EP1665611A1 - Voie de transmission de donnees pourvue d'un dispositif de controle de l'integrite des donnees - Google Patents
Voie de transmission de donnees pourvue d'un dispositif de controle de l'integrite des donneesInfo
- Publication number
- EP1665611A1 EP1665611A1 EP04762641A EP04762641A EP1665611A1 EP 1665611 A1 EP1665611 A1 EP 1665611A1 EP 04762641 A EP04762641 A EP 04762641A EP 04762641 A EP04762641 A EP 04762641A EP 1665611 A1 EP1665611 A1 EP 1665611A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- data
- data transmission
- transmission path
- input
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 58
- 238000000034 method Methods 0.000 claims abstract description 7
- 230000004048 modification Effects 0.000 claims description 32
- 238000012986 modification Methods 0.000 claims description 32
- 238000004891 communication Methods 0.000 claims description 16
- 230000008859 change Effects 0.000 claims description 15
- 238000012546 transfer Methods 0.000 claims description 12
- 230000000694 effects Effects 0.000 claims description 3
- 230000003213 activating effect Effects 0.000 claims description 2
- 230000004913 activation Effects 0.000 claims description 2
- 238000013496 data integrity verification Methods 0.000 abstract 1
- 230000008901 benefit Effects 0.000 description 4
- 230000001960 triggered effect Effects 0.000 description 3
- 238000012360 testing method Methods 0.000 description 2
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0061—Error detection codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0045—Arrangements at the receiver end
Definitions
- the invention relates to a data transmission link with a device for checking the data integrity of data transmitted from the transmitter side to the receiver side of the data transmission link, in particular in a motor vehicle, and to a method for checking the data integrity according to the preamble of claim 6.
- Data transmission links of the generic type are known. These are used to determine whether data sent by a sender has reached a recipient in unchanged form.
- checksum methods are known, for example, in which a checksum is determined on the transmitter side for the data to be transmitted and is appended to the data to be transmitted. The checksum of the transmitted data is then determined again on the receiver side and compared with the attached transmitted checksum. If this test is positive, that is to say that the data is correctly transmitted from the sender to the receiver, the integrity of the data is guaranteed and the data can be processed further on the receiver side. If the check leads to a negative result, that is to say a change in the data on the transmitter-receiver link was found, then a procedure for correcting the transmission error is initiated.
- a braking request can now also be triggered by safety functions, such as an anti-lock braking system, an electronic stability program or a braking assistant, or by comfort functions, such as adaptive cruise control.
- safety functions such as an anti-lock braking system, an electronic stability program or a braking assistant
- comfort functions such as adaptive cruise control.
- the signals are partially transmitted from the vehicle communication on-board network CAN (Controller Area Network), whereby further control devices, for example for the dashboard, the engine or a diagnostic system, can also be connected to the CAN.
- CAN Controller Area Network
- a brake may only trigger if the control unit of the braking system has actually generated a braking request Errors in control units connected to the CAN or caused by faults within the CAN. This is aggravated by the fact that such applications are time-critical, which means that the time between the braking request from the control unit of the braking system and the required brake release is so short that there is no time to validate the braking request - be it by the control unit, be it verified by the brake itself. It is often only possible to transmit a single signal for triggering. There is no time to correct a faulty signal with another signal or to wait for another signal to be checked. Hence one Signa! of great importance with a somewhat irreversible character.
- the data transmission link offers the advantage over the fact that a reliable determination of the data integrity is also realized in time-critical applications.
- the data transmission path is characterized by a first, transmitter-side and a second, receiver-side data modification device, each of which has the same transmission function that effects the change of input data in output data and is connected to the data transmission path, a receiver-side one that is transmitted by the first data modification device via the Comparing the data transmission path and the output data supplied to the second data modification device, and if the output data are identical, activating a comparator that is connected to the data transmission path and the second data modification device, the transmission of input data generated by the transmitter to the first data modification device and of the same input data via the data transmission path to the data transmission path second data changing device.
- the following mode of operation results for such a data transmission link.
- input data are generated on the transmitter side of the data transmission link, by means of which an event is to be effected on the receiver side.
- the data transmission link can be a wired (for Act electrically or optically) as well as a wireless (for example radio or infrared transmission) link.
- input data are transmitted to the first data modification device and additionally to the second data modification device via the data transmission link.
- the input data that are transmitted to the first and to the second data modification device are identical or identical. This can be achieved, for example, by generating two identical input data signals and routing them to the first or second data modification device or also by splitting the signal of the input data into two identical but separate input data signals after their generation.
- the data modification devices are designed, for example, as a logic circuit, programmable electronic component or processor and have the same transfer function. For the same transfer function, it is decisive that if matching input data are supplied to the data changing devices, matching output data are also generated. However, it is not necessary for the output data to be generated using identical individual steps. (For example, it is possible to realize the transfer function "doubling of x" both as “multiplication of 2 " x "and as” addition x + x ".)
- the output data generated by the data modification devices are fed to the comparator on the receiver side, the output data generated on the transmitter side being transmitted to the receiver side via the data transmission link.
- the comparator checks the output data generated on the transmitter and receiver side for equality.
- the comparator activates the release device, which releases the output data on the transmitter side or on the receiver side for further processing. (Due to the equality of sender-side or receiver-side output data, the further use of sender-side or receiver-side output data always leads to the same result.)
- the data transmission link described brings great security in determining data integrity, since two different but defined associated data sets are transmitted. In this way, both random errors in data integrity and systematic errors can be determined, since the choice of the transfer function, for example a unique function with a large number of possible input and output data, can prevent changes along the transmission path Input and output data on the comparator again lead to matching output data.
- the data transmission link described also has a speed advantage since the data modification devices work independently of one another and therefore the time windows in which the data modification devices generate the output data can overlap or even lie at the same time.
- a particularly advantageous embodiment is obtained if the input data are sent in the direction of the first and second data modification devices at substantially the same time. Since the throughput sequences “first data modification device, data transmission link, input of the comparator” and “data transmission link, second data modification device, input of the comparator” require approximately the same time, an im means Essentially simultaneous sending of the input data also an approximately simultaneous arrival of the output data at the comparator. This means that there are no waiting times at the comparator during which the comparator has to wait for output data at one of its inputs. This minimizes the time from generating the input data to establishing data integrity.
- the data transmission link has at least one communication channel, in particular a CAN (Controller Area Network) communication channel.
- CAN Controller Area Network
- the output data generated by the first data modification device and the input data supplied to the second data modification device are advantageously transmitted through a common communication channel of the data transmission link.
- the release device enables the actuation of an actuator, in particular a brake. This ensures that an actuator is not triggered due to incorrectly transmitted data or data not intended for the actuator. In this way, a dangerous incorrect triggering of the brake of a motor vehicle, in particular the incorrect triggering of full braking, can be avoided.
- the invention further relates to a method for checking the data integrity of a data transmission from the transmitter side to the receiver side.
- Data transmission route in particular in a motor vehicle, wherein
- Input data from a first data modification device having a transfer function are changed into first output data and are fed to a comparator via the data transmission link,
- the comparator outputs an activation signal.
- Figure the principle of operation of a data transmission link according to the invention with a device for checking the data integrity.
- the figure shows a data transmission link 1 having an area on the transmitter side 2, a data transmission link 3 and an area on the receiver side 4.
- the receiver side 4 has a second data Change device 6, a comparator 7, a release device 8 and an actuator 9, which is designed here as a brake 10 of a motor vehicle.
- the data transmission path is designed here as a communication channel 11 of a CAN, on which data is transmitted serially.
- a receiver coding within the data ensures that even when using a common communication channel 11 or communication network, the data is only ever accepted by the addressed target receiver.
- the first and the second data changing device 5, 6 have the same transfer function with which input data are converted into output data. That is, if the data changing devices 5, 6 are loaded with matching input data, then they generate matching output data.
- the following mode of operation results for data transmission link 1:
- the control device 12 generates input data E1, E2 from source input data E, which originate from sensors (not shown in more detail) on the basis of computing or program instructions.
- the input data E1 are converted by the first data modification device 5 into output data A1 and fed to a first input of the comparator 7 via the feed point 13, the communication channel 11 and the decoupling point 14.
- the input data E2 are fed via the feed-in point 13, the communication channel 11 and the decoupling point 14 to the second data changing device 6, the output data A2 is generated and fed to the second input of the comparator 7.
- the comparator 7 now checks the output data A1, A2 for equality and forwards the result of the test via the line R to the release device 8. Only if the output data A1, A2 are identical?
- the enabling device 8 activates and forwards the output data A1 branched off at the node 15 to the brake 10.
- the dashed line from node 16 to release device 8 indicates that output data A2 can also be used for forwarding.
- both output data A1, A2 can also be supplied to the release device 8, with logic within the release device 8 then determining which data are forwarded to the brake 10.
- the signal is only forwarded to the brake 10 if the output data A1 generated by the first data modification device 5 and passed via the communication channel 11 to the comparator 7 match the output data A2 that are provided by the second data modification device 6 were generated on the basis of the input data E2 transmitted by the communication channel 11. If there is a change in the input data E2 along the communication channel 11, the second data change device 6 generates output data A2 which do not match the output data A1, and therefore the release device 8 is not activated. The same result calls for a change in the output data A1 along the communication channel 11, because even then the output data A2 do not match the changed output data A1.
- a change in the input data E2 and the output data A1 is also detected when the transfer function of the first and the second data change device 5, 6 has a large number of possible input and output data. This ensures a high level of certainty that the brake 10 is really only actuated if this should actually be effected on the basis of the original input data E. In addition to the high security offered by the data transmission link, only a very small amount of time is required for checking the data integrity, since the first and second data modification devices 5, 6 work independently of one another and can process input data E1, E2 as soon as this input data E1, E2 are present at the respective input of the first or second data modification device 5, 6.
- the output data A1, A2 are also available to the comparator 7 as quickly as possible, so that the data integrity can be checked immediately.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Communication Control (AREA)
- Regulating Braking Force (AREA)
- Valves And Accessory Devices For Braking Systems (AREA)
- Detection And Prevention Of Errors In Transmission (AREA)
Abstract
L'invention concerne une voie de transmission de données (1) comportant un dispositif de contrôle de l'intégrité des données transmises du côté émetteur (2) au côté récepteur (4) de la voie de transmission de données (3), en particulier dans un véhicule automobile, cette voie de transmission de données comportant un premier dispositif de modification de données (5), placé côté émetteur, et un second dispositif de modification de données (6), placé côté récepteur, qui ont chacun une fonction de transmission identique, ainsi qu'un comparateur qui compare les données de sortie (A1, A2) des dispositifs de modification de données (5, 6). Les données d'entrée (E1) sont traitées sur le côté émetteur (2), pour être transformées en données de sortie (A1) et transmises au côté récepteur (4), et des données d'entrée (E2) identiques sont transmises au côté récepteur (4) où elles sont modifiées en données de sortie (A2). L'invention concerne également un procédé de contrôle de l'intégrité des données.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE10343172.1A DE10343172B4 (de) | 2003-09-18 | 2003-09-18 | Datenübertragungsstrecke mit Einrichtung zur Prüfung der Datenintegrität |
PCT/DE2004/001796 WO2005032033A1 (fr) | 2003-09-18 | 2004-08-10 | Voie de transmission de donnees pourvue d'un dispositif de controle de l'integrite des donnees |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1665611A1 true EP1665611A1 (fr) | 2006-06-07 |
Family
ID=34305876
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP04762641A Ceased EP1665611A1 (fr) | 2003-09-18 | 2004-08-10 | Voie de transmission de donnees pourvue d'un dispositif de controle de l'integrite des donnees |
Country Status (5)
Country | Link |
---|---|
US (1) | US7831897B2 (fr) |
EP (1) | EP1665611A1 (fr) |
JP (1) | JP4290195B2 (fr) |
DE (1) | DE10343172B4 (fr) |
WO (1) | WO2005032033A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009115903A1 (fr) | 2008-03-20 | 2009-09-24 | Kinamik Data Integrity, S.L. | Procédé et système pour fournir une intégrité granulaire fine à des données numériques |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1943781A1 (fr) * | 2005-11-03 | 2008-07-16 | Continental Teves AG & Co. oHG | Circuit de commutation de signal mixte destine a un systeme de commande ou de regulation electronique securise |
US10637785B2 (en) * | 2018-08-16 | 2020-04-28 | Uchicago Argonne, Llc | Software defined networking multiple operating system rotational environment |
US11876833B2 (en) | 2019-08-15 | 2024-01-16 | Uchicago Argonne, Llc | Software defined networking moving target defense honeypot |
DE102021127310B4 (de) | 2021-10-21 | 2024-02-08 | Liebherr-Aerospace Lindenberg Gmbh | System und Verfahren zur Datenübertragung |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0214475B1 (fr) * | 1985-09-11 | 1991-06-26 | Siemens Aktiengesellschaft | Circuit pour transmettre des signaux de données entre des dispositifs de commande reliées entre eux par un système en anneaux |
US4852680A (en) * | 1988-04-07 | 1989-08-01 | J. I. Case Company | Vehicle anti-theft system with remote security module |
KR100201580B1 (ko) * | 1991-04-02 | 1999-06-15 | 후루까와 준노스께 | 다중전송시스템 |
JP3164402B2 (ja) | 1991-04-02 | 2001-05-08 | 古河電気工業株式会社 | 多重伝送方式 |
NL9200391A (nl) * | 1992-03-03 | 1993-10-01 | Nederland Ptt | Inrichting voor het in een stroom van transmissiecellen aanbrengen van een wijziging. |
JPH05316125A (ja) | 1992-05-07 | 1993-11-26 | Toyota Central Res & Dev Lab Inc | シリアル多重通信システム |
JPH07183887A (ja) | 1993-12-24 | 1995-07-21 | Hitachi Ltd | Atmアダプテーション装置およびcrc符号生成回路 |
DE59607113D1 (de) * | 1995-04-13 | 2001-07-26 | Siemens Schweiz Ag Zuerich | Datenübertragungsverfahren und Vorrichtung |
WO1998010618A1 (fr) * | 1996-09-04 | 1998-03-12 | Hitachi, Ltd. | Procede et systeme de transmission d'informations d'etat de voie ferree |
DE19644238C2 (de) * | 1996-10-24 | 1998-12-24 | Krone Ag | Verfahren zur Synchronisation von Übertragungen mit konstanter Bitrate in ATM-Netzen und Schaltungsanordnung zur Durchführung des Verfahrens |
JP3253565B2 (ja) * | 1997-04-25 | 2002-02-04 | 矢崎総業株式会社 | 通信システム及び通信方法 |
DE19729105A1 (de) * | 1997-07-08 | 1999-01-14 | Bosch Gmbh Robert | Einrichtung zur Übertragung von Daten |
JP3788867B2 (ja) * | 1997-10-28 | 2006-06-21 | 株式会社東芝 | 半導体記憶装置 |
US6683854B1 (en) * | 1998-03-20 | 2004-01-27 | International Business Machines Corporation | System for checking data integrity in a high speed packet switching network node |
US7046802B2 (en) * | 2000-10-12 | 2006-05-16 | Rogaway Phillip W | Method and apparatus for facilitating efficient authenticated encryption |
JP3501763B2 (ja) | 2001-02-19 | 2004-03-02 | Necアクセステクニカ株式会社 | データ送信装置、データ受信装置及びデータ送受信装置 |
FR2824176B1 (fr) * | 2001-04-30 | 2003-10-31 | St Microelectronics Sa | Procede et dispositif de lecture de cellules de memoire dynamique |
US7493140B2 (en) * | 2003-01-22 | 2009-02-17 | Johnson Controls Technology Company | System, method and device for providing communication between a vehicle and a plurality of wireless devices having different communication standards |
-
2003
- 2003-09-18 DE DE10343172.1A patent/DE10343172B4/de not_active Expired - Fee Related
-
2004
- 2004-08-10 WO PCT/DE2004/001796 patent/WO2005032033A1/fr active Application Filing
- 2004-08-10 US US10/572,697 patent/US7831897B2/en not_active Expired - Fee Related
- 2004-08-10 JP JP2006525032A patent/JP4290195B2/ja not_active Expired - Fee Related
- 2004-08-10 EP EP04762641A patent/EP1665611A1/fr not_active Ceased
Non-Patent Citations (1)
Title |
---|
See references of WO2005032033A1 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009115903A1 (fr) | 2008-03-20 | 2009-09-24 | Kinamik Data Integrity, S.L. | Procédé et système pour fournir une intégrité granulaire fine à des données numériques |
Also Published As
Publication number | Publication date |
---|---|
DE10343172B4 (de) | 2016-02-11 |
US7831897B2 (en) | 2010-11-09 |
DE10343172A1 (de) | 2005-04-14 |
US20070230464A1 (en) | 2007-10-04 |
WO2005032033A1 (fr) | 2005-04-07 |
JP4290195B2 (ja) | 2009-07-01 |
JP2007504726A (ja) | 2007-03-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE10113917B4 (de) | Verfahren und Vorrichtung zur Überwachung von Steuereinheiten | |
EP2160857B1 (fr) | Procédé de contrôle et circuit électronique de transmission série sécurisée de données | |
DE102006054124B4 (de) | Verfahren und System zur sicheren Datenübertragung | |
EP2681633A2 (fr) | Nouvelle combinaison de correction d'erreurs et de détection d'erreurs pour la transmission de données numériques | |
DE102006017302B4 (de) | Verfahren und System zur Kontrolle einer Signalübertragung eines elektrischen Pedals | |
WO2017021060A1 (fr) | Procédé et système de transmission sans effet rétroactif de données entre réseaux | |
DE102014202826A1 (de) | Teilnehmerstation für ein Bussystem und Verfahren zur Erhöhung der Datenrate eines Bussystems | |
EP1665611A1 (fr) | Voie de transmission de donnees pourvue d'un dispositif de controle de l'integrite des donnees | |
DE102017202347B4 (de) | Verfahren, System, und Fahrzeug umfassend das System zum Testen einer Funktionssicherheit eines Fahrzeugs während eines Betriebs des Fahrzeugs | |
DE102021112146A1 (de) | Kabelbasiertes Steuersystem zur Steuerung eines Kraftfahrzeugs | |
DE102021120393B3 (de) | Verfahren und Verschaltung zum Betrieb eines Netzwerks oder Netzwerkabschnitts | |
DE102018220324A1 (de) | Verfahren zur Überwachung eines Datenübertragungssystems, Datenübertragungssystem und Kraftfahrzeug | |
DE102013108006B4 (de) | Kommunikationsanordnung | |
EP3570499A1 (fr) | Procédé d'identification de connexion fonctionnellement sûre | |
DE102007058071A1 (de) | Verfahren und Vorrichtung zur Plausibilisierung einer Auswertung von sicherheitsrelevanten Signalen für ein Kraftfahrzeug | |
DE10121061B4 (de) | Überwachungsvorrichtung und Überwachungsverfahren | |
EP1928091B1 (fr) | Capteur avec système de sécurité | |
DE102020210096A1 (de) | Verfahren und Vorrichtung zum Ermitteln von Informationen eines Bussystems | |
DE102021117324A1 (de) | Sendeeinheit und Empfangseinheit zum Senden und Empfangen von Datenpaketen | |
EP4048574A1 (fr) | Dispositif d'évaluation conçu pour réaliser une évaluation tolérante aux erreurs de signaux de détection pour un appareil de commande de moteur d'une direction de véhicule automobile et direction de véhicule automobile | |
DE102019210969A1 (de) | Verfahren zum Betreiben eines kraftfahrzeuginternen Kommunikationssystems mittels einer Watchdogeinrichtung, Computerprogramm, Kommunikationssystem, elektronisches Fahrzeugführungssystem sowie Kraftfahrzeug | |
DE3327489C2 (fr) | ||
EP1133096A2 (fr) | Procédé et système de transmission de données a sûreté intégrée entre des ordinateurs à sécurité intrinsèque | |
DE102008052781A1 (de) | Fehlererkennung in differentiellen Bussystemen | |
DE102021127310B4 (de) | System und Verfahren zur Datenübertragung |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20060418 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): DE FR GB IT |
|
17Q | First examination report despatched |
Effective date: 20060718 |
|
DAX | Request for extension of the european patent (deleted) | ||
RBV | Designated contracting states (corrected) |
Designated state(s): DE FR GB IT |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20100327 |