JP2016039564A - Communication system and equipment - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a communication system that can perform authentication processing to receive and deliver data from and to a smart meter (SM) even when a control device cannot perform radio communication with the smart meter.SOLUTION: In a communication system 10 having equipment 200 and a control device 100, in order to request authentication to SM 300, the control device 100 has an authentication request unit 121 for performing radio communication with SM 300 according to a specific authentication protocol. The equipment 200 has an authentication request unit 221 for performing communication with the control device 100 according to the specific authentication protocol in order to request authentication to the control device 100, and an authentication request unit 224 for performing radio communication with SM 300 according to the specific authentication protocol when the communication of the authentication request unit 121 with SM 300 fails.SELECTED DRAWING: Figure 3

Description

  The present invention relates to a communication system, and more particularly, to a communication system including a device that performs authentication processing with a smart meter.

  Conventionally, HEMS (Home Energy Management System) which performs energy management in a home is known. In HEMS, a HEMS controller controls one or more HEMS devices in a home via a HAN (Home Area Network) in order to suppress energy consumption.

  Conventionally, there has been known a terminal that reads usage data from a meter through an authentication process for transmitting information that matches information registered in advance in a meter (smart meter) that measures the usage of gas, electricity, water, and the like. (See Patent Document 1).

JP 2014-11659 A

  By the way, in order to use the power usage amount at home in HEMS, there are cases where the HEMS controller cannot acquire the measurement result such as the power usage amount from the smart meter by wireless communication. For example, when the HEMS controller is installed at a position far beyond the reach of the radio wave from the smart meter, the HEMS controller is not authenticated by the smart meter because wireless communication is not possible.

  Therefore, the present invention provides a communication system that enables an authentication process for data exchange with a smart meter even when a control device (for example, a HEMS controller) cannot wirelessly communicate with the smart meter in the communication system (for example, HEMS). I will provide a. Moreover, this invention provides the apparatus used for this communication system.

  In order to solve the above problems, a device according to one aspect of the present invention is a device used in one facility together with a control device that exchanges information with a device that has been successfully authenticated. A first authentication request unit that communicates with the control device according to a specific authentication protocol to request authentication, and information based on the measurement result on the condition that the amount of energy used in the facility is measured and authentication is successful In order to request authentication of a smart meter to be transmitted under certain conditions, the device includes a second authentication request unit that performs wireless communication with the smart meter according to the specific authentication protocol.

  In order to solve the above problem, a communication system according to an aspect of the present invention is a communication system including the device and the control device, and the control device requests authentication from the smart meter. Therefore, a third authentication request unit that performs wireless communication with the smart meter according to the specific authentication protocol is provided, and the second authentication request unit is connected to the smart meter by the third authentication request unit. The communication system performs wireless communication according to the specific authentication protocol with the smart meter when communication fails.

  The communication system and device of the present invention enables authentication processing with a smart meter even when the control device cannot communicate wirelessly with the smart meter. Moreover, the communication system and apparatus of this invention are suppressing the structure required for an authentication process.

1 is a system schematic diagram illustrating a relationship between a communication system, a smart meter, and a management device according to an embodiment. It is a block diagram which shows the structure of the control apparatus which concerns on embodiment, an apparatus, and a smart meter. 2 is a functional block diagram of a communication system and a smart meter according to Embodiment 1. FIG. It is a figure which shows the protocol stack used with a communication system. 3 is a flowchart illustrating an operation of the control device according to the first embodiment. 3 is a flowchart illustrating the operation of the device according to the first embodiment. It is a sequence diagram which shows the communication procedure between the control apparatus which concerns on Embodiment 1, an apparatus, and a smart meter. It is a sequence diagram which shows the communication procedure (an alternative authentication procedure is included) between the control apparatus which concerns on Embodiment 1, and an apparatus and a smart meter. 6 is a functional block diagram of a communication system and a smart meter according to Embodiment 2. FIG. 6 is a flowchart illustrating an operation of a control device according to the second embodiment. 6 is a flowchart illustrating an operation of a device according to the second embodiment. It is a sequence diagram which shows the communication procedure (an alternative authentication procedure is included) between the control apparatus which concerns on Embodiment 2, and an apparatus and a smart meter.

(Embodiment 1)
Hereinafter, embodiments will be described with reference to the drawings. Each of the embodiments shown here shows a specific example of the present invention. Accordingly, the numerical values, shapes, materials, components, component arrangement and connection forms, steps (steps) and order of steps, and the like shown in the following embodiments are examples and limit the present invention. is not. Among the constituent elements in the following embodiments, constituent elements that are not described in the independent claims can be arbitrarily added. Each figure is a mimetic diagram and is not necessarily illustrated strictly.

  Hereinafter, a communication system according to an embodiment of the present invention will be described.

(Constitution)
FIG. 1 is a system schematic diagram illustrating a relationship between the communication system 10, the smart meter 300, and the management device 40 according to the embodiment. The system shown in the figure is a so-called next-generation power communication network (smart grid), and a smart meter 300 and a power company installed in each customer (customer 11, customer 11a, etc.) for power management. The management apparatus 40 installed in 41 can communicate with the network. Here, the consumer is a person who is supplied with electric power from an electric power company, and here also refers to the facility (for example, a house) of the person.

  The smart meter 300 installed in each consumer has a function of measuring the amount of power used by the consumer. Data from each customer's smart meter 300 (power consumption measurement results, etc.) is collected in the concentrator 31 and transmitted to the management device 40. The communication path from the smart meter 300 to the management device 40 is referred to as A route. The concentrator 31 is a concentrator that collects data from a plurality of smart meters 300, for example, installed on a power pole for distribution lines. The management device 40 is an MDMS (Meter Data Management System) server, an authentication server, or the like that collects data and performs processing such as charging processing, analysis, and control based on the collected data.

  A communication path that transmits data (measurement result of power consumption) from the smart meter 300 to the communication system 10 (for example, HEMS) side in the consumer so that the measurement result can be utilized in the consumer is referred to as a B route. . For example, when the HEMS receives the measurement result of the power usage amount from the smart meter 300 through the B route and displays the measurement result using a HEMS device having a display unit such as a tablet, the power usage amount can be seen by a consumer. “Visualization of energy” is realized. Further, for example, the HEMS controller can control the HEMS device in order to suppress power usage based on the measurement result of the power usage acquired from the smart meter 300.

  The communication system 10 includes a control device 100 capable of communicating with each other and one or more devices (for example, 10 devices) (device 200, device 200x, device 200y, etc.). The control device 100 is a device that controls each device by exchanging data with each device, for example, and can be connected to a WAN (Wide Area Network) 42 such as the Internet outside the customer.

  Hereinafter, the B route between the communication system 10 and the smart meter 300 in the customer 11 will be described in detail.

  FIG. 2 is a configuration diagram illustrating main configurations (hardware configurations) of the control device 100, the device 200, and the smart meter 300.

  The control device 100 is a HEMS controller that exchanges data with a HEMS device when the communication system 10 is a HEMS, and is accommodated in, for example, a distribution board installed in a house (house) of the consumer 11. As illustrated in FIG. 2, the control device 100 includes a power supply unit 101, a memory 102, a wireless circuit 103, a communication circuit 104, and a CPU (Central Processing Unit) 105. The control device 100 may include input means such as a keyboard (not shown) and may include an output unit (for example, a display).

  The power supply unit 101 is a power supply circuit that supplies power to each unit of the control device 100, and is a power supply circuit that converts, for example, AC power supplied from the power system into power necessary for each unit.

  The memory 102 is a ROM that stores a program and data in advance, a RAM that is used to store data when the program is executed, and may include, for example, a nonvolatile memory.

  The wireless circuit 103 is a communication circuit connected to an antenna, for example, a communication circuit for performing wireless communication in the 920 MHz band in accordance with the IEEE 802.15.4g standard.

  The communication circuit 104 is a communication circuit connected to the WAN.

  The CPU 105 performs processing such as control of the wireless circuit 103 and the communication circuit 104 by executing a program stored in the memory 102.

  The device 200 is a HEMS device when the communication system 10 is a HEMS, such as a tablet, a lighting fixture, an air conditioner (air conditioner), an electromagnetic cooker, a hot water supply device, a television receiver, a solar cell, a power conditioner, a storage battery, and the like. One of various electrical devices. Further, the device 200 may be a repeater that relays communication between the HEMS controller and another device.

  As illustrated in FIG. 2, the device 200 includes a power supply unit 201, a memory 202, a wireless circuit 203, a function unit 204, and a CPU 205.

  The power supply unit 201 is a power supply circuit that supplies power to each unit of the device 200. For example, the power supply unit 201 is a power supply circuit that converts AC power supplied from the power system into power necessary for each unit.

  The memory 202 is a ROM that stores a program and data in advance, a RAM that is used to store data when the program is executed, and may include a non-volatile memory, for example.

  The wireless circuit 203 is a communication circuit connected to an antenna, for example, a communication circuit for performing wireless communication in the 920 MHz band in accordance with the IEEE 802.15.4g standard.

  The functional unit 204 is a circuit, mechanism, or the like for realizing the main functions of the device 200. If the device 200 is, for example, a lighting fixture, it is a light source, a lighting control circuit, or the like. A control circuit or the like.

  The CPU 205 performs processing such as control of the wireless circuit 203 and the functional unit 204 by executing a program stored in the memory 202.

  The other devices 200x and 200y configuring the communication system together with the device 200 have the same configuration as the device 200, but the function unit 204 is a circuit, a mechanism, or the like according to the main function of each device.

  As shown in FIG. 2, the smart meter 300 includes a power supply unit 301, a power measurement unit 302, a CPU 303, a memory 304, a wireless circuit 305, and a CPU 306.

  The power supply unit 301 is a power supply circuit that converts power supplied from a power system through a power supply line into power necessary for each unit.

  The power measuring unit 302 is a circuit (electronic watt hour meter) that measures the amount of power used from the power system to the customer's facility through the power line.

  The CPU 303 executes a program stored in the memory 304 to cause the power measuring unit 302 to sequentially measure the amount of power used, and performs processing to acquire the measurement result and store it in the memory 304.

  The memory 304 is a ROM that stores a program and data in advance, a RAM that is used to store data when the program is executed, and may include a non-volatile memory, for example.

  The wireless circuit 305 is a communication circuit connected to an antenna, for example, a communication circuit for performing wireless communication in the 920 MHz band in accordance with the IEEE 802.15.4g standard.

  The CPU 306 performs processing such as control of the wireless circuit 305 by executing a program stored in the memory 304.

  FIG. 3 is a functional block diagram showing main components in terms of functions of the control device 100, the device 200, and the smart meter 300 having the above-described hardware configuration. Note that the control device 100 and the device 200 are components of the communication system 10 (HEMS or the like).

  As shown in FIG. 3, the control device 100 includes a reception unit 110 and a communication control unit 120 in terms of functions.

  The accepting unit 110 is realized by an input unit such as a keyboard, and has a function of accepting input of B route authentication information from a consumer, that is, a user, and transmitting the information to the communication control unit 120. The B-root authentication information is information including a B-root authentication ID and a password for identifying a user in an electric power company or the like when the user uses the B-route for the smart meter 300. The B route authentication ID and the B route authentication information are managed by an electric power company or the like, and are used to authenticate devices that access the smart meter 300. Note that the B root authentication information may be only a part (eight digits) of a 32-digit hexadecimal B-root authentication ID as long as it is information including at least a part of the B-root authentication ID. In order to use the measurement result of the power consumption in the communication system 10 of the customer, the user receives a document (postcard or the like) describing the information for B route authentication from, for example, an electric power company where the smart meter 300 is installed, The B root authentication information is input to the control device 100.

  The receiving unit 110 receives and receives data input and transmitted from a smartphone, tablet, PC (Personal Computer), or the like as another device (device 200 or the like) instead of an input unit such as a keyboard. It may also be one that accepts an input from a PC or the like directly connected to the control device 100 by wire.

  The communication control unit 120 includes an authentication request unit 121, an authentication unit 122, a transmission unit 123, a reception unit 124, and a recording unit 125.

  The authentication request unit 121 is realized by the CPU 105 and the wireless circuit 103 that execute the program, and has a function of requesting the smart meter 300 to perform authentication by wireless communication using the B route authentication information transmitted from the reception unit 110. . This authentication is a prerequisite for data exchange on the B route, and if authentication is successful, keys necessary for data encryption processing and data decryption processing are exchanged so that data can be exchanged appropriately. By exchanging keys, for example, a secret key (common key) in a secret key cryptosystem can be shared. However, any encryption method may be used for encryption processing and decryption processing.

  The authentication unit 122 is realized by the CPU 105 and the wireless circuit 103 that execute a program, and has a function of authenticating a device when an authentication request is received from a device added to the communication system 10 (HEMS or the like). This authentication is a premise of network access, that is, data exchange in the communication system 10, and if authentication is successful, the key necessary for data encryption processing and data decryption processing is exchanged. Data can be exchanged properly between the two. Device authentication information used for device authentication in the communication system 10 is set in the control device 100 and the device 200 in advance. This setting is made through user input, operation, and the like. For example, the device authentication information stored in advance by the control device 100 is displayed as a QR code (registered trademark) printed on a paper or the like affixed to the housing of the control device 100, and the device is photographed with the camera of the device. The device authentication information can be set by reading the QR code (registered trademark). If the device does not have a photographing unit such as a camera, the device authentication information may be set by the user inputting a numerical value printed on paper or the like in the control device 100 to the device. By the above-described device authentication, the device in the consumer 11a is prevented from accessing the network of the communication system 10 in the customer 11, and security is ensured. Information (such as an address) about the authenticated device is held in the communication control unit 120 and used as necessary.

  The transmission unit 123 is realized by the CPU 105 that executes the program and the wireless circuit 103, and has a function of transmitting the information for B route authentication transmitted from the reception unit 110 to the device.

  The receiving unit 124 is realized by the CPU 105 and the wireless circuit 103 that execute the program, and has a function of receiving success information indicating that the authentication by the smart meter is successful from the device.

  The recording unit 125 is realized by an area of the memory 102 and the CPU 105, and has a function of recording device information indicating the device in the memory 102 when the reception unit 124 receives success information from the device. This device information is referred to when it is necessary to exchange data with the smart meter 300 in the control device 100, and the control device 100 controls the device indicated by the device information, for example, to determine the power usage amount in the smart meter 300. Get measurement results.

  As shown in FIG. 3, the device 200 includes a storage unit 210, a communication control unit 220, and a function unit 230 in terms of functions.

  The storage unit 210 is realized by one area of the memory 202 and has a function of storing unique information unique to the device 200. This unique information is, for example, the MAC (Media Access Control) address of the device 200.

  The communication control unit 220 includes an authentication request unit 221, a reception unit 222, a detection unit 223, an authentication request unit 224, and a transmission unit 225.

  The authentication request unit 221 is realized by the CPU 205 and the wireless circuit 203 that execute the program, and has a function of requesting the control device 100 to perform authentication by wireless communication using preset device authentication information. This authentication is a prerequisite for data exchange in the network (such as HAN) of the communication system 10. If the authentication by the control device 100 is successful, keys necessary for data encryption processing and decryption processing are exchanged, and the device 200 can exchange data with the control device 100 appropriately.

  The receiving unit 222 is realized by the CPU 205 and the wireless circuit 203 that execute a program, and has a function of receiving information from the control device 100. Information to be received includes information for B route authentication, a success notification indicating that the authentication by the smart meter 300 has been successful, and the like.

  The detection unit 223 is realized by the CPU 205 and the wireless circuit 203 that execute the program, and has a function of detecting that the control device 100 performs wireless transmission requesting authentication from the smart meter 300 by receiving a predetermined electromagnetic wave. . The detection unit 223 further indicates that when the control device 100 performs wireless transmission for requesting authentication, the smart meter 300 has not performed wireless transmission for responding to the request. It has a function to detect when no is done. The predetermined electromagnetic wave is, for example, an electromagnetic wave transmitted in the 920 MHz band according to IEEE 802.15.4g.

  The authentication request unit 224 is realized by the CPU 205 and the wireless circuit 203 that execute a program. The authentication request unit 224 authenticates the smart meter 300 on behalf of the control device 100 when the detection unit 223 detects that the control device 100 requests authentication but the smart meter 300 does not wirelessly transmit a response. It has a function to request. This request for authentication is made by wireless transmission to the smart meter 300 using the information for B route authentication received by the receiving unit 222.

  The transmission unit 225 is realized by the CPU 205 and the wireless circuit 203 that execute the program. When the authentication by the smart meter 300 is successful based on the wireless transmission by the authentication request unit 224, the transmission unit 225 indicates success information indicating the success to the control device 100. It has a function to transmit.

  The function unit 230 is responsible for the main function of the device 200. If the device 200 is a tablet, the function unit 230 acquires the measurement result from the smart meter 300 via, for example, the communication control unit 220, and displays the measurement result on the display according to a user operation or the like. Has the function of The functional unit 230 is realized by the functional unit 204, the CPU 205, and the like.

  As shown in FIG. 3, the smart meter 300 includes a measurement unit 310 and a communication control unit 320 in terms of functions.

  The measurement unit 310 is realized by the power measurement unit 302 and the CPU 303, and has a function of sequentially measuring the amount of power used by a consumer.

  The communication control unit 320 is realized by the wireless circuit 305 and the CPU 306 and includes an authentication unit 321. The communication control unit 320 has a function of performing wireless transmission by performing an encryption process using a predetermined key on the measurement result of the power consumption measured by the measurement unit 310. Since devices (such as the control device 100 and the device 200) that have been successfully authenticated by the authentication unit 321 are given a key for decryption during authentication, the transmitted measurement results can be used appropriately.

  The authentication unit 321 verifies whether or not the B-root authentication information received from the devices when the authentication request is received from the devices (the control device 100, the device 200, etc.) is valid. If it is, it has a function to handle that authentication is successful. Note that, in order to verify whether the B-root authentication information received from the devices is valid, the authentication unit 321 uses, for example, verification information set in advance in the smart meter 300. Or the authentication part 321 is good also as requesting verification to the authentication server in the management apparatus 40 which has the information for verification previously via A route | root, and obtaining the result. The authentication unit 321 exchanges keys necessary for data encryption processing and decryption processing for devices that have been successfully authenticated.

  The smart meter 300 has a function of transmitting the measurement result of the power consumption to the management device 40 via the A route, and control of the power supply line to the consumer under the control of the management device 40 (connection and disconnection). And the like.

  A protocol stack (protocol group) used for communication (data transmission / reception) by the control device 100, the device 200, and the smart meter 300 having the above-described configuration is, for example, as illustrated in FIG. 4 when the communication system 10 is HEMS.

  That is, for example, the physical layer is IEEE 802.15.4g, the MAC layer in the data link layer is IEEE 802.15.4, the adaptation layer (part of the network layer) is 6LoWPAN (IPv6 over Low power Wireless Personal Area Networks), and the network layer is IPv6 (Internet Protocol version 6), the transport layer is UDP (User Datagram Protocol), and the application layer is ECHONET Lite (registered trademark) and PANA (Protocol for carrying Authentication for Network Access). PANA is an authentication protocol (network access authentication protocol) for sending and receiving EAP (Extensible Authentication Protocol) messages over UDP / IP, standardized as RFC 5191 by IETF (Internet Engineering Task Force). EAP is an authentication protocol corresponding to various authentication methods (for example, authentication by password, authentication by certificate, etc.). When the communication system 10 is not HEMS, for example, in the case of BEMS (Building Energy Management System), FEMS (Factory Energy Management System), etc., ECHONET Lite (registered trademark) of the application layer is changed to another protocol suitable for the system. May be.

  In the communication system 10, the authentication protocol used for the control device 100 to receive authentication from the smart meter 300 is PANA, and PANA is also used as the authentication protocol for the device 200 to receive authentication from the control device 100 in accordance with this. ing. Note that the authentication protocol used for the device 200 to receive authentication from the smart meter 300 instead of the control device 100 is also PANA. For this reason, the device 200 has an authentication module that uses PANA in order to receive authentication from the control device 100, and this can also be used when receiving authentication from the smart meter 300. It should be noted that the content of the device authentication information transmitted by the device 200 for receiving authentication from the control device 100 is different from the content of the B root authentication information transmitted for receiving authentication from the smart meter 300, but authentication is performed from both. The authentication protocol used for receiving is common. Thus, by using the same authentication protocol (referred to as a specific authentication protocol) for device authentication and B route authentication in the communication system 10, the size of the authentication module (including the required memory size) required for authentication. Is suppressed.

(Operation)
Hereinafter, an operation related to authentication of the control device 100 in the communication system 10 having the above-described configuration will be described with reference to FIG.

  FIG. 5 is a flowchart showing the operation of the control device 100. In the figure, for the sake of convenience, some operations related to abnormality processing are omitted.

  The control device 100 sets device authentication information (device authentication information setting) (step S11). This is based on, for example, input of device authentication information to the control device 100 by the user. Further, the device authentication information may be stored in advance in a nonvolatile memory or the like. The device authentication information may be information that can be used to verify the device authentication information acquired from the device when the device makes an authentication request.

  When the device 200 joins the communication system 10, the authentication unit 122 of the control device 100 receives a device authentication request (that is, receives device authentication information) according to a specific authentication protocol (step S12). Then, the authentication unit 122 treats that the device 200 has been successfully authenticated by comparing the received device authentication information with the device authentication information set in step S11. Exchange is performed (step S13). After this key exchange, encrypted data can be exchanged between the control device 100 and the device 200 in the communication system 10. Therefore, if the communication system 10 is HEMS, the control apparatus 100 which is a HEMS controller will control the apparatus 200 which is a HEMS apparatus, etc. through HAN. Note that the control device 100 encrypts data exchange with the authenticated device. Therefore, the control device 100 can secure the security and exchange the ECHONET Lite frame with the device 200 to control, for example, monitor the state of the device 200. The control device 100 is a controller class device object in ECHONET Lite (registered trademark), for example. Even when a device other than the device 200 (device 200x, device 200y, etc.) joins the communication system 10, the operations in steps S11 to S13 are executed for authentication of the device.

  While the communication system 10 is in operation, for example, the reception unit 110 of the control device 100 in the consumer 11 uses the B route authentication information input by the user after the smart meter 300 is installed in the consumer 11. Accept (step S14).

  Subsequently, the transmission unit 123 broadcasts (transmits) the B-root authentication information received by the reception unit 110 to each device (authenticated device such as the device 200) included in the communication system 10 (step). S15). Note that the information for B-root authentication is transmitted in a state in which security is ensured for a device that has been device-authenticated.

  Further, the authentication request unit 121 of the control device 100 authenticates the smart meter 300 according to the specific authentication protocol by transmitting the B route authentication information received by the receiving unit 110 to the smart meter 300 installed in the consumer 11. A request is made (step S16).

  If the authentication request unit 121 obtains a key by performing a response in response to the authentication request and performing key exchange (step S17), a notification that the smart meter 300 has been successfully authenticated is sent to each device. Broadcast (transmit) (step S19). When success information indicating successful authentication by the smart meter 300 is received from any device when no response is made in response to the authentication request and the key is not acquired (step S18), a success notification is sent to each device. Broadcast (transmit) to the device (step S19). This success information is received when any device in the communication system 10 communicates with the smart meter 300 instead of the control device 100 and succeeds in authentication. Further, by transmitting the success notification, it is possible to notify each device that each device does not need to request authentication from the smart meter 300 thereafter. When success information is received from the device by the receiving unit 124 in step S18, the recording unit 125 records device information indicating the device in the memory 102.

  Even when any device of the communication system 10 by the smart meter 300 is authenticated, if a condition for executing re-authentication (e.g., elapse of a predetermined period of time) is satisfied (step S20), authentication is performed. The request unit 121 makes an authentication request (step S16).

  Next, operations related to authentication of the device 200 in the communication system 10 will be described with reference to FIG.

  FIG. 6 is a flowchart showing the operation of the device 200. In the figure, for the sake of convenience, some operations related to abnormality processing are omitted. Note that the other devices 200x, 200y, etc. in the communication system 10 also perform the operations shown in FIG.

  The device 200 performs device authentication information setting (step S31). For example, as described above, the QR code (registered trademark) printed on the paper or the like attached to the casing of the control device 100 is photographed by the device 200, or the numerical value printed by the control device 100 is displayed by the user. This is done by inputting to 200. As a result, the device authentication information is stored in the nonvolatile memory of the device 200 or the like.

  Next, the authentication request unit 221 of the device 200 makes an authentication request by transmitting device authentication information to the control device 100 in accordance with the specific authentication protocol (step S32). Thereafter, the communication control unit 220 acquires a key by performing authentication and key exchange by the control device 100 (step S33). By acquiring this key, the device 200 can exchange encrypted data with the control device 100. Accordingly, security is ensured, and the ECHONET Lite frame is exchanged with the control device 100, for example, acquisition of information collected by the control device 100 (for example, measurement results of power usage acquired from the smart meter 300), etc. Will be able to.

  Thereafter, when the receiving unit 222 of the device 200 receives the B route authentication information from the control device 100 (step S34), the received B route authentication information is held in the memory 202 or the like.

  Subsequently, under a certain condition (steps S35 to S38), the authentication request unit 224 sends an authentication request in accordance with a specific authentication protocol by transmitting B route authentication information to the smart meter 300 instead of the control device 100 ( Step S39). That is, when the detection unit 223 detects that the control device 100 has performed wireless transmission requesting authentication to the smart meter 300, but has not performed wireless transmission in which the smart meter 300 responds within a predetermined time (step) In S35 to step S37), unless the reception unit 222 receives a success notification from the control device 100 (step S38), the authentication request unit 224 makes an authentication request (step S39).

  For example, when the control device 100 exists outside the range where the smart meter 300 can perform wireless communication, the smart meter 300 does not receive an authentication request from the control device 100 and does not respond. In this case, the detection unit of the device 200 can detect that the authentication request is sent from the control device 100 to the smart meter 300, but does not detect a response from the smart meter 300. When the device 200 is within the wireless communication range of the smart meter 300, the device 200 can receive authentication from the smart meter 300 instead of the control device 100.

  Note that the timing at which the authentication request is made in step S39 is after the elapse of the standby time calculated by a predetermined calculation in accordance with the unique information stored in the storage unit 210. This has an effect of suppressing each device from simultaneously making an authentication request to the smart meter 300 when there are a plurality of devices authenticated by the control device 100 in the communication system 10. By making use of the fact that the unique information of each device is different from each other, the waiting time calculated for each device is different (for example, by shifting about several seconds for each device), so that the timing of the authentication request of each device is the same. do not do. Since the device 200 confirms the success notification in step S38, if another device has already been authenticated by the smart meter 300, the authentication request is not made redundantly. In addition, when the control device 100 exists within the wireless communicable range of the smart meter 300 and the device 200 does not exist within the range, the device 200 also notifies the success when the control device 100 is authenticated. Do not make duplicate authentication requests by confirmation.

  When the smart meter 300 authenticates the authentication request from the device 200 and the key is exchanged, the authentication request unit 224 acquires the key (step S40), and the transmission unit 225 indicates that the authentication is successful. The success information shown is transmitted to the control device 100 (step S41). By using the key acquired in step S40, the communication system 10 can ensure security with the smart meter 300 and exchange data appropriately. The transmission unit 225 may transmit the key acquired in step S40 to the control device 100. The success information may include the acquired key.

  Next, the flow of processing related to authentication in the control device 100, the device 200, and the smart meter 300 installed in the consumer 11 will be described focusing on the communication sequence.

  FIG. 7 illustrates processing procedures such as communication processing in the control device 100, the device 200, and the smart meter 300 so as to proceed from top to bottom. The processing procedure in FIG. 7 is based on the assumption that the control device 100 and the smart meter 300 are located within a range in which wireless communication can be performed with each other (distance that is close to some extent).

  First, control device 100 sets device authentication information (sequence SEQ1). In addition, the device 200 sets device authentication information (sequence SEQ1a). The device authentication information is set by user intervention, and the setting is a condition for the control device 100 and the device 200 to belong to the same communication system 10 (for example, HEMS) and to communicate with each other. .

  Subsequently, the device 200 sends an authentication request to the control device 100 by transmitting device authentication information set in the device according to the specific authentication protocol (sequence SEQ2). In response to this authentication request, the control device 100 makes an authentication response (sequence SEQ3), and exchanges keys necessary for encryption processing and decryption processing of data communicated between the control device 100 and the device 200 (sequence). SEQ4). Thereafter, the control device 100 and the device 200 are connected to the network, and data other than the authentication request can be transmitted and received mutually.

  In order to enable communication on the B route of the smart meter 300, the user inputs B route authentication information to the control device 100, and the B route authentication information is set in the control device 100 (sequence SEQ5). Control device 100 broadcasts (transmits) the input B-root authentication information to each device of communication system 10 including device 200 (sequence SEQ6).

  Subsequently, control device 100 sends an authentication request to smart meter 300 by transmitting information for B-root authentication (sequence SEQ7). In response to the authentication request, the smart meter 300 makes an authentication response (sequence SEQ8), and exchanges keys necessary for encryption processing and decryption processing of data communicated between the smart meter 300 and the control apparatus 100 ( Sequence SEQ9). Thereafter, route B of smart meter 300 is opened, and the measurement result (measurement result information) of the power consumption is transmitted from smart meter 300 to control device 100 (sequence SEQ10). As a result, the measurement result of the power consumption can be used in the communication system 10, and for example, the power usage can be displayed by a device including a display in the communication system 10.

  Next, a processing procedure in the control device 100, the device 200, and the smart meter 300 when the control device 100 and the smart meter 300 are located outside the range in which wireless communication can be performed with each other (a distance some distance away) will be described.

  FIG. 8 is a diagram illustrating a processing procedure in the control device 100, the device 200, and the smart meter 300 when it is assumed that the control device 100 and the smart meter 300 are located outside the range where wireless communication is possible. is there.

  Also in FIG. 8, the sequences SEQ1 to SEQ6 are the same as those in FIG. However, when the control device 100 makes an authentication request to the smart meter 300 by transmitting the B root authentication information (SEQ7), the smart meter 300 does not respond because it cannot receive the authentication request. At this time, the device 200 authenticates to the smart meter 300 by transmitting the B route authentication information instead of the control device 100 by the functions of the detection unit 223 and the authentication request unit 224 (steps S35 to S39 in FIG. 6). A request is made (SEQ7a). This authentication request is made according to a specific authentication protocol. For this reason, the device 200 can use the same authentication module when receiving authentication by the control device 100 and when receiving authentication by the smart meter 300. Here, it is assumed that the device 200 is located within a range in which wireless communication with the smart meter 300 is possible (distance close to a certain extent). In this case, the smart meter 300 makes an authentication response to the authentication request (sequence SEQ8a), and keys necessary for encryption processing and decryption processing of data communicated between the smart meter 300 and the device 200 are exchanged. (Sequence SEQ9a). Thereafter, the B route of the smart meter 300 is opened. Subsequently, the device 200 transmits success information indicating the success of authentication to the control device 100 (SEQ9b). Accordingly, the control device 100 recognizes that the device 200 can communicate with the smart meter 300 and the measurement result of the power consumption can be used in the communication system 10. Thereafter, the measurement result (measurement result information) of the power consumption is transmitted from the smart meter to the device 200 (sequence SEQ10a), and the device 200 transfers the measurement result information to the control device 100 (sequence SEQ11). As a result, the control device 100 can collect the measurement result of the power consumption, and can provide the collected measurement result when, for example, the measurement result is requested for display from a device having a display in the communication system 10. become.

(Embodiment 2)
Hereinafter, a communication system 10a obtained by partially modifying the communication system 10 shown in the first embodiment will be described.

(Constitution)
The communication system 10a (for example, HEMS) is comprised from the control apparatus installed in the consumer 11, and one or more apparatuses. Here, it demonstrates paying attention to B route | root between the smart meters 300 installed in the same consumer 11 as the communication system 10a.

  FIG. 9 is a functional block diagram showing main components in terms of functions of the communication system 10a and the smart meter 300. The smart meter 300 is the same as that shown in the first embodiment. The configurations (hardware configurations) of the control device 100a and the device 200a are the same as the configurations of the control device 100 and the device 200 shown in FIG. In addition, the same code | symbol is attached | subjected about the same component as the component of the communication system 10 among the components of the communication system 10a, and description is abbreviate | omitted.

  In the communication system 10 according to the first embodiment, when the control device 100 is outside the communicable range of the smart meter 300 and cannot be authenticated, the device 200 detects that fact and actively substitutes for the control device 100. Then, an authentication request to the smart meter 300 is made. On the other hand, in the communication system 10a, when the control device 100a is outside the communicable range of the smart meter 300, the control device 100a selects one of the devices to make an authentication request to the smart meter 300. It has the characteristics.

  As shown in FIG. 9, the control device 100a includes a receiving unit 110 and a communication control unit 120a in terms of functions.

  The communication control unit 120a includes an authentication request unit 121, an authentication unit 122, a transmission unit 123a, a reception unit 124, a recording unit 125, and a selection unit 127. The communication control unit 120a is the same as the communication control unit 120 in points that are not particularly described.

  The transmission unit 123a is realized by the CPU 105 that executes the program and the wireless circuit 103, and has a function of transmitting an alternative authentication instruction to the device selected by the selection unit 127. The alternative authentication instruction is a predetermined instruction indicating that an authentication request should be made to the smart meter 300 instead of the control device 100a. The alternative authentication instruction includes B root authentication information. The transmission unit 123a may broadcast (transmit) the B-root authentication information to each device, and the alternative authentication instruction may not include the B-root authentication information.

  The selection unit 127 is realized by the CPU 105 that executes the program, and has a function of selecting one device that should make an authentication request to the smart meter 300 instead of the control device 100a based on the information of each authenticated device. Have. If device information has already been recorded by the recording unit 125 and the re-authentication needs to be performed, the selection unit 127 should make an authentication request to the smart meter 300 for the device indicated by the device information. It is good also as selecting as priority. When the device selected by the selection unit 127 cannot be authenticated because it cannot wirelessly communicate with the smart meter 300, the selection unit 127 newly selects another device.

  As shown in FIG. 9, the device 200a includes a storage unit 210, a communication control unit 220a, and a functional unit 230 in terms of functions.

  The communication control unit 220a includes an authentication request unit 221, a reception unit 222, an authentication request unit 224a, and a transmission unit 225. Unlike the communication control unit 220, the communication control unit 220a does not include the detection unit 223. The communication control unit 220a is the same as the communication control unit 220 for points that are not particularly described.

  Information received by the receiving unit 222 from the control device 100 is B route authentication information, a predetermined instruction (an instruction to make an authentication request), and the like.

  The authentication request unit 224a is realized by the CPU 205 and the wireless circuit 203 that execute a program. The authentication request unit 224 a has a function of requesting the smart meter 300 for authentication in place of the control device 100 when a predetermined instruction is received by the receiving unit 222. This request for authentication is made by wireless transmission to the smart meter 300 using the information for B route authentication received by the receiving unit 222. Note that the authentication unit 321 of the smart meter 300 determines whether the B-root authentication information received from the devices when the authentication request is received from the devices (the control device 100a, the device 200a, etc.) is valid. If it is verified and valid, it has a function to handle that authentication is successful.

(Operation)
Hereinafter, an operation related to authentication of the control device 100a in the communication system 10a having the above-described configuration will be described with reference to FIG.

  FIG. 10 is a flowchart showing the operation of the control device 100a. In the figure, for the sake of convenience, some operations related to abnormality processing are omitted.

  The control device 100a performs device authentication information setting (step S51). When the device 200a joins the communication system 10a, the authentication unit 122 of the control device 100a receives a device authentication request (that is, receives device authentication information) according to the specific authentication protocol (step S52). Then, the authentication unit 122 treats that the device authentication is successful when the received device authentication information matches the device authentication information set in step S51, and the authentication unit 122 determines that the authentication is successful. Exchange is performed (step S53). After this key exchange, encrypted data can be exchanged between the control device 100a and the device 200a in the communication system 10a. Therefore, if the communication system 10a is HEMS, the control device 100a, which is a HEMS controller, controls the device 200a, which is a HEMS device, through the HAN. The control device 100a encrypts data exchange with the authenticated device. Therefore, the control device 100a can secure the security and exchange the ECHONET Lite frame with the device 200a, for example, to control the device 200 and monitor the status. The operation in steps S51 to S53 of the control device 100a is the same as the operation in steps S11 to S13 of the control device 100 described in the first embodiment. Even when another device joins the communication system 10a, the operations in steps S51 to S53 are executed to authenticate the device.

  While the communication system 10a is in operation, for example, the reception unit 110 of the control device 100a in the consumer 11 uses the B-root authentication information input by the user after the smart meter 300 is installed in the consumer 11. Accept (step S54).

  Subsequently, the authentication request unit 121 of the control device 100a transmits the B route authentication information received by the receiving unit 110 to the smart meter 300 installed in the consumer 11, thereby allowing the smart meter 300 to follow the specific authentication protocol. An authentication request is made (step S55).

  When the response is made in response to the authentication request and the key exchange is performed, when the authentication request unit 121 acquires the key (step S56), the B route is opened. That is, the control device 100a can perform data transmission / reception by performing encryption processing and decryption processing with the smart meter 300 using the acquired key.

  If the authentication request unit 121 does not acquire a key due to the presence of the control device 100a outside the communicable range of the smart meter 300 (step S56), the selection unit 127 has an unselected selectable device. In such a case (step S57), one device is selected. That is, when the control device 100a fails to authenticate with the smart meter 300, the selection unit 127 selects one device that should make an authentication request instead of the control device 100a. For this selection, for example, the control device 100a receives an electromagnetic wave from each device authenticated by the authentication unit 122, and the measurement result of the received electric field strength, that is, the measurement result of the received signal strength indicator (RSSI) indicating the strength of the received signal. May be used. That is, since it can be estimated that a device with a smaller RSSI is farther from the control device 100a, a device with a relatively small RSSI that can bring about a different result from the control device 100a in relation to the smart meter 300 is preferentially selected. May be. When device information is recorded in the recording unit 125 when re-authentication is necessary, the device indicated by the device information is preferentially selected. Then, the transmission unit 123a transmits an alternative authentication instruction (a predetermined instruction including information for B route authentication) to the device selected by the selection unit 127 (step S58).

  Thereafter, when the receiving unit 124 receives success information from the device (step S59), the recording unit 125 records device information indicating the device that transmitted the success information (step S60).

  When the device that has transmitted the alternative authentication instruction fails in the authentication, the selection unit 127 newly selects one unselected device as long as there are still unselected devices (step S57), and the transmission unit 123a. Transmits an alternative authentication instruction to the device (step S58). The case where the authentication has failed is a case where the receiving unit 124 has not received success information from the device in step S59 within a predetermined time after the transmitting unit 123a transmits the alternative authentication instruction in step S58. .

  If any device in the communication system 10a is installed within the communicable range of the smart meter 300, the control device 100a receives success information from any device (step S59). When any device of the communication system 10 is authenticated by the smart meter 300, if a condition for executing re-authentication (e.g., elapse of a predetermined period of time) is satisfied (step S61), the control device 100a Returning to step S55, processing for authentication is performed.

  Next, operations related to authentication of the device 200a in the communication system 10a will be described with reference to FIG.

  FIG. 11 is a flowchart showing the operation of the device 200a. In the figure, for the sake of convenience, some operations related to abnormality processing are omitted. Note that other devices in the communication system 10a also perform the operation shown in FIG.

  The device 200a performs device authentication information setting (step S71). The authentication request unit 221 of the device 200a makes an authentication request by transmitting device authentication information to the control device 100a according to the specific authentication protocol (step S72). Thereafter, the communication control unit 220a acquires a key by performing authentication and key exchange by the control device 100a (step S33). By acquiring this key, the device 200a can exchange encrypted data with the control device 100a. Accordingly, security is ensured, and an ECHONET Lite frame is exchanged with the control device 100a, for example, acquisition of information collected by the control device 100a (for example, measurement results of power usage acquired from the smart meter 300), etc. Will be able to. The operation in steps S71 to S73 of the device 200a is the same as the operation in steps S31 to S33 of the device 200 described in the first embodiment.

  Thereafter, when the receiving unit 222 of the device 200a receives an alternative authentication instruction (a predetermined instruction including information for B route authentication) from the control device 100a (step S74), the received B route authentication information is stored in the memory 202. Etc.

  Subsequently, the authentication request unit 224a makes an authentication request according to the specific authentication protocol by transmitting the B route authentication information to the smart meter 300 instead of the control device 100a (step S75).

  When the smart meter 300 authenticates and the key exchange is performed in response to the authentication request from the device 200a, the authentication request unit 224a acquires the key (step S76), and the transmission unit 225 indicates that the authentication is successful. The success information shown is transmitted to the control device 100a (step S77). In addition, by using the key acquired in step S77, the communication system 10a can ensure security with the smart meter 300 and appropriately exchange data. Note that the transmission unit 225 may transmit the key acquired in step S77 to the control device 100a.

  Next, the flow of processing related to authentication in the control device 100a, the device 200a, and the smart meter 300 installed in the consumer 11 will be described focusing on a communication sequence.

  FIG. 12 illustrates a processing procedure such as communication processing in the control device 100a, the device 200a, and the smart meter 300 so as to proceed from top to bottom. Note that the processing procedure in FIG. 12 is based on the assumption that the control device 100a and the smart meter 300 are located outside the range in which wireless communication is possible with each other (such as a certain distance). In addition, it is assumed that the device 200a is located within a range in which wireless communication with the smart meter 300 is possible (a distance close to a certain extent). Among the processing procedures, the same reference numerals are assigned to the same contents as those shown in FIG.

  First, the control device 100a sets device authentication information (sequence SEQ1). Further, the device 200a sets device authentication information (sequence SEQ1a). The device authentication information is set by user intervention, and the setting is a condition for the control device 100a and the device 200a to belong to the same communication system 10 (for example, HEMS) and to communicate with each other. .

  Subsequently, the device 200a sends an authentication request to the control device 100a by transmitting device authentication information set in the device according to the specific authentication protocol (sequence SEQ2). In response to this authentication request, the control device 100a makes an authentication response (sequence SEQ3), and exchanges keys necessary for encryption processing and decryption processing of data communicated between the control device 100a and the device 200a (sequence). SEQ4). Thereafter, the control device 100 and the device 200 are connected to the network, and data other than the authentication request can be transmitted and received mutually.

  In order to enable communication on the B route of smart meter 300, the user inputs information for B route authentication to control device 100a, and B route authentication information is set in control device 100a (sequence SEQ5).

  Subsequently, control device 100 sends an authentication request to smart meter 300 by transmitting information for B-root authentication (sequence SEQ7). Smart meter 300 does not respond because it cannot receive this authentication request. At this time, control device 100a selects a device (sequence SEQ71). Here, it is assumed that the device 200a is selected. Then, transmitting unit 123a of control device 100a transmits an alternative authentication instruction (predetermined instruction including B root authentication information) to device 200a (sequence SEQ72).

  Upon receiving this alternative authentication instruction, the device 200a makes an authentication request to the smart meter 300 by transmitting B root authentication information instead of the control device 100 (SEQ7a). This authentication request is made according to a specific authentication protocol. For this reason, in the apparatus 200a, it is possible to use the same authentication module when receiving authentication by the control device 100a and when receiving authentication by the smart meter 300. In response to the authentication request, the smart meter 300 makes an authentication response (sequence SEQ8a), and a key necessary for encryption and decryption processing of data communicated between the smart meter 300 and the device 200a is exchanged (sequence SEQ9a). ). Thereafter, the B route of the smart meter 300 is opened. Subsequently, the device 200a transmits success information indicating the success of authentication to the control device 100a (SEQ9b). Accordingly, the control device 100a recognizes that the device 200a can communicate with the smart meter 300 and the measurement result of the power consumption can be used in the communication system 10. Then, device information indicating the device 200a is recorded by the recording unit 125 (SEQ9c). Thereafter, the power consumption measurement result (measurement result information) is transmitted from the smart meter to the device 200a (sequence SEQ10a), and the device 200a transfers the measurement result information to the control device 100a (sequence SEQ11). As a result, the control device 100a can collect the measurement result of the power consumption, and can provide the collected measurement result when, for example, the measurement result is requested for display from a device having a display in the communication system 10. become.

(Other embodiments, etc.)
As mentioned above, although the communication system 10 and the communication system 10a were demonstrated by Embodiment 1 and 2, the embodiment mentioned above is only an example, and it cannot be overemphasized that various changes, addition, omission, etc. are possible.

  The smart meter 300 shown in the above-described embodiment is configured to measure the amount of power used, but may have a function of measuring the amount of energy used such as gas and water other than electricity. Similarly, the electric power company 41 may be a company that supplies or manages resources such as gas and water. In addition, the measurement result of the amount of energy used may be transmitted and received on the B route between the smart meter 300 and the communication system 10 or the communication system 10a, and other data may be transmitted and received.

  Further, the device 200 shown in the first embodiment confirms whether or not a success notification has been received from the control device 100 before making an authentication request to the smart meter 300 (step S38). An inquiry may be made to confirm whether an authentication request is required. Further, although there is a possibility that the authentication processing based on the authentication request from the device 200 may be performed redundantly, it is possible to confirm that the success notification has not been received from the control device 100.

  In the first embodiment, the waiting time for delaying the timing at which the device 200 makes an authentication request is calculated by a predetermined calculation according to the specific information, and the specific information is, for example, a MAC (Media Access Control) address. did. However, the unique information may be a random number, and the waiting time may be determined by the random number.

  The control device 100a shown in the second embodiment obtains a response from the smart meter 300 when making an authentication request to the smart meter 300 by wireless communication, but the received electric field strength (RSSI value) of the response is a predetermined reference (threshold value). ) The authentication request may be made by selecting a device even if it is lower. This predetermined reference (threshold value) is, for example, minus 100 dBm. This can be expected to improve communication reliability. Note that the control device 100a may cause the device to substitute the authentication procedure only when the received electric field strength from the smart meter 300 in the selected device is higher than a predetermined reference.

  In the above-described embodiment, the smart meter 300 indicates that PANA is used as an authentication protocol for the B route. However, other authentication protocols may be used. Furthermore, a communication protocol other than that shown in FIG. 4 may be used in the communication system 10 and the communication system 10a and in the B route. However, the B route authentication protocol used by the smart meter 300 and the authentication protocol used by the control device to authenticate the device in the communication system need to be the same. If the authentication protocol used by the smart meter 300 is the same as the authentication protocol for authenticating each device by the control device in the communication system, the authentication module can be shared by the devices.

  In the above-described embodiment, the communication system is described as being a HEMS installed in a house and connected by HAN, for example. However, the communication system is not limited to the HEMS, and may be any system such as a BEMS (Building Energy Management System) in a building or a FEMS (Factory Energy Management System) in a factory. Further, a plurality of control devices may exist in the communication system.

  In the above-described embodiment, each device has a memory for storing programs, data, and the like. However, in order to store programs, data, etc., it has a hard disk or other storage medium in addition to the memory. Also good.

  In addition, wireless communication is performed between the control device and the device in the communication system described above. However, some devices in the communication system 10 may communicate with the control device in a wired manner using, for example, a LAN (Local Area Network) cable, PLC (Power Line Communication), or the like.

  Further, the execution order of the processing procedures (the processing shown in FIGS. 5, 6, 10 and 11 etc.) in the above-described control device and device is not necessarily limited to the order shown in the above-described embodiment. However, the execution order can be changed or a part thereof can be omitted without departing from the scope of the invention. In addition, all or part of the processing procedures in the above-described control device and device may be realized by hardware of each device or may be realized by using software. The processing by software is realized by a CPU included in each device executing a control program stored in a memory. Further, the program may be recorded on a recording medium and distributed or distributed. For example, the distributed control program is installed in the devices and is executed by the CPUs of the devices, thereby causing the devices to perform various processes (the processes shown in FIGS. 5, 6, 10, and 11). It becomes possible.

  In addition, embodiments realized by arbitrarily combining the constituent elements and functions described in the above-described embodiments are also included in the scope of the present invention.

  Note that various general or specific aspects of the present invention include one or a plurality of combinations of an apparatus, a system, a method, an integrated circuit, a computer program, a computer-readable recording medium, and the like.

  Hereinafter, a communication system according to one embodiment of the present invention and the structure, modification, and effects of devices used in the communication system will be described.

  (1) A device according to an aspect of the present invention is a device (200, 200a) used in one facility together with a control device (100, 100a) that exchanges information with a device that has been successfully authenticated. An authentication request unit 221 that communicates with the control device (100, 100a) in accordance with a specific authentication protocol to request authentication from the control device (100, 100a), and measures the amount of energy used in the facility. An authentication request for performing wireless communication with the smart meter 300 according to the specific authentication protocol in order to request the smart meter 300 that transmits information based on the measurement result on the condition that the authentication is successful under a certain condition. Device (224, 224a). One facility can be indoors or outdoors.

  With this configuration, even when the control device (100, 100a) cannot communicate wirelessly with the smart meter 300, the authentication process with the smart meter 300 can be performed by the device (200, 200a). In addition, since the authentication process is performed by the device 200 or the like, it is more efficient than simply providing a repeater dedicated to wireless relay between the smart meter 300 and the control device 100 or the like. Furthermore, since the authentication procedure for the control device (100, 100a) and the authentication procedure for the smart meter 300 are the same, the configuration required for authentication in the device (200, 200a), that is, the size of the authentication module (the size of the required memory) Including) is suppressed.

  (2) The communication system which concerns on 1 aspect of this invention is a communication system (10, 10a) provided with the above-mentioned apparatus (200, 200a) and a control apparatus (100, 100a), Comprising: Control apparatus (100, 100a) ) Includes an authentication request unit 121 that performs wireless communication with the smart meter 300 according to the specific authentication protocol in order to request authentication from the smart meter 300. The authentication request unit (224, 224a) The communication system performs wireless communication with the smart meter 300 according to the specific authentication protocol when communication with the smart meter 300 by the request unit 121 fails.

  Accordingly, even when the control device (100, 100a) cannot wirelessly communicate with the smart meter 300 in the communication system (10, 10a), the authentication process with the smart meter 300 can be performed by the device (200, 200a).

  (3) For example, the authentication request unit 221 transmits the first authentication information (device authentication information) to the control device (100, 100a) according to the specific authentication protocol, and the authentication request unit 121 follows the specific authentication protocol. The second authentication information (B route authentication information) different from the first authentication information is transmitted to the smart meter 300, and the control device (100, 100a) transmits the specific authentication protocol from the device (200, 200a). When the authentication is requested by communication according to the authentication, the authentication unit 122 that authenticates the device (200, 200a) and the second authentication information are transmitted to the device (200, 200a) authenticated by the authentication unit 122. The authentication requesting units (224, 224a) communicate with the smart meter 300 by the authentication requesting unit 121. There if it fails, according to the specific authentication protocol, the second authentication information received from the control device (100, 100a) may be transmitted to the smart meter 300.

  Thereby, even if the authentication module used for the authentication procedure is made common, authentication between the device (200, 200a) and the control device (100, 100a) and between the device (200, 200a) and the smart meter 300 are performed. It is possible to ensure independence from authentication in

10, 10a Communication system 100, 100a Control device 121 Authentication request unit (third authentication request unit)
122 authentication unit 123, 123a transmission unit 200, 200a device 221 authentication request unit (first authentication request unit)
224, 224a Authentication request unit (second authentication request unit)
300 smart meter

Claims (3)

A device used in one facility together with a control device that exchanges information with a device that has been successfully authenticated,
A first authentication request unit that communicates with the control device according to a specific authentication protocol to request authentication from the control device;
In order to request authentication under a certain condition for a smart meter that measures the amount of energy used in the facility and transmits information based on the measurement result on the condition of successful authentication, the identification with the smart meter is performed. A device comprising: a second authentication request unit that performs wireless communication according to an authentication protocol. A communication system comprising the device according to claim 1 and the control device,
The control device includes a third authentication request unit that performs wireless communication with the smart meter in accordance with the specific authentication protocol in order to request authentication with respect to the smart meter.
The second authentication request unit performs wireless communication according to the specific authentication protocol with the smart meter when communication with the smart meter by the third authentication request unit fails. The first authentication request unit transmits first authentication information to the control device according to the specific authentication protocol,
The third authentication request unit transmits second authentication information different from the first authentication information to the smart meter according to the specific authentication protocol;
The controller is
An authentication unit that authenticates the device when authentication is requested from the device by communication according to the specific authentication protocol;
A transmission unit that transmits the second authentication information to the device authenticated by the authentication unit;
The second authentication request unit, when communication with the smart meter by the third authentication request unit has failed, in accordance with the specific authentication protocol, the second authentication information received from the control device The communication system according to claim 2, which is transmitted to the smart meter.

Images