CN113268046B - Diagnosis networking safety unlocking implementation system under AUTOSAR framework - Google Patents

Diagnosis networking safety unlocking implementation system under AUTOSAR framework Download PDF

Info

Publication number
CN113268046B
CN113268046B CN202110389605.4A CN202110389605A CN113268046B CN 113268046 B CN113268046 B CN 113268046B CN 202110389605 A CN202110389605 A CN 202110389605A CN 113268046 B CN113268046 B CN 113268046B
Authority
CN
China
Prior art keywords
diagnostic
signature
diagnosis
sends
software component
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110389605.4A
Other languages
Chinese (zh)
Other versions
CN113268046A (en
Inventor
石文城
温正蜀
林向杰
张云晔
蔡小冬
徐朱翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yanfeng Visteon Electronic Technology Shanghai Co Ltd
Original Assignee
Yanfeng Visteon Electronic Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yanfeng Visteon Electronic Technology Shanghai Co Ltd filed Critical Yanfeng Visteon Electronic Technology Shanghai Co Ltd
Priority to CN202110389605.4A priority Critical patent/CN113268046B/en
Publication of CN113268046A publication Critical patent/CN113268046A/en
Application granted granted Critical
Publication of CN113268046B publication Critical patent/CN113268046B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B23/00Testing or monitoring of control systems or parts thereof
    • G05B23/02Electric testing or monitoring
    • G05B23/0205Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
    • G05B23/0208Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterized by the configuration of the monitoring system
    • G05B23/0213Modular or universal configuration of the monitoring system, e.g. monitoring system having modules that may be combined to build monitoring program; monitoring system that can be applied to legacy systems; adaptable monitoring system; using different communication protocols
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/24Pc safety
    • G05B2219/24065Real time diagnostics

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The invention provides a diagnosis networking safety unlocking implementation system under an AUTOSAR (automotive open system architecture), which comprises a diagnosis instrument, a vehicle-mounted ECU (electronic control unit), a background server, a diagnosis communication manager, a diagnosis software component, an encryption service manager and a safety complex device driver, wherein the diagnosis instrument is connected with the vehicle-mounted ECU through a network; the diagnostic apparatus is respectively connected with the vehicle-mounted ECU and the background server; the vehicle-mounted ECU is connected with the diagnosis communication manager; the diagnostic communication manager is connected with the diagnostic software component; the diagnostic software component is connected with the encryption service manager; the diagnostic software component is connected with a driver of the safety complex equipment; the generation of the signature data and the signature verification are separated, the RSA3072 signature is used, the cracking difficulty is greatly increased, the signature data of each ECU is different, and the reliability of safe unlocking of the vehicle is guaranteed; the invention conforms to the AUTOSAR framework by adopting the diagnostic software assembly, the encryption service manager and the like, and enhances the diagnosis unlocking safety level on the basis of the AUTOSAR framework, thereby meeting the vehicle unlocking safety requirement.

Description

Diagnosis networking safety unlocking implementation system under AUTOSAR framework
Technical Field
The invention belongs to the field of vehicle-mounted diagnosis, relates to vehicle-mounted diagnosis safety unlocking, and particularly relates to a diagnosis networking safety unlocking implementation system under an AUTOSAR framework.
Background
The current automobile electronic diagnosis function relates to the configuration related to user privacy and vehicle safety, and the traditional diagnosis unlocking strategy is easy to be cracked exhaustively.
In the conventional 27-service unlocking, a random number is generated by an on-board ECU (Electronic Control Unit, also called a "vehicle computer", "on-board computer", or the like), a key is calculated by a simple algorithm, the same algorithm is used by a diagnostic apparatus and the ECU, and once the algorithm for calculating the key is known, all the ECUs can be unlocked, so that the safety of vehicle unlocking is reduced.
Disclosure of Invention
In view of the above shortcomings of the prior art, the present invention aims to provide a system for implementing diagnostic networking security unlocking under AUTOSAR architecture, which is used to solve the problem of low security of the existing vehicle unlocking.
In order to achieve the above objects and other related objects, the present invention provides a system for implementing diagnosis networking security unlocking under AUTOSAR architecture, comprising: the system comprises a diagnostic instrument, a vehicle-mounted ECU, a background server, a diagnostic communication manager, a diagnostic software component, an encryption service manager and a safety complex device driver; the diagnostic apparatus is respectively connected with the vehicle-mounted ECU and the background server and is used for acquiring a serial number of the vehicle-mounted ECU and sending the serial number to the background server; the background server is used for generating signature data according to a private key and the serial number and sending the signature data to the diagnostic apparatus so that the diagnostic apparatus sends the signature data to the vehicle-mounted ECU; the vehicle-mounted ECU is connected with the diagnosis communication manager and is used for sending the signature data to the diagnosis communication manager; the diagnostic communication manager is connected with the diagnostic software component and is used for performing primary signature verification on the signature data; if the primary signature verification result is successful, the diagnosis communication manager sends the signature data to the diagnosis software component; the diagnostic software component is connected with the encryption service manager and is used for performing secondary signature verification on the signature data; if the secondary signature verification result is successful, the diagnostic software component sends the signature data to the encryption service manager; the encryption service manager is used for performing three-level signature verification on the signature data; if the verification result of the third-level signature is successful, the encryption service manager sends the successful verification result of the third-level signature to the diagnostic software component; the diagnosis software component is connected with the safe complex device driver and used for sending an unlocking level setting instruction to the safe complex device driver after the successful result of the three-level signature verification is received, so that the safe complex device driver sends 27 service to the diagnosis communication manager to set the unlocking level; the secure complex device driver is further configured to send an unlock result to the diagnostic software component.
In an embodiment of the present invention, the performing, by the diagnostic communication manager, a primary signature verification on the signature data includes: verifying the length of the signature data.
In an embodiment of the present invention, the performing, by the diagnostic software component, the secondary signature verification on the signature data includes: checking whether the signature data is correct; checking whether the signature data has been used; if the signature data is used once, judging whether the used signature data is invalid.
In an embodiment of the present invention, the performing, by the cryptographic service manager, three-level signature verification on the signature data includes: and performing signature verification on the signature data through RSA-PSS.
In an embodiment of the present invention, the diagnostic communication manager is connected to the diagnostic device; if the primary signature verification result is failure, the diagnosis communication manager sends the primary signature verification failure result to the diagnosis instrument; if the secondary signature verification result is failure, the diagnostic software component sends the secondary signature verification failure result to the diagnostic communication manager so that the diagnostic communication manager sends the secondary signature verification failure result to the diagnostic instrument; and if the third-level signature verification result is failure, the encryption service manager sends the third-level signature verification failure result to the diagnostic software component, so that the diagnostic software component sends the third-level signature verification failure result to the diagnostic instrument through the diagnostic communication manager.
In an embodiment of the present invention, the diagnostic device sends the signature data to the vehicle-mounted ECU through a CAN bus; and the vehicle-mounted ECU receives the signature data through a controller local area network interface and a controller local area network transmission protocol, and sends the signature data to the diagnosis communication manager through a protocol data unit router.
In an embodiment of the present invention, the diagnostic communication manager sends the signature data to the diagnostic software component through an AUTOSAR virtual function bus interface; the diagnostic software component sends the signature data to the encryption service manager through an AUTOSAR virtual function bus interface; the encryption service manager sends the signature verification result to the diagnostic software component through an AUTOSAR virtual function bus interface; and the diagnostic software component sends the unlocking level setting instruction to the safety complex device driver through an AUTOSAR virtual function bus interface.
In an embodiment of the present invention, the security complex device driver sends the service 27 to the diagnostic communication manager through a protocol data unit router, and the security complex device driver sends the unlocking result to the diagnostic software component through an AUTOSAR virtual function bus interface.
As described above, the system for implementing diagnosis networking security unlocking under the AUTOSAR architecture of the present invention has the following beneficial effects:
(1) compared with the prior art, the invention separates the generation of the signature data and the signature verification, uses RSA3072 signature verification, greatly increases the cracking difficulty, has different signature data of each ECU, and ensures the reliability of safe unlocking of the vehicle.
(2) The invention conforms to the AUTOSAR framework by adopting the diagnostic software assembly, the encryption service manager and the like, and enhances the diagnosis unlocking safety level on the basis of the AUTOSAR framework, thereby meeting the vehicle unlocking safety requirement.
Drawings
Fig. 1 is a block diagram illustrating an operation principle of an implementation system for diagnosing networking security unlocking under the AUTOSAR architecture in an embodiment of the present invention.
Fig. 2 is a flowchart illustrating an implementation system of diagnosing networking security unlocking under the AUTOSAR architecture according to an embodiment of the present invention.
Figure 3 shows a flow chart of the operation of the invention 27 in one embodiment.
Description of the reference symbols
1-a diagnostic instrument; 2-a vehicle-mounted ECU; 3-background server; 4-a diagnostic communication manager; 5-a diagnostic software component; 6-cryptographic service manager; 7-secure complex device driver.
Detailed Description
The following description of the embodiments of the present invention is provided by way of specific examples, and other advantages and effects of the present invention will be readily apparent to those skilled in the art from the disclosure herein. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention, and the drawings only show the components related to the present invention rather than being drawn according to the number, shape and size of the components in actual implementation, and the type, number and proportion of the components in actual implementation may be changed arbitrarily, and the layout of the components may be more complicated.
Compared with the prior art, the diagnosis networking safety unlocking implementation system under the AUTOSAR framework has the advantages that the generation of signature data and the signature verification are separated, the RSA3072 signature is used, the cracking difficulty is greatly increased, the signature data of each ECU is different, and the reliability of safety unlocking of vehicles is guaranteed; the invention conforms to the AUTOSAR framework by adopting the diagnostic software assembly, the encryption service manager and the like, and enhances the diagnosis unlocking safety level on the basis of the AUTOSAR framework, thereby meeting the vehicle unlocking safety requirement.
It should be noted that AUTOSAR is an acronym of an automatic Open System Architecture (automobile Open System Architecture), which is an alliance dedicated to making standards of automobile electronic software, and is established by global automobile manufacturers, component suppliers and other electronic, semiconductor and software System companies in a united manner, and each member maintains a development partnership, and this Architecture of AUTOSAR is beneficial to exchange and update of automobile electronic System software and provides a foundation for efficient management of increasingly complex automobile electronic and software systems, and in addition, the AUTOSAR ensures product and service quality and improves cost efficiency; the AUTOSAR overall framework is designed in a layered mode, takes middleware RTE (RunTime Environment) as a boundary, and isolates an upper Application Layer (Application Layer) from a lower Basic Software (Basic Software).
As shown in fig. 1 and fig. 2, in an embodiment, the system for implementing diagnosis networking Security unlocking under AUTOSAR architecture of the present invention includes a Diagnostic apparatus 1, an on-board ECU2, a backend server 3, a Diagnostic communication Manager 4(Diagnostic communication Manager, Dcm, for providing UDS Diagnostic services), a Diagnostic SoftWare Component 5 (softwater Component Diagnostic, SWC _ Diagnostic), a cryptographic Service Manager 6(Crypto Service Manager, CSM, for providing cryptographic signature verification services, and Crypto, Cry, for providing basic cryptographic algorithms), and a Security Complex device driver 7(Security Complex device driver, Security cdd, for virtualizing an internal 27 Service to send to Dcm).
Specifically, the diagnostic apparatus 1 is connected to the vehicle-mounted ECU2 and the backend server 3, and configured to obtain a serial number of the vehicle-mounted ECU2 and send the serial number to the backend server 3; the background server 3 is configured to generate signature data according to a private key and the serial number, and send the signature data to the diagnostic apparatus 1, so that the diagnostic apparatus 1 sends the signature data to the vehicle-mounted ECU 2; the in-vehicle ECU2 is connected to the diagnostic communication manager 4 for sending the signature data to the diagnostic communication manager 4.
It should be noted that different signature data are generated according to serial numbers of different vehicle-mounted ECUs 2, so that signature data corresponding to each vehicle-mounted ECU2 are different, and the reliability of safe unlocking of the vehicle is ensured.
In one embodiment, the diagnostic apparatus 1 sends the signature data to the onboard ECU2 through a CAN (Controller Area Network) bus.
In one embodiment, the vehicle ECU2 receives the signature data through a controller area network InterFace (CAN InterFace, CANIF, hardware independent layer) and a controller area network transmission Protocol (CAN Transport Protocol, catp, based on international standard ISO 15765), and sends the signature data to the diagnostic communication manager 4 through a Protocol data unit Router (Protocol data unit Router, PduR, providing a communication channel between the canp and the Dcm, and the SecurityCdd and the Dcm).
Specifically, the diagnostic communication manager 4 is connected to the diagnostic software component 5 and the diagnostic apparatus 1, respectively, and is configured to perform primary signature verification on the signature data.
It should be noted that, if the primary signature verification result is successful, the diagnostic communication manager 4 sends the signature data to the diagnostic software component 5 (positive response); on the contrary, if the primary signature verification result is a failure, the diagnostic communication manager 4 sends the primary signature verification failure result to the diagnostic apparatus 1 (negative response).
In one embodiment, the performing, by the diagnostic communication manager 4, a primary signature verification on the signature data includes: verifying the length of the signature data.
Note that the format of the signature data is: 7F 21-8201D 1-7F 4E-5F 29-01- (1byte) -42-0D- (13byte) -53-33- (34byte) -5F 37-820180- (384byte), with a total length of 470 bytes.
Therefore, if the length of the signature data is 470 bytes, it indicates that the primary signature verification is successful.
The interpretation of the various fields in the signature data described above is shown in the following table (the following data are in hexadecimal form):
Tag Length Value
7F 21 82 01D1 signature verification data format
7F 4E 49 Signature verification data content
5F 29 01 Certificate identifier
42 0D Certificate authority
7F 4C 33 Certificate holder authorization
06 0D Unlocking object identifier (including unlocking version … …)
53 22 Unlock data object (including unlock level, unlock type … … last 8 bytes for anti-replay)
5F 37 82 0180 RSA3072
In one embodiment, the diagnostic communication manager 4 sends the signature data to the diagnostic software component 5 through an AUTOSAR virtual function bus interface (RunTime Environment, RTE is a Virtual Function Bus (VFB) interface).
Specifically, the diagnostic software component 5 is connected to the cryptographic service manager 6, and is configured to perform secondary signature verification on the signature data.
It should be noted that, if the secondary signature verification result is successful, the diagnostic software component 5 sends the signature data to the cryptographic service manager 6 (positive response); on the contrary, if the secondary signature verification result is a failure, the diagnostic software component 5 sends the secondary signature verification failure result to the diagnostic communication manager 4, so that the diagnostic communication manager 4 sends the secondary signature verification failure result to the diagnostic apparatus 1 (negative response).
In one embodiment, the secondary signature verification of the signature data by the diagnostic software component 5 comprises: first checking whether the signature data is correct (including but not limited to whether the version is supported and the unlocking level is out of range); and checking whether the signature data was used (whether the 8 bytes anti-replay is larger than the local storage); if used, a determination is made as to whether the used signature (whether the 8 bytes of anti-replay is less than or equal to the locally stored) data is invalid.
It should be noted that, in the above signature data format, the last 8 bytes of the unlock data object mark the uniqueness of the current signature data, and the 8 bytes are saved after each successful signature verification, and the 8 bytes are incremented, so that it is only necessary to compare whether 8 bytes in the signature data are larger than those stored.
In one embodiment, the diagnostic software component 5 sends the signature data to the cryptographic service manager 6 via an AUTOSAR virtual function bus interface.
Specifically, the cryptographic service manager 6 is configured to perform three-level signature verification on the signature data.
It should be noted that, if the result of the third-level signature verification is successful, the cryptographic service manager 6 sends the result of the third-level signature verification to the diagnostic software component 5 (positive response); on the contrary, if the third-level signature verification result is a failure, the encryption service manager 6 sends the third-level signature verification failure result to the diagnostic software component 5 (negative response), so that the diagnostic software component 5 sends the third-level signature verification failure result to the diagnostic apparatus 1 through the diagnostic communication manager 4.
In one embodiment, the cryptographic service manager 6 performs three-level signature verification on the signature data, including: and performing signature verification on the signature data through RSA-PSS.
It should be noted that RSA-PSS, as the name implies, is based on RSA, and the RSA algorithm is briefly discussed as follows:
the RSA algorithm firstly generates prime numbers p and q, and calculates n-p-q; then calculating f (n) ═ (p-1) × (q-1); selecting a greatest common divisor of integers e, and f (n) of 1; calculating d as the inverse of e mod f (n), which generates a public key { e, n } and a private key { d, n }; encryption in public key cryptography is performed by converting a message M into a ciphertext C Me for confidentiality, and decryption is M Cd, whereas in digital signature, the opposite is performed by using a private key for encryption and a public key for decryption.
In one embodiment, the cryptographic service manager 6 sends the signature verification result to the diagnostic software component 5 via an AUTOSAR virtual function bus interface.
It should be noted that, the generation of the signature data and the signature verification are separated, and the signature is verified by using RSA3072 (wherein 3072 represents the length of the key), which greatly increases the difficulty of cracking; by adopting the diagnostic software component 5, the encryption service manager 6 and the like, the automotive open system conforms to the AUTOSAR framework, and the diagnosis unlocking safety level is enhanced on the basis of the AUTOSAR framework, so that the vehicle unlocking safety requirement is met.
Specifically, the diagnostic software component 5 is connected to the secure complex device driver 7, and configured to send an instruction for setting an unlocking level to the secure complex device driver 7 after receiving the result of successful verification of the tertiary signature, so that the secure complex device driver 7 sends 27 a service to the diagnostic communication manager 4 to set the unlocking level; the secure and sophisticated device driver 7 is further adapted to send the unlocking result to the diagnostic software component 5.
It should be noted that, the 27 service provides a protection mechanism for the ECU by adopting a seed and a secret key; different security levels are divided through the sub-function, when the diagnostic instrument sends a request to enter a certain security level, security access is carried out through a seed and key mode, and when the diagnostic instrument passes the security access, the diagnostic instrument is switched to a corresponding authority state, so that the authority management division is convenient.
As shown in fig. 3, in an embodiment, it is assumed that the diagnostic device requests to enter 01 security level, that is, the diagnostic device sends 2701 request seeds, and the onboard ECU receives the request and then generates random seeds to send to the diagnostic device; calculating Key (Key) of the seeds generated just now according to a security algorithm; the diagnostic instrument receives the seeds and then calculates a Key according to a safety algorithm, at the moment, the calculated Key is sent to the vehicle-mounted ECU through 2702 service, the vehicle-mounted ECU compares the received sent Key with the calculated Key, and if the results are consistent, the vehicle-mounted ECU switches to the authority state corresponding to the request, which can be summarized as the following process:
(1) the diagnostic instrument requests a seed.
(2) The vehicle-mounted ECU sends the seeds and calculates the secret key according to the security algorithm.
(3) The diagnostic device also performs key calculation according to the received seed and transmits the calculated key.
(4) The vehicle-mounted ECU receives the key and compares the key with the key calculated by the vehicle-mounted ECU.
(5) And the vehicle-mounted ECU determines whether to unlock the vehicle according to the comparison result and returns response (positive/negative response) information.
In one embodiment, the diagnostic software component 5 sends the instruction for setting the unlocking level to the secure complex device driver 7 through an AUTOSAR virtual function bus interface.
In one embodiment, the secure complex device driver 7 sends the service 27 to the diagnostic communication manager 4 via a pdu router, and the secure complex device driver 7 sends the unlock result to the diagnostic software component 5 via an AUTOSAR vm interface.
It should be noted that the OEM in fig. 2 refers to Original Equipment Manufacturer; MCU refers to Microprogrammed Control Unit, Microprogrammed Control Unit.
In conclusion, compared with the prior art, the diagnosis networking safety unlocking implementation system under the AUTOSAR framework has the advantages that the generation of signature data and the signature verification are separated, the RSA3072 signature is used, the cracking difficulty is greatly increased, the signature data of each ECU is different, and the reliability of safety unlocking of vehicles is ensured; according to the invention, the diagnosis software assembly, the encryption service manager and the like are adopted, the AUTOSAR framework is met, and the diagnosis unlocking safety level is enhanced on the basis of the AUTOSAR framework, so that the vehicle unlocking safety requirement is met; therefore, the invention effectively overcomes various defects in the prior art and has high industrial utilization value.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical spirit of the present invention be covered by the claims of the present invention.

Claims (4)

1. A diagnosis networking safety unlocking implementation system under AUTOSAR framework is characterized by comprising: the system comprises a diagnostic instrument, a vehicle-mounted ECU, a background server, a diagnostic communication manager, a diagnostic software component, an encryption service manager and a safety complex device driver;
the diagnostic apparatus is respectively connected with the vehicle-mounted ECU and the background server and is used for acquiring a serial number of the vehicle-mounted ECU and sending the serial number to the background server;
the background server is used for generating signature data according to a private key and the serial number and sending the signature data to the diagnostic apparatus so that the diagnostic apparatus sends the signature data to the vehicle-mounted ECU;
the vehicle-mounted ECU is connected with the diagnosis communication manager and is used for sending the signature data to the diagnosis communication manager;
the diagnostic communication manager is connected with the diagnostic software component and is used for performing primary signature verification on the signature data; the primary signature verification comprises the following steps: verifying the length of the signature data; if the primary signature verification result is successful, the diagnosis communication manager sends the signature data to the diagnosis software component;
the diagnostic software component is connected with the encryption service manager and is used for performing secondary signature verification on the signature data;
the secondary signature verification comprises the following steps: firstly checking whether the signature data is correct; checking whether the signature data has been used once, i.e. whether the 8 bytes anti-replay is larger than the local storage; if the signature data is used once, namely the anti-replay of 8 bytes is less than or equal to the local storage, judging that the used signature data is invalid;
in the signature data format, the last 8 bytes of the unlocking data object mark the uniqueness of the current signature data, the 8 bytes are saved after the signature verification is successful, and the 8 bytes are increased progressively, so that whether the signature data is used or not is verified, and only whether the 8 bytes in the signature data are larger than the stored data or not is compared;
if the secondary signature verification result is successful, the diagnostic software component sends the signature data to the encryption service manager;
the encryption service manager is used for performing three-level signature verification on the signature data; the three-level signature verification comprises the following steps: performing signature verification on the signature data through RSA-PSS;
if the verification result of the third-level signature is successful, the encryption service manager sends the successful verification result of the third-level signature to the diagnostic software component;
the diagnostic communication manager is connected with the diagnostic instrument;
if the primary signature verification result is failure, the diagnosis communication manager sends the primary signature verification failure result to the diagnosis instrument;
if the secondary signature verification result is failure, the diagnosis software component sends the secondary signature verification failure result to the diagnosis communication manager so that the diagnosis communication manager sends the secondary signature verification failure result to the diagnosis instrument;
if the third-level signature verification result is failure, the encryption service manager sends the third-level signature verification failure result to the diagnostic software component, so that the diagnostic software component sends the third-level signature verification failure result to the diagnostic instrument through the diagnostic communication manager;
the diagnosis software component is connected with the safe complex device driver and used for sending an unlocking level setting instruction to the safe complex device driver after the successful verification result of the three-level signature is received, so that the safe complex device driver sends 27 service to the diagnosis communication manager to set an unlocking level;
the safety complex device driver is also used for sending an unlocking result to the diagnosis software component;
the diagnostic instrument sends a request seed, and the vehicle-mounted ECU generates a random seed after receiving the request and sends the random seed to the diagnostic instrument; calculating a first secret key from the just generated seed according to a security algorithm; and after receiving the seeds, the diagnostic instrument also calculates a second secret key according to a security algorithm, then sends the calculated second secret key to the vehicle-mounted ECU through service, the vehicle-mounted ECU compares the received second secret key with the first secret key calculated by the vehicle-mounted ECU, and if the results are consistent, the vehicle-mounted ECU switches to the permission state corresponding to the request.
2. The system for implementing diagnosis networking security unlocking under AUTOSAR architecture according to claim 1, wherein the diagnostic instrument sends the signature data to the vehicle-mounted ECU through a CAN bus; and the vehicle-mounted ECU receives the signature data through a controller local area network interface and a controller local area network transmission protocol, and sends the signature data to the diagnosis communication manager through a protocol data unit router.
3. The system according to claim 1, wherein the diagnostic communication manager sends the signature data to the diagnostic software component via an AUTOSAR virtual function bus interface; the diagnostic software component sends the signature data to the encryption service manager through an AUTOSAR virtual function bus interface; the encryption service manager sends the signature verification result to the diagnostic software component through an AUTOSAR virtual function bus interface; and the diagnostic software component sends the unlocking level setting instruction to the safety complex device driver through an AUTOSAR virtual function bus interface.
4. The system of claim 1, wherein the secure complex device driver sends the service 27 to the diagnostic communication manager via a protocol data unit router, and the secure complex device driver sends the unlock result to the diagnostic software component via an AUTOSAR virtual function bus interface.
CN202110389605.4A 2021-04-12 2021-04-12 Diagnosis networking safety unlocking implementation system under AUTOSAR framework Active CN113268046B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110389605.4A CN113268046B (en) 2021-04-12 2021-04-12 Diagnosis networking safety unlocking implementation system under AUTOSAR framework

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110389605.4A CN113268046B (en) 2021-04-12 2021-04-12 Diagnosis networking safety unlocking implementation system under AUTOSAR framework

Publications (2)

Publication Number Publication Date
CN113268046A CN113268046A (en) 2021-08-17
CN113268046B true CN113268046B (en) 2022-08-05

Family

ID=77228652

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110389605.4A Active CN113268046B (en) 2021-04-12 2021-04-12 Diagnosis networking safety unlocking implementation system under AUTOSAR framework

Country Status (1)

Country Link
CN (1) CN113268046B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116382740B (en) * 2023-04-10 2023-11-14 广州锦高信息科技有限公司 Automatic upgrade release system and method for application software
CN117435226B (en) * 2023-12-22 2024-04-16 深圳市法本信息技术股份有限公司 Data refreshing method, device and storage medium of vehicle-mounted electronic control unit

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108460293A (en) * 2017-02-22 2018-08-28 北京大学 A kind of application integrity multistage checking mechanism
CN110515371A (en) * 2019-09-19 2019-11-29 潍柴动力股份有限公司 Detection method, the first controller and the ECU that ECU data is distorted
CN111049803A (en) * 2019-11-20 2020-04-21 江苏物联网络科技发展有限公司 Data encryption and platform security access method based on vehicle-mounted CAN bus communication system
CN111193748B (en) * 2020-01-06 2021-12-03 惠州市德赛西威汽车电子股份有限公司 Interactive key security authentication method and system
CN111934861A (en) * 2020-08-07 2020-11-13 东南(福建)汽车工业有限公司 Data validity verification method and system in diagnosis flashing process

Also Published As

Publication number Publication date
CN113268046A (en) 2021-08-17

Similar Documents

Publication Publication Date Title
CN106533655B (en) Method for safe communication of ECU (electronic control Unit) in vehicle interior network
CN109257374B (en) Security control method and device and computer equipment
CN108259465B (en) Authentication encryption method for internal network of intelligent automobile
US9992178B2 (en) Method, apparatus and system for dynamically controlling secure vehicle communication based on ignition
CN113268046B (en) Diagnosis networking safety unlocking implementation system under AUTOSAR framework
US20140075186A1 (en) Multiple Access Key Fob
CN108494725A (en) A kind of encryption communication method of vehicle-mounted CAN bus message
CN109040285B (en) Method and device for safety authentication of vehicle-mounted network, storage medium and vehicle
CN112327796B (en) Control method and electronic control unit for automobile diagnosis service
CN113132098B (en) Large-scale in-vehicle network-oriented extensible CAN bus safety communication method and device
CN113285932B (en) Method for acquiring edge service, server and edge device
CN104442704B (en) VATS Vehicle Anti-Theft System and method
WO2022160124A1 (en) Service authorisation management method and apparatus
Carvajal-Roca et al. A semi-centralized dynamic key management framework for in-vehicle networks
CN114629636A (en) Certificate list updating method and device
CN108881494A (en) Secure messaging methods based on In-vehicle networking and block chain
CN116456336A (en) External equipment access security authentication method, system, automobile, equipment and storage medium
CN115102772B (en) Safety access control method based on automobile SOA
JP2018006782A (en) Data providing system, data providing apparatus, on-vehicle computer, data providing method, and computer program
JP6218914B1 (en) Distribution system, data security device, distribution method, and computer program
WO2023000084A1 (en) Method and system for sharing sensor insights based on application requests
CN111404794B (en) CAN bus network sharing system and method based on virtualization
JP2023084378A (en) Authentication system, server, on-vehicle device, authentication method, and authentication program
Daimi et al. Securing Vehicle’s Electronic Control Units
Zhao et al. A scalable security protocol for Intravehicular Controller Area Network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Shi Wencheng

Inventor after: Wen Zhengshu

Inventor after: Lin Xiangjie

Inventor after: Zhang Yunye

Inventor after: Cai Xiaodong

Inventor after: Xu Zhuxiang

Inventor before: Shi Wencheng

Inventor before: Wen Zhengshu

Inventor before: Lin Xiangjie

Inventor before: Zhang Yunye

Inventor before: Cai Xiaodong

Inventor before: Xu Zhuxiang

GR01 Patent grant
GR01 Patent grant