a serial communication network that effectively supports distributed control or real-time control, and in the automobile industry, various electronic control systems have been developed for the requirements of safety, comfort, convenience, low pollution, and low cost. Since the types of data used for communication between these systems and the requirements for reliability are different, the number of harnesses is increased in many cases because the harnesses are formed of a plurality of buses. In order to meet the demand for "reducing the number of harnesses" and "performing high-speed communication of a large amount of data through a plurality of LANs", a controller area network has been developed.
At present, network topologies of local networks of vehicle-mounted main stream vehicle-mounted controllers are divided according to functional domains, and have very strict design specification requirements on network node access of the local networks of the controllers, and the network nodes of the local networks of the controllers can be accessed into a network bus of the local networks of the controllers after being tested very strictly. Therefore, in the prior art, the non-original module can only be accessed to the controller area network of a certain functional domain, and if the design requirement of the non-original module on the controller area network is low, the quality of the network signal may be affected, and the overall communication of the accessed functional domain is affected, so that the functions of the original module of the original vehicle cannot be interacted.
Disclosure of Invention
The invention provides a network control device, a method, equipment and a medium of a non-original module, which ensure the communication quality of a controller local area network and the safety of data transmission.
On one hand, the invention provides a network control device of a non-original module, which comprises an original module, a non-original module, a control local area network and a gateway module;
the control local area network comprises a controller local area network of an original module and a control local area network of a non-original module;
the original module is electrically connected with a controller local area network of the original module, and the controller local area network of the original module is electrically connected with the gateway module;
the non-original module is electrically connected with a controller local area network of the non-original module, and the controller local area network of the non-original module is electrically connected with the gateway module;
the gateway module is used for authenticating the non-original module through a controller area network of the non-original module;
and if the authentication is successful, the gateway module forwards the data required by the vehicle non-original module to a controller local area network of the non-original module.
In another aspect, a method for controlling a network of a non-original module is provided, where the method includes:
the original module acquires data required by the vehicle non-original module;
the original module sends data required by the vehicle non-original module to a gateway module through a controller local area network of the original module;
the gateway module authenticates the non-original module through a controller area network of the non-original module;
if the authentication is successful, the gateway module forwards data required by the vehicle non-original module to a controller area network of the non-original module;
the non-original-mounted module receives data required by the vehicle non-original-mounted module, which is transmitted by a controller local area network of the non-original-mounted module;
and the non-original module executes corresponding functions according to the data required by the vehicle non-original module.
Another aspect provides an apparatus, including a processor and a memory, where at least one instruction or at least one program is stored in the memory, and the at least one instruction or the at least one program is loaded and executed by the processor to implement the network control method of the non-native module as described above.
Another aspect provides a computer storage medium, where the storage medium includes a processor and a memory, where the memory stores at least one instruction or at least one program, and the at least one instruction or the at least one program is loaded by the processor and executed to implement the network control method of the non-native module as described above.
The invention provides a network control device, a method, equipment and a medium of a non-original module, wherein the device comprises the following components: the system comprises an original module, a non-original module, a control local area network and a gateway module. The original module is connected with the control local area network of the original module, the non-original module is connected with the control local area network of the non-original module, and the control local area network of the original module and the control local area network of the non-original module are both connected with the gateway module. When the original module sends data to the non-original module or the non-original module sends data to the original module, the gateway module needs to authenticate the non-original module, data transmission can be continued when authentication is successful, and data transmission of the non-original module to the original module is forbidden when authentication is unsuccessful. The method has the advantages that the control local area network of the non-original module is separated, the mutual interference between the non-original module and the original module is avoided, the communication quality of the control local area network is guaranteed, and the safety of data transmission is guaranteed in a mode of authenticating the non-original module.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic block diagram of a network control apparatus of a non-original module according to an embodiment of the present invention;
fig. 2 is a schematic signal transmission diagram of a network control device of a non-original module according to an embodiment of the present invention;
fig. 3 is a schematic diagram of signal transmission when a gateway module authenticates a non-native device module in a network control apparatus of the non-native device module according to an embodiment of the present invention;
fig. 4 is a schematic diagram of signal interaction between a non-native module and a gateway module during authentication in a network control apparatus of the non-native module according to an embodiment of the present invention;
fig. 5 is a schematic diagram of signal transmission when a gateway module performs secondary authentication in a network control apparatus of a non-original device module according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a diagnosis interface, a non-genuine module and a genuine module in a network control device of the non-genuine module according to an embodiment of the present invention;
fig. 7 is a flowchart of a network control method of a non-original module according to an embodiment of the present invention;
fig. 8 is a flowchart illustrating an authentication of a non-genuine module performed by a gateway module in a network control method for a non-genuine module according to an embodiment of the present invention;
fig. 9 is a flowchart illustrating a gateway module comparing authentication information with feedback information in a network control method for a non-original module according to an embodiment of the present invention;
fig. 10 is a flowchart illustrating a secondary authentication performed by a gateway module in a network control method for a non-native module according to an embodiment of the present invention;
fig. 11 is a flowchart of information feedback from a non-genuine module in a network control method for the non-genuine module according to an embodiment of the present invention;
fig. 12 is a schematic hardware structure diagram of an apparatus for implementing the method provided by the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings. It is to be understood that the described embodiments are merely a few embodiments of the invention, and not all embodiments. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
In the description of the present invention, it is to be understood that the terms "first", "second" and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implying any number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. Moreover, the terms "first," "second," and the like, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein.
Referring to the schematic structural diagram of fig. 1 and the signal transmission diagram of fig. 2, a network control device of a non-original module is shown, the device includes: original module 110, non-original module 120, control local area network 130 and gateway module 140;
the control area network 130 comprises a controller area network 1310 of original modules and a control area network 1320 of non-original modules;
the original module 110 is electrically connected to the controller area network 1310 of the original module, and the controller area network 1310 of the original module is electrically connected to the gateway module 140;
the original module 110 is configured to obtain data required by a vehicle unassembled module, and send the data required by the vehicle unassembled module to the gateway module 140 through the controller local area network 1310 of the original module;
the non-original module 120 is electrically connected to the controller area network 1320 of the non-original module, and the controller area network 1320 of the non-original module is electrically connected to the gateway module 140;
the gateway module 140 is configured to authenticate the non-genuine module 120 through the controller area network 1310 of the non-genuine module;
if the authentication is successful, the gateway module 140 forwards the data required by the vehicle unaffiliated module to the controller area network 1310 of the unaffiliated module;
the non-native module 120 is configured to receive data, which is transmitted by the controller lan 1320 of the non-native module and is required by the vehicle non-native module, and execute a corresponding function according to the data required by the vehicle non-native module.
Specifically, the original module comprises various functional domain modules, which can comprise a power domain module, a chassis domain module, an information domain module and the like. The corresponding Network topology is also a Controller Area Network (CAN) of each functional domain module, such as a CAN of a power domain module, a CAN of a chassis domain module, a CAN of an information domain module, and the like. Each module is connected to a node of the CAN in the corresponding domain. The non-original-mounted module is a functional module mounted behind a user after a vehicle leaves a factory, for example, an operator of a network appointment car needs to actively prompt when the user opens a door when getting off the car due to a certain requirement, at the moment, a door action signal acquired by a sensor in the original-mounted module of the vehicle needs to be acquired, and then the door action signal is transmitted to a door opening prompt module mounted behind the vehicle, the door opening prompt module gives a corresponding prompt, and the prompt information can be fed back to a control module of the original-mounted module.
When the vehicle leaves a factory, the network structure comprises the CAN of each functional domain module and the CAN reserved for the non-original module, namely the CAN of the non-original module, only a gateway node is arranged on the CAN of the non-original module, and the non-original module is not arranged on the CAN of the non-original module, so that a user CAN install the non-original module on the CAN line of the non-original module according to the requirement of the user.
When the non-original module acquires required data from the original module, the original module needs to transmit data to the gateway module through the CAN of the original module, the gateway module forwards the data, and the data is transmitted to the non-original module through the CAN of the non-original module. The gateway module needs to authenticate the non-original module, and the data transmission can be performed only by the successfully authenticated non-original module, so that the security of data transmission is guaranteed.
Further, referring to fig. 2, the apparatus further includes:
the non-native module 120 is further configured to send data executed by the non-native function to the gateway module 140 through the controller area network 1320 of the non-native module;
if the gateway module 140 successfully authenticates the non-genuine module 120, the gateway module 140 is further configured to forward the data executed by the non-genuine function to the controller local area network 1310 of the genuine module;
the original module 110 is further configured to receive data transmitted by the controller area network 1310 of the original module, where the data is executed by the non-original function.
Specifically, the original module and the non-original module perform two-way communication through the gateway module, the original module transmits related data to the non-original module through forwarding of the gateway module, the non-original module feeds back execution data to the original module through forwarding of the gateway module, and in the two-way communication process, the gateway module needs to authenticate the non-original module, otherwise, the data of the non-original module cannot be fed back to the original module.
Further, referring to fig. 3, the authentication of the non-native module 120 by the gateway module 140 through the controller area network 1320 of the non-native module includes:
the gateway module 140 sends authentication information to the non-genuine module 120;
the non-original module 120 sends feedback information to the gateway module 140 based on the authentication information;
the gateway module 140 compares the feedback information with the authentication information, and authenticates the non-original module 120.
Specifically, when the gateway module authenticates the non-genuine module, the gateway module sends authentication information to the non-genuine module through the CAN of the non-genuine module, after the non-genuine module receives the authentication information, corresponding feedback information is obtained based on the authentication information, the feedback information is sent to the gateway module through the CAN of the non-genuine module, and the gateway module verifies the feedback information and determines whether the non-genuine module passes the authentication. When verifying the feedback information, the gateway module verifies by comparing the contents of the authentication information and the feedback information.
Further, referring to fig. 4, the gateway module 140 compares the feedback information with the authentication information, and the authenticating the non-original module 120 includes:
the gateway module 140 obtains the first encoded data in the authentication information;
the gateway module 140 calculates second encoded data according to the first encoded data;
the gateway module 140 matches the second encoded data with the feedback encoded data in the feedback information, and authenticates the non-genuine module 120, where the feedback encoded data is calculated by the non-genuine module 120 according to the first encoded data.
Specifically, when the gateway module compares the feedback information with the authentication information, the first coded data in the authentication information and the feedback coded data in the feedback information are compared. The authentication information sent by the gateway module to the non-original module contains first coded data, after the authentication information with the first coded data is received by the non-original module, feedback coded information is obtained through calculation according to a preset algorithm consistent with that of the gateway module and based on the first coded data, and the feedback coded information is sent to the gateway module. And at the moment, the gateway module calculates to obtain second coded data based on the first coded data according to a preset algorithm consistent with the non-original module, the gateway module compares the first coded data with the feedback coded data, if the first coded data is consistent with the feedback coded data, the authentication is successful, and the non-original module is a legal node.
In a specific embodiment, after the vehicle is powered on, the gateway broadcasts a safety management message in a period of 1s, wherein 4 bytes of the first 7 bytes of the message are keys, the other 3 bytes are random numbers, and the last byte is a CRC check code. And sending the CAN message data with Key to the non-original module. After the node of the non-original module receives the Key message, the Seed of 4 bytes is calculated in a certain time by an algorithm consistent with the gateway, the Seed is distributed in the first 7 bytes, the other 3 bytes are random numbers, and the last byte is a CRC (cyclic redundancy check) code. The non-original-mounted module sends the CAN message data containing the Seed to the gateway, after the gateway receives the Seed message sent by the node of the rear-mounted module, the Seed of the message is compared with the Seed calculated by the gateway, and if the Seed message is consistent with the Seed calculated by the gateway, the node is considered to be a legal node.
The data transmission safety is ensured by the mode of authenticating the non-original module. And the gateway module does not carry out signal routing according to the existence of the signal source, but carries out signal routing according to the existence of the non-original module, and simultaneously verifies the non-original module, so that the error report when the message is transmitted and no response is made CAN be avoided when the CAN of the non-original module has no legal node.
Further, referring to fig. 5, the gateway module 140 matches the second encoded data with the feedback encoded data in the feedback information, and authenticating the non-original module 120 further includes:
if the gateway module 140 does not successfully authenticate the non-original module 120 for the first time, the gateway module 140 performs secondary authentication on the non-original module 120;
if the second authentication is successful, the gateway module 140 forwards the data required by the vehicle unaffiliated module to the controller local area network 1320 of the unaffiliated module;
if the secondary authentication is not successful, the gateway module 140 prohibits the data required by the vehicle unassembled module from being transmitted to the controller area network 1320 of the unassembled module.
Specifically, if the first authentication of the non-original module by the gateway module is not successful, the gateway module will send the second authentication information to the non-original module again to perform the second authentication. And the non-original-package module obtains feedback coding data of the secondary authentication through a preset algorithm consistent with the gateway module according to the first coding data in the secondary authentication information. And the gateway module obtains second coded data of the secondary authentication according to a preset algorithm based on the first coded data in the secondary authentication information, compares the second coded data of the secondary authentication with the feedback coded data of the secondary authentication, and judges whether the non-original module is a legal node or not. If the authentication is successful, the subsequent information transmission operation is continued, if the authentication is failed, the non-original module is determined to be an illegal node, and the data information in the non-original module is prohibited from being uploaded to the original module and the CAN of the original module, so that the data safety in the original module is guaranteed.
Further, the controller area network 1320 of the non-native module and the controller area network 1310 of the native module are different network buses with physical isolation.
Specifically, an isolation mechanism is arranged between a controller area network of the non-original module and a controller area network of the original module, and the isolation mechanism comprises physical isolation and software isolation. The network bus of the controller area network physically isolated into the original module and the network bus of the controller area network of the original module are different network buses, data transmitted on the network bus of the controller area network physically isolated into the original module and the network bus of the controller area network of the original module can be transmitted only after the gateway module successfully authenticates the non-original module, the gateway module selectively routes the data, the data of the routable node preset in the gateway module is directly forwarded by the gateway module, nodes not preset in the gateway module, such as the nodes of the non-original module, are not preset, and the gateway module performs routing after authentication. The controller area network of the non-original module and the controller area network of the original module are physically and software isolated, so that mutual interference between the non-original module and the original module is avoided, and the communication quality of the control area network is ensured.
Further, referring to fig. 6, the apparatus further includes a diagnostic port 150, which includes a diagnostic port 1520 of the non-genuine module and a diagnostic port 1510 of the genuine module;
the diagnostic port 1520 of the non-genuine module sends diagnostic information to the non-genuine module 120 through the controller area network 1320 of the non-genuine module;
the non-native module 120 feeds back a diagnosis result to the diagnosis port 1520 of the non-native module through the controller area network 1320 of the non-native module, and the diagnosis port 1520 of the non-native module is a diagnosis port which is arranged on the controller area network 1320 of the non-native module and is only used for diagnosing the non-native module 120.
Specifically, a controller local area network of the non-original module is provided with two network nodes, namely a non-original module and a diagnosis interface of the non-original module, wherein the diagnosis interface of the non-original module is only used for diagnosing the non-original module, and fault information of the non-original module can be timely processed on the basis of isolation of the original module and the non-original module. The diagnosis interface of the non-original module sends diagnosis information to the non-original module for diagnosis, the non-original module feeds back a diagnosis result to the diagnosis port of the non-original module, and the diagnosis port of the non-original module analyzes and processes the fed back diagnosis result to judge whether the non-original module fails. If yes, the diagnosis interface of the non-original module feeds back fault information, and fault prompt of the non-original module is carried out.
The embodiment of the invention provides a network control device of a non-original module, which comprises: the system comprises an original module, a non-original module, a control local area network and a gateway module. The original module is connected with the control local area network of the original module, the non-original module is connected with the control local area network of the non-original module, and the control local area network of the original module and the control local area network of the non-original module are both connected with the gateway module. When the original module sends data to the non-original module or the non-original module sends data to the original module, the gateway module needs to authenticate the non-original module, data transmission can be continued when authentication is successful, and data transmission of the non-original module to the original module is forbidden when authentication is unsuccessful. The method has the advantages that the control local area network of the non-original module is separated, the mutual interference between the non-original module and the original module is avoided, the communication quality of the control local area network is guaranteed, and the safety of data transmission is guaranteed in a mode of authenticating the non-original module.
An embodiment of the present invention further provides a network control method for a non-original module, please refer to fig. 7, where the method includes:
s710, the original module acquires data required by the vehicle non-original module;
s720, the original module sends data required by the vehicle non-original module to a gateway module through a controller local area network of the original module;
s730, the gateway module authenticates the non-original module through a controller local area network of the non-original module;
further, referring to fig. 8, the authenticating, by the gateway module, the non-native module through the controller area network of the non-native module includes:
s810, the gateway module sends authentication information to the non-original module;
s820, the non-original-installed module sends feedback information to a gateway module based on the authentication information;
and S830, the gateway module compares the feedback information with the authentication information to authenticate the non-original module.
Further, referring to fig. 9, the comparing, by the gateway module, the feedback information and the authentication information, and the authenticating the non-original module includes:
s910, the gateway module acquires first coded data in the authentication information;
s920, the gateway module calculates second coded data according to the first coded data;
s930, the gateway module matches the second coded data with feedback coded data in the feedback information to authenticate the non-original-package module, wherein the feedback coded data are data calculated by the non-original-package module according to the first coded data.
Specifically, when the gateway module compares the feedback information with the authentication information, the first coded data in the authentication information and the feedback coded data in the feedback information are compared. The authentication information sent by the gateway module to the non-original module contains first coded data, after the authentication information with the first coded data is received by the non-original module, feedback coded information is obtained through calculation according to a preset algorithm consistent with that of the gateway module and based on the first coded data, and the feedback coded information is sent to the gateway module. And at the moment, the gateway module calculates to obtain second coded data based on the first coded data according to a preset algorithm consistent with the non-original module, the gateway module compares the first coded data with the feedback coded data, if the first coded data is consistent with the feedback coded data, the authentication is successful, and the non-original module is a legal node.
In a specific embodiment, after the vehicle is powered on, the gateway broadcasts a safety management message in a period of 1s, wherein 4 bytes of the first 7 bytes of the message are keys, the other 3 bytes are random numbers, and the last byte is a CRC check code. And sending the CAN message data with Key to the non-original module. After the node of the non-original module receives the Key message, the Seed of 4 bytes is calculated in a certain time by an algorithm consistent with the gateway, the Seed is distributed in the first 7 bytes, the other 3 bytes are random numbers, and the last byte is a CRC (cyclic redundancy check) code. The non-original-mounted module sends the CAN message data containing the Seed to the gateway, after the gateway receives the Seed message sent by the node of the rear-mounted module, the Seed of the message is compared with the Seed calculated by the gateway, and if the Seed message is consistent with the Seed calculated by the gateway, the node is considered to be a legal node.
The data transmission safety is ensured by the mode of authenticating the non-original module. And the gateway module does not carry out signal routing according to the existence of the signal source, but carries out signal routing according to the existence of the non-original module, and simultaneously verifies the non-original module, so that the error report when the message is transmitted and no response is made CAN be avoided when the CAN of the non-original module has no legal node.
Further, referring to fig. 10, the matching, by the gateway module, the second encoded data and the feedback encoded data in the feedback information, and authenticating the non-original module further includes:
s1010, if the authentication of the non-original module by the gateway module for the first time is unsuccessful, the gateway module carries out secondary authentication on the non-original module;
s1020, if the secondary authentication is successful, the gateway module forwards data required by the vehicle non-original module to a controller area network of the non-original module;
and S1030, if the secondary authentication is unsuccessful, the gateway module prohibits the data required by the vehicle non-original module from being transmitted to the controller local area network of the non-original module.
Specifically, if the first authentication of the non-original module by the gateway module is not successful, the gateway module will send the second authentication information to the non-original module again to perform the second authentication. And the non-original-package module obtains feedback coding data of the secondary authentication through a preset algorithm consistent with the gateway module according to the first coding data in the secondary authentication information. And the gateway module obtains second coded data of the secondary authentication according to a preset algorithm based on the first coded data in the secondary authentication information, compares the second coded data of the secondary authentication with the feedback coded data of the secondary authentication, and judges whether the non-original module is a legal node or not. If the authentication is successful, the subsequent information transmission operation is continued, if the authentication is failed, the non-original module is determined to be an illegal node, and the data information in the non-original module is prohibited from being uploaded to the original module and the CAN of the original module, so that the data safety in the original module is guaranteed.
S740, if the authentication is successful, the gateway module forwards data required by the vehicle non-original module to a controller area network of the non-original module;
s750, a non-original-mounted module receives data required by the vehicle non-original-mounted module, wherein the data are transmitted by a controller local area network of the non-original-mounted module;
and S760, the non-original module executes corresponding functions according to data required by the vehicle non-original module.
Further, referring to fig. 11, the method further includes:
s1110, the non-original module sends data executed by the non-original function to a gateway module through a controller local area network of the non-original module;
s1120 if the gateway module successfully authenticates the non-native module, the gateway module forwards the data executed by the non-native function to a controller area network of the native module;
s1130 the original module receives data, which is transmitted by the controller area network of the original module and executed by the non-original function.
The embodiment of the invention provides a network control method of a non-original module, which comprises the following steps: when the original module sends data to the non-original module or the non-original module sends data to the original module, the gateway module needs to authenticate the non-original module, data transmission can be continued when authentication is successful, and data transmission of the non-original module to the original module is forbidden when authentication is unsuccessful. The method has the advantages that the control local area network of the non-original module is separated, the mutual interference between the non-original module and the original module is avoided, the communication quality of the control local area network is guaranteed, and the safety of data transmission is guaranteed in a mode of authenticating the non-original module.
The present embodiment also provides a computer-readable storage medium, where computer-executable instructions are stored in the storage medium, and the computer-executable instructions are loaded by a processor and execute the network control method of the non-native module according to the present embodiment.
The present embodiment also provides an apparatus, which includes a processor and a memory, where the memory stores a computer program, and the computer program is adapted to be loaded by the processor and execute the network control method of the non-native module according to the present embodiment.
The device may be a computer terminal, a mobile terminal or a server, and the device may also participate in forming the apparatus or system provided by the embodiments of the present invention. As shown in fig. 12, the mobile terminal 12 (or computer terminal 12 or server 12) may include one or more (shown here as 1202a, 1202b, … …, 1202 n) processors 1202 (the processors 1202 may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA), memory 1204 for storing data, and a transmitting device 1206 for communication functions. Besides, the method can also comprise the following steps: a display, an input/output interface (I/O interface), a network interface, a power source, and/or a camera. It will be understood by those skilled in the art that the structure shown in fig. 12 is only an illustration and is not intended to limit the structure of the electronic device. For example, mobile device 12 may also include more or fewer components than shown in FIG. 12, or have a different configuration than shown in FIG. 12.
It should be noted that the one or more processors 1202 and/or other data processing circuitry described above may be referred to generally herein as "data processing circuitry". The data processing circuitry may be embodied in whole or in part in software, hardware, firmware, or any combination thereof. Further, the data processing circuitry may be a single, stand-alone processing module, or incorporated in whole or in part into any of the other elements in the mobile device 12 (or computer terminal). As referred to in the embodiments of the application, the data processing circuit acts as a processor control (e.g. selection of a variable resistance termination path connected to the interface).
The memory 1204 may be used for storing software programs and modules of application software, such as program instructions/data storage devices corresponding to the method described in the embodiment of the present invention, and the processor 1202 executes various functional applications and data processing by running the software programs and modules stored in the memory 1204, so as to implement the above-mentioned method for generating the self-attention network-based time-series behavior capture block. The memory 1204 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, memory 1204 may further include memory located remotely from processor 1202, which may be connected to mobile device 12 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmitting device 1206 is used for receiving or sending data via a network. Specific examples of such networks may include wireless networks provided by the communication provider of the mobile terminal 12. In one example, the transmitting device 1206 includes a Network Interface Controller (NIC) that can be connected to other Network devices via a base station to communicate with the internet. In one example, the transmitting device 1206 can be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
The display may be, for example, a touch screen type Liquid Crystal Display (LCD) that may enable a user to interact with a user interface of the mobile device 12 (or computer terminal).
The present specification provides method steps as described in the examples or flowcharts, but may include more or fewer steps based on routine or non-inventive labor. The steps and sequences recited in the embodiments are but one manner of performing the steps in a multitude of sequences and do not represent a unique order of performance. In the actual system or interrupted product execution, it may be performed sequentially or in parallel (e.g., in the context of parallel processors or multi-threaded processing) according to the embodiments or methods shown in the figures.
The configurations shown in the present embodiment are only partial configurations related to the present application, and do not constitute a limitation on the devices to which the present application is applied, and a specific device may include more or less components than those shown, or combine some components, or have an arrangement of different components. It should be understood that the methods, apparatuses, and the like disclosed in the embodiments may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is merely a division of one logic function, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or unit modules.
Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A network control apparatus of a non-original module, the apparatus comprising: the system comprises an original module, a non-original module, a control local area network and a gateway module;
the control local area network comprises a controller local area network of an original module and a control local area network of a non-original module;
the original module is electrically connected with a controller local area network of the original module, and the controller local area network of the original module is electrically connected with the gateway module;
the non-original module is electrically connected with a controller local area network of the non-original module, and the controller local area network of the non-original module is electrically connected with the gateway module;
the gateway module is used for authenticating the non-original module through a controller area network of the non-original module;
and if the authentication is successful, the gateway module forwards the data required by the vehicle non-original module to a controller local area network of the non-original module.
2. The network control apparatus of a non-native module according to claim 1, further comprising: a diagnostic port;
the diagnosis port comprises a diagnosis port of a non-original module and a diagnosis port of an original module, and the diagnosis port of the non-original module is arranged in a controller area network of the non-original module;
the diagnostic port of the non-original module sends diagnostic information to the non-original module through a controller area network of the non-original module;
and the non-original module feeds back a diagnosis result to a diagnosis port of the non-original module through a controller local area network of the non-original module.
3. The network control apparatus of claim 1, wherein the controller area network of the non-native module and the controller area network of the native module are different network buses with physical isolation.
4. A network control method of a non-original module is characterized by comprising the following steps:
the original module acquires data required by the vehicle non-original module;
the original module sends data required by the vehicle non-original module to a gateway module through a controller local area network of the original module;
the gateway module authenticates the non-original module through a controller area network of the non-original module;
if the authentication is successful, the gateway module forwards data required by the vehicle non-original module to a controller area network of the non-original module;
the non-original-mounted module receives data required by the vehicle non-original-mounted module, which is transmitted by a controller local area network of the non-original-mounted module;
and the non-original module executes corresponding functions according to the data required by the vehicle non-original module.
5. The method of claim 4, wherein the method further comprises:
the non-original module sends data executed by the non-original function to the gateway module through a controller local area network of the non-original module;
if the gateway module successfully authenticates the non-original module, the gateway module forwards the data executed by the non-original function to a controller area network of the original module;
and the original module receives the data which is transmitted by the controller local area network of the original module and executed by the non-original function.
6. The apparatus of claim 4, wherein the gateway module authenticating the non-native module via the controller area network of the non-native module comprises:
the gateway module sends authentication information to the non-original module;
the non-original-installation module sends feedback information to the gateway module based on the authentication information;
and the gateway module compares the feedback information with the authentication information to authenticate the non-original module.
7. The device of claim 6, wherein the gateway module compares the feedback information with the authentication information, and authenticating the non-native module comprises:
the gateway module acquires first coded data in the authentication information;
the gateway module calculates second coded data according to the first coded data;
and the gateway module matches the second coded data with feedback coded data in the feedback information to authenticate the non-original-package module, wherein the feedback coded data are data calculated by the non-original-package module according to the first coded data.
8. The network control device of claim 6, wherein the gateway module matches the second encoded data with feedback encoded data in the feedback information, and authenticating the non-genuine module further comprises:
if the gateway module fails to authenticate the non-original module for the first time, the gateway module performs secondary authentication on the non-original module;
if the second authentication is successful, the gateway module forwards the data required by the vehicle non-original module to a controller area network of the non-original module;
and if the secondary authentication is unsuccessful, the gateway module prohibits the data required by the vehicle non-original module from being transmitted to the controller local area network of the non-original module.
9. An apparatus comprising a processor and a memory, wherein at least one instruction or at least one program is stored in the memory, and wherein the at least one instruction or the at least one program is loaded into and executed by the processor to implement the network control method of a non-native module according to any of claims 1-7.
10. A storage medium comprising a processor and a memory, wherein the memory stores at least one instruction or at least one program, and the at least one instruction or the at least one program is loaded by the processor and executed to implement the network control method of the non-native module according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011100285.8A CN112383506A (en) | 2020-10-13 | 2020-10-13 | Network control device, method, equipment and medium of non-original module |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011100285.8A CN112383506A (en) | 2020-10-13 | 2020-10-13 | Network control device, method, equipment and medium of non-original module |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112383506A true CN112383506A (en) | 2021-02-19 |
Family
ID=74581466
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011100285.8A Pending CN112383506A (en) | 2020-10-13 | 2020-10-13 | Network control device, method, equipment and medium of non-original module |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112383506A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113766458A (en) * | 2021-09-29 | 2021-12-07 | 重庆长安汽车股份有限公司 | IOT-based method for realizing internet connection of vehicle-end afterloading equipment and method and system for interacting with vehicle remote control terminal |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102749901A (en) * | 2012-06-29 | 2012-10-24 | 惠州市德赛西威汽车电子有限公司 | Intelligent isolation method of bus device |
| CN105763403A (en) * | 2014-12-15 | 2016-07-13 | 中华汽车工业股份有限公司 | Vehicle-mounted control area network system |
| CN106990726A (en) * | 2017-04-18 | 2017-07-28 | 上海汽车集团股份有限公司 | A kind of vehicle CAN network data access method |
| US20170361840A1 (en) * | 2016-06-21 | 2017-12-21 | Robert Valentine | Aftermarket controls for vehicles retrofitted with a non-original powertrain |
| CN109688146A (en) * | 2018-12-29 | 2019-04-26 | 北京新能源汽车股份有限公司 | Data access method, gateway controller and automobile |
-
2020
- 2020-10-13 CN CN202011100285.8A patent/CN112383506A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102749901A (en) * | 2012-06-29 | 2012-10-24 | 惠州市德赛西威汽车电子有限公司 | Intelligent isolation method of bus device |
| CN105763403A (en) * | 2014-12-15 | 2016-07-13 | 中华汽车工业股份有限公司 | Vehicle-mounted control area network system |
| US20170361840A1 (en) * | 2016-06-21 | 2017-12-21 | Robert Valentine | Aftermarket controls for vehicles retrofitted with a non-original powertrain |
| CN106990726A (en) * | 2017-04-18 | 2017-07-28 | 上海汽车集团股份有限公司 | A kind of vehicle CAN network data access method |
| CN109688146A (en) * | 2018-12-29 | 2019-04-26 | 北京新能源汽车股份有限公司 | Data access method, gateway controller and automobile |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113766458A (en) * | 2021-09-29 | 2021-12-07 | 重庆长安汽车股份有限公司 | IOT-based method for realizing internet connection of vehicle-end afterloading equipment and method and system for interacting with vehicle remote control terminal |
| CN113766458B (en) * | 2021-09-29 | 2023-06-02 | 重庆长安汽车股份有限公司 | Method for realizing internet connection by vehicle end back-up equipment based on IOT, method and system for interacting with vehicle remote control terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111835627B (en) | Communication method of vehicle-mounted gateway, vehicle-mounted gateway and intelligent vehicle | |
| US8775804B2 (en) | Matching authentication method, device and system for wireless communication | |
| CN111277610B (en) | Gateway control system, method, intelligent device and intelligent device server | |
| CN108667638B (en) | Network service configuration method and network management equipment | |
| EP4099155B1 (en) | Method and apparatus for updating devices in a remote network | |
| CN106464566B (en) | Network system, communication control method, and storage medium | |
| US11070547B2 (en) | Electronic control device, a communication management method performable and a non-transitory storage medium configured to restrict predetermined communication in an in-vehicle network | |
| US20160234678A1 (en) | Configuration of wireless devices | |
| US20240179137A1 (en) | Control apparatus, in-vehicle communication system, communication control method and program | |
| CN114189863B (en) | Binding method and device of intelligent door lock, storage medium and electronic device | |
| US11228602B2 (en) | In-vehicle network system | |
| CN111065090A (en) | Method for establishing network connection and wireless routing equipment | |
| EP3096504A1 (en) | Method for inlining message authentication code in data field in can-frames by transceiver | |
| CN112383506A (en) | Network control device, method, equipment and medium of non-original module | |
| US11934185B2 (en) | Systems and methods for safety-enabled control | |
| US10250434B2 (en) | Electronic control apparatus | |
| CN110290980A (en) | Motor vehicle with the data network for being divided into multiple separate domain and the method for operation data network | |
| CN113613251B (en) | Information synchronization method and system, storage medium and electronic device | |
| CN109495289B (en) | Electronic device and method for receiving data, communication system and computer storage medium | |
| CN106453400B (en) | A kind of authentication method and system | |
| CN113810374A (en) | Station equipment linkage method suitable for rail transit under multi-operation scene condition | |
| CN116546056A (en) | Remote calibration method and device based on vehicle-mounted communication terminal | |
| CN113169966A (en) | Method for monitoring a data transmission system, data transmission system and motor vehicle | |
| CN112312386A (en) | Equipment binding method and device and electronic equipment | |
| EP3331257A1 (en) | Terminal configuration management method and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210219 |