CN114422208A

CN114422208A - Vehicle safety communication method, device, microprocessor and storage medium

Info

Publication number: CN114422208A
Application number: CN202111653535.5A
Authority: CN
Inventors: 于鹏
Original assignee: Shanghai Jidu Automobile Co Ltd
Current assignee: Shanghai Jidu Automobile Co Ltd
Priority date: 2021-12-30
Filing date: 2021-12-30
Publication date: 2022-04-29

Abstract

The embodiment of the invention provides a vehicle safety communication method, a device, a microprocessor and a storage medium, wherein the method comprises the following steps: receiving an authentication request sent by first external equipment, and authenticating the first external equipment based on the authentication request; after the authentication is passed, receiving a first request message sent by first external equipment, and detecting the validity of the first request message; if the first request message is legal, determining a target component corresponding to the first request message; and forwarding the first request message to the target component. By adopting the invention, under the condition that the external equipment and the vehicle pass the authentication, the request message sent by the external equipment can still be filtered, the illegal request message is shielded, and only the legal request message is forwarded to the corresponding target component. The safety of vehicle communication can be improved, and illegal infringement of illegal equipment can be avoided.

Description

Vehicle safety communication method, device, microprocessor and storage medium

Technical Field

The invention relates to the technical field of data transmission, in particular to a vehicle safety communication method, a vehicle safety communication device, a microprocessor and a storage medium.

Background

The external diagnostic instrument can be connected with the vehicle through an On-Board Diagnostics (OBD) interface of the vehicle, and communication between the diagnostic instrument and the vehicle is realized through the OBD interface. The communication process is mainly used for two purposes, namely diagnosis of the vehicle and update of vehicle software. Currently, all vehicles generally have an OBD interface. On the one hand, in order to meet the most basic requirements of the regulations, the communication contents specified by the regulations only cover part of standard diagnostic data related to vehicle emissions. On the other hand, in order to meet the requirement of enterprise-level vehicle diagnosis, each vehicle enterprise can customize enterprise-level diagnosis Services according to a Universal Diagnostic Services (UDS) standard, and the enterprise-level diagnosis Services include Services such as transmission of diagnosis data of all components of the vehicle, offline calibration learning, vehicle configuration management, vehicle software update and the like.

With the development of the technology, the complexity of the network in the vehicle is improved. The current interior of the automobile CAN not only rely on the traditional CAN bus to transmit data, but also CAN transmit data through the Ethernet. The existing OBD interface CAN be compatible with the two data transmission modes, namely, no matter whether the components in the vehicle are connected to the Ethernet or the CAN bus, the data transmission CAN be carried out through the OBD interface and the components.

The OBD interface is used as a communication interface exposed to the outside of a vehicle and needs to be protected in terms of communication safety, and various regulations and regulations also suggest a protection design for the OBD interface. But the current vehicle enterprises do not carry out good communication security protection on the OBD interface, so that the vehicle security is threatened due to the fact that illegal equipment is difficult to access the vehicle.

Disclosure of Invention

The embodiment of the invention provides a vehicle safety communication method, a vehicle safety communication device, a microprocessor and a storage medium, which are used for improving the safety of vehicle communication.

In a first aspect, an embodiment of the present invention provides a vehicle safety communication method, where the method includes:

receiving an authentication request sent by first external equipment, and authenticating the first external equipment based on the authentication request;

after the authentication is passed, receiving a first request message sent by the first external equipment, and detecting the validity of the first request message;

if the first request message is legal, determining a target component corresponding to the first request message;

and forwarding the first request message to the target component.

Optionally, the target component is a target electronic control unit ECU, and the first request message is used for requesting diagnostic data in the target ECU;

after forwarding the first request message to the target component, the method further includes:

receiving the diagnostic data returned by the target ECU in response to the first request message;

returning the diagnostic data to the first external device.

Optionally, the target component is connected to an ethernet or a controller area network, CAN, bus inside the vehicle.

Optionally, the detecting the validity of the first request packet includes:

acquiring first information to be detected in a message header of the first request message;

acquiring a first preset legal information list;

and if the first information to be detected is matched with any legal information in the first preset legal information list, determining that the first request message is legal.

Optionally, the method further comprises:

before passing the authentication, receiving a second request message sent by the first external equipment, and acquiring second information to be detected from a message header of the second request message;

acquiring a second preset legal information list, wherein the first preset legal information list comprises legal information in the second preset legal information list;

and if the second information to be detected is matched with any legal information in the second preset legal information list, forwarding the second request message.

Optionally, the information to be detected at least includes any one of the following items:

communication protocol, transmission control protocol port, source internet interconnection protocol IP address, destination IP address and service identification.

Optionally, the method is applied to a microprocessor MPU;

the MPU and components inside the vehicle are configured in a first virtual local area network VLAN, wherein the components inside the vehicle comprise the target component;

the MPU and the first external device are configured in a second VLAN.

Optionally, after the authentication is passed, the method further comprises:

when the condition that the preset firewall locking condition is met is detected, if a third request message sent by a second external device is received, the third request message is forbidden to be forwarded;

wherein, the preset firewall locking conditions include:

the first external device is pulled out; alternatively, the first and second electrodes may be,

and the time from the last time of receiving the session maintenance message sent by the first external device exceeds the preset time.

Optionally, the authenticating the first external device based on the authentication request includes:

acquiring a random number, and sending the random number to the first external device;

determining reference information based on the random number;

acquiring encryption information of the first external device for encrypting the random number through a secret key;

decrypting the encrypted information through a locally stored key to obtain decrypted information;

and if the decryption information is matched with the reference information, determining that the first external equipment passes the authentication.

In a second aspect, an embodiment of the present invention provides a vehicle safety communication device, including:

the authentication module is used for receiving an authentication request sent by first external equipment and authenticating the first external equipment based on the authentication request;

the detection module is used for receiving a first request message sent by the first external equipment after the authentication is passed, and detecting the validity of the first request message;

the forwarding module is used for determining a target component corresponding to the first request message if the first request message is legal; and forwarding the first request message to the target component.

the forwarding module is further configured to:

returning the diagnostic data to the first external device.

Optionally, the detecting module is configured to:

acquiring a first preset legal information list;

Optionally, the detection module is further configured to:

Optionally, the apparatus is applied to a microprocessor MPU;

the MPU and the first external device are configured in a second VLAN.

Optionally, the forwarding module is further configured to:

wherein, the preset firewall locking conditions include:

Optionally, the authentication module is configured to:

determining reference information based on the random number;

In a third aspect, an embodiment of the present invention provides a microprocessor including the vehicle safety communication device in the second aspect.

In a fourth aspect, embodiments of the present invention provide a non-transitory machine-readable storage medium having executable code stored thereon, which when executed by a microprocessor, causes the microprocessor to implement at least the vehicle safety communication method of the first aspect.

By adopting the invention, under the condition that the external equipment and the vehicle pass the authentication, the request message sent by the external equipment can still be filtered, the illegal request message is shielded, and only the legal request message is forwarded to the corresponding target component. The invention can not only enable the external equipment to communicate with the vehicle, but also prevent any request message sent by the external equipment from being forwarded without limit after the authentication is passed. The invention can improve the safety of vehicle communication and avoid illegal infringement of illegal equipment.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.

FIG. 1 is a schematic flow chart illustrating a method for vehicle safety communication according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of a vehicle network architecture according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of another vehicle network architecture provided by an embodiment of the present invention;

FIG. 4 is a schematic diagram of another vehicle network architecture provided by an embodiment of the present invention;

fig. 5 is a schematic signaling interaction diagram of a vehicle safety communication method according to an embodiment of the present invention;

fig. 6 is a schematic structural diagram of a vehicle safety communication device according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, and "a plurality" typically includes at least two.

The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrases "if determined" or "if detected (a stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when detected (a stated condition or event)" or "in response to a detection (a stated condition or event)", depending on the context.

In addition, the sequence of steps in each method embodiment described below is only an example and is not strictly limited.

Fig. 1 is a flowchart of a vehicle security communication method according to an embodiment of the present invention, where the method may be applied to a Micro Processor Unit (MPU) provided in a vehicle. As shown in fig. 1, the method comprises the steps of:

101. and receiving an authentication request sent by the first external equipment, and authenticating the first external equipment based on the authentication request.

102. And after the authentication is passed, receiving a first request message sent by the first external equipment, and detecting the legality of the first request message.

103. And if the first request message is legal, determining a target component corresponding to the first request message.

104. And forwarding the first request message to the target component.

The external device may be a diagnostic instrument. The first external device can be connected into the vehicle through an OBD interface arranged in the vehicle and is communicated with the interior of the vehicle. When the first external device is connected to the vehicle, authentication with the vehicle is required, and illegal devices can be prevented from being connected to the vehicle through authentication operation.

When the first external device accesses the vehicle, the first external device may send an authentication request to the vehicle. The vehicle may authenticate the first external device based on the authentication request.

Alternatively, the authentication process may be implemented as: acquiring a random number, and sending the random number to first external equipment; determining reference information based on the random number; acquiring encryption information of a first external device for encrypting the random number through a secret key; decrypting the encrypted information through a locally stored key to obtain decrypted information; and if the decryption information is matched with the reference information, determining that the first external equipment passes the authentication.

The authentication process may be specifically implemented by the MPU. First, the MPU may generate a random number and transmit the random number to the first external device. Meanwhile, the MPU can also carry out encryption operation on the random number by adopting a preset encryption algorithm to obtain reference information. The preset encryption algorithm may include a symmetric encryption algorithm, an asymmetric encryption algorithm, or other encryption algorithms, which is not limited in this embodiment of the present invention.

If the first external device is a legal authorized device, the first external device stores a certificate, and the certificate carries a key for authentication operation. The first external device may obtain the key from the certificate, and then perform an encryption operation on the random number received from the MPU using a preset encryption algorithm to obtain encrypted information. The first external device may transmit the encryption information to the MPU.

The MPU may acquire the locally stored key, and decrypt the encrypted information received from the first external device through the key to obtain decrypted information. And if the decryption information is matched with the reference information, the first external device is a legal authorized device, and the first external device is determined to pass the authentication.

After the authentication is passed, the method provided by the embodiment of the present invention may further include: and when the preset firewall locking condition is detected to be met, if a third request message sent by the second external equipment is received, the third request message is forbidden to be forwarded. The preset firewall locking condition comprises the following steps: the first external device is pulled out; or, the time from the last time of receiving the session maintenance message sent by the first external device exceeds the preset time.

The second external device may be the first external device, or may be a device other than the first external device. When the first external device is pulled out, the newly accessed second external device needs to be authenticated again. Specifically, the external device can connect the diagnosis activation line to the vehicle through the OBD interface, and whether the external device is connected or disconnected can be judged by detecting a signal on the diagnosis activation line.

In addition, after the first external device accesses the vehicle, it is necessary to constantly send a session maintenance message to the MPU according to a preset period to maintain the connection. When the MPU detects that the session maintenance message transmitted from the first external device is received last time and exceeds a preset duration, the firewall may be set to a locked state.

The session maintenance message may be a Tester Present message. The preset time period may be, for example, 5 s.

In some alternative embodiments, a firewall module may be provided in the MPU. Before the authentication is passed, the firewall is in a locked state, and after the authentication is passed, the firewall can be unlocked through an unlocking instruction. It is understood that even if an unlock instruction is received, the unlock instruction is masked and no processing is performed until the authentication is passed. That is, authentication pass is a prerequisite for firewall unlocking.

When the firewall is in a locked state, a part of the routing function of the MPU is disabled, and the specific meaning of the part of the routing function of the MPU will be described later. When the firewall is in the unlocked state, the routing function of the MPU is in an enabled state.

And after the authentication is passed, receiving a first request message sent by the first external device, wherein the MPU does not directly route any request message, but detects the legality of the first request message and only routes the legal request message. Specifically, if the first request message is legal, the target component corresponding to the first request message is determined, and the first request message is forwarded to the target component.

Wherein, optionally, the target component may be a target Electronic Control Unit (ECU). The request message can be used for requesting the diagnostic data of the target ECU in the vehicle diagnostic process, or can be used for updating the target component needing to be updated in the vehicle software updating process.

The ECU is used to control the driving state of the vehicle and implement various functions, and the ECU may be classified into different types according to the implementation of the functions. The ECU may include, but is not limited to, an engine management system, an automatic transmission control unit, a vehicle body control module, a vehicle body electronic stability control system, a battery management system, a vehicle control unit, an intelligent gateway, a tbox (telematics box) module, and the like.

Optionally, if the first request message is used to request diagnostic data of the target ECU, and after the first request message is forwarded to the target component, the method provided in the embodiment of the present invention may further include: receiving the diagnostic data returned by the target ECU in response to the first request message; the diagnostic data is returned to the first external device.

The diagnostic data of the target ECU may be, for example, sensor data, state information of the target ECU, a vehicle fault code, or the like. Service personnel can locate vehicle faults based on the diagnostic data.

It should be noted that, with the development of technology, the complexity of the in-vehicle network is increased. The current interior of the automobile CAN not only rely on the traditional CAN bus to transmit data, but also CAN transmit data through the Ethernet. The existing OBD interface CAN be compatible with the two data transmission modes, namely, no matter whether the components in the vehicle are connected to the Ethernet or the CAN bus, the data transmission CAN be carried out through the OBD interface and the components.

For this reason, there are currently two ways of vehicle communication, including communication over ethernet and communication over a CAN bus. The vehicle safety communication method provided by the embodiment of the invention can be compatible with the two vehicle communication modes. The target component CAN be connected to an Ethernet or a CAN bus inside the vehicle.

A specific implementation of detecting the validity of the first request packet will be described below.

Optionally, the process of detecting the validity of the first request packet may be implemented as: acquiring first information to be detected in a message header (header) of a first request message; acquiring a first preset legal information list; and if the first information to be detected is matched with any legal information in the first preset legal information list, determining that the first request message is legal.

Optionally, the information to be detected may include at least any one of the following: a communication Protocol, a transmission control Protocol port (TCP port), a source Internet Protocol (IP) address, a destination IP address, a service identifier. Wherein, the service may be a UDS service, and the service identifier may be correspondingly expressed as a UDS service id.

In some alternative embodiments, the communication protocol may include a Diagnostic on IP (abbreviated DoIP) protocol, a Diagnostic on CAN (abbreviated DoCAN) protocol.

The information to be detected may be included in headers of different layers of the first request message, and the information to be detected may be obtained from the headers of the corresponding layer for validity verification.

For understanding the process of detecting the validity of the first request packet, taking a scenario of detecting the validity of the source IP as an example, the MPU may store a valid IP list, and the first external device may carry the IP of the first external device as the source IP in the first request packet and send the source IP to the MPU. The MPU may obtain the source IP from the first request message and then look up whether the source IP exists in the legitimate IP list. If the source IP exists in the legal IP list, the source IP is legal.

Alternatively, taking the scenario of detecting the validity of the communication protocol as an example, the MPU may store a valid communication protocol list, assuming that the list includes the DoIP protocol and the doc protocol. The MPU may detect a communication protocol C used by the first request message from a header of the first request message transmitted from the first external device. If the communication protocol C is the DoIP protocol or the doc protocol, the communication protocol used by the first request message is legal. If the communication protocol C is a protocol other than the DoIP protocol and the doc protocol, the communication protocol used in the first request message is illegal.

It is worth noting that for the communication content on which the legislation stipulates the basis, this type of communication content only covers part of the standard diagnostic data relating to vehicle emissions, which does not pose a threat to the safety of the vehicle. Based on this, even if the authentication has not passed, the MPU can route the request message that does not threaten the security of the vehicle, and this realizes a function that enables a partial routing function of the MPU when the authentication has not passed. Therefore, the communication efficiency can be improved, and the safe and reliable request message is prevented from being completely shielded.

Based on this, optionally, before passing the authentication, receiving a second request message sent by the first external device, and acquiring second information to be detected from a message header of the second request message; acquiring a second preset legal information list, wherein the first preset legal information list comprises legal information in the second preset legal information list; and if the second information to be detected is matched with any legal information in the second preset legal information list, forwarding the second request message.

It is understood that the first preset legal information list can be regarded as a large list containing more legal information, and the second preset legal information list can be regarded as a small list containing less legal information. The first preset legal information list may include all contents in the second legal information list. Only a small part of the very secure and reliable request messages may be forwarded to the corresponding target component before the authentication passes, while after the authentication passes, the probability that more request messages are forwarded may be increased.

For understanding the process of detecting the validity of the second request packet, taking a scenario of detecting the validity of the ids service id as an example, the MPU may store a valid ids service id list, and it is assumed that the valid ids service id list includes 3 valid ids: $10, $27, $ 31. The first external device may carry the ids service id that needs to be requested in the second request message and send the second request message to the MPU. The MPU may obtain the uds service id that needs to be requested from the second request message. If the requested uds service id is any of $10, $27, $31, then this indicates that the requested uds service id is legitimate.

As shown in fig. 2, the first external device is electrically connected to the OBD interface, the OBD interface is electrically connected to the ethernet switch, and the ethernet switch is electrically connected to the MPU. The MPU is connected with each ECU through the Ethernet.

Actually, in the process of forwarding the first request message, the first external device first sends the first request message to the ethernet switch through the OBD interface, and then the ethernet switch forwards the first request message to the MPU, and finally the MPU forwards the first request message to the corresponding target ECU under the condition that the first request message is legal.

Compared with the scheme that the first request message is directly forwarded to the corresponding target ECU through the Ethernet switch, the technical scheme provided by the embodiment of the invention can better ensure the communication safety. Because the ethernet switch is a network device at a second layer (i.e., a data link layer) in an Open System Interconnection (OSI) Reference Model, the aforementioned information to be detected corresponds to a third layer (i.e., a network layer) and above in the OSI Reference Model, that is, only the network device at the third layer or above in the OSI Reference Model can identify the information to be detected from the first request message.

For the ethernet switch, it cannot recognize the information to be detected in the first request message, and further it cannot filter the first request message on the higher layer in the OSI reference model. As long as the external device and the vehicle pass the authentication, the ethernet switch will forward the request message sent by the external device, so that the security of communication cannot be guaranteed.

The MPU can be considered as a network device on a third layer, i.e., above, in the OSI reference model, and can correctly recognize the to-be-detected information in the first request message, and filter the illegal first request message based on the to-be-detected information in the first request message. Therefore, the technical scheme provided by the embodiment of the invention can better ensure the safety of communication.

In some optional embodiments, the ethernet switch may be configured to isolate different components inside the vehicle from the first external device by setting a different Virtual Local Area Network (VLAN).

Based on this, alternatively, the MPU and each component inside the vehicle may be arranged in the first VLAN, and the MPU and the first external device may be arranged in the second VLAN. Wherein each component inside the vehicle includes a target component.

As shown in fig. 3, the MPU and the first external device may be configured in VLAN a, and the MPU and the first external device may be configured in VLAN B.

Devices between different VLANs can be considered to be approximately physically isolated and cannot communicate with each other, that is, the first external device cannot directly communicate with each ECU inside the vehicle other than the MPU. The MPU is used as an intermediate medium and can play a role of mutually transmitting messages or data in the first VLAN and the second VLAN, and any request message entering the first VLAN needs to be filtered by the MPU.

In the embodiment of the present invention, before and after authentication is passed, VLAN configuration is not changed. That is, the MPU and each component inside the vehicle are arranged in the first VLAN, and the MPU and the first external device are arranged in the second VLAN, regardless of whether authentication is passed or not. By adopting the mode, the steps of changing VLAN configuration can be saved, and the network transmission efficiency is improved. Meanwhile, the first external device and the components except the MPU in the vehicle are always kept in an isolated state, so that the first external device and the components except the MPU in the vehicle are prevented from being directly communicated without being filtered by a firewall, and the safety of vehicle communication can be further improved.

In some optional embodiments, the ethernet network of the vehicle may be divided into a main network and a plurality of sub-networks, and the main network and the plurality of sub-networks may be connected through an ethernet diagnostic domain controller. If the first request message is forwarded to a certain subnet, the MPU may forward the first request message to the ethernet diagnostic domain controller corresponding to the subnet, and then forward the first request message to the corresponding target ECU by the ethernet diagnostic domain controller.

Besides, the Ethernet diagnosis domain controller CAN be connected with the CAN bus, so that the ECU connected to the CAN bus CAN exchange data with the ECU connected to the Ethernet through the Ethernet diagnosis domain controller.

The OBD interface may be compatible with a 4-wire standard ethernet line and a 2-wire standard CAN bus. If the first external device needs to communicate with the vehicle via ethernet, the in-vehicle ethernet may be accessed via a 4-wire standard ethernet cable. If the first external device needs to communicate with the vehicle through the CAN bus, the first external device CAN be accessed through the 2-wire standard CAN bus.

As shown in fig. 4, when the first external device communicates with the vehicle through the CAN bus, the first external device may also transmit a message to the MPU. And if the forwarding object corresponding to the message is the ECU connected to the MPU through the CAN bus under the condition that the message is legal, directly forwarding the message to the corresponding ECU through the CAN bus by the MPU. If the forwarding object corresponding to the message is the ECU connected to the singlechip through the CAN bus, the MPU forwards the message to the singlechip firstly, and then the singlechip forwards the message to the corresponding ECU through the CAN bus.

In some optional embodiments, the MPU and the single chip microcomputer may be components in an in-vehicle diagnostic edge ECU, which may be, for example, an intelligent gateway or a TBOX module. Since the intelligent gateway or the TBOX module is generally arranged in the current intelligent vehicle, the MPU in the intelligent gateway or the TBOX module can be directly reused to implement the method provided by the embodiment of the invention, so that the deployment cost can be reduced.

In summary, fig. 5 shows a signaling interaction diagram of the method provided by the embodiment of the present invention, and an interaction process between devices includes the following steps:

501. the diagnostic instrument sends an authentication request to the in-vehicle diagnostic edge ECU.

502. The in-vehicle diagnostic edge ECU returns a random number to the diagnostic instrument.

503. The diagnostic instrument adopts a symmetric encryption algorithm to carry out encryption operation on the random number to obtain an encryption result. The diagnostic apparatus sends the encrypted result to the in-vehicle diagnostic edge ECU.

504. And the in-vehicle diagnosis edge ECU verifies the encryption result.

505. And the in-vehicle diagnosis edge ECU feeds back the verification result to the diagnostic instrument.

506. And the diagnostic instrument sends a firewall unlocking instruction to the in-vehicle diagnostic edge ECU.

507. If the verification result is that the authentication is passed, the in-vehicle diagnosis edge ECU sets the firewall to the unlocked state.

508. The diagnostic instrument sends a request message to the in-vehicle diagnostic edge ECU, and the request message is forwarded by the in-vehicle diagnostic edge ECU and is sent to the corresponding ECU accessed to the Ethernet or the ECU accessed to the CAN bus.

509. And (4) disconnecting the diagnostic instrument, and locking the firewall again when the in-vehicle diagnostic edge ECU detects that the diagnostic instrument is disconnected.

In addition, when the vehicle is on the production line, the firewall is not activated in order to prevent the firewall from being frequently opened and closed on the production line. After the vehicle is off-line, the firewall is activated to ensure the safety of vehicle communication.

The vehicle safety communication device according to one or more embodiments of the present invention will be described in detail below. Those skilled in the art will appreciate that these vehicle safety communication devices may be constructed using commercially available hardware components configured by the steps taught in this disclosure.

Fig. 6 is a schematic structural diagram of a vehicle safety communication device according to an embodiment of the present invention, and as shown in fig. 6, the device includes:

the authentication module 61 is configured to receive an authentication request sent by a first external device, and authenticate the first external device based on the authentication request;

the detection module 62 is configured to receive a first request packet sent by the first external device after the authentication is passed, and detect validity of the first request packet;

a forwarding module 63, configured to determine, if the first request packet is legal, a target component corresponding to the first request packet; and forwarding the first request message to the target component.

the forwarding module 63 is further configured to:

returning the diagnostic data to the first external device.

Optionally, the detecting module 62 is configured to:

acquiring a first preset legal information list;

Optionally, the detecting module 62 is further configured to:

Optionally, the apparatus is applied to a microprocessor MPU;

the MPU and the first external device are configured in a second VLAN.

Optionally, the forwarding module 63 is further configured to:

wherein, the preset firewall locking conditions include:

Optionally, the authentication module 61 is configured to:

determining reference information based on the random number;

The device shown in fig. 6 may perform the vehicle safety communication method provided in the embodiments shown in fig. 1 to fig. 5, and the detailed implementation process and technical effects are described in the foregoing embodiments and will not be described herein again.

In one possible design, the structure of the vehicle safety communication device shown in fig. 6 described above may be implemented as a microprocessor.

In addition, an embodiment of the present invention provides a non-transitory machine-readable storage medium having executable code stored thereon, which when executed by a microprocessor, causes the microprocessor to implement at least the vehicle safety communication method as provided in the foregoing embodiments shown in fig. 1 to 5.

The above-described apparatus embodiments are merely illustrative, wherein the units described as separate components may or may not be physically separate. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.

Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by adding a necessary general hardware platform, and of course, can also be implemented by a combination of hardware and software. With this understanding in mind, the above-described aspects and portions of the present technology which contribute substantially or in part to the prior art may be embodied in the form of a computer program product, which may be embodied on one or more computer-usable storage media having computer-usable program code embodied therein, including without limitation disk storage, CD-ROM, optical storage, and the like.

The vehicle safety communication method provided by the embodiment of the present invention may be executed by a certain program/software, the program/software may be provided by a network side, the electronic device mentioned in the foregoing embodiment may download the program/software into a local nonvolatile storage medium, and when it needs to execute the vehicle safety communication method, the program/software is read into a memory by a CPU, and then the CPU executes the program/software to implement the vehicle safety communication method provided in the foregoing embodiment, and the execution process may refer to the schematic in fig. 1 to 5.

Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims

1. A vehicle security communication method, comprising:

and forwarding the first request message to the target component.

2. The method of claim 1, wherein the target component is a target Electronic Control Unit (ECU), and the first request message is used for requesting diagnostic data in the target ECU;

returning the diagnostic data to the first external device.

3. The method of claim 1, wherein the target component has access to an ethernet or controller area network, CAN, bus within the vehicle.

4. The method of claim 1, wherein the detecting the validity of the first request packet comprises:

acquiring a first preset legal information list;

5. The method of claim 4, further comprising:

6. The method according to claim 4 or 5, wherein the information to be detected comprises at least any one of:

7. The method of claim 1, wherein the method is applied to a microprocessor MPU;

the MPU and the first external device are configured in a second VLAN.

8. The method of claim 1, wherein after authentication passes, the method further comprises:

wherein, the preset firewall locking conditions include:

9. The method of claim 1, wherein authenticating the first external device based on the authentication request comprises:

determining reference information based on the random number;

decrypting the encrypted information through the locally stored key to obtain decrypted information;

10. A vehicle safety communication device, comprising:

11. The apparatus of claim 10, wherein the target component is a target Electronic Control Unit (ECU), and the first request message is used for requesting diagnostic data in the target ECU;

the forwarding module is further configured to:

returning the diagnostic data to the first external device.

12. The apparatus of claim 10, wherein the target component has access to an ethernet or controller area network, CAN, bus within the vehicle.

13. The apparatus of claim 10, wherein the detection module is configured to:

acquiring a first preset legal information list;

14. The apparatus of claim 13, wherein the detection module is further configured to:

15. The apparatus according to claim 13 or 14, wherein the information to be detected comprises at least any one of:

16. The apparatus of claim 10, wherein the apparatus is applied to a microprocessor MPU;

the MPU and the first external device are configured in a second VLAN.

17. The apparatus of claim 10, wherein the forwarding module is further configured to:

wherein, the preset firewall locking conditions include:

18. The apparatus of claim 10, wherein the authentication module is configured to:

determining reference information based on the random number;

19. A microprocessor characterized by comprising the vehicle safety communication device of any one of claims 10-18.

20. A non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a microprocessor, causes the microprocessor to perform the vehicle safety communication method of any one of claims 1-9.