CN116152947A - Recording system and method for automatic driving data of vehicle - Google Patents

Recording system and method for automatic driving data of vehicle Download PDF

Info

Publication number
CN116152947A
CN116152947A CN202111383173.2A CN202111383173A CN116152947A CN 116152947 A CN116152947 A CN 116152947A CN 202111383173 A CN202111383173 A CN 202111383173A CN 116152947 A CN116152947 A CN 116152947A
Authority
CN
China
Prior art keywords
data
event
automatic driving
storage area
recording
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111383173.2A
Other languages
Chinese (zh)
Inventor
陈昕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Automobile Group Co Ltd
Original Assignee
Guangzhou Automobile Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Automobile Group Co Ltd filed Critical Guangzhou Automobile Group Co Ltd
Priority to CN202111383173.2A priority Critical patent/CN116152947A/en
Publication of CN116152947A publication Critical patent/CN116152947A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C5/00Registering or indicating the working of vehicles
    • G07C5/08Registering or indicating performance data other than driving, working, idle, or waiting time, with or without registering driving, working, idle or waiting time
    • G07C5/0841Registering performance data
    • G07C5/085Registering performance data using electronic data carriers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/76Architectures of general purpose stored program computers
    • G06F15/78Architectures of general purpose stored program computers comprising a single central processing unit
    • G06F15/7807System on chip, i.e. computer system on a single chip; System in package, i.e. computer system on one or more chips in a single package
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/11File system administration, e.g. details of archiving or snapshots
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C5/00Registering or indicating the working of vehicles
    • G07C5/008Registering or indicating the working of vehicles communicating information to a remotely located station

Abstract

The invention discloses a recording system and a recording method of automatic driving data of a vehicle, wherein the recording system comprises: the system-on-chip SOC is used for starting automatic driving data recording of the vehicle; the communication interface is in communication connection with the system on chip SOC; the safety chip is in communication connection with the System On Chip (SOC) and is used for carrying out digital signature on the automatic driving data; a data memory having a first data storage area and a second data storage area; and the file management system is respectively connected with the security chip and the data storage in a communication way, and is used for storing the data subjected to digital signature by the security chip into the first data storage area, intercepting the data corresponding to the key security event in the first data storage area when the recording system monitors that the triggering condition of the key security event is met, and storing the data into the second data storage area. The invention can effectively avoid the leakage and loss of data and is convenient for the taking and the use of the responsibility determination of the automatic driving safety accident.

Description

Recording system and method for automatic driving data of vehicle
Technical Field
The invention belongs to the technical field of intelligent network automobiles, and particularly relates to a recording system and method of automatic driving data of a vehicle.
Background
With the development of intelligent internet-connected automobiles, the safety of intelligent driving is also paid unprecedented attention to by the whole society. In recent years, an event regarding a safety accident of a vehicle due to an abnormality in a smart driving function or improper use of a related function by a user has been continuously occurred. In order to divide and judge the responsibility of the vehicle and the driver and restore the accident scene as far as possible when the intelligent network-connected automobile has the safety accident, the intelligent network-connected automobile automatic driving data recording system with the information safety protection treatment (the information safety of preventing falsification, leakage, deletion and the like) has important significance and effect.
The prior art scheme is only used for cloud recording or local recording for vehicle debugging and research and development, and more is oriented to related research and development and design enterprises of automobiles. Meanwhile, the prior art scheme can not meet related laws and regulations such as automobile information safety and data safety management. Furthermore, in the prior art, a distinguishing mechanism is lacking in the record of the automatic driving data, all the automatic driving data are stored indiscriminately, and if the method is applied to the responsibility determination of the automatic driving accident, the critical data cannot be acquired in time, so that the processing efficiency is reduced.
Disclosure of Invention
The technical problem to be solved by the embodiment of the invention is to provide a recording system and a recording method for automatic driving data of a vehicle, so that the leakage and loss of the data are effectively avoided, and the automatic driving safety accident responsibility is conveniently called and used.
In order to solve the above technical problems, the present invention provides a recording system of vehicle automatic driving data, comprising:
the system-on-chip SOC is used for responding to a control instruction of a user for starting a data recording function after the automatic driving system is electrified and activated, and starting automatic driving data recording of the vehicle;
the communication interface is in communication connection with the system on chip SOC and is used for receiving automatic driving data and a control instruction of a user for starting a data recording function;
the safety chip is in communication connection with the System On Chip (SOC) and is used for carrying out digital signature on the automatic driving data;
a data memory having a first data storage area and a second data storage area;
and the file management system is respectively connected with the security chip and the data storage in a communication way, and is used for storing the data subjected to digital signature by the security chip into the first data storage area, intercepting the data corresponding to the key security event in the first data storage area when the recording system monitors that the triggering condition of the key security event is met, and storing the data into the second data storage area.
Further, the key safety event is divided into a locking event and an unlocking event according to different triggering conditions, wherein the triggering conditions of the locking event are that the irreversible restraint device is unfolded or the vehicle speed change is not smaller than a first preset speed threshold value in a first preset time interval; the triggering condition of the non-locking event is that the vehicle speed is reduced by at least a second preset speed threshold value in a first preset time interval, or the longitudinal deceleration requested by the automatic driving system in the vehicle running direction is larger than a preset deceleration threshold value.
Further, when the recording system monitors that the triggering condition of the key security event is met, the file management system is specifically configured to: and taking the time point of receiving the trigger condition signal as an event origin, intercepting data from a second preset time interval before the event origin to a third preset time interval after the event origin in the first data storage area, and storing the data into the second data storage area.
Further, when the second data storage area is full, the locking event covers the unlocking event for storage; and if the locking event is stored in the second data storage area, the recording system reminds the user of insufficient system storage space.
Further, the communication interface specifically comprises a network port, a bus interface and a man-machine interaction interface, wherein the network port specifically is an Ethernet interface and comprises at least one port for receiving demand data of an automatic driving main domain controller and a related domain controller; the bus interface receives signals of the automatic driving auxiliary domain controller, the vehicle drive-by-wire system, the millimeter wave radar and the camera, and the man-machine interaction interface is used for enabling a user to input a control instruction on the vehicle-mounted man-machine interaction device to start a data recording function.
Further, the ethernet port is connected to the autopilot main domain controller through the ethernet, the bus interface is connected to the autopilot auxiliary domain controller through the bus, the autopilot main domain controller uniformly forwards the relevant vehicle positioning information sent by the positioning module, the time information sent by the TBOX, the actual motion state information of the vehicle sent by the braking system and the power system, the driver relevant state information sent by the DMS and the BCM, the vehicle motion state information requested by the autopilot system, the sensing target relevant position information fused by each sensor and the internal and external image video data to the recording system at a predetermined frequency, wherein the bus data is forwarded through the onboard network, and the image and video data are forwarded through the ethernet.
Further, the system on chip SOC is further configured to perform anonymization processing on image or video data forwarded by the autopilot system, specifically, convert sharpness into personal information below a set pixel through a built-in algorithm and anonymize processing the personal information, and perform local contouring processing on face information and license plate information appearing in a picture.
Further, the recording system further comprises an authorized data reading interface connected with the data storage for connecting an authorized data reading device to read the recorded data.
Further, when the authorized data reading device requests to read the data corresponding to the key security event through the authorized data reading interface and extracts the whole folder, the recording system is used for moving all folders of the data corresponding to the key security event to the designated path and replying a specified instruction for performing file verification, which is sent by the authorized data reading device.
The invention also provides a recording method of the vehicle automatic driving data, which is implemented by the recording system of the vehicle automatic driving data, and comprises the following steps:
step S1, after an automatic driving system is electrified and activated, a system on chip SOC responds to a control instruction of a user for starting a data recording function, starts automatic driving data recording of a vehicle, and receives automatic driving data through a communication interface;
s2, the security chip digitally signs the received automatic driving data;
and step S3, the file management system stores the data subjected to digital signature by the security chip into a first data storage area of a data memory, intercepts data corresponding to the key security event in the first data storage area when the triggering condition of the key security event is monitored to be met, and stores the data into a second data storage area of the data memory.
Further, the key safety event is divided into a locking event and an unlocking event according to different triggering conditions, wherein the triggering conditions of the locking event are that the irreversible restraint device is unfolded or the vehicle speed change is not smaller than a first preset speed threshold value in a first preset time interval; the triggering condition of the non-locking event is that the vehicle speed is reduced by at least a second preset speed threshold value in a first preset time interval, or the longitudinal deceleration requested by the automatic driving system in the vehicle running direction is larger than a preset deceleration threshold value.
Further, when the recording system monitors that the triggering condition of the key security event is met, the file management system takes the time point of receiving the triggering condition signal as an event origin, intercepts data from a second preset time interval before the event origin to a third preset time interval after the event origin in the first data storage area, and stores the data into the second data storage area.
Further, in the step S3, after the second data storage area is full, the locking event is stored over the unlocking event; and if the locking event is stored in the second data storage area, the recording system reminds the user of insufficient system storage space.
Further, before the step S2, the method further includes: the system-on-chip SOC performs anonymization processing on the image or video data forwarded by the automatic driving system, specifically converts definition into personal information below a set pixel through a built-in algorithm and anonymizes the personal information, and performs local contouring processing on face information and license plate information appearing in a picture.
Further, the authorized data reading device requests to read the data corresponding to the key security event through the authorized data reading interface, specifically including:
after the authorized data reading equipment passes the security authentication of the authorized data reading interface, the authorized data reading equipment requests to read the data corresponding to the key security event, and the whole folder is extracted;
and the recording system moves all folders of the data corresponding to the key security events to a specified path and replies a specified instruction for checking the file, which is sent by the data reading equipment.
The implementation of the invention has the following beneficial effects: the recording system and the method for the automatic driving data of the vehicle not only provide a partition storage mechanism for the automatic driving data, but also further provide specific partition recording logic and triggering conditions, realize the partition storage of the data of key safety events, such as specific accident data, are convenient for the automatic driving accident to call and use at fixed time, greatly improve the fixed responsibility efficiency of the automatic driving accident and have higher practicability; meanwhile, by adding an anonymization processing mechanism and a security chip, the requirements of current information security laws and regulations can be met, the tampering and loss of data are effectively avoided, and the authenticity and the effectiveness of the data are realized.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic architecture diagram of a recording system for vehicle autopilot data according to an embodiment of the present invention.
Fig. 2 is a flowchart of a method for recording vehicle automatic driving data according to a second embodiment of the present invention.
Detailed Description
The following description of embodiments refers to the accompanying drawings, which illustrate specific embodiments in which the invention may be practiced.
Referring to fig. 1, a first embodiment of the present invention provides a recording system for vehicle automatic driving data, including:
the system-on-chip SOC is used for responding to a control instruction of a user for starting a data recording function after the automatic driving system is electrified and activated, and starting automatic driving data recording of the vehicle;
the communication interface is in communication connection with the system on chip SOC and is used for receiving automatic driving data and a control instruction of a user for starting a data recording function;
the safety chip is in communication connection with the System On Chip (SOC) and is used for carrying out digital signature on the automatic driving data;
a data memory having a first data storage area and a second data storage area;
and the file management system is respectively connected with the security chip and the data storage in a communication way, and is used for storing the data subjected to digital signature by the security chip into the first data storage area, intercepting the data corresponding to the key security event in the first data storage area when the recording system monitors that the triggering condition of the key security event is met, and storing the data into the second data storage area.
Specifically, the recording system of the vehicle automatic driving data in this embodiment defaults to the off state, and requires the user to manually turn on. After the automatic driving system is electrified and activated, the recording system loads configuration information and prompts a user whether to start an automatic driving data recording function and content of data to be recorded through a man-machine interaction interface, and the vehicle-mounted display panel receives related information and displays the related information to the user.
After the recording system is started, the following matters are required to be informed to a user:
processing the variety of personal information, including vehicle track, driving habit, audio, video, image, biological identification feature and the like;
secondly, collecting specific situations of various personal information and stopping collecting modes and approaches;
thirdly, processing the purpose, the purpose and the mode of various personal information;
(IV) personal information storage location, storage period, or rules for determining storage location, storage period;
(V) means and ways of referring to, copying, and deleting personal information thereof, and requesting deletion of personal information that has been provided outside the vehicle;
sixth, the name and contact information of the transaction contact person of the user equity;
and (seventh) other matters which should be informed by law and administrative regulations.
The recording system of the vehicle automatic driving data of the present embodiment receives external data through the communication interface. In this embodiment, the external data includes data from all sensors, controllers, and actuators of the automatic driving system, and a control command for starting a data recording function and the like input by a user through a man-machine interaction device. It is to be appreciated that sensors in an autopilot system include, but are not limited to, cameras, integrated navigation modules, lidar, millimeter wave radar, ultrasonic radar, and the like; controllers include, but are not limited to, autopilot domain master controllers, slave controllers, etc.; actuators include, but are not limited to, electric power steering control modules, electro-hydraulic brake control modules, and the like.
The communication interface of the embodiment specifically comprises a network interface, a bus interface and a man-machine interaction interface, wherein the network interface specifically is an Ethernet interface and comprises at least one port for receiving demand data such as an automatic driving main domain controller and a related domain controller; the bus interface receives node signals of an automatic driving auxiliary domain controller, a vehicle drive-by-wire system, a millimeter wave radar, a camera and the like, and the man-machine interaction interface is used for enabling a user to input control instructions on man-machine interaction equipment such as a vehicle-mounted display panel and the like to start a data recording function. Specifically, the ethernet port is connected to the autopilot main domain controller through the ethernet, the bus interface is connected to the autopilot auxiliary domain controller through the bus, the autopilot main domain controller uniformly forwards relevant vehicle positioning information sent by the positioning module, time information sent by the TBOX, actual motion state information of the vehicle sent by the braking system and the power system, driver related state information sent by the DMS and the BCM, vehicle motion state information requested by the autopilot system, sensing target related position information fused by each sensor and internal and external image video data to the recording system of the embodiment at a predetermined frequency, wherein the bus data is forwarded through the onboard network, the image and video data are forwarded through the ethernet, and if the autopilot main domain controller fails or fails, the autopilot auxiliary domain controller receives data forwarding work. The on-board network may be a CAN, CAN FD or LIN network.
The system on chip SOC has a function of executing anonymization processing on image or video data transferred by an automatic driving system in addition to starting data recording, specifically, converting sharpness into personal information below a set pixel (for example, 120 ten thousand pixels) and anonymizing the personal information, and executing local contouring processing on face information, license plate information and the like appearing in a picture by a built-in algorithm.
The security chip is used for guaranteeing tamper resistance of stored data and guaranteeing authenticity and operation non-repudiation of the data. Specifically, the security chip can realize digital signature, the private key for signature can not be read and modified, and data tamper resistance can be realized. Data encryption may be achieved by an encryption algorithm, while keys used for encryption may be exchanged by a data communication protocol. Network security is achieved by means of access instructions that do not respond to unauthorized devices, unauthorized interfaces, intrusion detection systems, mutual authentication, data encryption, etc. The data reading can realize the reading function of authorizing identity authentication through a security authentication protocol.
The present embodiment provides file managementThe system implements a zone record mechanism for autopilot data and provides specific conditions for zone records. In particular, first, the data store is provided with two separate partitions for different security events, a first data store, in particular a non-critical security event store, and a second data store, in particular a critical security event store. Secondly, after the automatic driving system is activated and the system on chip SOC starts to record the automatic driving data of the vehicle, the file management system controls the non-key safety event storage area to start continuously recording and storing all received data which are digitally signed by the safety chip, wherein the data comprise, but are not limited to, vehicle positioning information, time information, actual motion state information of the vehicle, motion state information of the vehicle requested by the automatic driving system, fused perception object related position information, anonymized internal and external image or video information and driver related state information. A cyclic overwriting of data may occur after the non-critical event partition is full. The key safety event storage area is used for storing data corresponding to the key safety event, when the triggering condition of the key safety event is met, the data corresponding to the key safety event is intercepted in the non-key safety event storage area, and the data is stored in the key safety event storage area. The key safety events are divided into locking events and non-locking events according to different triggering conditions, wherein the triggering conditions of the locking events are that the irreversible restraint device is unfolded or the vehicle speed change is not smaller than a first preset speed threshold (for example, 25 km/h) within a first preset time interval (for example, 150 ms); the triggering condition for the non-locking event is that the vehicle speed is reduced by at least a second preset speed threshold (e.g. 8 km/h) within a first preset time interval (e.g. 150 ms), or that the longitudinal deceleration requested by the autopilot system in the direction of travel of the vehicle is greater than a preset deceleration threshold (e.g. 5 m/s) 2 ). It will be appreciated that non-reversible restraint devices (non-reversible restraint) refer to restraint devices that cannot be restored to a reusable state by automatic restoration or manual adjustment, such as airbags, seat belts, and the like.
When the triggering condition of the key safety event is met, the file management system takes the time point of receiving the triggering condition signal as an event origin, intercepts data from a second preset time interval (for example, 30 s) before the event origin to a third preset time interval (for example, 5 s) after the event origin in a non-key safety event storage area, and stores the data into the key safety event storage area; when the critical security event storage area is full, the locking event can be stored to cover the non-locking event; if the locking event is stored in all the key event storage areas, the recording system can remind the user of insufficient system storage space through the man-machine interaction interface.
The embodiment also comprises a RAM, a Flash and a power interface, wherein the RAM is connected with the SOC and used for providing temporary access by matching with the SOC execution program of the SOC, and the Flash is also connected with the SOC and used for storing a platform system, an application program and related configuration information; the power interface is used for providing proper working voltage for the recording system and other modules.
In this embodiment, the recording system of the vehicle autopilot data further includes an authorized data reading interface connected to the data storage device for connecting an authorized data reading device to read the recorded data. Considering that the prior art scheme can read important data inside and outside a vehicle without identity authentication, there is a great risk of data leakage, the data reading equipment extracts data with authority setting, and adopts ISO 14229-1:2013,9.4 x27 "secure access" service performs security authentication, and the authentication flow is as follows:
(1) The client requests a "seed";
(2) The recording system of the automatic driving data of the vehicle sends a seed to the client;
(3) After the client uses the private key in Co1 to digitally sign the seed, the signature and the public key certificate are subjected to protocol generation to generate a seed secret key;
(4) The client sends a seed secret key to a recording system of the automatic driving data of the vehicle;
(5) The recording system of the vehicle automatic driving data uses Ca1 to verify the identity and authority of the client, verifies the seeds and the signature in the seed secret key, judges whether the seed secret key is valid or not, and unlocks if the seed secret key is valid.
After the security authentication is passed, the data reading device starts file data transmission (downloading or uploading) from the data reading device to the recording system of the vehicle autopilot data or from the recording system of the vehicle autopilot data to the data reading device through the authorized data reading interface using the UDS-0x38 service. In addition, the service has a function of retrieving information about the file system.
The data reading device judges the data quantity stored in the recording system of the automatic driving data of the vehicle, and if the data quantity is 0, the data reading is finished; the data reading device transmits 0x22 aaaa (DID) and the recording system of the vehicle automatic driving data replies 0x62 aaaa (DID) b (b is the event amount stored by the recording system of the vehicle automatic driving data), and if b=0, the data reading is ended.
The data reading device sequentially requests to read the data of the nth event according to the reading requirement, and extracts the whole folder. The data reading device transmits 0x31 0x01 cccc (DID): n (event sequence number of data to be read).
The data recording system moves all folders of the event data to a specified path: and sequentially requesting to read the data of the nth event according to the reading requirement, extracting the log folder of the nth event to a specified path, and replying to 0x7F 0x31 0x78 at the same time, wherein in the process of moving, replying to 0x71 0x01 cccc (DID) after the moving is finished.
The data reading device stores all the data in the folder, sends 0x37 to finish the file transmission, simultaneously sends 0x31 to perform file verification, sequentially requests to read the data of the nth event according to the reading requirement, and replies according to the requirements of ISO14229-2020 edition.
The data reading device sends a clearing instruction for clearing the data in the temporary log folder. The data reading device sends 0x38 x 0x02 deleted files, sequentially requests to read the data of the nth event according to the reading requirement, responds to the instruction and replies 0x78 x02 to complete file deletion.
It should be noted that, when the key security event storage area already stores data corresponding to the key security event, the authorized data reading device may execute the above-mentioned data reading procedure through the authorized data reading interface to read the data corresponding to the key security event. Specifically, the post-security authentication data reading apparatus starts file data transfer from the recording system of the vehicle automatic driving data to the data reading apparatus using the UDS-0x38 service: the data reading device requests to read the data corresponding to the key security event and extracts the whole folder. And the data reading equipment stores all the data in the folder and sends a specified instruction to finish the file transmission, and simultaneously sends the specified instruction to perform file verification, and the data recording system replies according to the ISO14229-2020 edition requirement. The data reading device then sends a clear instruction for clearing the data within the temporary log folder.
From the above, the above-mentioned safe and reliable data reading method can effectively avoid data leakage and loss.
Referring to fig. 2 again, a second embodiment of the present invention provides a method for recording vehicle autopilot data, which is implemented by the system for recording vehicle autopilot data according to the first embodiment of the present invention, and includes:
step S1, after an automatic driving system is electrified and activated, a system on chip SOC responds to a control instruction of a user for starting a data recording function, starts automatic driving data recording of a vehicle, and receives automatic driving data through a communication interface;
s2, the security chip digitally signs the received automatic driving data;
and step S3, the file management system stores the data subjected to digital signature by the security chip into a first data storage area of a data memory, intercepts data corresponding to the key security event in the first data storage area when the triggering condition of the key security event is monitored to be met, and stores the data into a second data storage area of the data memory.
Specifically, the recording function of the vehicle automatic driving data of the embodiment defaults to the off state, and requires the user to manually turn on. After the automatic driving system is electrified and activated, the recording system of the automatic driving data of the vehicle loads configuration information and prompts a user whether to start an automatic driving data recording function and the content of the data to be recorded through a man-machine interaction interface, and the vehicle-mounted display panel receives related information and displays the related information to the user.
When the user agrees to start the data recording function, the recording system of the vehicle automatic driving data starts to receive the automatic driving data through the communication interface. For the specific content and receiving manner of the autopilot data, reference may be made to the description of the first embodiment, and the description is omitted here.
For the image or video data included in the received autopilot data, the recording method of the present embodiment further includes an anonymizing processing step before step S2, that is, the system on chip SOC converts the sharpness into personal information below a set pixel (for example, 120 ten thousand pixels) and anonymizes the personal information therein, and performs local contouring processing on face information, license plate information, and the like appearing in the screen.
And then, the security chip of the recording system can digitally sign the data to be stored, and the authenticity and operational non-repudiation of the data are ensured by adopting a data tamper-proof strategy.
In step S3, the key security events are divided into locking events and non-locking events according to different triggering conditions, wherein the triggering conditions of the locking events are that the irreversible restraint device is unfolded or the vehicle speed change is not less than a first preset speed threshold (for example, 25 km/h) within a first preset time interval (for example, 150 ms); the triggering condition of the non-locking event is that the vehicle speed is reduced by at least a second preset speed threshold (e.g. 8 km/h) within a first preset time interval (e.g. 150 ms), or that the longitudinal deceleration requested by the autopilot system in the direction of travel of the vehicle is greater than a preset deceleration threshold (e.g. 5 m/s) 2 )。
Further, when the recording system monitors that the triggering condition of the key security event is met, the file management system takes the time point of receiving the triggering condition signal as an event origin, intercepts data from a second preset time interval before the event origin to a third preset time interval after the event origin in the first data storage area, and stores the data into the second data storage area.
Further, in the step S3, after the second data storage area is full, the locking event is stored over the unlocking event; and if the locking event is stored in the second data storage area, the recording system reminds the user of insufficient system storage space.
Further, before the step S2, the method further includes: the system-on-chip SOC performs anonymization processing on the image or video data forwarded by the automatic driving system, specifically converts definition into personal information below a set pixel through a built-in algorithm and anonymizes the personal information, and performs local contouring processing on face information and license plate information appearing in a picture.
Further, the authorized data reading device requests to read the data corresponding to the key security event through the authorized data reading interface, specifically including:
after the authorized data reading equipment passes the security authentication of the authorized data reading interface, the authorized data reading equipment requests to read the data corresponding to the key security event, and the whole folder is extracted;
and the recording system moves all folders of the data corresponding to the key security events to a specified path and replies a specified instruction for checking the file, which is sent by the data reading equipment.
The detailed flow of the authorized data reading device for reading the recorded data through the authorized data reading interface is referred to the description of the first embodiment, and will not be repeated here.
As can be seen from the above description, compared with the prior art, the invention has the following beneficial effects: the recording system and the method for the automatic driving data of the vehicle not only provide a partition storage mechanism for the automatic driving data, but also further provide specific partition recording logic and triggering conditions, realize the partition storage of the data of key safety events, such as specific accident data, are convenient for the automatic driving accident to call and use at fixed time, greatly improve the fixed responsibility efficiency of the automatic driving accident and have higher practicability; meanwhile, by adding an anonymization processing mechanism and a security chip, the requirements of current information security laws and regulations can be met, the tampering and loss of data are effectively avoided, and the authenticity and the effectiveness of the data are realized.
The foregoing disclosure is illustrative of the present invention and is not to be construed as limiting the scope of the invention, which is defined by the appended claims.

Claims (12)

1. A recording system of vehicle automatic driving data, characterized by comprising:
the system-on-chip SOC is used for responding to a control instruction of a user for starting a data recording function after the automatic driving system is electrified and activated, and starting automatic driving data recording of the vehicle;
the communication interface is in communication connection with the system on chip SOC and is used for receiving automatic driving data and a control instruction of a user for starting a data recording function;
the safety chip is in communication connection with the System On Chip (SOC) and is used for carrying out digital signature on the automatic driving data;
a data memory having a first data storage area and a second data storage area;
and the file management system is respectively connected with the security chip and the data storage in a communication way, and is used for storing the data subjected to digital signature by the security chip into the first data storage area, intercepting the data corresponding to the key security event in the first data storage area when the recording system monitors that the triggering condition of the key security event is met, and storing the data into the second data storage area.
2. The recording system according to claim 1, wherein the critical security events are classified into a locked event and an unlocked event according to a difference in a triggering condition, the triggering condition of the locked event being that the irreversible restraining means is deployed or that a vehicle speed change is not less than a first preset speed threshold value within a first preset time interval; the triggering condition of the non-locking event is that the vehicle speed is reduced by at least a second preset speed threshold value in a first preset time interval, or the longitudinal deceleration requested by the automatic driving system in the vehicle running direction is larger than a preset deceleration threshold value.
3. The recording system according to claim 2, wherein the file management system is specifically configured to, when the recording system monitors that a triggering condition of a critical security event is met: taking the time point of receiving the trigger condition signal as an event origin, intercepting data from a second preset time interval before the event origin to a third preset time interval after the event origin in the first data storage area, and storing the data into the second data storage area;
when the second data storage area is full, the locking event covers the non-locking event to be stored; and if the locking event is stored in the second data storage area, the recording system reminds the user of insufficient system storage space.
4. The recording system according to claim 1, wherein the communication interface specifically comprises a network interface, a bus interface and a man-machine interaction interface, the network interface specifically being an ethernet interface and comprising at least one port for receiving demand data of an autopilot main domain controller and a related domain controller; the bus interface receives signals of the automatic driving auxiliary domain controller, the vehicle drive-by-wire system, the millimeter wave radar and the camera, and the man-machine interaction interface is used for enabling a user to input a control instruction on the vehicle-mounted man-machine interaction device to start a data recording function.
5. The recording system according to claim 4, wherein the ethernet port is connected to the autopilot main domain controller through ethernet, the bus interface is connected to the autopilot auxiliary domain controller through bus, the autopilot main domain controller uniformly forwards the relevant vehicle positioning information sent by the positioning module, the time information sent by the TBOX, the actual motion state information of the vehicle sent by the braking system and the power system, the driver related state information sent by the DMS and the BCM, the vehicle motion state information requested by the autopilot system, the sensing target related position information fused by each sensor, and the internal and external image video data to the recording system at a predetermined frequency, wherein the bus data is forwarded through the onboard network, and the image and video data are forwarded through ethernet.
6. The recording system according to claim 1, wherein the system on chip SOC is further configured to perform anonymization processing on the image or video data forwarded by the autopilot system, specifically, converting the sharpness into personal information below a set pixel by a built-in algorithm and anonymizing the personal information, and performing local contouring processing on face information and license plate information appearing in the picture.
7. The recording system of claim 1, further comprising an authorized data reading interface coupled to the data storage for connecting an authorized data reading device to read the recorded data;
and when the authorized data reading equipment requests to read the data corresponding to the key security event through the authorized data reading interface and extracts the whole folder, the recording system is used for moving all folders of the data corresponding to the key security event to the designated path and replying a specified instruction for checking the file, which is sent by the authorized data reading equipment.
8. A recording method of vehicle automatic driving data, implemented by the recording system of vehicle automatic driving data according to any one of claims 1 to 7, the recording method comprising:
step S1, after an automatic driving system is electrified and activated, a system on chip SOC responds to a control instruction of a user for starting a data recording function, starts automatic driving data recording of a vehicle, and receives automatic driving data through a communication interface;
s2, the security chip digitally signs the received automatic driving data;
and step S3, the file management system stores the data subjected to digital signature by the security chip into a first data storage area of a data memory, intercepts data corresponding to the key security event in the first data storage area when the triggering condition of the key security event is monitored to be met, and stores the data into a second data storage area of the data memory.
9. The recording method according to claim 8, wherein the key safety event is classified into a locking event and an unlocking event according to a difference in trigger condition, the trigger condition of the locking event is that the irreversible restraining means is deployed or a vehicle speed change is not less than a first preset speed threshold value in a first preset time interval; the triggering condition of the non-locking event is that the vehicle speed is reduced by at least a second preset speed threshold value in a first preset time interval, or the longitudinal deceleration requested by the automatic driving system in the vehicle running direction is larger than a preset deceleration threshold value.
10. The recording method according to claim 9, wherein when the recording system monitors that the triggering condition of the key security event is satisfied, the file management system takes a time point when the triggering condition signal is received as an event origin, intercepts data from a second preset time interval before the event origin to a third preset time interval after the event origin in the first data storage area, and stores the data in the second data storage area;
when the second data storage area is full, the locking event covers the non-locking event to be stored; and if the locking event is stored in the second data storage area, the recording system reminds the user of insufficient system storage space.
11. The recording method according to claim 8, wherein the step S2 is preceded by the further step of: the system-on-chip SOC performs anonymization processing on the image or video data forwarded by the automatic driving system, specifically converts definition into personal information below a set pixel through a built-in algorithm and anonymizes the personal information, and performs local contouring processing on face information and license plate information appearing in a picture.
12. The recording method according to claim 8, wherein an authorized data reading device requests reading of data corresponding to the critical security event through the authorized data reading interface, comprising in particular:
after the authorized data reading equipment passes the security authentication of the authorized data reading interface, the authorized data reading equipment requests to read the data corresponding to the key security event, and the whole folder is extracted;
and the recording system moves all folders of the data corresponding to the key security events to a specified path and replies a specified instruction for checking the file, which is sent by the data reading equipment.
CN202111383173.2A 2021-11-22 2021-11-22 Recording system and method for automatic driving data of vehicle Pending CN116152947A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111383173.2A CN116152947A (en) 2021-11-22 2021-11-22 Recording system and method for automatic driving data of vehicle

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111383173.2A CN116152947A (en) 2021-11-22 2021-11-22 Recording system and method for automatic driving data of vehicle

Publications (1)

Publication Number Publication Date
CN116152947A true CN116152947A (en) 2023-05-23

Family

ID=86354873

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111383173.2A Pending CN116152947A (en) 2021-11-22 2021-11-22 Recording system and method for automatic driving data of vehicle

Country Status (1)

Country Link
CN (1) CN116152947A (en)

Similar Documents

Publication Publication Date Title
EP2195790B1 (en) System comprising a tachograph and a toll onboard unit as data communication partners
EP2507676B1 (en) Docking terminal and system for controlling vehicle functions
WO2014187246A1 (en) Internet of things automotive intelligent control panel and internet of things automotive intelligent management system
CN109644153A (en) The computing system especially programmed and its application method with the relevant device for being configured as realizing safety locking
US10275366B2 (en) Protect information stored in ECU from unintentional writing and overwriting
Nilsson et al. Conducting forensic investigations of cyber attacks on automobile in-vehicle networks
DE112017006948T5 (en) VEHICLE COMMUNICATION MONITORING DEVICE, VEHICLE COMMUNICATION MONITORING PROCEDURE AND VEHICLE COMMUNICATION MONITORING PROGRAM
DE102020122757A1 (en) SYSTEMS AND PROCEDURES FOR RIDE OPPORTUNITIES USING BLOCKCHAIN
DE102019132266A1 (en) Vehicle unlocking device and vehicle equipped therewith, unlocking system and recording medium on which a program is stored
US20080278282A1 (en) Motor Vehicle Control Device Data Transfer System And Process
US20120162432A1 (en) Method for capturing images of vehicles
CN111224774B (en) Authentication method and system for using rented vehicle and third-party platform
DE102018101479A1 (en) CONTROL INTERFACE FOR AN AUTONOMOUS VEHICLE
US9165131B1 (en) Vehicle connector lockout for in-vehicle diagnostic link connector (DLC) interface port
CN115688174A (en) Privacy protection method and device for vehicle data, vehicle and storage medium
EP2816533A1 (en) Method for the safe operation of applications near to vehicles
CN116152947A (en) Recording system and method for automatic driving data of vehicle
US20200218729A1 (en) Method for Collecting and Managing Event Data of a Vehicle
US11968312B2 (en) Apparatus and method for cloud-based vehicle data security management
Morano et al. A blockchain technology for protection and probative value preservation of vehicle driver data
Lee et al. Practical Data Acquisition and Analysis Method for Automobile Event Data Recorders Forensics.
EP3858807A1 (en) Method and system for managing vehicle generated data
CN111222113B (en) Authentication method, system and authentication platform for using rented vehicles
JP2022035760A (en) Data processing method, edge device, and data processing system
RU2422305C1 (en) Information protection device for vehicle equipment monitoring and diagnostics system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination