EP3469775A1 - Couplage d'un appareil de téléphonie mobile avec un véhicule et surveillance du couplage - Google Patents

Couplage d'un appareil de téléphonie mobile avec un véhicule et surveillance du couplage

Info

Publication number
EP3469775A1
EP3469775A1 EP17729100.2A EP17729100A EP3469775A1 EP 3469775 A1 EP3469775 A1 EP 3469775A1 EP 17729100 A EP17729100 A EP 17729100A EP 3469775 A1 EP3469775 A1 EP 3469775A1
Authority
EP
European Patent Office
Prior art keywords
control module
coupling
vehicle
parameter
mobile
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP17729100.2A
Other languages
German (de)
English (en)
Inventor
Marc Menzel
Frank Seurer
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Continental Teves AG and Co OHG
Original Assignee
Continental Teves AG and Co OHG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Continental Teves AG and Co OHG filed Critical Continental Teves AG and Co OHG
Publication of EP3469775A1 publication Critical patent/EP3469775A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/43Security arrangements using identity modules using shared identity modules, e.g. SIM sharing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/73Access point logical identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/30Connection release

Definitions

  • the invention relates to a method for coupling a mobile telephone terminal and a method for monitoring a coupling.
  • vehicle-to-vehicle or vehicle-to-infrastructure communication also referred to as vehicle-to-X communication or C2X communication for short
  • vehicle-to-X communication also referred to as vehicle-to-X communication or C2X communication
  • C2X communication vehicle-to-X communication
  • ad hoc Network communication in the vicinity of vehicles come.
  • services and functions that require data that is not available in this area. This data can be provided in the future, for example, from mobile devices.
  • the invention relates to a method for coupling a mobile terminal device, in particular a mobile telephone, to a control module of a vehicle.
  • a mobile terminal device in particular a mobile telephone
  • the mobile device may also be, for example, a mobile data terminal such as a hotspot or other data communication device. It can also be a tablet, a computer with appropriate equipment or the like.
  • the method has the following steps on the control module:
  • the mystery can later serve as the first and second mystery.
  • the two secrets can be compared, with manipulation advantageous could be recognized that the two secrets do not match.
  • coupling is typically not maintained.
  • the production or maintenance of unreliable couplings can thus be effectively prevented by the method according to the invention.
  • the embodiment according to which the production of a coupling is possible only in the coupling state, a particularly high level of security is achieved.
  • the authority for making the coupling state can be restricted namely, at ⁇ play, on workshops or other authorized personnel.
  • the secret or secrets may be, for example, numbers or alphanumeric codes or similar data.
  • control module is put into the coupling state by connecting a programming device.
  • a programming device can be in particular a diagnostic tester.
  • diagnostic testers are often used in workshops. In this way it can be ensured that the coupling is only possible by personnel who have access to such programmers or diagnostic tester, ie ⁇ example workshop personnel.
  • the programming device may have stored a temporary key and transmit it to the control module after it has been connected.
  • the control module can be put into the coupling state by receiving a temporary key from a server become.
  • a temporary key may in particular be a specific code whose admissibility or validity can be recognized by the control module. Only with appropriate admissibility or validity of the coupling state is then taken, so that a mobile station can be coupled.
  • the secret can be determined based on the temporary key. This can be done for example by a formula, an algorithm or by identical acquisition. The secret can then be transmitted in particular to the mobile radio terminal and can also be stored so that it is later available for comparison purposes.
  • the invention further relates to a method for coupling a mobile radio terminal, in particular a mobile telephone, to a control module of a vehicle.
  • the method has the following steps on the mobile radio terminal:
  • this method it is advantageously possible to couple a mobile telephone to a vehicle or to maintain or monitor a coupling.
  • this method describes those steps which are advantageously carried out on a mobile telephone.
  • the application security check ensures that the application is secure, such as not tampered with or in an insecure environment. In this way, corresponding attacks can be prevented .
  • the security check may preferably include a self-check of the application against changes or tampering.
  • changes in the application for example by importing manipulated files or similar measures, can be advantageously recognized.
  • the security review may include reviewing an execution environment for uncertainty or change. This can ensure that the application is executed in a secure environment so that another gateway is closed for potential tampering.
  • control module can in particular check whether the application and / or the execution environment have actually not been manipulated. For example, a coupling can be made only in this case.
  • the invention further relates to a method for coupling a mobile radio terminal, in particular a mobile telephone, to a control module of a vehicle.
  • a mobile radio terminal in particular a mobile telephone
  • the described Steue ⁇ approximately module performs a method as above in with reference to the control module.
  • the mobile station simultaneously executes a method as described above with respect to the mobile ⁇ radio terminal.
  • a mobile radio terminal can advantageously be coupled to a control module of a vehicle.
  • the safety functions described above can thus be achieved in a particularly advantageous manner.
  • the invention further relates to a method for monitoring a coupling between a mobile radio terminal, in particular a mobile telephone, and a control module of a vehicle.
  • the method according to the invention comprises the following steps:
  • a coupling between a mobile radio terminal and a control module of a vehicle can be monitored continuously in an advantageous manner. Certain parameters can be monitored, which are described in more detail below.
  • the method has just been described in two possible embodiments, which can also be combined.
  • the coupling can be completely ended, so that the mobile device is no longer coupled at least until a next pairing or after the expiry of a period of time or other authorization and thus is no longer available for the data transmission on the part of the control module is.
  • a ⁇ al ternatives embodiment which, however, as already mentioned, is also combined, only respective data packets can be discarded 0
  • the mobile radio terminal and the control module of the vehicle have preferably been coupled by means of a method as described above. More preferably, the coupling comes about when the deviation at the time of coupling is smaller than the threshold.
  • the also already be advantageously applied in the manufacture of such a coupling to increase security be above ⁇ prescribed method for monitoring a coupling.
  • the first parameter and the second parameter each time stamp, in particular from Satelli ⁇ tennavigation. This can be used to monitor that the data transmission between the mobile station and the control module has taken less than a certain threshold, so that it can be assumed that the transmission took place directly and not via an intermediary compromised reader or changer. According to a development, it is provided that respective data packets are discarded even if a fluctuation of the deviation between the time stamps is greater than a threshold value.
  • the first parameter and the second parameter are a respective position, which can be determined in particular from satellite navigation.
  • the vehicle and the mobile radio terminal ⁇ are during the coupling in the same place. If, for example, the mobile station is removed from the vehicle, this would be detected immediately with such an embodiment. Manipulations are advantageously made more difficult.
  • the first parameter and the second parameter are a respective acceleration and / or speed and / or direction of travel. This can be ensured in an advantageous manner that even while driving the mobile phone is in the vehicle, as this is then typically subject to the same speed and acceleration.
  • a direction of travel can also be used as a parameter accordingly. This can also be part of the speed, especially if the speed is considered as a vectorial quantity. Any movements of the mobile station within the vehicle can be accommodated by suitable algorithms.
  • one possible hedging principle can be based on two pillars.
  • This is in particular a secure first registration of a mobile station in the vehicle network, for example on the vehicle-to-X control device, and on the other to the plausibility of a data connection in operation, which is intended to ensure that it is the registered terminal .
  • a possible construction of a secure connection between the control module, in particular the vehicle-to-X control module, and the mobile radio terminal will be described.
  • garages require a certified diagnostic tester or similar hardware that includes a temporary key. This key can be stored on the device in the workshop or represented by a secure data connection to an OEM server (or both). Only when this data connection exists between diagnostic tester (or similar) and vehicle-to-X control module, safety-critical operations may be performed at all, such as a first coupling of a mobile radio terminal or other data radio devices.
  • the app should verify that its execution environment is safe and unchanged
  • the app should transmit both checks to the vehicle-to-X control module in the form of a check sum for each pairing,
  • the reference checksums are transmitted during the initial coupling.
  • a data communication between a mobile terminal and a vehicle-to-X control module may occur ⁇ unable is advantageously provided that the JE crowded GNSS (Global Navigation Satellite System) positions of both devices, only less than a threshold, for example 10 m may differ from each other to make the coupling at all.
  • a threshold for example 10 m
  • the heading or direction of travel and the speed ( ⁇ fault tolerance) of the vehicle and mobile terminal must be the same.
  • the invention further relates to a control module and a mobile radio terminal, which are configured to execute a respective method according to the invention.
  • the invention further relates to a non-volatile computer-readable storage medium containing program code, in the execution of which a processor carries out a method according to the invention. With regard to the method, all described embodiments and variants can be used.
  • FIG. 1 shows a vehicle with a mobile radio terminal according to an embodiment of the invention.
  • FIG. 1 shows a vehicle 10.
  • the vehicle 10 has a vehicle-to-X control module 12. Also located in the vehicle 10 a mobile station 20 in the form of a mobile phone, wherein the mobile terminal is to be coupled to the driving ⁇ imaging-to-X-control module 12 twentieth
  • a diagnostic tester 14 is first attached to the vehicle-to-X control module 12.
  • Such Diagno ⁇ setester 14 is typically available only in workshops or case of other authorized personnel.
  • the vehicle-to-X control module 12 is placed in a coupling state, which basically allows the coupling of mobile terminals.
  • a corresponding key is transmitted from the diagnostic tester 14 into the vehicle-to-X control module 12.
  • an application running on the mobile station 20 is running on it. This serves the Coupling and first checks itself and its appli ⁇ tion environment to see if it has been manipulated. In this case, a checksum is created and transmitted to the vehicle-to-X control module 12. If the checksum has a valid value, the coupling can continue. This will ensure that the application or its execution environment has not been tampered with.
  • the image stored on the Mo ⁇ bilfunkend réelle 20 secret can in particular be transmitted to the driving ⁇ imaging-to-X-control module 12, so that it can be compared with the data stored in the vehicle-to-X-control module 12 secret. If the two secrets agree, the mobile station 20 and the driving ⁇ imaging-to-X-control module 12 remain coupled together. Consequently, so a reliable and secure data transmission ⁇ is possible in the future.
  • a data exchange is continuously made, which relate to the respective speeds and accelerations of vehicle 10 and mobile terminal 20. These are compared. Are these for a longer period clearly apart, so in particular more than a certain threshold, so appropriate data packets are discarded or the coupling is disconnected. This can be prevented that the coupling is maintained when the mobile phone 20 is no longer in the vehicle and possibly was manipulated.
  • vehicle-to-X communication in particular means direct communication between vehicles and / or between vehicles and infrastructure facilities.
  • this may be vehicle-to-vehicle communication or vehicle-to-infrastructure communication.
  • vehicle-to-X communication may be performed using the IEEE 802.11p or IEEE 1609.4 standards.
  • a vehicle-to-X communication can also be referred to as C2X communication.
  • the subareas can be referred to as C2C (Car-to-Car) or C2I (Car-to-Infrastructure).
  • he ⁇ invention includes vehicle-to-X communication with accommodation for example, via a mobile network explicitly not.
  • Mentioned steps of the method according to the invention can be carried out in the order given. However, they can also be executed in a different order.
  • the method according to the invention can, in one of its embodiments, for example, with a particular set of steps that are executed so that no further steps are taken. However, in principle also further steps can be carried out, even those which are not mentioned.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne des mesures d'augmentation de la sécurité lors du couplage d'un véhicule avec un appareil de téléphonie mobile, tant la fabrication du couplage que leur maintien pouvant être surveillés.
EP17729100.2A 2016-06-10 2017-06-08 Couplage d'un appareil de téléphonie mobile avec un véhicule et surveillance du couplage Withdrawn EP3469775A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102016210351.2A DE102016210351A1 (de) 2016-06-10 2016-06-10 Verfahren zum Koppeln eines Mobilfunkendgeräts und zum Überwachen einer Kopplung
PCT/EP2017/063928 WO2017211933A1 (fr) 2016-06-10 2017-06-08 Couplage d'un appareil de téléphonie mobile avec un véhicule et surveillance du couplage

Publications (1)

Publication Number Publication Date
EP3469775A1 true EP3469775A1 (fr) 2019-04-17

Family

ID=59034776

Family Applications (1)

Application Number Title Priority Date Filing Date
EP17729100.2A Withdrawn EP3469775A1 (fr) 2016-06-10 2017-06-08 Couplage d'un appareil de téléphonie mobile avec un véhicule et surveillance du couplage

Country Status (5)

Country Link
US (1) US20190222413A1 (fr)
EP (1) EP3469775A1 (fr)
CN (1) CN109479185A (fr)
DE (1) DE102016210351A1 (fr)
WO (1) WO2017211933A1 (fr)

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007117635A2 (fr) * 2006-04-06 2007-10-18 Smobile Systems Inc. Système et procédé de détection de modélisation de maliciel destinés à des plate-formes mobiles
US8886125B2 (en) * 2006-04-14 2014-11-11 Qualcomm Incorporated Distance-based association
US7913297B2 (en) * 2006-08-30 2011-03-22 Apple Inc. Pairing of wireless devices using a wired medium
JP5073385B2 (ja) * 2007-07-03 2012-11-14 パナソニック株式会社 情報通信装置
US8190716B2 (en) * 2007-08-24 2012-05-29 Broadcom Corporation Method and system for managing bluetooth communication using software or firmware filtering
US9075979B1 (en) * 2011-08-11 2015-07-07 Google Inc. Authentication based on proximity to mobile device
DE102011112626B4 (de) * 2011-09-06 2014-09-04 Daimler Ag Automatisiertes Kopplungsverfahren eines mobilen Kommunikationsendgeräts mit einer zentralen Recheneinheit eines Kraftfahrzeugs
US8831224B2 (en) * 2012-09-14 2014-09-09 GM Global Technology Operations LLC Method and apparatus for secure pairing of mobile devices with vehicles using telematics system
US9471795B2 (en) * 2012-10-11 2016-10-18 Automatic Labs, Inc. System and method providing permission based access to automotive computers
US9218700B2 (en) * 2012-12-14 2015-12-22 GM Global Technology Operations LLC Method and system for secure and authorized communication between a vehicle and wireless communication devices or key fobs
US20150024686A1 (en) * 2013-07-16 2015-01-22 GM Global Technology Operations LLC Secure simple pairing through embedded vehicle network access device
US9603015B2 (en) * 2014-02-03 2017-03-21 Empire Technology Development Llc Encrypted communication between paired devices
CN205179369U (zh) * 2014-11-26 2016-04-20 三星电子株式会社 用于与智能设备配对的可穿戴设备

Also Published As

Publication number Publication date
WO2017211933A1 (fr) 2017-12-14
US20190222413A1 (en) 2019-07-18
CN109479185A (zh) 2019-03-15
DE102016210351A1 (de) 2017-12-14

Similar Documents

Publication Publication Date Title
EP3501154B1 (fr) Établissement d'une communication sécurisée à l'intérieur d'un réseau de communication en temps réel
EP2761610B1 (fr) Procédé et système de transmission répartie d'un flux de communication ainsi qu'utilisation du système
EP3110101A1 (fr) Procede de protection de manipulation de paquets de donnees utiles a transmettre par un systeme de bus entre des composants systeme
EP3295645B1 (fr) Procédé et système de transmission sans effet rétroactif de données entre réseaux
WO2016096599A1 (fr) Procédé et dispositif de détection de données exempte de répercussions
DE102010026433A1 (de) Steuernetzwerk für ein Schienenfahrzeug
DE102010037271A1 (de) Verfahren zum Bereitstellen eines drahtlosen Fahrzeugzugangs
DE10326287A1 (de) Fahrzeug-Kommunikationssystem, welches eine anormale Steuereinheit initialisiert
WO2018077528A1 (fr) Détection de manipulations dans un réseau can par vérification d'identifiants can
DE102011007588A1 (de) Verfahren und Vorrichtung zur Steuerungs-Kommunikation zwischen gekoppelten Zugteilen
DE102014111361A1 (de) Verfahren zum Betreiben einer Sicherheitssteuerung und Automatisierungsnetzwerk mit einer solchen Sicherheitssteuerung
DE102015200279A1 (de) Einwegübertragungseinrichtung, Vorrichtung undVerfahren zum rückwirkungsfreien Erfassen von Daten
DE102012215260A1 (de) Vorortbedienung einer Komponente einer Eisenbahngleisanlage
DE102011003624A1 (de) Verfahren und System zur Reduzierung der Datenauslastung eines Fahrzeug-zu-X-Kommunikationskanals
DE102013001412A1 (de) Verfahren zur Steuerung einer Kommunikation zwischen einer Diagnosestelle eines Fahrzeugs und einem Fahrzeugnetz sowie entsprechende Steuerung für ein Fahrzeug
DE102016204999A1 (de) Verfahren zur Überwachung der Sicherheit von Kommunikationsverbindungen eines Fahrzeugs
EP3469775A1 (fr) Couplage d'un appareil de téléphonie mobile avec un véhicule et surveillance du couplage
EP2584539A1 (fr) Procédé de configuration d'une serrure électromécanique
DE102010028485A1 (de) Verfahren und Vorrichtung zur Absicherung von über eine Schnittstelle zu übertragenden Datenpaketen
DE102018209868A1 (de) Verfahren und Vorrichtung zur gegenseitigen Überwachung und/oder Kontrolle autonomer technischer Systeme
DE102012209445A1 (de) Verfahren und Kommunikationssystem zur sicheren Datenübertragung
WO2019175086A1 (fr) Procédé et dispositif de transmission de données protégée de manière cryptographique entre un premier appareil et un deuxième appareil
DE102017220371A1 (de) System und Verfahren zum Senden und zum Empfangen von Daten
EP3306507B1 (fr) Composants pour une chaîne fonctionnelle critique pour la sécurité
EP4142263A1 (fr) Procédé, serveur d'accès à distance, dispositif de communication et système d'accès à distance à un véhicule

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20190110

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20200212

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20200520