JP2020014049A - Control system and control method - Google Patents

Abstract

To provide a control system capable of easily controlling a target device under a local network from outside the local network.SOLUTION: An IoT device 10 under a local network 50 transmits notification information to a server 30 via a NAT device 40. The server 30 receives the notification information via the NAT device 40. The server 30 acquires an external IP address and an external IP port number included in the transmission source information of the received notification information. The server 30 sets the obtained external IP address and external IP port number in a control instruction for controlling the IoT device 10 as destination information, and transmits the control instruction in which the destination information is set via the NAT device 40 to the IoT device 10. When the IoT device 10 receives the control instruction, the IoT device 10 is controlled according to the control instruction.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a control system and a control method for controlling a target device, and particularly to a control system and a control method for remotely controlling an IoT (Internet of Things) device.

  In recent years, a technology for controlling (remotely controlling) IoT devices via a network has been attracting attention. In such a technology, when an IoT device is directly connected to a global network such as the Internet, a control device such as a server sets a global IP (Internet Protocol) address of the IoT device as destination information of a control instruction and performs control. By transmitting the command to the IoT device, the IoT device can be controlled. However, when the IoT device is under the control of the local network, a control device provided outside the local network cannot set the destination information of the IoT device, so that there is a problem that the IoT device cannot be controlled. Although it is conceivable to assign a global IP address to each IoT device, this method is not practical because the required global IP address increases with the increase of IoT devices to be controlled.

  On the other hand, Patent Document 1 discloses that a CS line control device in a base station communication network provides a global IP to an IoT device only when data communication is required between a mobile terminal as a control device and the IoT device. A control system for acquiring an address is disclosed.

JP-A-2017-092759

  However, in the technology described in Patent Document 1, a new function is required for a communication relay device that is not directly related to the control of IoT devices, such as a CS line control device in a base station communication network, so that versatility is required. There is a problem that it is not easy to control IoT devices under the local network easily. In addition, since a new global IP address is required for data communication, there is also a problem that at least one global IP address needs to be secured.

  An object of the present invention is to provide a control system and a control method that can easily control target devices under the local network from outside the local network.

  The control system according to the present invention includes a target device under the local network and a control device outside the local network, wherein the target device and the control device are used by the internal IP address and the local network. A control system for performing communication via a network address translator for translating between an internal port number and an external IP address and an external IP port number used outside the local network, wherein the control device comprises: A communication unit that receives predetermined notification information via the network address translation device from a management unit that obtains an external IP address and an external IP port number included in the transmission source information of the notification information received by the communication unit; The control command for controlling the target device includes an external A transmission control unit configured to set an IP address and an external IP port number as destination information, and to transmit a control command in which the destination information is set to the target device via the network address translator; The device is a receiving unit that receives the control command from the control device via the network address translation device, and transmits the notification information to the control device via the network address translation device, and the reception unit receives the notification information. A control unit that controls the target device in accordance with the control command.

  The control method according to the present invention includes a target device under a local network, and a control device outside the local network, wherein the target device and the control device are used by the internal IP address and the local network. A control method for a control system that performs communication via a network address translation device that translates between an internal port number and an external IP address and an external IP port number used outside of the local network, wherein the target device includes: Transmitting predetermined notification information to the control device via the network address translating device, the control device receiving the notification information, and the control device determining a source of the received notification information. Obtain the external IP address and external IP port number included in the information And the control device sets the obtained external IP address and external IP port number as destination information in a control instruction for controlling the target device, and transmits the control instruction in which the destination information is set to the network address. Transmitting to the target device via a conversion device, the target device receiving the control command from the control device, and the target device controlling the target device according to the received control command And

  According to the present invention, target devices under the local network can be easily controlled from outside the local network.

It is a figure showing the control system of a 1st embodiment of the present invention. FIG. 1 is a block diagram illustrating a configuration of an IoT device according to a first embodiment of the present invention. FIG. 2 is a block diagram illustrating a configuration of the pointing device according to the first embodiment of the present invention. It is a block diagram showing composition of a server of a 1st embodiment of the present invention. It is a figure showing an example of device management information. It is a figure showing an example of operator management information. FIG. 5 is a sequence diagram for explaining an example of an address registration operation of the control system according to the first embodiment of the present invention. FIG. 3 is a sequence diagram for explaining an example of a control operation of the control system according to the first embodiment of the present invention. It is a sequence diagram for explaining an example of the control operation of the control system of the second embodiment of the present invention. It is a sequence diagram for explaining an example of the command operation of the control system of the third embodiment of the present invention. It is a sequence diagram for explaining an example of the control operation of the control system of the third embodiment of the present invention. It is a figure for explaining an example of adjustment operation of the control system of a 6th embodiment of the present invention. It is a figure for explaining other examples of adjustment operation of the control system of a 6th embodiment of the present invention.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the drawings, components having the same function are denoted by the same reference numerals, and description thereof may be omitted.

(First embodiment)
(Configuration of control system)
FIG. 1 is a diagram illustrating a control system according to a first embodiment of the present invention. As illustrated in FIG. 1, the control system 1 includes an IoT device 10, an instruction device 20, and a server 30. The IoT device 10 and the server 30 can be connected to each other via a NAT (Network Address Translation) device 40, a local network 50, and the Internet 60. The pointing device 20 and the server 30 can be connected to each other via the Internet 60. In this embodiment, the local network 50 is a network managed by a telecommunications carrier such as an ISP (Internet Service Provider). As a matter of course, any network from the IoT device 10 to the connection to the NAT device 40 may include a network other than the network managed by the telecommunications carrier. The local network 50 may be a LAN (Local Area Network) in a specific area, in a company, or at home. Further, the Internet 60 may include a network connected from the NAT device 40 to the Internet 60.

  The IoT device 10 is a target device that receives external control, and is under the control of the local network 50. Specifically, the IoT device 10 is, for example, an electric appliance such as a home appliance, a security device such as a monitoring camera, a sensor device such as a temperature sensor, or the like. In the present embodiment, the IoT device 10 is a device that is difficult to perform complicated operations due to restrictions due to interfaces such as a display unit and an operation unit, and a device that requires remote control such as a surveillance camera. Although only one IoT device 10 is shown in the figure, a plurality of IoT devices may be provided.

  The instruction device 20 and the server 30 constitute a control device that controls (remotely controls) the IoT device 10. The pointing device 20 and the server 30 are provided outside the local network 50. The pointing device 20 is a user device used by an operator (user) that controls the IoT device 10. The pointing device 20 is, for example, a PC (personal computer), a smartphone, a smart TV, a game machine, or the like. The server 30 is a management device that manages the IoT device 10 and the pointing device 20 and controls the IoT device 10 in cooperation with the pointing device 20.

  In the present embodiment, the NAT device 40 is, for example, a carrier grade NAT (Carrier Grade NAT) device managed by a telecommunications carrier such as an ISP. The NAT device 40 is an internal IP address used in the local network 50 (for example, if the NAT device 40 is a carrier grade NAT, it is a shared address (Shared Address). Alternatively, an address called a local IP address or a private IP address may be used. Good) and internal port numbers, and external IP addresses (for example, global IP addresses) and external port numbers used on the Internet 60. The function of the NAT device 40 is known. The NAT device 40 may be realized by one function provided in a router device such as a wireless LAN router or a firewall device.

  Specifically, when receiving a signal from a device under the local network 50, the NAT device 40 converts an internal IP address and an internal port number included in the transmission source information of the signal into an external IP address and an external port number. Then, a record in which the converted internal IP address and internal port number are associated with the converted external IP address and external port number is added to the NAT table and stored. Further, when the NAT device 40 receives a signal from a device outside the local network 50, the NAT device 40 compares the external IP address and the external port number included in the destination information of the signal with the external IP address and the external port number in the NAT table. It is converted into the associated internal IP address and internal port number.

  The local network 50 is, for example, an internal network such as an access network or a mobile network. The Internet 60 is a global external network.

(Configuration of IoT device)
FIG. 2 is a block diagram illustrating a configuration of the IoT device 10. The IoT device 10 includes a device storage unit 11, a device communication unit 12, and a control unit 13.

  The device storage unit 11 includes a terminal identification ID that is identification information for identifying the IoT device 10, notification destination information indicating a notification destination of notification information described later, an internal IP address and an internal port number assigned to the IoT device 10, and Is stored. The device storage unit 11 may further store terminal authentication information for authenticating the IoT device 10.

  The terminal identification ID may be assigned to the hardware of the IoT device 10 such as a product number, or may be registered in a MAC (Media Access Control) address or a SIM (Subscriber Identity Module) card (not shown). It may be used for communication such as a unique number. In addition, the terminal identification ID may be one uniquely introduced for the control system 1. The terminal authentication information is information for authenticating the IoT device 10 by the server 30, and is, for example, a secret key or a password.

  In the present embodiment, the notification destination information indicates the position of the server 30 on the Internet 60 as the notification destination of the notification information. The notification destination information is, for example, the IP address, host name, or URL (Uniform Resource Locator) of the server 30. When there are a plurality of IoT devices 10, the notification destination may be common to the plurality of IoT devices 10 or may be different for each IoT device 10.

  The device communication unit 12 communicates with the server 30 via the NAT device 40, the local network 50, and the Internet 60. For example, the device communication unit 12 functions as a receiving unit that receives a control command for controlling the IoT device 10 from the server 30.

  The control unit 13 controls the entire IoT device 10. For example, when the device communication unit 12 receives a control command, the control unit 13 controls the IoT device 10 according to the control command.

  Further, the control unit 13 transmits predetermined notification information to the server 30 which is a notification destination indicated in the notification destination information stored in the device storage unit 11. The notification information is information for notifying the position of the IoT device 10, and includes the terminal identification ID and the terminal authentication information stored in the device storage unit 11. In the present embodiment, the control unit 13 repeatedly transmits the notification information, and the transmission interval for transmitting the notification information is preset to a fixed value of, for example, about 1 minute to 5 minutes.

  The control unit 13 transmits the notification information to the server 30 via the NAT device 40, the local network 50, and the Internet 60. At this time, the transmission source information of the notification information includes the internal IP address and the internal port number stored in the device storage unit 11. The internal IP address and the internal port number included in the transmission source information are converted into the external IP address and the external port number by the NAT device 40 as described above. Then, the NAT device 40 associates the internal IP address and internal port number before conversion, the external IP address and external port number after conversion with each other, and adds them to the NAT table. Since the processing by the NAT device 40 is common to not only the notification information but also information (including signals and data) transmitted from the IoT device 10 to the server 30, the description thereof will be omitted below. There are cases.

(Configuration of pointing device 20)
FIG. 3 is a block diagram illustrating a configuration of the pointing device 20. The instruction device 20 illustrated in FIG. 3 includes an instruction communication unit 21, a display unit 22, an input unit 23, and an instruction control unit 24.

  The instruction communication unit 21 communicates with the server 30 via the Internet 60. For example, the instruction communication unit 21 receives, from the server 30, an input request indicating an input screen for requesting an operator to input (transmit) predetermined information. The input request includes, for example, an authentication input request indicating an authentication input screen requesting input of operator authentication information for authenticating an operator, and an identification input screen requesting input of a terminal identification ID for identifying the IoT device 10 to be controlled. And a command input request showing a command input screen for requesting the input of a control command.

  The operator authentication information is information for authenticating the operator at the server 30, and is, for example, a secret key or a password. The identification input screen includes an IoT device list that is a list of terminal identification IDs for identifying IoT devices 10 that can be controlled by the operator. In the present embodiment, the command input screen includes a command list that is a list of control commands that can be supported by the IoT device 10. However, the command input screen may include an input field for inputting a control command for the IoT device 10 instead of the command list. Although the format of the input request is not particularly limited, in the present embodiment, the input request is Web information indicating the input screen as a Web page.

  The display unit 22 displays various information. The input unit 23 receives various information from the operator. For example, the input unit 23 transmits a connection request to the server 30, an operator ID for identifying an operator, operator authentication information, a terminal identification ID for identifying the IoT device 10 to be controlled, and a control command for controlling the IoT device 10. Accept.

  The instruction control unit 24 controls the entire instruction device 20. For example, the instruction control unit 24 displays an input screen indicated by the input request received by the instruction communication unit 21 on the display unit 22. The instruction control unit 24 transmits the connection request, the operator ID, the operator authentication information, the terminal identification ID, and the control command received by the input unit 23 to the server 30.

(Configuration of Server 30)
FIG. 4 is a block diagram illustrating the configuration of the server 30. The server 30 illustrated in FIG. 4 includes a storage unit 31, a communication unit 32, and a server control unit 33.

  The storage unit 31 stores device management information for managing the IoT devices 10 and operator management information for managing operators.

  The device management information is information in which position information indicating the position of the IoT device 10 on the network is associated with each terminal identification ID. The position information is, specifically, an external IP address and an external port number converted from the internal IP address and the internal port number by the NAT device 40. The device management information further includes, for each terminal ID, terminal authentication information for authenticating the IoT device 10 identified by the terminal ID, and a command list that is a list of control commands corresponding to the IoT device 10. May be. The instruction list may be stored in the pointing device 20.

  FIG. 5 is a diagram illustrating an example of the device management information. The device management information 500 illustrated in FIG. 5 includes a terminal identification ID 501, terminal authentication information 502, a control command list 503, an IP address 504, and a port number 505. The terminal identification ID 501 is identification information for identifying the IoT device 10. The terminal authentication information 502 is a password for authenticating the IoT device 10. The control command list 503 is a command list that is a list of control commands for controlling the IoT device 10. The IP address 504 and the port number 505 are an external IP address and an external port number, and are position information indicating the position of the IoT device 10 on the network.

  Returning to the description of FIG. The operator management information is, for each operator ID, an IoT device that is a list of operator authentication information for authenticating an operator identified by the operator ID and a terminal identification ID for identifying an IoT device 10 that can be controlled by the operator. This is information that is associated with a list.

  FIG. 6 is a diagram illustrating an example of the operator management information. The example of the operator management information 600 illustrated in FIG. 6 includes the operator ID 601, and further includes the operator authentication information 602 and the terminal identification ID 603. The operator ID 601 is identification information for identifying an operator. The operator authentication information 602 is a password for authenticating the operator identified by the operator ID. The terminal identification ID 603 is a list of terminal identification IDs for identifying the IoT devices 10 that can be controlled by the operator identified by the operator ID.

  Note that the device management information and the operator management information shown in FIGS. 5 and 6 are merely examples, and the present invention is not limited to these examples. For example, a configuration divided into a plurality of tables may be used. For example, the device management information includes a first table in which terminal authentication information and an instruction list are associated for each terminal ID, and a second table in which an external IP address and an external port number are associated for each terminal ID. And may be composed of

  Returning to the description of FIG. The communication unit 32 communicates with the IoT device 10 via the NAT device 40, the local network 50, and the Internet 60. The communication unit 32 communicates with the pointing device 20 via the Internet 60. For example, the communication unit 32 receives notification information from the IoT device 10 and receives a connection request, an operator ID, operator authentication information, a terminal identification ID, and a control command from the instruction device 20.

  The server control unit 33 controls the entire server 30. For example, when the communication unit 32 receives the notification information, the server control unit 33 authenticates the IoT device 10 that has transmitted the notification information based on the terminal identification ID and the terminal authentication information included in the notification information. For example, the server control unit 33 determines whether the same combination as the combination of the terminal identification ID and the terminal authentication information included in the notification information is included in the device management information in the storage unit 31. The server control unit 33 determines that the authentication of the IoT device 10 has succeeded when the same combination is included, and fails the authentication of the IoT device 10 when the same combination is not included.

  When the authentication of the IoT device 10 is successful, the server control unit 33 acquires the external IP address and the external IP port number included in the transmission source information of the notification information from the notification information. The server control unit 33 adds the obtained external IP address and external IP port number to the device management information in the storage unit 31 in association with the terminal identification ID included in the notification information. At this time, if the external IP address and the external port number are already associated with each other in the device management information, the server control unit 33 determines the external IP address and the external port number in the device management information by using the acquired external IP address and external port number. Update to the port number. As a result, the latest external IP address and external IP port number are stored in the storage unit 31.

  The server control unit 33 may store other information in the storage unit 31 in association with the terminal identification ID in addition to the external IP address and the external port number. The other information includes, for example, a transmission protocol of the notification information, a type of the notification information, and the like. Further, if the external IP address and the external port number are not updated even after a predetermined deletion time has elapsed since the last storage of the external IP address and the external port number, the external IP address and the external port number are stored in the storage unit 31. You may delete it.

  When the communication unit 32 receives the connection request, the server control unit 33 transmits an authentication input request to the instruction device 20 that has transmitted the connection request. Thereafter, when the communication unit 32 receives the operator ID and the operator authentication information, the server control unit 33 authenticates the operator based on the received operator ID and operator authentication information. For example, the server control unit 33 determines whether or not the same combination as the received combination of the operator identification ID and the operator authentication information is included in the operator management information in the storage unit 31. The server control unit 33 determines that the authentication of the operator has succeeded when the same combination is included, and determines that the authentication of the operator has failed when the same combination is not included.

  When the authentication of the operator is successful, the server control unit 33 transmits an identification input request to the instruction device 20. At this time, the server control unit 33 includes, in the operator management information in the storage unit 31, an IoT device list associated with the same operator ID as the operator ID received by the communication unit 32 in the identification input request.

  When the communication unit 32 receives the terminal identification ID, the server control unit 33 transmits a command input request to the instruction device 20. At this time, when the command list is stored in the device management information in the storage unit 31, the server control unit 33 stores the command list associated with the same terminal ID as the terminal ID received by the communication unit 32. Include in command input request. If the device management information in the storage unit 31 does not include a command list, a control command input field is included in the command input request.

  When the communication unit 32 receives the control command, the server control unit 33 determines, in the operator management information in the storage unit 31, the external IP address and the external IP address associated with the same terminal identification ID as the terminal identification ID received by the communication unit 32. A control instruction in which an external port is set as destination information is generated. The server control unit 33 transmits a control command in which destination information is set.

  In the present embodiment, since the transmission destination of the control command is the IoT device 10 under the local network 50, the control command passes through the NAT device 40. At this time, the external IP address and the external port number included in the destination information of the notification information correspond to the internal IP address and the internal port number associated with the external IP address and the external port number in the NAT device 40 as described above. Is converted. Such processing by the NAT device 40 is common to not only control commands but also information (including signals and data) transmitted from the pointing device 20 and the server 30 to the IoT device 10. The description may be omitted.

  As described above, in the present embodiment, the server control unit 33 has a function as a management unit that acquires the external IP address and the external IP port number included in the transmission source information of the notification information, and the external IP address and the external IP port. It has both a function as a transmission control unit for generating a control command in which a number is set as destination information and transmitting the control command in which the destination information is set.

  Note that the authentication of the IoT device 10 and the authentication of the operator are not limited to the above examples as long as the authentication of the IoT device 10 and the operator can be performed. The authentication information and the authentication method used in the authentication of the IoT device 10 and the authentication of the operator may be different from each other, or may be the same as each other.

  In addition, not only notification information and control instructions, but also processing for setting destination information and transmission source information for information (including signals and data) communicated between the IoT device 10, the instruction device 20, and the server 30 is performed. However, processes that are not directly related to the present invention are omitted.

(Description of operation)
7 and 8 are sequence diagrams illustrating an example of the operation of the control system according to the present embodiment. Specifically, FIG. 7 is a sequence diagram for explaining an address registration operation for registering an external IP address and an external port number in the server 30, and FIG. 8 describes a control operation for controlling the IoT device 10. FIG.

  In the address registration operation of FIG. 7, first, the control unit 13 of the IoT device 10 acquires the terminal identification ID and the terminal authentication information from the device storage unit 11, and generates notification information including the terminal identification ID and the terminal authentication information. . Then, the control unit 13 acquires the notification destination information, the internal IP address, and the internal port number from the device storage unit 11, sets the notification destination information in the notification information as the destination information, and transmits the internal IP address and the internal port number. The notification information is set as the source information in the notification information, and the destination information and the source information are set as the notification information. The control unit 13 transmits the notification information in which the destination information and the transmission source information are set to the NAT device 40 via the device communication unit 12 and the local network 50 (Step S701).

  When receiving the notification information, the NAT device 40 converts the internal IP address and the internal port number included in the transmission source information of the notification information into the external IP address and the external port number, and converts the internal IP address and the internal port number before the conversion. And the converted external IP address and external port number are stored in association with each other as a NAT table (step S702). Then, the NAT device 40 transmits the notification information obtained by converting the transmission source information to the server 30 via the Internet 60 (Step S703).

  When the communication unit 32 of the server 30 receives the notification information, the server control unit 33 authenticates the IoT device 10 that has transmitted the notification information based on the terminal identification ID and the terminal authentication information included in the notification information. (Step S704).

  Here, it is assumed that the authentication is successful. In this case, the server control unit 33 acquires the external IP address and the external IP port number included in the transmission source information of the notification information from the notification information. The server control unit 33 adds the acquired external IP address and external IP port number to the device management information in the storage unit 31 in association with the terminal identification ID included in the notification information (step S705), and ends the processing. .

  The above address registration operation is repeatedly performed, and the latest combination of the external IP address and the external port number is registered in the storage unit 31. If the authentication fails in step S704, the server control unit 33 transmits an error message indicating that the authentication of the IoT device 10 has failed to a predetermined device such as the IoT device 10 or the instruction device 20, and the like. The operator or the like may be notified that the authentication of the IoT device 10 has failed.

  In the control operation of FIG. 8, when the input unit 23 of the instruction device 20 receives a connection request, the instruction control unit 24 transmits the connection request to the server 30 via the instruction communication unit 21 and the Internet 60 (step S801). ). When the communication unit 32 of the server 30 receives the connection request, the server control unit 33 generates an authentication input request and transmits the authentication input request to the instruction device 20 via the communication unit 32 and the Internet 60 (Step S802).

  When the instruction communication unit 21 of the instruction device 20 receives the authentication input request, the instruction control unit 24 displays an authentication input screen indicated by the authentication input request on the display unit 22. Thereafter, when the input unit 23 receives the operator ID and the operator authentication information, the instruction control unit 24 transmits the operator ID and the operator authentication information to the server 30 via the instruction communication unit 21 and the Internet 60 (Step S803). .

  When the communication unit 32 of the server 30 receives the operator ID and the operator authentication information, the server control unit 33 authenticates the operator based on the operator ID and the operator authentication information (Step S804).

  Here, it is assumed that the authentication is successful. In this case, the server control unit 33 acquires, from the storage unit 31, an IoT device list associated with the same operator ID as the operator ID received in step S804 in the operator management information. The server control unit 33 generates an identification input request indicating an identification input screen including the IoT device list, and transmits the identification input request to the instruction device 20 via the communication unit 32 and the Internet 60 (step S805).

  When the instruction communication unit 21 of the instruction device 20 receives the identification input request, the instruction control unit 24 displays the identification input screen indicated by the identification input request on the display unit 22. Thereafter, when the input unit 23 receives the terminal identification ID, the instruction control unit 24 transmits the terminal identification ID to the server 30 via the instruction communication unit 21 and the Internet 60 (Step S806). In this embodiment, the operator uses the input unit 23 to select a terminal identification ID from the IoT device list included in the identification input screen, and the input unit 23 receives the selected terminal identification ID. However, the input unit 23 may directly receive the terminal identification ID input by characters from the operator.

  When the communication unit 32 of the server 30 receives the terminal identification ID, the server control unit 33, when the instruction list is stored in the device management information from the storage unit 31, sets the terminal identification ID to the same terminal identification ID as the received terminal identification ID. Get the associated instruction list. The server control unit 33 generates a command input request indicating a command input screen including the command list, and transmits the command input request to the pointing device 20 via the communication unit 32 and the Internet 60 (step S807). If the device management information in the storage unit 31 does not include a command list, a command input request indicating a command input screen including a control command input field is generated instead of the command list.

  When the instruction communication unit 21 of the instruction device 20 receives the instruction input request, the instruction control unit 24 displays an instruction input screen indicated by the instruction input request on the display unit 22. Thereafter, when the input unit 23 receives the control command, the instruction control unit 24 transmits the control instruction to the server 30 via the instruction communication unit 21 and the Internet 60 (Step S808). In the present embodiment, the operator uses the input unit 23 to select a control command from a command list included in the command input screen, and the input control unit 23 receives the selected control command. However, the input unit 23 may directly receive a control command character-input in the control command input field from the operator.

  When the communication unit 32 of the server 30 receives the control command, the server control unit 33 reads from the storage unit 31 the external IP address associated with the same terminal ID as the terminal ID received in step S807 in the device management information. And get the external port number. The server control unit 33 sets the acquired external IP address and external port number as the destination information in the received control instruction, and generates a control instruction in which the destination information is set (step S809). The server control unit 33 transmits the control command in which the destination information is set to the NAT device 40 via the communication unit 32 and the Internet 60 (Step S810).

  When receiving the control command, the NAT device 40 stores the external IP address and the external port number, which are the destination information of the control command, in the stored NAT table in the internal IP address and the external port number corresponding to the external IP address and the external port number. It is converted into an address and an internal port number (step S811). The NAT device 40 transmits the control command obtained by converting the destination information to the IoT device 10 via the local network 50 (Step S812).

  When the device communication unit 12 of the IoT device 10 receives the control command, the control unit 13 controls the IoT device 10 according to the control command (Step S813), and ends the processing.

  If the authentication fails in step S804, the server control unit 33 transmits the error message to the effect that the authentication of the operator has failed to a predetermined device such as the pointing device 20, and fails to authenticate the operator. This may be notified to an operator or the like.

  As described above, according to the present embodiment, the control unit 13 of the IoT device 10 under the control of the local network 50 transmits the notification information to the server 30 via the NAT device 40. The communication unit 32 of the server 30 receives the notification information via the NAT device 40. The server control unit 33 acquires the external IP address and the external IP port number included in the transmission source information of the notification information received by the communication unit 32. Further, the server control unit 33 sets the obtained external IP address and external IP port number as the destination information in the control instruction for controlling the IoT device 10, generates a control instruction in which the destination information is set, and generates the destination. The control command in which the information is set is transmitted to the IoT device 10 via the NAT device 40. When the device communication unit 12 of the IoT device 10 receives the control command, the control unit 13 controls the IoT device 10 according to the control command.

  Thereby, the external IP address and the external IP port number included in the transmission source information of the notification information received from the IoT device 10 via the NAT device 40 are set as the destination information of the control command for controlling the IoT device 10, and The set control command is transmitted to the IoT device 10 via the NAT device 40. Therefore, it is possible to transmit a control command from the outside of the local network 50 to the IoT device 10 under the local network 50 without providing a new function in a communication relay device such as the NAT device 40. Become. Therefore, the IoT device 10 under the local network 50 can be easily controlled from outside the local network 50. Also, there is no need for a new global address, so there is no need to reserve a global IP address in advance.

  In the present embodiment, the storage unit 31 stores the external IP address and the external IP port number acquired by the server control unit 33. When the communication unit 32 receives the control command from the instruction device 20, the server control unit 33 generates a control command in which the external IP address and the external IP port number stored in the storage unit 31 are set as destination information. For this reason, it becomes possible to transmit the IoT device 10 promptly after receiving the control command, so that the IoT device 10 can be quickly controlled.

  In the present embodiment, the control unit 13 of the IoT device 10 repeatedly transmits the notification information, and the server control unit 33 generates a control command in which the latest external IP address and external IP port number are set as destination information. . Therefore, even when the external IP address and the external IP port number are dynamically set, the IoT device 10 under the local network 50 can be easily controlled from outside the local network 50.

(Second embodiment)
This embodiment is different from the first embodiment in the control operation for controlling the IoT device 10. Specifically, in the first embodiment, the pointing device 20 transmits a control command to the IoT device 10 via the server 30. However, in the present embodiment, the pointing device 20 performs control without passing through the server 30. A command is transmitted to the IoT device 10.

  FIG. 9 is a sequence diagram illustrating a control operation for controlling the IoT device 10 according to the present embodiment. Note that the address registration operation for registering the external IP address and the external port number in the server 30 is the same as in the first embodiment.

  First, the processes of steps S801 to S805 are executed in the same manner as the operation described with reference to FIG. Thereafter, when the instruction communication unit 21 of the instruction device 20 receives the identification input request, the instruction control unit 24 displays the identification input screen indicated by the identification input request on the display unit 22. Thereafter, when the input unit 23 receives the terminal identification ID, the instruction control unit 24 generates a position acquisition request for requesting acquisition of position information indicating the position on the network of the IoT device 10 to which the control command is transmitted. The instruction control unit 24 includes the terminal identification ID in the position acquisition request, and transmits a position acquisition request including the terminal identification ID to the server 30 via the instruction communication unit 21 and the Internet 60 (step S901).

  When the communication unit 32 of the server 30 receives the position acquisition request, the server control unit 33 associates the device management information from the storage unit 31 with the same terminal identification ID as the terminal identification ID included in the received position acquisition request. The obtained external IP address and external port number are obtained. The server control unit 33 generates a command input request including the external IP address and the external port number, and transmits the command input request to the pointing device 20 via the communication unit 32 and the Internet 60 (step S902). Note that the external IP address and the external port number are position information indicating the position of the IoT device 10 on the network as described above. At this time, if the command list, which is a list of control commands, is stored in the storage unit 31, the server control unit 33 acquires the command list together with the external IP address and the external port number. Is included in the instruction input request.

  When the instruction communication unit 21 of the instruction device 20 receives the instruction input request, the instruction control unit 24 displays an instruction input screen indicated by the instruction input request on the display unit 22. After that, the operator selects a control command from the command list included in the command input screen using the input unit 23, and the input unit 23 accepts the selected control command, or the input unit 23 sends a control command input field from the operator. Directly accepts a control command input to the PC. When the input unit 23 receives the control command, the instruction control unit 24 sets the external IP address and the external port number included in the command input request as destination information in the received control command, and sets the control command in which the destination information is set. Is generated (step S903). Note that the command list of the control commands may be stored in the pointing device 20 instead of the storage unit 31 of the server 30. In this case, when displaying the instruction input screen on the display unit 22, the instruction control unit 24 reads the instruction list and displays the instruction list on the display unit 22. The instruction control unit 24 transmits the control instruction in which the destination information is set to the NAT device 40 via the instruction communication unit 21 and the Internet 60 (Step S904). Thereafter, the processing of steps S811 to S813 is performed.

  The server control unit 33 displays the external IP address and the external port number on the display unit 22 of the pointing device 20 by including the external IP address and the external port number in the command input screen of the command input request in step S901. Alternatively, the external IP address and the external port number may not be displayed on the display unit 22 without including the external IP address and the external port number in the command input screen.

  In the present embodiment, the server control unit 33 of the server 30 has a function as a management unit that acquires the external IP address and the external IP port number included in the transmission source information of the notification information. Has a function as a transmission control unit that generates a control instruction in which an external IP address and an external IP port number are set as destination information and transmits the control instruction in which the destination information is set. The timing at which the instruction control unit 24 of the instruction device 20 acquires the external IP address and the external IP port number from the storage unit 31 of the server 30 is the same as the instruction list acquisition timing in the example of FIG. For example, another timing such as a timing at which the input unit 23 receives a control command may be used.

  Also in the present embodiment, it is possible to transmit a control command from the outside of the local network 50 to the IoT device 10 under the local network 50 without providing a new function in the communication relay device. The IoT device 10 under the control of the local network 50 can be easily controlled from outside the local network 50.

(Third embodiment)
This embodiment differs from the first embodiment in the timing at which the server 30 transmits a control command to the IoT device 10.

  FIG. 10 and FIG. 11 are sequence diagrams for explaining an example of the operation of the control system of the present embodiment. Specifically, FIG. 10 is a sequence diagram for explaining a command registration operation for registering a control command in the server 30, and FIG. 11 is a sequence diagram for explaining a control operation for controlling the IoT device 10. is there.

  In the instruction registration operation of FIG. 10, first, the processing of steps S801 to S808 described in FIG. 8 is executed. Thereafter, when the communication unit 32 of the server 30 receives the control command, the server control unit 33 transmits the control command to the device management information in the storage unit 31 with the same terminal ID as the terminal ID received in step S807. The corresponding information is stored (step S1001), and the process ends.

  The method for associating the terminal identification ID with the control command is not limited to the above example. For example, the server control unit 33 may associate the terminal identification ID with the control instruction by storing the control instruction as Web information in a dedicated storage area associated with the terminal identification ID. In this case, the URL assigned to the dedicated storage area corresponds to the notification destination information stored in the device storage unit 11. The format of the Web information is not particularly limited as long as it is a file that can include control instructions, such as a text file containing character information, as well as an HTML file for generating a homepage screen.

  In the control operation of FIG. 11, the control unit 13 of the IoT device 10 first obtains the terminal ID and the terminal authentication information from the device storage unit 11 at a predetermined transmission interval, and stores the terminal ID and the terminal authentication information. An instruction acquisition request for acquiring a control instruction is generated as notification information including the instruction information. Then, the control unit 13 acquires the notification destination information, the internal IP address, and the internal port number from the device storage unit 11, sets the notification destination information in the instruction acquisition request as the destination information, and sets the internal IP address and the internal port number as the destination information. An instruction acquisition request in which destination information and source information are set is generated by setting the instruction acquisition information as transmission source information. The control unit 13 transmits a command acquisition request in which destination information and transmission source information are set to the NAT device 40 via the device communication unit 12 and the local network 50 (Step S1101).

  In this embodiment, the command acquisition request uses a Web information acquisition request using http (Hypertext Transfer Protocol) or the like. However, the command acquisition request is not limited to a Web information acquisition request, and is not particularly limited as long as a control command can be acquired. The command acquisition request may be, for example, an acquisition request using FTP (File Transfer Protocol).

  When the process of step S1101 ends, thereafter, steps S1102 to 1104, which are processes similar to the processes of steps S702 to S704, are executed. The processing in steps S1102 to 1104 is the same as the processing in steps S702 to S704, except that the notification information is replaced with an instruction acquisition request.

  If the authentication of the IoT device 10 succeeds in step S1104, the server control unit 33 transmits the control command associated with the same terminal ID as the terminal ID included in the command acquisition request in the device management information in the storage unit 31. Is acquired (step S1105). Note that, for example, an HTML file in which a control instruction stored in a URL corresponding to the notification destination information is described may be obtained. The server control unit 33 generates a control command in which the external IP address and the external port number, which are the source information of the command acquisition request, are set as the destination information (step S1106). Thereafter, the processing of steps S810 to S813 is performed. In step S813, for example, if the file received by the device communication unit 12 of the IoT device 10 is an HTML file, the control unit 13 analyzes the received HTML file and writes a control command in the HTML file. It is determined whether or not there is a control command, and if a control command is described, the control command is extracted from the HTML file and the IoT device 10 is controlled according to the extracted control command. If no control command is described, the process ends without controlling the IoT device 10. Then, after a predetermined transmission interval, the control unit 13 of the IoT device 10 repeatedly executes the operation from S1101.

  As described above, according to the present embodiment, the storage unit 31 stores the control command received by the communication unit 32. When the communication section 32 receives the notification information, the server control section 33 sets the external IP address and the external IP port number acquired from the notification information as the destination information in the control command stored in the storage section 31, and sets the destination information as the destination information. Generate the set control instruction. Therefore, the control command can be transmitted to the IoT device 10 when the notification information is received, so that it is not necessary to store the external IP address and the external IP port number, and the storage area and cost of the server 30 can be reduced. Will be possible. Further, since the latest external IP address and external IP port number are set as the destination information of the control signal, even when the external IP address and external IP port number are dynamically set, the control command is transmitted to the IoT device 10. It is possible to suppress that it is no longer performed.

(Fourth embodiment)
In the present embodiment, another example of the notification information will be described.

  In the first embodiment, dedicated information is used as the notification information. However, the notification information may be shared with other information. For example, when the IoT device 10 is a device that transmits predetermined data to the server 30, the control unit 13 notifies the data by including the terminal identification ID and the terminal authentication information in the device storage unit 11 in the data to be transmitted. Also serves as information. In this case, when the transmission condition for transmitting the predetermined data is satisfied, the control unit 13 transmits the data as the notification information. For example, the control unit 13 may transmit data as notification information every time a transmission condition for transmitting predetermined data is satisfied, or may transmit dedicated notification information at a predetermined transmission interval and transmit the notification information within the transmission interval. When the transmission condition is satisfied and it becomes necessary to transmit the data, the data may be transmitted as the notification information.

  The data is, for example, a captured image acquired by the IoT device 10 through imaging, sensor data received or detected by the IoT device 10, or result data indicating a processing result of a calculation process by the IoT device 10. The transmission condition is that a predetermined time has elapsed or that an abnormality has been detected. When transmitting data as notification information, the server 30 may store, for each terminal identification ID, data from the IoT device 10 identified by the terminal identification ID.

  Further, the control unit 13 may transmit a key acquisition request for requesting acquisition of a unique authentication key as notification information. In this case, upon acquiring the external IP address and the external port number from the notification information, the server control unit 33 of the server 30 generates an authentication key and transmits the authentication key to the IoT device 10. Also, when transmitting the control command, the server control unit 33 transmits the authentication key to the IoT device 10 together with the control command as a confirmation key.

  For example, when the server control unit 33 of the server 30 stores the terminal identification ID in association with the external IP address and the external port number as in the first and second embodiments, the server control unit 33 of the server 30 The authentication key is added to the device management information in the storage unit 31 in association with the terminal identification ID, and the authentication key is transmitted to the IoT device 10 as a registration key. When the authentication key is already stored, the server control unit 33 updates the already stored authentication key with a newly generated authentication key.

  When the device communication unit 12 of the IoT device receives the registration key, the control unit 13 stores the registration key in the device storage unit 11. When the registration key is already stored, the control unit 13 updates the already stored registration key with a newly generated registration key.

  When the control command is transmitted to the IoT device 10 via the server 30 as in the first embodiment, the server control unit 33 of the server 30 stores the control command when transmitting the control command in step S810 of FIG. The authentication key associated with the same terminal identification ID as the terminal identification ID received in step S807 of FIG. 8 in the device management information in the unit 31 is transmitted to the IoT device 10 together with the control command as a confirmation key.

  When the control command is transmitted to the IoT device 10 without passing through the server 30 as in the second embodiment, the server control unit 33 of the server 30 transmits a command input request in step S902 of FIG. At this time, in the device management information in the storage unit 31, an instruction key associated with the same terminal identification ID as the terminal identification ID included in the position acquisition request received in step S901 of FIG. Send to Then, in step S903, the instruction communication unit 21 of the instruction device 20 receives the authentication key together with the instruction input request, and when the instruction control unit 24 transmits the control instruction in step S904, the received authentication key is used as a confirmation key. The control command is transmitted to the IoT device 10 together with the control command.

  In any case, in step S813, the device communication unit 12 of the IoT device 10 receives the confirmation key together with the control command, and the control unit 13 determines whether the received confirmation key matches the registration key stored in the device storage unit 11. Determine whether or not. When they match each other, the control unit 13 executes the control command.

  As described above, according to the present embodiment, when a transmission condition for transmitting predetermined data is satisfied, the control unit 13 transmits the data as notification information. Therefore, the notification information can be shared with other data, so that traffic can be reduced.

  In the present embodiment, the control unit 13 transmits a key acquisition request for requesting the acquisition of an authentication key as notification information. When the communication unit 32 receives the key acquisition request, the server control unit 33 generates an authentication key and transmits it as the registration key to the IoT device 10, and then, when transmitting the control instruction, transmits a confirmation key as an authentication key together with the control instruction. Send. The device communication unit 12 further receives the registration key and the confirmation key. When the registration key and the confirmation key match each other, the control unit 13 controls the IoT device 10 according to the control command. For this reason, it is possible to suppress impersonation of the pointing device 20 and the server 30, and it is possible to improve security.

(Fifth embodiment)
In the present embodiment, an example in which a confirmation signal is transmitted before transmitting a control command to the IoT device 10 will be described.

  When the control command is transmitted via the server 30 as in the first embodiment, when the communication unit 32 of the server 30 receives the control command, the server control unit 33 receives the control command in step S807. The stored terminal identification ID is stored in the storage unit 31 in association with the same terminal identification ID. After that, the server control unit 33 sends a NAT signal confirming the NAT to the external IP address and the external port number associated with the same terminal ID as the terminal ID received in the device management information in the storage unit 31. The data is transmitted to the IoT device 10 via the device 40.

  When the device communication unit 12 of the IoT device 10 receives the confirmation signal, the control unit 13 transmits a response signal including the terminal identification ID stored in the device storage unit 11 to the server 30. When the communication unit 32 of the server 30 receives the response signal, the server control unit 33 stores the set of the terminal identification ID in the response signal and the external IP address and the external port number of the transmission source of the response signal in the storage unit 31. Is determined to match the set of the terminal identification ID, the external IP address, and the external port number stored in. When the set of the terminal identification ID, the external IP address, and the external port number matches, the control unit 13 acquires the control command associated with the terminal identification ID, and transmits the external IP address and the external A control instruction in which a port number is set as destination information is generated. After that, the processing of steps S810 to S813 is performed. When the set of the terminal identification ID does not match the external IP address and the external port number, the server control unit 33 determines whether the external IP address and the external IP address associated with the terminal identification ID in the device management information in the storage unit 31 are different. Delete the port number. In this case, the server control unit 33 may generate the control command in the next address registration operation, or may transmit an error to the instruction device 20 that is the source of the control command.

  When the control command is transmitted without passing through the server 30 as in the second embodiment, when the communication unit 32 of the server 30 receives the terminal identification ID in step S901, the device management information in the storage unit 31 Transmits a confirmation signal using the external IP address and the external port number associated with the same terminal identification ID as the received terminal identification ID to the IoT device 10 via the NAT device 40.

  When the device communication unit 12 of the IoT device 10 receives the confirmation signal, the control unit 13 transmits a response signal including the terminal identification ID stored in the device storage unit 11 to the server 30. When the communication unit 32 of the server 30 receives the response signal, the server control unit 33 stores the set of the terminal identification ID in the response signal and the external IP address and the external port number of the transmission source of the response signal in the storage unit 31. Is determined to match the set of the terminal identification ID, the external IP address, and the external port number stored in. As a result of the determination, when it is determined that they match, the control unit 13 obtains the command list associated with the same terminal identification ID, and obtains the external IP address and the external IP address included in the command list and the transmission source information of the response signal. A command input request including the port number and the request are generated and transmitted to the instruction device 20. Thereafter, the processing of steps S902 to S903 and S811 to S813 is executed.

  As described above, according to the present embodiment, the server control unit 33 transmits a confirmation signal in which the acquired external IP address and external IP port number are set as destination information to the IoT device 10 via the NAT device 40. When the device communication unit 12 of the IoT device 10 receives the confirmation signal, the control unit 13 transmits a response signal to the confirmation signal to the server 30. When the communication unit 32 of the server 30 receives the response signal, the server control unit 33 transmits a control command. Therefore, it is possible to suppress the transmission of the control command regardless of whether the external IP address and the external IP port number are changed and the control command is not transmitted to the IoT device 10. Therefore, security can be improved.

(Sixth embodiment)
In the present embodiment, an example in which the transmission interval for transmitting the notification information is adjusted will be described. Specifically, each record in the NAT table of the NAT device 40 is normally cleared at every predetermined time-out value (idle time-out value or session time-out value). An example in which the record in the NAT table is adjusted to be as long as possible without being cleared will be described.

  FIG. 12 is a diagram for explaining an example of the operation of the present embodiment.

  In the example of FIG. 12, the control unit 13 of the IoT device 10 first repeatedly transmits the notification information while gradually increasing the transmission interval from a predetermined initial value. Specifically, the control unit 13 sets the initial value to one minute and increases the transmission interval by two minutes from the initial value of one minute. That is, the transmission intervals are 1 minute, 3 minutes, 5 minutes, 7 minutes, and so on. At this time, the control unit 13 may use the normal notification information described in the first embodiment or the like, or may use the test notification information for determining the transmission interval, as the notification information. Note that the test notification information includes the terminal identification ID and the terminal authentication information stored in the device storage unit 11 as in the case of the normal notification information.

  When acquiring the external IP address and the external IP port number included in the transmission source information of the notification information, the server control unit 33 of the server 30 further obtains the reception date and time at which the communication unit 32 has received the notification information. The date and time are stored in the storage unit 31 in association with the same terminal identification ID as the terminal identification ID included in the notification information in the device management information in the storage unit 31.

  The server control unit 33 determines whether at least one of the acquired latest external IP address and external port number has been changed from the previously acquired external IP address and external port number.

  If at least one of the external IP address and the external port number has been changed, the server control unit 33 sets a setting value according to the current transmission interval in the control unit 13 of the IoT device 10 as the transmission interval. Specifically, the server control unit 33 generates an interval setting command indicating the set value, sets the latest external IP address and external port number as the destination information of the interval setting command, and sets the interval setting in which the destination information is set. Generate instructions. The server control unit 33 transmits the interval setting command in which the destination information is set to the IoT device 10 via the Internet 60, the NAT device 40, and the local network 50. When the device communication unit 12 of the IoT device 10 receives the interval setting command, the control unit 13 sets a transmission interval according to the interval setting command. Then, the control unit 13 transmits the notification information at the set transmission interval.

  The set value is, specifically, a transmission interval immediately before the current transmission interval. In the illustrated example, the external IP address is changed when the transmission interval is 7 minutes. Therefore, the set value is 5 minutes.

  Further, the server control unit 33 of the server 30 determines whether or not a release condition for releasing the set value of the transmission interval is satisfied. The release condition is, for example, that at least one of the external IP address and the external port number has been changed again.

  When the release condition is satisfied, the server control unit 33 releases the set value set in the control unit 13 of the IoT device 10. Specifically, the server control unit 33 sets a latest external IP address and an external port number as destination information of a release command requesting release of a setting value, and generates a release command in which destination information is set. The server control unit 33 transmits the release command in which the destination information is set to the IoT device 10 via the Internet 60, the NAT device 40, and the local network 50. When the device communication unit 12 of the IoT device 10 receives the release command, the control unit 13 releases the set value set as the transmission interval. After that, the control unit 13 repeatedly transmits the notification information while gradually increasing the transmission interval from a predetermined initial value again in order to reset the transmission interval. The reset condition is, for example, that at least one of the external IP address and the external port number has been changed, or that a predetermined reset period has elapsed after the setting.

  FIG. 13 is a diagram for explaining another example of the operation of the present embodiment.

  In FIG. 13, the control unit 13 of the IoT device 10 repeatedly transmits the notification information while fixing the transmission interval to a predetermined initial value. The initial value is an interval considered to be sufficiently shorter than the timeout value, and is set to one minute in the example in the figure. Note that the control unit 13 may use normal notification information or test notification information as the notification information.

  When acquiring the external IP address and the external IP port number included in the transmission source information of the notification information, the server control unit 33 of the server 30 further obtains the reception date and time at which the communication unit 32 has received the notification information. The date and time are stored in the storage unit 31 in association with the same terminal identification ID as the terminal identification ID included in the notification information in the device management information in the storage unit 31.

  Every time the server control unit 33 acquires the external IP address and the external port number, whether at least one of the acquired latest external IP address and the external port number has been changed from the external IP address and the external port number acquired last time Determine whether or not.

  When at least one of the external IP address and the external IP port number is changed first (first time), the server control unit 33 stores in the storage unit 31 the reception date and time corresponding to the changed external IP address and external IP port number. Is associated with the first change flag. The reception date and time corresponding to the external IP address and the external IP port number is the reception date and time of the notification information including the external IP address and the external IP port number as the source information. When at least one of the external IP address and the external IP port number is changed next (second time), the server control unit 33 stores the changed external IP address and external IP port number in the storage unit 31. The second change flag is associated with the date and time of reception.

  Then, the server control unit 33 stores, in the storage unit 31, according to the first date and time that is the reception date and time with the first change flag and the second date and time that is the reception date and time with the second change flag. The set value thus set is set in the control unit 13 of the IoT device 10. The specific setting method of the set value is the same as the example of FIG.

  The set value is, specifically, a difference between the reception date and time immediately before the second date and time and the first date and time. In the example of the figure, the second date and time is four minutes after the first date and time, and the reception date and time are counted every minute, so the set value is three minutes.

  According to the present embodiment described above, the control unit 13 of the IoT device 10 gradually increases the transmission interval for transmitting the notification information. When at least one of the latest external IP address and the external IP port number has been changed from the acquired external IP address and external IP port number, the server control unit 33 sets the transmission interval to a set value corresponding to the current transmission interval. Set in the control unit 13.

  In this case, the transmission interval can be adjusted according to the transmission interval at which the record in the NAT table times out and the external IP address and the external IP port number are changed. Can be adjusted to be as long as possible without clearing the record.

  In the present embodiment, the control unit 13 of the IoT device 10 fixes the transmission interval for transmitting the notification information. The server control unit 33 acquires the reception date and time when the communication unit 32 has received the notification information, and the server control unit 33 is the reception date and time when at least one of the external IP address and the external IP port number is first changed. A setting value corresponding to the first date and time and the second date and time that is the reception date and time when at least one of the external IP address and the external IP port number is changed next are set in the control unit 13.

  Even in this case, the transmission interval can be adjusted according to the transmission interval at which the record in the NAT table is timed out and the external IP address and the external IP port number are changed. It can be adjusted to be as long as possible without clearing the records within.

  In each of the embodiments described above, the illustrated configuration is merely an example, and the present invention is not limited to the configuration.

  For example, as for the functions of the IoT device 10, the pointing device 20, and the server 30, a program for realizing the functions is recorded on a computer-readable recording medium, and the program recorded on the recording medium is stored in a computer. It may be realized by reading and executing.

  Further, the control device that controls the IoT device 10 is configured by the pointing device 20 and the server 30, but may be configured by a single device. The target device to be controlled is not limited to the IoT device 10. The target device may be, for example, an information processing device such as a PC.

  The configuration for transmitting the key acquisition request as the notification information described in the fourth embodiment and the configuration for transmitting the confirmation signal described in the fifth embodiment are applied to the configuration described in the third embodiment. You may.

1 control system 10 IoT device (target device)
Reference Signs List 11 device storage unit 12 device communication unit 13 control unit 20 pointing device (control device)
DESCRIPTION OF SYMBOLS 21 Instruction communication part 22 Display part 23 Input part 24 Instruction control part 30 Server (control apparatus, management apparatus)
31 storage unit 32 communication unit 33 server control unit 40 NAT device 50 local network 60 internet

Claims (15)

An internal IP address and an internal port number used in the local network, including the target device under the local network, and a control device outside the local network, and the local network A control system for communicating via a network address translator for translating between an external IP address and an external IP port number used outside
The control device includes:
A communication unit that receives predetermined notification information from the target device via the network address translation device,
A management unit that acquires an external IP address and an external IP port number included in the source information of the notification information received by the communication unit;
In the control instruction for controlling the target device, the external IP address and the external IP port number acquired by the management unit are set as destination information, and the control instruction in which the destination information is set is transmitted via the network address translator. A transmission control unit for transmitting to the target device,
The target device is
A receiving unit that receives the control command from the control device via the network address translation device,
A control unit that transmits the notification information to the control device via the network address translation device and controls the target device according to the control command received by the reception unit. The control device further includes a storage unit that stores the external IP address and the external IP port number obtained by the management unit,
The communication unit further receives the control command,
The control system according to claim 1, wherein, when the communication unit receives the control command, the transmission control unit sets an external IP address and an external IP port number stored in the storage unit as destination information in the control command. . The control device includes a management device having the communication unit and the management unit, and an instruction device having the transmission control unit,
The management device further includes a storage unit that stores the external IP address and the external IP port number obtained by the management unit,
The instruction device further includes an input unit that receives the control command,
The transmission control unit obtains the external IP address and the external IP port number from the storage unit, and sets the obtained external IP address and external IP port number as destination information in a control command received by the input unit. The control system according to claim 1. The communication unit further receives the control command,
The control device further includes a storage unit that stores the control command received by the communication unit,
The transmission control unit, when the communication unit receives the notification information, sets an external IP address and an external IP port number acquired by the management unit as destination information in a control command stored in the storage unit. 2. The control system according to 1.   The control system according to claim 1, wherein the control unit transmits the data as the notification information when a transmission condition for transmitting predetermined data is satisfied. The control unit transmits a key acquisition request requesting acquisition of an authentication key as the notification information,
The management unit, when the communication unit receives the key acquisition request, generates the authentication key and transmits it to the target device as a registration key,
The transmission control unit transmits the authentication key as a confirmation key together with the control command when transmitting the control command,
The receiving unit further receives the registration key and the confirmation key,
The control system according to any one of claims 1 to 4, wherein the control unit controls the target device according to the control command when the registration key and the confirmation key match each other. The management unit transmits a confirmation signal in which the acquired external IP address and external IP port number are set as destination information to the target device via the network address translator,
The receiving unit receives a confirmation signal from the control device via the network address translation device,
The control unit, when the receiving unit receives the confirmation signal, transmits a response signal to the confirmation signal to the control device via the network address translation device,
The communication unit receives the response signal from the target device via the network address translation device,
The control system according to claim 1, wherein the transmission control unit transmits the control command when the communication unit receives the response signal. The control unit repeatedly transmits the notification information,
The control according to any one of claims 1 to 7, wherein the transmission control unit sets the latest external IP address and the external IP port number acquired by the management unit as destination information in the control command. system.   The control system according to claim 8, wherein a transmission interval for transmitting the notification information is fixed in advance. The control unit gradually increases a transmission interval for transmitting the notification information,
The management unit, if at least one of the latest external IP address and external IP port number has been changed from the previously obtained external IP address and external IP port number, sets the transmission interval according to a current transmission interval. The control system according to claim 8, wherein a value is set in the control unit.   The control system according to claim 10, wherein the setting value is a transmission interval immediately before the current transmission interval. The control unit fixes a transmission interval for transmitting the notification information,
The management unit acquires the reception date and time at which the communication unit has received the notification information, and at least one of the latest external IP address and external IP port number is first obtained from the previously acquired external IP address and external IP port number. A first date and time, which is the reception date and time when the date and time have been changed, and a second date and time when at least one of the latest external IP address and external IP port number has been changed from the previously obtained external IP address and external IP port number. The control system according to claim 8, wherein a set value according to a second date and time that is the reception date and time is set in the control unit.   The control system according to claim 12, wherein the set value is a difference between a reception date and time immediately before the second date and time and the first date and time.   The control system according to any one of claims 10 to 13, wherein the management unit releases the set value when a predetermined release condition is satisfied after setting the set value. An internal IP address and an internal port number used in the local network, including the target device under the local network, and a control device outside the local network, and the local network A control method for a control system that performs communication via a network address translator that translates between an external IP address and an external IP port number used outside of the control system,
The target device transmits predetermined notification information to the control device via the network address translation device,
The control device receives the notification information,
The control device acquiring an external IP address and an external IP port number included in the source information of the received notification information;
The control device sets the obtained external IP address and external IP port number as destination information in a control instruction for controlling the target device, and transmits the control instruction in which the destination information is set to the network address translator. Transmitting to the target device via
The target device receives the control command from the control device,
Controlling the target device in accordance with the received control command.

Images