CN117614711A - Train safety communication method and device - Google Patents

Train safety communication method and device Download PDF

Info

Publication number
CN117614711A
CN117614711A CN202311619250.9A CN202311619250A CN117614711A CN 117614711 A CN117614711 A CN 117614711A CN 202311619250 A CN202311619250 A CN 202311619250A CN 117614711 A CN117614711 A CN 117614711A
Authority
CN
China
Prior art keywords
message data
master clock
data
global master
target message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311619250.9A
Other languages
Chinese (zh)
Inventor
李申龙
马可
朱广超
闫迷军
李小勇
乔恩
曹思源
张岩
安泊晨
杨伟君
赵红卫
高枫
张顺广
李洋涛
郑斌
侯峰
孙振超
蔡逸飞
张波
曹宏发
潘全章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Academy of Railway Sciences Corp Ltd CARS
China State Railway Group Co Ltd
Locomotive and Car Research Institute of CARS
Beijing Zongheng Electromechanical Technology Co Ltd
Tieke Aspect Tianjin Technology Development Co Ltd
Original Assignee
China Academy of Railway Sciences Corp Ltd CARS
China State Railway Group Co Ltd
Locomotive and Car Research Institute of CARS
Beijing Zongheng Electromechanical Technology Co Ltd
Tieke Aspect Tianjin Technology Development Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Academy of Railway Sciences Corp Ltd CARS, China State Railway Group Co Ltd, Locomotive and Car Research Institute of CARS, Beijing Zongheng Electromechanical Technology Co Ltd, Tieke Aspect Tianjin Technology Development Co Ltd filed Critical China Academy of Railway Sciences Corp Ltd CARS
Priority to CN202311619250.9A priority Critical patent/CN117614711A/en
Publication of CN117614711A publication Critical patent/CN117614711A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04JMULTIPLEX COMMUNICATION
    • H04J3/00Time-division multiplex systems
    • H04J3/02Details
    • H04J3/06Synchronising arrangements
    • H04J3/0635Clock or time synchronisation in a network
    • H04J3/0638Clock or time synchronisation among nodes; Internode synchronisation
    • H04J3/0658Clock or time synchronisation among packet nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Synchronisation In Digital Transmission Systems (AREA)

Abstract

The specification provides a train safety communication method and device, and relates to the technical field of train communication. The method is applied to a sender and comprises the following steps: acquiring identification information of a global master clock and release time of the global master clock; adding the identification information and the release time to message data to be transmitted; encrypting the message data to obtain target message data; and sending the target message data to a receiver. Based on the method, the problem of packet capturing and copying by an attacker can be effectively solved, so that a receiving party can receive safe and reliable data.

Description

Train safety communication method and device
Technical Field
The present disclosure relates to the field of train communications technologies, and in particular, to a method and an apparatus for train secure communications.
Background
Along with the rapid development of rail transit, more and more Train networks adopt the Train Real-time data protocol (TRDP) of the Ethernet to communicate, and the information transmission capability can be improved when the communication is performed based on the Ethernet Train Real-time data protocol, but the defects of reliability, instantaneity and the like exist.
Prior art to solve the above problems, a secure data transfer protocol (Safe Data Transmission version, SDTv 2) is generally adopted to improve the safety and reliability of train communication. However, the following problems remain unsolved after using the SDTv2 protocol: 1. when the message data is transmitted in a plaintext mode, even if a counterfeiter or an attacker does not know the secret key, the content and the meaning of the message can be known; 2. even if counterfeiters or aggressors do not know the specific meaning of the message data, the counterfeiters or aggressors can use the packet grabbing and copying tool to repeatedly send the grabbed message data, and after receiving the message, the receiver does not consider that the message has a problem, and the receiver has a certain influence, namely the problem of packet grabbing and copying cannot be solved, so that the receiver cannot receive safe and reliable message data, and the safety of train communication is low and the reliability is poor.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The specification provides a method and a device to solve the problem that the prior art cannot solve the problem that an attacker cannot grasp packet replication and a receiver cannot receive safe and reliable data.
In a first aspect, an embodiment of the present disclosure provides a train safety communication method, applied to a sender, including:
Acquiring identification information of a global master clock and release time of the global master clock;
adding the identification information and the release time to message data to be transmitted;
encrypting the message data to obtain target message data;
and sending the target message data to a receiver.
In one embodiment, the encrypting the message data includes:
encrypting the message data to be transmitted to obtain first encrypted data;
after decrypting the first encrypted data, performing secondary encryption on the decrypted data to obtain target message data.
In a second aspect, embodiments of the present disclosure provide a train safety communication method, applied to a receiving party, including:
receiving target message data; the target message data comprise identification information of a global master clock and release time of the global master clock;
acquiring a target key, and decrypting the target message data based on the target key;
comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule;
if yes, determining that the target message data is the trusted message data.
In one embodiment, the target message data further includes a secure data transmission protocol, and correspondingly, the method further includes:
acquiring a source identifier, and checking a secure data transmission protocol in the decrypted target message data based on the source identifier;
if the verification is passed, the identification information and the release time in the target message data are obtained, and whether the identification information and the release time accord with a preset rule or not is compared.
In one embodiment, the preset rule includes:
comparing the identification information of the global master clock with the identification information of the global master clock acquired in advance;
and carrying out difference solving processing on the release time of the global master clock and the broadcasting time of the global master clock acquired in advance.
In one embodiment, the determining that the target message data is trusted message data includes:
and under the condition that the result of the difference processing is smaller than a preset time threshold and the comparison result is consistent, determining that the target message data is credible message data.
In a third aspect, embodiments of the present disclosure provide a train safety communication device applied to a sender, including:
The acquisition module is used for acquiring the identification information of the global master clock and the release time of the global master clock;
the adding module is used for adding the identification information and the release time to message data to be transmitted;
the encryption module is used for carrying out encryption processing on the message data to obtain target message data;
and the sending module is used for sending the target message data to a receiver.
In a fourth aspect, embodiments of the present disclosure provide a train safety communication device, applied to a receiving party, including:
the receiving module is used for receiving the target message data; the target message data comprise identification information of a global master clock and release time of the global master clock;
the decryption module is used for obtaining a secret key and decrypting the target message data based on the secret key;
the comparison module is used for comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule or not;
and the trusted data acquisition module is used for determining that the target message data is trusted message data if the target message data is the trusted message data.
In a fifth aspect, embodiments of the present disclosure further provide a computer device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements the method for train safety communication described above when the processor executes the computer program.
In a sixth aspect, the present description embodiment also provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the train safety communication method described above.
The method is used for transmitting a train safety communication, and firstly, identification information of a global master clock and release time of the global master clock are obtained. And secondly, adding the identification information and the release time into message data to be transmitted. And then, carrying out encryption processing on the message data to obtain target message data. And finally, the target message data is sent to a receiver. In the embodiment of the specification, the identification information of the global master clock and the release time of the global master clock are added into the message data, then the complete message data is encrypted, and then the encrypted message data is sent to the receiving party, so that the data leakage can be avoided, and the problems of copying and sending the message data and playing the data by a counterfeiter or an attacker can be effectively solved.
The method is applied to the safety communication of the train of the receiver, and comprises the steps of firstly, receiving target message data; the target message data comprises identification information of the global master clock and release time of the global master clock. And secondly, acquiring a target key, and decrypting the target message data based on the target key. And then, comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule. And finally, if the identification information of the global master clock in the target message data and the release time of the global master clock accord with preset rules, determining that the target message data is credible message data. In the embodiment of the specification, the target message data is decrypted, and then whether the identification information of the global master clock in the target message data and the release time of the global master clock accord with the preset rule is compared, so that the receiving party can timely and effectively obtain safe and reliable message data.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure, the drawings that are required for the embodiments will be briefly described below, and the drawings described below are only some embodiments described in the present disclosure, and other drawings may be obtained according to these drawings without inventive effort for a person of ordinary skill in the art.
Fig. 1 is a schematic diagram of message data in TRDP protocol format according to an embodiment of the present disclosure;
fig. 2 is a schematic diagram of packet data encapsulated by a secure data transmission protocol according to an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of a train safety communication system provided by an embodiment of the present disclosure;
fig. 4 is a schematic flow chart of a method for train safety communication applied to a sender according to an embodiment of the present disclosure;
fig. 5 is a schematic diagram of a location of writing a full network master clock ID (6 bytes) and a current timestamp (10 bytes) into TRDP message data according to an embodiment of the present disclosure;
fig. 6 is a schematic flow chart of a train safety communication method applied to a receiving party according to an embodiment of the present disclosure;
fig. 7 is a schematic diagram of an interaction flow of a sender and a receiver in a train communication network according to an embodiment of the present disclosure;
Fig. 8 is a schematic structural diagram of a train safety communication device applied to a sender provided in the embodiment of the present specification;
fig. 9 is a schematic structural diagram of a train safety communication device applied to a receiving side provided in the embodiment of the present specification;
fig. 10 is a schematic structural composition of an electronic device provided in one embodiment of the present specification.
Detailed Description
In order to make the technical solutions in the present specification better understood by those skilled in the art, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are intended to be within the scope of the present disclosure.
Along with the rapid development of rail transit, more and more Train networks adopt the Train Real-time data protocol (TRDP) of the Ethernet to communicate, and the information transmission capability can be improved when the communication is performed based on the Ethernet Train Real-time data protocol, but the defects of reliability, instantaneity and the like exist. The message data in TRDP protocol format may be as shown in fig. 1, where sequence counter is: a sequence number counter; the protocol version is: protocol version; msgType is: a communication mode; comId is: a communication port number; etbTopoCnt is: a train static topology sequence; the opTrnTopoCnt is: a train operation topology sequence; the DatasetLength is: applying a data length; reserved is: reserving a field; replyComId is: responding to the data communication port identification; replyiddress is: a reply data communication address; headerFCS is: a header checksum; the Dataset is: application data.
In order to solve the above-mentioned problems, a secure data transmission protocol (Safe Data Transmission version, SDTv 2) is generally adopted to improve the security and reliability of train communication, wherein the secure data transmission protocol is mainly applicable to train ethernet communication and also applicable to MVB (multifunctional vehicle bus (Multifunction Vehicle Bus, MVB)) communication. SDTv2 provides a secure communication path between a security related (critical) data source (SDSRC) and one or more security related data sink (SDSINK). The packet data encapsulated by the secure data transmission protocol may be as shown in fig. 2, where the VitalProcessData is: user-defined data sets carrying both secure and non-secure process data; reserved01 is: reserving, and setting 0; reserved02 is: reserving, and setting 0; userDataVersion is: important process data versions; the safesequocount is: a Secure Sequence Counter (SSC); safetyCode is: the seed value is calculated from the most significant byte of VitalprocessData up to the VDP part of SafeSequoCount: SID.
However, the following problems are still not solved by the data encrypted using the SDTv2 protocol:
1. the message data is transmitted in a plaintext manner. The receiving side checks whether the message is credible or not through the data message content, the security code and the secret key stored by itself, but because the message data adopts plaintext transmission, even if counterfeiters or attackers do not know the secret key, the receiving side can also know the message content and the meaning.
2. Even if counterfeiters or aggressors do not know the specific meaning of the message, the counterfeiters or aggressors can use the packet grabbing and copying tool to repeatedly send the grabbed message, and after receiving the message, the receiving party does not consider that the message has a problem, and the receiving party has a certain influence, namely the problem of packet copying cannot be solved.
Symmetric encryption, also known as key encryption, is an encryption method in which both transmitted data and received data are encrypted and decrypted with the same or symmetric key. The method has the advantages of open algorithm, small calculated amount, high encryption speed and high encryption efficiency. The symmetric encryption algorithm has multiple kinds and high security, and can solve the problem 1, and encrypt the message data, so that under the condition that a counterfeiter or an attacker does not know the key, even if the message data is obtained, the specific content and meaning of the message data are not known. However, the problem 2 cannot be solved, a counterfeiter or an attacker grabs the message data on the network, and the message is repeatedly sent to the network in a packet grabbing and copying mode, so that the judgment of a receiver on the data is directly affected, and the receiver cannot receive the trusted message data.
Aiming at the problems and the specific reasons for generating the problems in the prior art, the specification introduces a train safety communication method and a train safety communication device to solve the problem that a counterfeiter or an attacker cannot receive safe and reliable message data through a packet capturing copy mode.
Fig. 3 is a schematic diagram of a train safety communication system provided in an embodiment of the present disclosure, and as can be seen from fig. 3, the train safety communication system may include a sender and a receiver, where both the sender and the receiver may be terminal devices in a train communication network, and the terminal devices may include a train real-time data protocol (TRDP protocol), where the TRDP protocol is a train real-time transmission protocol, and may be located between an application layer and a transmission layer, and the transmission layer may use a TCP/UDP protocol (transmission protocol). The sender and the receiver can pre-define the secret key, the SID (source identifier) and the network master clock in advance, so that after receiving the message data in the TRDP protocol format sent by the sender, the subsequent receiver can timely and effectively verify the message data, thereby obtaining safe and reliable data, and regarding the interaction between the sender and the receiver (the specific process that the sender sends the target message data to the receiver and the receiver receives the target message data sent by the sender), the following description will be omitted herein.
Fig. 4 is a schematic flow chart of a method for train safety communication applied to a sender according to an embodiment of the present disclosure. Although the description provides methods and apparatus structures as shown in the examples or figures described below, more or fewer steps or modular units may be included in the methods or apparatus, whether conventionally or without inventive effort. In the steps or the structures where there is no necessary causal relationship logically, the execution order of the steps or the module structure of the apparatus is not limited to the execution order or the module structure shown in the embodiments or the drawings of the present specification. The described methods or module structures may be implemented in a device, server or end product in practice, in a sequential or parallel fashion (e.g., parallel processor or multi-threaded processing environments, or even distributed processing, server cluster implementations) as shown in the embodiments or figures.
As shown in fig. 4, the method may be applied to a sender, and the method may include the steps of:
s401: acquiring identification information of a global master clock and release time of the global master clock;
s402: and adding the identification information and the release time to message data to be transmitted.
In some embodiments, to improve the security and reliability of train communications, time sensitive network (Time Sensitive Network, TSN) techniques may be used to optimize train security communications encryption algorithms. The TSN is a network capable of ensuring the service quality of a delay sensitive flow, and realizing low delay, low jitter and zero packet loss rate. The TSN is a protocol cluster formed by a series of protocol standards, each protocol realizes different functions, the TSN mainly works in a data link layer, and deterministic or bounded end-to-end time delay is provided for data transmission by means of measures such as accurate clock synchronization, bandwidth reservation, traffic shaping, frame preemption, gate control mechanism, cyclic queue forwarding, stream-by-stream filtering, seamless redundancy and the like, so that the real-time performance of the Ethernet is enhanced. Such as: IEEE 802.1AS: the accurate clock synchronization protocol (general Precision Time Protocol, gPTP) provides that the time and frequency of all nodes in the train communication network can be adjusted by periodic message interactions, and can achieve nanosecond time synchronization accuracy. The whole train communication network can comprise a master clock, and other terminal devices need to be clocked with the master clock. Thus, under a time sensitive network, the entire train communication network has a uniform clock reference.
In some embodiments, after the whole train communication network operates stably, a core device in the train communication network (the core device belongs to neither a sender nor a receiver) can elect a global master clock (or a whole network master clock), and the global master clock can be given time to all terminal devices (which can include the sender and the receiver) in the train communication network, and the sender and the receiver can receive the time sent by the global master clock every second and keep time synchronization with the time, so that the synchronization precision reaches 1us.
The global master clock may have identification information (e.g., ID of the global master clock, the identification information may be a unique code or a unique number of the global master clock, which is not specifically limited in this specification) and a release time (the release time may also be referred to as a current timestamp, and refers to the latest time sent by the global master clock currently received by the sender), and all terminal devices in the train network may acquire the ID of the global master clock.
In some embodiments, the sender may first determine the transmission data that needs to be transmitted to the receiver and then generate the message data to be transmitted in accordance with the format of the TRDP protocol. Then the identification information of the global master clock and the release time of the global master clock can be added at the end of the message data to be transmitted (or the ID (6 bytes) of the whole network master clock and the current timestamp (10 bytes) of the current whole network are written into TRDP message data), and then the end of the message is generated according to the agreed SID and SDTv2 protocol rules. The full network master clock ID (6 Bytes) and the current Timestamp (10 Bytes) of the current whole network may be written into TRDP message data, as shown in fig. 5, the grandmaster ID in fig. 5 may represent the global master clock ID, the grandmaster ID may be written into TRDP message data in a manner of High 4Bytes and Low 2Bytes, the Timestamp in fig. 5 may represent the current Timestamp of the current whole network, the Timestamp (10 Bytes) may be written into TRDP message data in a manner of High 2Bytes, midmaster 4Bytes and Low4Bytes (Low four Bytes), the videoprocessdata in fig. 5 may be a user-defined data set carrying safe and non-safe process data, the Timestamp in fig. 5 may represent the current Timestamp of the current whole network, and the Timestamp in fig. 5 may be written into TRDP message data in a manner of High 2Bytes, midmaster 4Bytes and Low four Bytes, the videoprocessdata may be a user-defined data set carrying safe and non-safe process data, and the data may be a data set in a state that the data set may be stored as a data set from a data set to a data set of a state that the full-state is 0, and a data set may be stored as a data set from a data set to a full-state counter, and a data set may be stored from a data set from a full-set to a data set to a sequence to a full-set.
By adding the identification information of the global master clock and the release time of the global master clock at the end of the message data, the problem that an attacker or counterfeiter repeatedly grabs the message data sent by the sender through a grabbing and copying tool, so that a receiver cannot obtain the trusted message data can be effectively solved.
S403: encrypting the message data to obtain target message data;
s404: and sending the target message data to a receiver.
In some embodiments, the encrypting the message data may include:
s1: encrypting the message data to be transmitted to obtain first encrypted data;
s2: after decrypting the first encrypted data, performing secondary encryption on the decrypted data to obtain target message data.
In some embodiments, after the identification information of the global master clock and the release time of the global master clock are added to the end of the message data to be transmitted, the complete message data (i.e., the message data added with the identification information of the global master clock and the release time of the global master clock) may be encrypted, where the encryption process is as follows: the keys 1, 2 and 3 can be obtained, and the processes of encrypting, decrypting and re-encrypting the complete message data are respectively realized, so that the effect of encrypting the message data is improved, the complete ciphertext data (namely the target message data) can be obtained after encryption, and the complete ciphertext data can be sent to a receiver after the complete ciphertext data is obtained. By encrypting and transmitting the complete message data added with the identification information and the release time, on one hand, the problem of data leakage caused by TRDP plaintext data transmission can be solved, the attacker can be effectively prevented from acquiring the content in the message data, and on the other hand, the attacker can be prevented from copying the transmitted message data by using a packet grabbing copying tool, so that the problem of obtaining the trusted message data by a receiver is influenced.
In some embodiments, symmetric encryption algorithms such as: the AES algorithm or the like encrypts the complete message data after adding the identification information and the release time, and may also use an asymmetric encryption algorithm such as: the RSA algorithm and the DSA algorithm encrypt the complete message data added with the identification information and the release time. Of course, the encryption manner is not limited to the above examples, and other modifications are possible by those skilled in the art in light of the technical spirit of the embodiments of the present disclosure, but all the functions and effects achieved are included in the protection scope of the embodiments of the present disclosure as long as they are the same as or similar to the embodiments of the present disclosure.
In some embodiments, the target message data is encrypted complete message data, where the tail of the target message data may include the release time of the global master clock and the identification information of the global master clock. The target message data may further include a secure data transmission protocol, where the secure data transmission protocol may implement primary encryption of the complete message data (the message data after the identification information of the global master clock and the release time of the global master clock are added), and after implementing primary encryption of the complete message data based on the secure data transmission protocol, the primary encrypted message data may be re-encrypted based on an encryption algorithm.
By applying the encryption algorithm in the TRDP protocol, the transmission process is ciphertext transmission, so that the problem of TRDP plaintext data transmission can be solved, and data leakage is avoided. The sender fills the current time stamp and the global master clock ID in the end of the TRDP data packet, and the receiver can judge whether the data is credible or not by verifying the current time stamp and the global master clock ID, so that the problem of copying the sent message and the data playback by a counterfeiter or an attacker can be effectively solved.
Fig. 6 is a schematic flow chart of a method for train safety communication applied to a receiving party according to an embodiment of the present disclosure, which may include the following steps:
s601: receiving target message data; the target message data comprises identification information of the global master clock and release time of the global master clock.
In some embodiments, the target message data is encrypted complete message data received by the receiving party, where the complete message data is the message data added with the identification information of the global master clock and the release time of the global master clock. The target message data may further include a secure data transmission protocol (SDTv 2 protocol), where the secure data transmission protocol may correspond to an active identifier (SID), and the source indicator may verify the secure data transmission protocol to determine whether the message data received by the receiving party is trusted message data.
In some embodiments, the receiver may receive the target message data sent by the sender through a traffic scheduling mechanism in TSN technology, and by using the traffic scheduling mechanism, it may be ensured that the target message data can be timely transmitted from the sender to the receiver, where the data transmission time is less than 1ms.
S602: and obtaining a target key, and decrypting the target message data based on the target key.
In some embodiments, the target key may be a key corresponding to an encryption algorithm, the receiving party and the sending party may set the key in advance, and then the receiving party may decrypt the target message data by using the target key after receiving the target message data, thereby improving the decryption efficiency of the message data.
S603: comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule;
s604: if yes, determining that the target message data is the trusted message data.
In some embodiments, after decrypting the target message data, when implementing the method, the method may further include:
acquiring a source identifier, and checking a secure data transmission protocol in the decrypted target message data based on the source identifier;
If the verification is passed, the identification information and the release time in the target message data are obtained, and whether the identification information and the release time accord with a preset rule or not is compared.
In some embodiments, the preset rule may include, when implemented:
comparing the identification information of the global master clock with the identification information of the global master clock acquired in advance;
and carrying out difference solving processing on the release time of the global master clock and the broadcasting time of the global master clock acquired in advance.
In some embodiments, the release time of the global master clock may be the latest time sent by the global master clock currently received by the sender. The broadcast time of the pre-acquired master clock may be the latest time sent by the global master clock acquired in advance by the receiving party. The sender may add the obtained delivery time to the message data, encrypt the message data, and then transmit the encrypted message data to the receiver. After receiving the target message data, the receiver can decrypt the target message data, acquire the release time of the global master clock in the decrypted message data, perform the difference processing with the broadcast time of the global master clock acquired by the receiver, and further use the result after the difference processing as one of the judging standards for judging whether the target message data is the trusted message data.
In some embodiments, the determining that the target message data is trusted message data may include:
and under the condition that the result of the difference processing is smaller than a preset time threshold and the comparison result is consistent, determining that the target message data is credible message data.
In some embodiments, after decrypting the target message data, the source identifier may be first obtained to check whether the secure data transmission protocol in the target message data is SDTv2 rule, if the secure data transmission protocol does not conform to SDTv2 rule, it may be determined that the target message data is unreliable, if the secure data transmission protocol does not conform to SDTv2 rule, it may be determined that the global master clock identification information is inconsistent with the master clock identification information obtained in advance by the receiver, if the result of the comparison is inconsistent, that is, the global master clock identification information is not identical with the master clock identification information obtained by the receiver, it may be determined that the target message data is unreliable, or it may be determined that the issue time of the global master clock is differenced from the broadcast time of the global master clock obtained by the receiver, and if the result of the differenced process is greater than a preset time threshold, it may be determined that the target message data is unreliable. If the identification information of the global master clock is identical to the identification information of the global master clock obtained in advance by the receiver, that is, the identification information of the global master clock is identical to the identification information of the global master clock obtained by the receiver, and the result of the difference processing between the release time of the global master clock and the broadcast time of the global master clock obtained by the receiver is smaller than a preset time threshold, the target message data can be determined to be the trusted message data. It should be noted that if the target message data is not trusted, the target message data may be discarded and then the trusted message data may be obtained again.
The receiving party judges whether the target message data is the trusted message data or not by verifying the current timestamp and the global master clock ID, so that the problem that a counterfeiter or an attacker copies the sent message and plays back the data can be solved, and the receiving party can receive the safe and trusted message data.
The above method is described below in connection with a specific embodiment, however, it should be noted that this specific embodiment is only for better illustrating the present application and is not meant to be a undue limitation on the present application.
Before implementation, all terminal devices in a train communication network are determined first, and then one of two terminal devices with an interactive relationship (interaction between the two is realized by transmitting message data) can be taken as a sender, and the other one can be taken as a receiver. Before the transmission of the secure communication message, the sender and the receiver need to define the SID and the communication key in advance. After the whole train communication network operates stably, the global master clock can be elected, and the sender and the receiver can acquire the ID of the global master clock and the release time of the global master clock.
In the implementation, the sender determines the message data to be transmitted (the message data is a message in a TRDP protocol format), then adds the acquired ID of the global master clock and the release time of the global master clock to the end of the message data to form complete message data, and then adds a secure data transmission protocol to realize primary encryption of the complete message data. Finally, the sender encrypts the primary encrypted complete message data again by using an encryption algorithm to finally obtain ciphertext data, and the ciphertext data is sent to the receiver through a flow scheduling mechanism (the data transmission time is less than 1 ms).
After receiving the target message data, the receiver firstly decrypts the target message data by using the agreed key, then uses the source identifier to verify the secure data transmission protocol in the decrypted target message data, then obtains the release time of the global master clock in the decrypted target message data, performs difference processing on the broadcast time of the global master clock obtained by the receiver and the release time of the global master clock in the decrypted target message data, compares the ID of the global master clock in the decrypted target message data with the ID of the global master clock obtained by the receiver, and can determine that the target message data is the trusted message data if the difference processing result is smaller than the preset time threshold and the comparison result of the IDs is consistent.
If the secure data transmission protocol is not in accordance with the secure data transmission protocol rule after verification, the target message data can be determined to be the unreliable message data, and can be discarded. If the difference processing result is larger than the preset time threshold or the comparison result of the IDs is inconsistent, the target message data can be determined to be the unreliable message data, and discarding can be performed.
The following technical effects can be achieved by the method:
1. the sender fills the current timestamp and the global master clock ID in the end of the message data in the TRDP protocol format, and the receiver can judge whether the data is credible or not by verifying the current timestamp and the global master clock ID. The problem of counterfeiters copying the transmitted message and playing back the data can be solved.
2. The encryption algorithm is applied to the TRDP protocol, the transmission process is ciphertext transmission, the problem of TRDP plaintext data transmission is solved, and data leakage is avoided.
And 3, a time synchronization mechanism in the TSN technology can ensure that all terminal devices of the whole vehicle have a unified master clock. The master clock can time service all the devices, and the error between the time stamps of all the terminal devices of the whole vehicle and the master clock is not more than 1us.
The traffic scheduling mechanism in the tsn technology can ensure that the target data can be timely transmitted from the sender to the receiver, and the data transmission time is less than 1ms.
In a specific example scenario, reference may be made to fig. 7, where fig. 7 shows a schematic diagram of the interaction flow between a sender and a receiver in a train communication network. Specific:
before the message transmission, the sender and the receiver need to pre-define the SID and the communication key in advance. After the whole train communication network operates stably, a global master clock can be selected, the global master clock is used for time service of all devices of the network, the error between the time stamps of all the devices and the global master clock is not more than 1us, and all the terminal devices can acquire the ID of the global master clock. The sender firstly generates TRDP plaintext data according to the TRDP protocol format from the data needing to be transmitted. The current timestamp (issue time) of the global master clock and the global master clock ID are obtained, and added at the end of TRDP plaintext data. And generating the message end according to the pre-agreed SID and SDTv2 protocol rules. And encrypting the data by using an encryption algorithm, and transmitting the encrypted ciphertext to a train communication network. The traffic scheduling mechanism in the TSN technology can ensure that message data is transmitted from a sender to a receiver in time, and the data transmission time is less than 1ms.
After receiving the ciphertext, the receiving party decrypts the received ciphertext through a decryption algorithm matched with the encryption algorithm, the decrypted ciphertext firstly verifies the data packet through the SID, and if the decrypted ciphertext does not accord with the SDTv2 rule, the data is considered to be unreliable and discarded. If the verification is passed, the global master clock ID and the current timestamp in the decrypted message data are obtained, the current timestamp of the global master clock in the decrypted message data is compared with the broadcast time of the global master clock obtained by the sender and the receiver, the global master clock ID in the decrypted message data is compared with the global master clock ID obtained by the receiver, if the global master clock IDs are different, and if the difference between the current timestamp in the message and the broadcast time of the master clock is greater than a preset time threshold (for example, greater than 1 second, it is required to be stated that the preset time threshold is not limited to the above example, and other changes can be made by a person skilled in the art in the light of the technical essence of the embodiment of the specification, but as long as the realized functions and effects are the same as or similar to those of the embodiment of the specification, the protection scope of the embodiment of the specification should be covered, the data is considered to be unreliable. If the verification is passed, the message data sent by the sender and acquired by the receiver are trusted message data.
Although the present description provides the following examples or method steps or apparatus configurations shown in fig. 8, 9, more or fewer steps or module elements may be included in the method or apparatus, either on a regular or non-inventive basis. In the steps or the structures where there is no necessary causal relationship logically, the execution order of the steps or the module structure of the apparatus is not limited to the execution order or the module structure shown in the embodiments or the drawings of the present specification. The described methods or module structures may be implemented in a device, server or end product in practice, in a sequential or parallel fashion (e.g., parallel processor or multi-threaded processing environments, or even distributed processing, server cluster implementations) as shown in the embodiments or figures.
Based on the above-mentioned train safety communication method, the present specification also proposes an embodiment of a train safety communication device applied to a sender. As shown in fig. 8, the apparatus may specifically include the following modules:
the acquiring module 801 may be configured to acquire identification information of the global master clock and a release time of the global master clock;
An adding module 802, configured to add the identification information and the release time to the message data to be transmitted;
the encryption module 803 can be used for performing encryption processing on the message data to obtain target message data;
a sending module 804, configured to send the target packet data to a receiver.
In some embodiments, the encryption module 803 may be specifically configured to encrypt the message data to be transmitted to obtain first encrypted data; after decrypting the first encrypted data, performing secondary encryption on the decrypted data to obtain target message data.
Based on the above-mentioned train safety communication method, the present specification also proposes an embodiment of a train safety communication device applied to a receiving party. As shown in fig. 9, the apparatus may specifically include the following modules:
a receiving module 901, configured to receive target message data; the target message data comprise identification information of a global master clock and release time of the global master clock;
the decryption module 902 may be configured to obtain a key, and decrypt the target message data based on the key;
the comparison module 903 may be configured to compare whether the identification information of the global master clock in the decrypted target packet data and the release time of the global master clock conform to a preset rule;
The trusted data determining module 904 may be configured to determine that the target message data is trusted if yes.
In some embodiments, the target packet data further includes a secure data transmission protocol, and the comparison module 803 may be further configured to obtain a source identifier, and verify the secure data transmission protocol in the decrypted target packet data based on the source identifier; if the verification is passed, the identification information and the release time in the target message data are obtained, and whether the identification information and the release time accord with a preset rule or not is compared.
In some embodiments, the comparison module 903 may be further specifically configured to compare the identification information of the global master clock with the pre-acquired identification information of the global master clock; and carrying out difference solving processing on the release time of the global master clock and the broadcasting time of the global master clock acquired in advance.
In some embodiments, the trusted data determining module 904 may be specifically configured to determine that the target message data is trusted message data if the result of the difference processing is less than a preset time threshold and the result of the comparison is consistent.
It should be noted that, the units, devices, or modules described in the above embodiments may be implemented by a computer chip or entity, or may be implemented by a product having a certain function. For convenience of description, the above devices are described as being functionally divided into various modules, respectively. Of course, when the present description is implemented, the functions of each module may be implemented in the same piece or pieces of software and/or hardware, or a module that implements the same function may be implemented by a plurality of sub-modules or a combination of sub-units, or the like. The above-described apparatus embodiments are merely illustrative, for example, the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
From the above, according to the train safety communication device applied to the sender provided by the embodiment of the present disclosure, the identification information of the global master clock and the release time of the global master clock are added to the message data, then the complete message data is encrypted, and then the encrypted message data is sent to the receiver, so that not only can the data leakage be avoided, but also the problems of copying and sending the message data and playing the data by a counterfeiter or an attacker can be effectively solved.
According to the train safety communication device applied to the receiver, the target message data are decrypted, and whether the identification information of the global master clock in the target message data and the release time of the global master clock accord with the preset rule or not is compared, so that the receiver can timely and effectively obtain safe and reliable message data.
The embodiment of the specification also provides a train safety communication electronic device applied to a sender, which comprises a processor and a memory for storing executable instructions of the processor, wherein the processor can execute the following steps according to the instructions when being concretely implemented: acquiring identification information of a global master clock and release time of the global master clock; adding the identification information and the release time to message data to be transmitted; encrypting the message data to obtain target message data; and sending the target message data to a receiver.
The embodiment of the specification also provides a train safety communication electronic device applied to a receiver, which comprises a processor and a memory for storing executable instructions of the processor, wherein the processor can execute the following steps according to the instructions when being implemented: receiving target message data; the target message data comprise identification information of a global master clock and release time of the global master clock; acquiring a target key, and decrypting the target message data based on the target key; comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule; if yes, determining that the target message data is the trusted message data.
In order to more accurately complete the above instructions, referring to fig. 10, another specific electronic device is further provided in this embodiment of the present disclosure, where the electronic device includes a network communication port 1001, a processor 1002, and a memory 1003, where the foregoing structures are connected by an internal cable, so that each structure may perform specific data interaction.
The network communication port 1001 may be specifically configured to obtain identification information of the global master clock and a release time of the global master clock.
The processor 1002 may be specifically configured to add the identification information and the release time to the message data to be transmitted; encrypting the message data to obtain target message data; and sending the target message data to a receiver.
The memory 1003 may be used for storing a corresponding program of instructions.
The network communication port 1001 may be further configured to receive target packet data; the target message data comprise identification information of a global master clock and release time of the global master clock;
the processor 1002 may be further configured to obtain a target key, and decrypt the target message data based on the target key; comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule; if yes, determining the target message data as trusted message data
The memory 1003 may in particular also be used for storing a corresponding program of instructions.
In this embodiment, the network communication port 1001 may be a virtual port that binds with different communication protocols, so that different data may be sent or received. For example, the network communication port may be a port responsible for performing web data communication, a port responsible for performing FTP data communication, or a port responsible for performing mail data communication. The network communication port may also be an entity's communication interface or a communication chip. For example, it may be a wireless mobile network communication chip, such as GSM, CDMA, etc.; it may also be a Wifi chip; it may also be a bluetooth chip.
In this embodiment, the processor 1002 may be implemented in any suitable manner. For example, the processor may take the form of, for example, a microprocessor or processor, and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), a programmable logic controller, and an embedded microcontroller, among others. The description is not intended to be limiting.
In this embodiment, the memory 1003 may include a plurality of layers, and in a digital system, it may be a memory as long as binary data can be stored; in an integrated circuit, a circuit with a memory function without a physical form is also called a memory, such as a RAM, a FIFO, etc.; in the system, the storage device in physical form is also called a memory, such as a memory bank, a TF card, and the like.
The embodiments of the present specification also provide a computer storage medium applied to a train safety communication method of a sender, the computer storage medium storing computer program instructions which when executed implement: acquiring identification information of a global master clock and release time of the global master clock; adding the identification information and the release time to message data to be transmitted; encrypting the message data to obtain target message data; and sending the target message data to a receiver.
The embodiments of the present specification also provide a computer storage medium storing computer program instructions that when executed implement a train safety communication method applied to a receiving party: receiving target message data; the target message data comprise identification information of a global master clock and release time of the global master clock; acquiring a target key, and decrypting the target message data based on the target key; comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule; if yes, determining that the target message data is the trusted message data.
In the present embodiment, the storage medium includes, but is not limited to, a random access Memory (Random Access Memory, RAM), a Read-Only Memory (ROM), a Cache (Cache), a Hard Disk (HDD), or a Memory Card (Memory Card). The memory may be used to store computer program instructions. The network communication unit may be an interface for performing network connection communication, which is set in accordance with a standard prescribed by a communication protocol.
Although the present description provides method operational steps as described in the examples or flowcharts, more or fewer operational steps may be included based on conventional or non-inventive means. The order of steps recited in the embodiments is merely one way of performing the order of steps and does not represent a unique order of execution. When implemented by an apparatus or client product in practice, the methods illustrated in the embodiments or figures may be performed sequentially or in parallel (e.g., in a parallel processor or multi-threaded processing environment, or even in a distributed data processing environment). The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, it is not excluded that additional identical or equivalent elements may be present in a process, method, article, or apparatus that comprises a described element. The terms first, second, etc. are used to denote a name, but not any particular order.
Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller can be regarded as a hardware component, and means for implementing various functions included therein can also be regarded as a structure within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.
The description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, classes, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
From the above description of embodiments, it will be apparent to those skilled in the art that the present description may be implemented in software plus a necessary general hardware platform. Based on such understanding, the technical solutions of the present specification may be embodied essentially in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and include several instructions to cause a computer device (which may be a personal computer, a mobile terminal, a server, or a network device, etc.) to perform the methods described in the various embodiments or portions of the embodiments of the present specification.
Various embodiments in this specification are described in a progressive manner, and identical or similar parts are all provided for each embodiment, each embodiment focusing on differences from other embodiments. The specification is operational with numerous general purpose or special purpose computer system environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable electronic devices, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.
Although the present description has been described by way of example, it will be appreciated by those of ordinary skill in the art that there are many variations to the description without departing from the spirit of the present description, and it is intended that the appended claims encompass such variations without departing from the spirit of the present description.

Claims (10)

1. A method of train safety communication, applied to a sender, comprising:
acquiring identification information of a global master clock and release time of the global master clock;
adding the identification information and the release time to message data to be transmitted;
encrypting the message data to obtain target message data;
and sending the target message data to a receiver.
2. The method according to claim 1, wherein said encrypting said message data comprises:
encrypting the message data to be transmitted to obtain first encrypted data;
after decrypting the first encrypted data, performing secondary encryption on the decrypted data to obtain target message data.
3. A method of train safety communication, characterized by being applied to a receiving party, comprising:
receiving target message data; the target message data comprise identification information of a global master clock and release time of the global master clock;
Acquiring a target key, and decrypting the target message data based on the target key;
comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule;
if yes, determining that the target message data is the trusted message data.
4. A method according to claim 3, wherein the target message data further comprises a secure data transmission protocol, and the method further comprises:
acquiring a source identifier, and checking a secure data transmission protocol in the decrypted target message data based on the source identifier;
if the verification is passed, the identification information and the release time in the target message data are obtained, and whether the identification information and the release time accord with a preset rule or not is compared.
5. A method according to claim 3, wherein the preset rules comprise:
comparing the identification information of the global master clock with the identification information of the global master clock acquired in advance;
and carrying out difference solving processing on the release time of the global master clock and the broadcasting time of the global master clock acquired in advance.
6. The method of claim 3, wherein the determining that the target message data is trusted message data comprises:
and under the condition that the result of the difference processing is smaller than a preset time threshold and the comparison result is consistent, determining that the target message data is credible message data.
7. A train safety communication device, characterized by being applied to a transmitting side, comprising:
the acquisition module is used for acquiring the identification information of the global master clock and the release time of the global master clock;
the adding module is used for adding the identification information and the release time to message data to be transmitted;
the encryption module is used for carrying out encryption processing on the message data to obtain target message data;
and the sending module is used for sending the target message data to a receiver.
8. A train safety communication device, for use with a receiving party, comprising:
the receiving module is used for receiving the target message data; the target message data comprise identification information of a global master clock and release time of the global master clock;
the decryption module is used for obtaining a secret key and decrypting the target message data based on the secret key;
The comparison module is used for comparing whether the identification information of the global master clock in the decrypted target message data and the release time of the global master clock accord with a preset rule or not;
and the trusted data determining module is used for determining that the target message data is trusted message data if the target message data is the trusted message data.
9. A train safety communication device, comprising: comprising a processor and a memory for storing processor-executable instructions which, when executed by the processor, implement the steps of the method of any one of claims 1-6.
10. A computer readable storage medium, having stored thereon computer instructions which, when executed by a processor, implement the steps of the method of any of claims 1-6.
CN202311619250.9A 2023-11-29 2023-11-29 Train safety communication method and device Pending CN117614711A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311619250.9A CN117614711A (en) 2023-11-29 2023-11-29 Train safety communication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311619250.9A CN117614711A (en) 2023-11-29 2023-11-29 Train safety communication method and device

Publications (1)

Publication Number Publication Date
CN117614711A true CN117614711A (en) 2024-02-27

Family

ID=89945858

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311619250.9A Pending CN117614711A (en) 2023-11-29 2023-11-29 Train safety communication method and device

Country Status (1)

Country Link
CN (1) CN117614711A (en)

Similar Documents

Publication Publication Date Title
US9338150B2 (en) Content-centric networking
US11539518B2 (en) Time-based encryption key derivation
CN104717220B (en) Based on the encrypted control signaling safe transmission method of hardware
CN103746962B (en) GOOSE electric real-time message encryption and decryption method
Haberman et al. Network time protocol version 4: Autokey specification
CN101843030B (en) The middle transmit leg of use safety RTP data retransmission and method
EP4270867A1 (en) Secure communication method, apparatus, and system for dc interconnection
Jahanian et al. Analysis of TESLA protocol in vehicular ad hoc networks using timed colored Petri nets
Zou et al. The study of secure CAN communication for automotive applications
Wasicek et al. Authentication in time-triggered systems using time-delayed release of keys
Pal et al. A fast prekeying-based integrity protection for smart grid communications
CN113242235A (en) System and method for encrypting and authenticating railway signal secure communication protocol RSSP-I
Haase et al. Secure communication protocol for network-on-chip with authenticated encryption and recovery mechanism
WO2018076190A1 (en) Communication method, terminal, core network user plane device and access network device
CN117614711A (en) Train safety communication method and device
Murvay et al. Accommodating time-triggered authentication to FlexRay demands
Hayden et al. Multi-channel security through data fragmentation
Treytl et al. Secure tunneling of high-precision clock synchronization protocols and other time-stamped data
Yuzik et al. Blockchain-based security for heterogeneous IoT systems.
CN116684203B (en) Method and system for realizing ModbusTCP protocol security protection without code variation
CN103716163A (en) SV message encryption and decryption method meeting IEC61850-9-2 (LE) standard
US20240048369A1 (en) Quantum resistant ledger for secure communications
Parveen Dtls with post quantum security for origin authentication and integrity
US20100322427A1 (en) Method for managing encryption keys in a communication network
McLoughlin et al. Full Post-Quantum Datagram TLS Handshake in the Internet of Things

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination