CN113722104B - Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller - Google Patents
Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller Download PDFInfo
- Publication number
- CN113722104B CN113722104B CN202111064468.3A CN202111064468A CN113722104B CN 113722104 B CN113722104 B CN 113722104B CN 202111064468 A CN202111064468 A CN 202111064468A CN 113722104 B CN113722104 B CN 113722104B
- Authority
- CN
- China
- Prior art keywords
- hsm
- layer
- main controller
- vehicle
- hardware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000012545 processing Methods 0.000 claims abstract description 36
- 230000003993 interaction Effects 0.000 claims abstract description 15
- 230000008569 process Effects 0.000 claims abstract description 11
- 238000002955 isolation Methods 0.000 claims abstract description 8
- 230000007246 mechanism Effects 0.000 claims abstract description 7
- 238000004891 communication Methods 0.000 claims description 6
- 230000006855 networking Effects 0.000 abstract description 3
- 230000006870 function Effects 0.000 description 11
- 238000012544 monitoring process Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/545—Interprogram communication where tasks reside in different layers, e.g. user- and kernel-space
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2209/00—Indexing scheme relating to G06F9/00
- G06F2209/50—Indexing scheme relating to G06F9/50
- G06F2209/5016—Session
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
Abstract
The application relates to a chip system of a vehicle-mounted domain controller and a method for improving safety of the vehicle-mounted domain controller. The method comprises the following steps: the method comprises the steps that a main controller end and an HSM end are designed on the top layer of a vehicle-mounted domain controller chip, wherein the main controller end is used for processing vehicle-mounted tasks, the main controller end comprises a kernel, a basic software layer, a runtime environment and an application layer, and the HSM end is used for processing service requests related to information safety and comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware. Through the HSM of the independent kernel, the main controller end and a plurality of application programs can share security services and hardware resources provided by the HSM, and the HSM end and the main controller end realize interaction by adopting a hardware mechanism of process synchronization and data exchange, so that physical isolation of the HSM end and the main controller end is realized. The application can greatly improve the information security level of the vehicle-mounted domain controller chip and simultaneously meet the application requirements of the future vehicle networking on high safety, low cost, high performance and low delay.
Description
Technical Field
The application relates to the technical field of vehicle-mounted main control chips, in particular to a vehicle-mounted domain controller chip system and a method for improving safety of a vehicle-mounted domain controller.
Background
With the development of intelligent network-connected automobiles, more and more vehicle-mounted ECU components are installed on the automobiles, and data exchange between the automobiles and the outside is more and more frequent, so that attack surfaces facing the automobiles are also increased. The new generation of automobile electronic and electric architecture concentrates a plurality of ECU functions to the domain controller, and the functions of the traditional general chip/special chip are also transferred to the centralized multi-core automobile-mounted domain controller chip.
How to guarantee the information security of the vehicle-mounted domain controller chip becomes particularly critical, a common method is to adopt a pure software scheme, such as embedding a software cryptographic algorithm library to realize the functions of data encryption and decryption and identity authentication, and to utilize a software virtualization technology to realize the isolation of a logic level, so that the management and control of the access rights of sensitive data are enhanced to a certain extent. The method of embedding the security sub-module is also adopted to realize the hardware of part of the password functions, so that the real-time performance of data processing is improved. There are also modes of plug-in special security chips, and all security related services are realized by calling the special security chips through external interfaces.
The safety solution of adopting pure software at the vehicle-mounted domain controller end has low performance, and the safety isolation is difficult to realize, so that the requirements of the vehicle application on high real-time performance and high safety are difficult to meet; the method of simply embedding the safety submodule into the vehicle-mounted domain controller chip is difficult to well meet the requirement that a plurality of applications call the resources of the safety control end at the same time; the mode of externally hanging the special safety chip on the vehicle-mounted domain controller chip is adopted, so that the cost is high, and the integration level is low.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a vehicle-mounted domain controller chip system and a method for improving the security of a vehicle-mounted domain controller, which can improve the information security level of the vehicle-mounted domain controller chip.
An on-board domain controller chip system, the chip system comprising: the system comprises a main controller end and an HSM end, wherein the main controller end is used for processing a vehicle-mounted task, and the HSM end is used for processing a service request related to information safety;
The main controller end comprises a kernel, a basic software layer, a runtime environment and an application layer; the base software layer comprises a plurality of components and is used for realizing bottom layer driving of the main controller end; the application layer includes a plurality of software components; the runtime environment is configured to provide infrastructure services for communications between the application layer components and to enable access to the base software layer components;
The HSM end comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware; the session layer is used for processing a request sent by the kernel of the main controller end; the HSM connecting layer is connected with the main controller end; the HSM driving layer is used for driving the HSM hardware; the HSM hardware has a separate kernel.
In one embodiment, the method further comprises: the main controller side comprises a plurality of kernels which are used for managing resources of the vehicle-mounted domain controller chip system.
In one embodiment, the method further comprises: the HSM connection layer supports batch processing interfaces.
In one embodiment, the method further comprises: the HSM hardware comprises a secure memory bank for storing programs and data in an encrypted manner.
In one embodiment, the method further comprises: the HSM hardware includes a cryptographic operation engine.
In one embodiment, the method further comprises: the HSM hardware includes a variety of security sensors and a physical random number generator.
A method of improving security of an on-board domain controller, the method comprising:
Processing a vehicle-mounted task through a main controller end in a vehicle-mounted domain controller chip system; the main controller end comprises a kernel, a basic software layer, a runtime environment and an application layer; the base software layer comprises a plurality of components and is used for realizing bottom layer driving of the main controller end; the application layer includes a plurality of software components; the runtime environment is configured to provide infrastructure services for communications between the application layer components and to enable access to the base software layer components;
Processing an information security related service request sent by the main controller end through an HSM end in a vehicle-mounted domain controller chip system; the HSM end comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware; the session layer is used for processing a request sent by the kernel of the main controller end; the HSM connecting layer is connected with the main controller end; the HSM driving layer is used for driving the HSM hardware; the HSM hardware has a separate kernel.
In one embodiment, the method further comprises: processing an information security related service request sent by the main controller end through an HSM end in a vehicle-mounted domain controller chip system; when a plurality of cores in the main controller end send out service requests, a plurality of parallel sessions are processed through independent cores of the HSM end.
In one embodiment, the method further comprises: collecting all information security messages in a preset time period through a main controller end in an on-board domain controller chip system;
The information security message is integrally sent to an HSM end in a vehicle-mounted domain controller chip system through an interaction channel as an information security related service request;
Processing the service request related to the information security through the HSM connection layer of the HSM terminal;
and sending a processing result of the service request related to the information security to the main controller end through the HSM connection layer through an interaction channel.
In one embodiment, the method further comprises: the HSM terminal can upgrade the firmware on line through the built-in Flash.
According to the vehicle-mounted domain controller chip system and the method for improving safety of the vehicle-mounted domain controller, the main controller end and the HSM end are designed on the top layer of the vehicle-mounted domain controller chip, wherein the main controller end comprises a kernel, a basic software layer, a runtime environment and an application layer and is used for processing vehicle-mounted tasks, and the HSM end comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware and is used for processing service requests related to information safety. Through the HSM embedded with the independent kernel, the main controller end and a plurality of application programs can share security services and hardware resources provided by the HSM, support a hardware high-speed state secret operation engine, and simultaneously support the full hardware realization of international algorithm core operation, so that the protection measure against side channel attack is realized; the HSM end and the main controller end realize interaction by adopting a hardware mechanism of process synchronization and data exchange, so that physical isolation of the HSM end and the main controller end is realized; if multiple cores at the main controller side send out requests in parallel, the HSM session layer can decide how many parallel sessions are supported to process at most according to the configuration in the HSM firmware. Compared with the traditional implementation mode, the invention can greatly improve the information security level of the vehicle-mounted domain controller chip and simultaneously meet the application requirements of the future vehicle networking on high safety, low cost, high performance and low delay.
Drawings
FIG. 1 is a schematic diagram of an on-board domain controller chip system in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
In one embodiment, as shown in fig. 1, there is provided an on-board domain controller chip system comprising: the system comprises a main controller end and an HSM end, wherein the main controller end is used for processing a vehicle-mounted task, and the HSM end is used for processing a service request related to information safety;
The on-board domain controller chip system provided by the invention comprises a main controller end and an HSM end: the main controller end is focused on processing actual vehicle-mounted tasks, and functions of corresponding subsystems of the automobile, such as in-vehicle communication, battery monitoring, transmission control and the like, are realized. The HSM end processes the service request related to information security, such as storing the trusted root, realizing the secure start, providing the security service of the high-speed cryptographic operation engine, etc.
The main controller side comprises a kernel, a basic software layer, a runtime environment and an application layer.
Base software layer: contains the relevant bottom layer driver of the main controller end and provides service for each software module running on the end, but does not actually complete the function.
Runtime environment: a runtime environment (RTE) is an implementation of a virtual function bus interface that provides infrastructure services for communications between application layer components and facilitates access to underlying software layer components.
Application layer: the system comprises a plurality of software components, wherein the software components encapsulate specific functions to be realized, and the independence between the software components and the underlying hardware is realized through a virtual function bus independent of the type of a kernel.
The HSM terminal comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware;
The session layer is used for processing a request sent by the kernel of the main controller end; the HSM connecting layer is connected with the main controller end; the HSM driving layer is used for driving the hardware password operation engine; HSM hardware has a separate kernel.
According to the vehicle-mounted domain controller chip system and the method for improving safety of the vehicle-mounted domain controller, the main controller end and the HSM end are designed on the top layer of the vehicle-mounted domain controller chip, wherein the main controller end comprises a kernel, a basic software layer, a runtime environment and an application layer and is used for processing vehicle-mounted tasks, and the HSM end comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware and is used for processing service requests related to information safety. Through the HSM embedded with the independent kernel, the main controller end and a plurality of application programs can share security services and hardware resources provided by the HSM, support a hardware high-speed state secret operation engine, and simultaneously support the full hardware realization of international algorithm core operation, so that the protection measure against side channel attack is realized; the HSM end and the main controller end realize interaction by adopting a hardware mechanism of process synchronization and data exchange, so that physical isolation of the HSM end and the main controller end is realized; if multiple cores at the main controller side send out requests in parallel, the HSM session layer can decide how many parallel sessions are supported to process at most according to the configuration in the HSM firmware. Compared with the traditional implementation mode, the invention can greatly improve the information security level of the vehicle-mounted domain controller chip and simultaneously meet the application requirements of the future vehicle networking on high safety, low cost, high performance and low delay.
In one embodiment, the components of the HSM end include:
Session layer: if multiple cores issue requests in parallel, the HSM may decide how many parallel sessions to support at most, depending on the configuration in the HSM firmware.
HSM connection layer: the main purpose of the HSM connection layer is to connect the HSM end to the main controller end and coordinate all data interactions between the two ends. In the HSM connection layer implementation, requests from the host controller end ensure full utilization of HSM limited resources in the form of queues, different session applications can integrate drivers independently and perform the requested security functions as quickly as possible. The HSM connection layer supports a batch processing interface, and the main controller end collects all messages in a preset time period and then integrally sends the messages to the HSM end as a request through an interaction channel. The HSM connection layer immediately processes all collected information of the HSM end and sends the result to the main controller end through the interaction channel.
HSM driver layer: the hardware cipher operation engine is driven to carry out symmetric encryption, keys, certificates and the like used by an asymmetric encryption algorithm, and supports trusted starting, security FOTA and the like.
HSM hardware: the HSM hardware is provided with an independent kernel, supports the hardware high-speed state secret operation engine, such as SM2\SM3\SM4 core operation all-hardware realization, and also supports the international algorithm (such as AES\ECC\RSA) core operation all-hardware realization, and the algorithms realize the protection measures against side channel attack; the HSM hardware is provided with a safe storage body, and is used for encrypting and storing programs and data; the HSM hardware provides a physical random number generator, and the module design meets the standard requirements of GM/T0005 randomness detection Specification; HSM hardware integrates various safety sensors (such as voltage monitoring\temperature monitoring), etc.
By adopting the special implementation mechanism of the independent kernel and the firmware layer at the HSM end, the requirement that a plurality of applications call the safe resources of the HSM end at the same time can be well met, and the resources of the HSM end are ensured to be utilized efficiently.
In another embodiment, the HSM side supports online firmware upgrade from a hardware level, and the hardware level may use two independent built-in Flash (one of which is used to store the updated firmware and is stored alternately between the two independent built-in Flash when upgrading again), or use the same built-in Flash (the updated firmware has a low address area or a high address area and is stored alternately between the low address area and the high address area when upgrading again).
The HSM supports online firmware upgrading from a hardware level, and is convenient for later maintenance.
In another embodiment, the HSM end and the main controller end implement interaction by adopting a hardware mechanism of process synchronization and data exchange, so that physical isolation between the HSM end and the main controller end is realized, the HSM connection layer supports a batch processing interface, and the HSM firmware can support simultaneous processing of a plurality of parallel session requests, so that data delivery of a plurality of application programs is simultaneously managed. Requests from the host controller side ensure full utilization of HSM limited resources in the form of queues, different session applications can integrate the drivers independently and perform the requested security functions as quickly as possible. The main controller side collects all messages in a preset time period and then integrally sends the messages to the HSM side as a request through the interaction channel. The HSM end connection layer immediately processes all the collected messages and sends the results to the main controller end through the interaction channel.
By adopting the batch interfaces, the large data demand can be well benefited and the high real-time scene can be satisfied.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.
Claims (10)
1. An on-board domain controller chip system, the chip system comprising: the system comprises a main controller end and an HSM end, wherein the main controller end is used for processing a vehicle-mounted task, and the HSM end is used for processing a service request related to information safety;
The main controller end comprises a kernel, a basic software layer, a runtime environment and an application layer; the base software layer comprises a plurality of components and is used for realizing bottom layer driving of the main controller end; the application layer includes a plurality of software components; the runtime environment is configured to provide infrastructure services for communications between the application layer components and to enable access to the base software layer components;
The HSM end is embedded with an independent kernel and comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware; the session layer is used for processing a request sent by the kernel of the main controller end; the HSM connecting layer is connected with the main controller end; the HSM driving layer is used for driving the HSM hardware; the HSM hardware is provided with an independent kernel;
and the main controller end and the HSM end realize interaction by adopting a hardware mechanism of process synchronization and data exchange to form physical isolation.
2. The system of claim 1, wherein the master controller side includes a plurality of cores for managing resources of the in-vehicle domain controller chip system.
3. The system of claim 2, wherein the HSM connectivity layer supports a batch processing interface.
4. The system of claim 3, wherein the HSM hardware comprises a cryptographic operation engine.
5. The system of claim 4, wherein the HSM hardware comprises a secure memory bank for cryptographically storing programs and data.
6. The system of claim 5, wherein the HSM hardware further comprises a plurality of security sensors and a physical random number generator.
7. A method of improving the security of an on-board domain controller, the method comprising:
Processing a vehicle-mounted task through a main controller end in a vehicle-mounted domain controller chip system; the main controller end comprises a kernel, a basic software layer, a runtime environment and an application layer; the base software layer comprises a plurality of components and is used for realizing bottom layer driving of the main controller end; the application layer includes a plurality of software components; the runtime environment is configured to provide infrastructure services for communications between the application layer components and to enable access to the base software layer components;
Processing an information security related service request sent by the main controller end through an HSM end in a vehicle-mounted domain controller chip system; the HSM end is embedded with an independent kernel and comprises a session layer, an HSM connection layer, an HSM driving layer and HSM hardware; the session layer is used for processing a request sent by the kernel of the main controller end; the HSM connecting layer is connected with the main controller end; the HSM driving layer is used for driving the HSM hardware; the HSM hardware is provided with an independent kernel; and the main controller end and the HSM end realize interaction by adopting a hardware mechanism of process synchronization and data exchange to form physical isolation.
8. The method according to claim 7, wherein the processing, by the HSM terminal in the in-vehicle domain controller chip system, the service request related to information security sent by the main controller terminal includes:
Processing an information security related service request sent by the main controller end through an HSM end in a vehicle-mounted domain controller chip system; when a plurality of cores in the main controller end send out service requests, a plurality of parallel sessions are processed through independent cores of the HSM end.
9. The method according to claim 8, wherein the processing, by the HSM terminal in the in-vehicle domain controller chip system, the service request related to information security sent by the main controller terminal includes:
Collecting all information security messages in a preset time period through a main controller end in an on-board domain controller chip system;
The information security message is integrally sent to an HSM end in a vehicle-mounted domain controller chip system through an interaction channel as an information security related service request;
Processing the service request related to the information security through the HSM connection layer of the HSM terminal;
and sending a processing result of the service request related to the information security to the main controller end through the HSM connection layer through an interaction channel.
10. The method according to any one of claims 7 to 9, wherein the HSM terminal is capable of online upgrading firmware by built-in Flash.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111064468.3A CN113722104B (en) | 2021-09-10 | 2021-09-10 | Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111064468.3A CN113722104B (en) | 2021-09-10 | 2021-09-10 | Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113722104A CN113722104A (en) | 2021-11-30 |
| CN113722104B true CN113722104B (en) | 2024-06-25 |
Family
ID=78683286
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111064468.3A Active CN113722104B (en) | 2021-09-10 | 2021-09-10 | Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113722104B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109541987A (en) * | 2018-10-17 | 2019-03-29 | 同济大学 | A kind of plug and play type intelligent automobile domain controller and method with redundancy structure |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160149877A1 (en) * | 2014-06-05 | 2016-05-26 | Cavium, Inc. | Systems and methods for cloud-based web service security management basedon hardware security module |
| CN109088848A (en) * | 2018-06-04 | 2018-12-25 | 佛吉亚好帮手电子科技有限公司 | A kind of intelligent network connection automobile information method for security protection |
| CN112422595B (en) * | 2019-08-20 | 2022-10-11 | 华为技术有限公司 | Vehicle-mounted system safety protection method and device |
| CN111783078A (en) * | 2020-07-14 | 2020-10-16 | 大唐终端技术有限公司 | Android platform security chip control system |
| CN113212333B (en) * | 2021-04-21 | 2022-10-28 | 北京汽车股份有限公司 | Domain controller and vehicle |
-
2021
- 2021-09-10 CN CN202111064468.3A patent/CN113722104B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109541987A (en) * | 2018-10-17 | 2019-03-29 | 同济大学 | A kind of plug and play type intelligent automobile domain controller and method with redundancy structure |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113722104A (en) | 2021-11-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110383773B (en) | Specially programmed computing system with associated devices configured to implement a centralized service ECU based on a service oriented architecture and methods of use thereof | |
| US10664413B2 (en) | Hardware security for an electronic control unit | |
| CN108989024B (en) | Method, device and equipment for controlling communication between ECUs and corresponding vehicle | |
| CN108259465B (en) | Authentication encryption method for internal network of intelligent automobile | |
| KR20160139493A (en) | Method and apparatus for managing encryption keys for cloud service | |
| EP3893462A1 (en) | Message transmission method and apparatus | |
| CN109104275A (en) | A kind of HSM equipment | |
| CN113923608B (en) | Message processing component, communication equipment and vehicle-mounted communication system | |
| CN108768669A (en) | Based on ASIC trusted remote memory switching cards and its method for interchanging data | |
| CN114297114B (en) | Encryption card, data interaction method and device thereof and computer readable storage medium | |
| CN116418522A (en) | Cloud server crypto-engine system based on virtualization technology | |
| CN113722104B (en) | Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller | |
| CN110417538B (en) | Vehicle and method and system for internal safety communication of vehicle | |
| CN116208335A (en) | Vehicle data management method, device, server and storage medium | |
| CN113852457A (en) | System and method for transmitting and receiving data based on vehicle network | |
| Ambekar et al. | Future of Automotive Embedded Hardware Trust Anchors (AEHTA) | |
| CN113468563B (en) | Virtual machine data encryption method and device, computer equipment and storage medium | |
| CN117633914B (en) | Chip-based password resource scheduling method, device and storage medium | |
| CN114039736A (en) | Method for dynamically loading encryption engine | |
| CN114329574B (en) | Encrypted partition access control method and system based on domain management platform and computing equipment | |
| CN112738219B (en) | Program running method, program running device, vehicle and storage medium | |
| JP2017208731A (en) | Management system, management device, on-vehicle computer, management method, and computer program | |
| CN116094754A (en) | Encryption and decryption method and device, electronic equipment and storage medium | |
| CN117041958A (en) | Authentication method for communication content between vehicle-mounted V2X-OBU and intelligent domain controller | |
| CN118199870A (en) | Data communication method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |