JP2020035192A - Vehicle maintenance system - Google Patents

Abstract

To provide a vehicle maintenance system capable of conducting maintenance on a plurality of vehicles while securing communication security.SOLUTION: A vehicle maintenance system 10 comprises a plurality of maintenance tool appliances 1 that are connected to a plurality of vehicles-of-interest 7 and a transmitter 9 that sends a plurality of divisional data obtained by dividing for-maintenance data to particular maintenance tool appliances of a plurality of maintenance tool appliances equal in the number to the plurality of divisional data through a communication network 92. Each of the plurality of maintenance tool appliances has a first communicating section that receives destined-to-own-device divisional data the transmitter has sent, a second communicating section that sends the destined-to-own-device divisional data the first communicating section has received to all the other maintenance tool appliances and receives destined-to-another-device divisional data all the other particular maintenance tool appliances hold, and a restoring section that restores for-maintenance data from the destined-to-own-device divisional data the first communicating section has received and destined-to-all-the-other-devices divisional data the second communicating section has received.SELECTED DRAWING: Figure 1

Description

  The present disclosure relates to a vehicle maintenance system.

  2. Description of the Related Art In recent years, the scale of software (control program) mounted on an electronic control unit (ECU: Electronic Control Unit) for controlling a vehicle has been increasing with the sophistication and performance of the vehicle. As the scale of software increases, the likelihood of failures increases, so the need to update software and collect logs for multiple vehicles also increases.For example, a dedicated device for this purpose is routinely installed for each vehicle. When installed in a vehicle, the vehicle cost is increased.

  As a solution to such a problem, Patent Documents 1 and 2 disclose handy-type repro tools (maintenance tools) that are small in size and light in weight and easy to carry and handle. In general, a plurality of ECUs mounted on a vehicle are connected to each other via a vehicle network such as a bus type, and this repro tool connects a terminal portion (tool connector) to a dashboard while being connected to the vehicle network. It is possible to update (rewrite) the control program, collect transmission data flowing through the vehicle network (collect ECU logs), and the like by connecting to the vehicle-side connector installed in the vehicle. For example, the repro tool of Patent Document 1 has a script execution function of executing a script in which a desired process is described, and executes an execution command transmitted from a transmission device (such as a PC) and transmitted wirelessly. Upon receipt, the control program is updated and logs are collected. Such a repro tool is not provided exclusively for each vehicle, but can be used in common regardless of the type of vehicle when necessary, so that maintenance work can be facilitated without increasing vehicle cost. I do.

  Patent Documents 3 and 4 disclose that a transmission device transmits communication data to be divided into a plurality of pieces of divided data and transmits the divided data through mutually different communication paths, and a receiving apparatus receives divided data from a plurality of communication paths. A technique for restoring communication data from data and protecting communication data during transmission (particularly in a wireless section) from interception or the like is disclosed. As described above, the communication security is improved by preventing the restoration of the original communication data without intercepting all the divided data constituting the original communication data.

Japanese Patent No. 6323968 JP 2015-37899 A JP 2000-115162 A JP-A-10-164028

  When data is transmitted between a transmitting device and a repro tool as in Patent Literature 1, there is a possibility of information leakage due to eavesdropping on the communication path. In particular, when a repro tool is configured to receive data transmitted by a transmitting device through a wireless interface, the possibility of information leakage increases when a wireless section exists on a communication path. In Patent Literatures 3 and 4, communication security is improved as the number of data divisions increases. On the other hand, a receiving device as a destination of data transmitted by a transmission device receives divided data transmitted through a plurality of communication paths. Therefore, the manufacturing cost, the size, and the weight of the receiving device tend to increase.

  Therefore, the present inventors divided the data to be communicated on the transmitting device side because the repro tool is a tool for collectively maintaining a plurality of vehicles by being installed in each of the plurality of vehicles. Each of the repro tools restores data by transmitting each of the plurality of divided data to any one of the plurality of repro tools and communicating the received divided data among the plurality of repro tools. I thought about the method. According to this method, each repro tool only needs to have an interface for communicating with a communication network and an interface for communicating with another repro tool. It is thought that it becomes possible to suppress the increase in the size, the size of the repro tool, and the increase in the weight, and to maintain the ease of carrying and handling.

  In view of the above circumstances, at least one embodiment of the present invention aims to provide a vehicle maintenance system that enables maintenance of a plurality of vehicles while ensuring communication security.

(1) The vehicle maintenance system according to at least one embodiment of the present invention includes:
A plurality of maintenance tool devices configured to be connected to a plurality of target vehicles to be maintained;
A plurality of divided data obtained by dividing the maintenance data are transmitted to the same number of the specified maintenance tool devices as the plurality of divided data of the plurality of maintenance tool devices via a communication network. And a transmitting device,
Each of the plurality of maintenance tool devices,
A first communication unit configured to receive the divided data addressed to the own device transmitted by the transmitting device;
The first communication unit is configured to transmit the divided data received to all the other maintenance tool devices, and to receive the divided data addressed to the other devices held by all the other specific maintenance tool devices. A second communication unit,
A restoration unit configured to restore the maintenance data from the divided data addressed to the own device received by the first communication unit and the divided data addressed to all the other devices received by the second communication unit. Have.

  According to the configuration (1), each of the plurality of maintenance tool devices is configured to receive maintenance data from the transmission device via the communication network in a state where the plurality of maintenance tool devices are respectively installed in different target vehicles. Specifically, each of the plurality of maintenance tool devices receives a part of the plurality of divided data respectively forming different portions of one piece of maintenance data from the transmitting device, and converts the received divided data into another maintenance tool. The maintenance data is restored by acquiring all the divided data constituting the maintenance data through transmission to the device. As described above, by dividing the plurality of divided data constituting the maintenance data into the plurality of maintenance tool devices and communicating the divided data, each maintenance tool device can obtain the maintenance data while improving communication security against interception and the like. it can.

(2) In some embodiments, in the configuration of the above (1),
Each of the plurality of maintenance tool devices,
A terminal portion detachable from a vehicle-side connector connected to a vehicle network in the target vehicle,
A maintenance execution unit configured to execute a maintenance process on the target vehicle via the terminal unit based on the maintenance data restored by the restoration unit;
The portable terminal further includes a handy type holding case that holds the terminal unit, the first communication unit, the second communication unit, the restoration unit, and the maintenance execution unit.

  According to the configuration of the above (2), it is possible to provide a handy-type maintenance tool device that is small and lightweight, and is easy to carry and handle.

(3) In some embodiments, in the above configurations (1) and (2),
The first communication unit is configured to receive the divided data transmitted in a wireless section forming at least a part of the communication network,
The transmitting device is configured to transmit dummy data such that the dummy data is transmitted in the wireless section in which the divided data is transmitted to each of the specific maintenance tool devices.

  According to the configuration of (3), the transmitting device transmits the dummy data addressed to the dummy device such as the maintenance tool device not installed in the target vehicle, together with the plurality of divided data forming the maintenance data. . As a result, in a case where a plurality of maintenance tool devices installed in the target vehicle receive divided data via the same wireless master station, dummy data is included even if all data in the wireless section is intercepted. This makes it more difficult for the eavesdropper to restore the maintenance data, and further improves communication security.

(4) In some embodiments, in the configuration of the above (3),
The first communication unit is configured to receive divided data addressed to the own device from a base station of a mobile communication network forming the wireless section.

  According to the above configuration (4), the plurality of maintenance tool devices are arranged such that the transmitting device transmits from the base station of the mobile communication network to the maintenance tool serving as a destination for each of the plurality of divided data constituting the maintenance data. Performs encryption according to the device. As a result, communication security can be further improved.

(5) In some embodiments, in the configurations of (2) to (4),
The maintenance tool device is configured such that the maintenance data restored by the restoration unit is deleted after a lapse of a predetermined time from the completion of the maintenance processing.

  According to the configuration (5), the maintenance data restored by the maintenance tool device is deleted after use, so that highly confidential data is not stored in the maintenance tool device. Loss of information can reduce the possibility of information leakage and ensure information security.

(6) In some embodiments, in the above configurations (1) to (5),
The transmitting device is configured to perform encryption corresponding to each of the plurality of specific maintenance tool devices, and then transmit the encrypted divided data.

  According to the above configuration (6), the transmitting device performs encryption on each of the plurality of divided data constituting the maintenance data according to the transmitting device serving as the destination. As a result, communication security can be further improved.

  According to at least one embodiment of the present invention, a vehicle maintenance system capable of performing maintenance on a plurality of vehicles while ensuring communication security is provided.

It is a figure showing roughly the maintenance system for vehicles concerning one embodiment of the present invention. It is a figure showing connection between a maintenance tool device and a vehicle concerning one embodiment of the present invention. It is a figure which shows the state which installed the maintenance tool apparatus which concerns on one Embodiment of this invention in the tool installation part of a dashboard, (a) is a perspective view near the driver's seat of a dashboard, (b) is a tool installation. It is the figure which expanded the vicinity of a part. It is a figure showing roughly composition of a maintenance tool device concerning one embodiment of the present invention. FIG. 7 is a diagram for explaining communication processing between the transmission device and the maintenance tool device according to an embodiment of the present invention, and is an example of a case where three divided maintenance data is transmitted to three maintenance tool devices.

Hereinafter, some embodiments of the present invention will be described with reference to the accompanying drawings. However, the dimensions, materials, shapes, relative arrangements, and the like of the components described in the embodiments or shown in the drawings are not intended to limit the scope of the present invention thereto, but are merely illustrative examples. Absent.
For example, expressions representing relative or absolute arrangement such as “in a certain direction”, “along a certain direction”, “parallel”, “orthogonal”, “center”, “concentric” or “coaxial” are strictly described. In addition, not only such an arrangement but also a state of being relatively displaced with a tolerance or an angle or a distance at which the same function can be obtained.
For example, expressions such as "identical", "equal", and "homogeneous", which indicate that things are in the same state, not only represent exactly the same state, but also have a tolerance or a difference that provides the same function. An existing state shall also be represented.
For example, the expression representing a shape such as a square shape or a cylindrical shape not only represents a shape such as a square shape or a cylindrical shape in a strictly geometrical sense, but also an uneven portion or a chamfer as long as the same effect can be obtained. A shape including a part and the like is also represented.
On the other hand, the expression “comprising”, “comprising”, “including”, “including”, or “having” one component is not an exclusive expression excluding the existence of another component.

  FIG. 1 is a diagram schematically showing a vehicle maintenance system 10 according to one embodiment of the present invention. FIG. 2 is a diagram illustrating a connection between a maintenance tool device and a vehicle according to an embodiment of the present invention. FIG. 3 is a diagram showing a state in which the maintenance tool device 1 according to one embodiment of the present invention is installed in a tool installation section 72 of a dashboard 71, and FIG. FIG. 7B is an enlarged view of the vicinity of the tool installation section 72. FIG. 4 is a diagram schematically showing a configuration of the maintenance tool device 1 according to one embodiment of the present invention.

  The vehicle maintenance system 10 is a system for maintaining a plurality of vehicles to be maintained (hereinafter, target vehicles 7). As shown in FIG. 1, the vehicle maintenance system 10 includes n maintenance tool devices 1 connected to n (an integer satisfying n ≧ 2) target vehicles 7, and a communication network 92 outside the target vehicle 7. (M is an integer of 2 or more that satisfies the relationship of m ≦ n) with the maintenance tool device 1 (repro tool) via the transmission device 9. In the vehicle maintenance system 10, for example, each of the plurality of maintenance tool devices 1 is installed in any of the plurality of target vehicles 7 collected at a maintenance shop or the like, and is provided with a geographical location via the communication network 92. Maintenance is performed on the target vehicle 7 while communicating with the transmission device 9 that is remotely separated.

  As shown in FIG. 1, the communication network 92 includes a LAN 93 (Local Area Network) to which the transmitting device 9 is connected, a mobile communication network 95 (3G or 4G, etc.) to which the maintenance tool device 1 is connected, and a LAN 93. It may be configured by a WAN 94 (Wide Area Network) such as the Internet for connecting to the mobile communication network 95. The maintenance tool device 1 may be connected to a wireless LAN instead of the mobile communication network 95 described above. Note that the transmitting device 9 and each maintenance tool device 1 may be connected via a VPN (Virtual Private Network).

  Further, as shown in FIG. 2, the maintenance tool device 1 is connected to a vehicle network 7n to which a plurality of electronic control devices 8 mounted on the target vehicle 7 are connected, so that communication via the vehicle network 7n ( This is a device configured to enable data transmission and reception. The vehicle network 7n is a network that interconnects a plurality of electronic control units 8 (hereinafter, appropriately referred to as ECUs 8). The target vehicle 7 includes a CAN (Controller Area Network), a K line, and a LIN (Local Interconnect Network). ), At least one vehicle network 7n such as FlexRay. Further, a vehicle-side connector 7c is also connected to the vehicle network 7n, and the maintenance tool device 1 is connected to the vehicle network 7n via the vehicle-side connector 7c. As shown in FIG. 2, the vehicle network 7n includes, for example, an ECU 81 for engine control, an ECU 82 for brake control, an ECU 83 for audio control, an ECU 84 for door control, an ECU 85 for collision prevention control, and an ECU 85 for meter control. A plurality of types of ECUs 8 such as the ECU 86 are connected.

  As shown in FIG. 3, the maintenance tool device 1 is a hand-held device, is small and lightweight, and is configured to be easy to carry and handle. Configured for use. In general, the interior of the target vehicle 7 is divided into a dashboard 71 and a floor panel 74 to form a vehicle room 7s in which an occupant lives (see FIG. 3). Then, as shown in FIG. 3, the vehicle-side connector 7c is exposed to the vehicle interior 7s, for example, facing the vehicle interior 7s instead of the place where the ECU 8 is installed inside the target vehicle 7. Is installed where possible. In the embodiment shown in FIGS. 1 to 3, as shown in FIG. 3, the above-described vehicle-side connector 7 c is disposed on the dashboard 71 on the right side of the driver's seat handle (not shown), and faces downward. It is installed in the above-mentioned space of the tool installation part 72 forming the opening space. The vehicle-side connector 7c is a connector defined by the SAEJ1962 standard.

  However, the present invention is not limited to this embodiment. In some other embodiments, connectors specified in other standards may be used. Further, a cover may be provided in the tool installation section 72, and the vehicle-side connector 7c may be configured to be exposed to the vehicle interior 7s by opening the cover. Alternatively, the tool installation section 72 may be provided at a position that can face the outside of the target vehicle 7.

  Further, the maintenance tool device 1 may have a script execution function of executing a script in which a desired process is described. For example, the maintenance tool device 1 executes the script when receiving an execution command Ie. The script is a simple program having at least one command described in a predetermined script language that is an interpreted language, and can be executed without compiling in advance. For this reason, it is relatively easy to prepare until a desired process such as updating of software (control program) of the ECU 8 can be executed, it is easy to implement a process unique to each of a large number of ECUs 8, and the description contents are checked on a text basis It is possible to easily cope with various processes, for example, it is easy to verify a script (execution content).

  For example, the script includes an instruction for transmitting / receiving data to / from a desired ECU 8 in the vehicle network 7n, an instruction for reading a failure code (DTC: Diagnostic Trouble Code) from the desired ECU 8, and data flowing through the vehicle network 7n. It may be possible to describe a command for obtaining the communication data (acquisition of communication data). In addition, in order for the maintenance tool device 1 to be compatible with a plurality of types of vehicle networks 7n such as CAN and K-Line, a bus may be designated by these instructions. Further, in order to support a plurality of types of protocols (KWP, UDS, K-Line, etc.) operating on the vehicle network 7n, an instruction may be prepared for each protocol. In addition, it is possible to describe a program control instruction such as movement (call or jump) or return (return to the next line after call) to a specified line (specified location) in a script, loop, conditional branch, or sleep. . Further, it may be possible to describe a declaration of a variable or an instruction such as a logical operation or a numerical operation of the variable. In addition, a lighting command and a lighting command for a light emitting unit 63 (see FIG. 3) such as an LED installed in the maintenance tool device 1, a display command for a display unit 62 (display device such as an LCD; see FIG. 3), a speaker (not It may be possible to describe an operation command to the on-board device such as a buzzer sound ON command or an OFF command from the illustrated).

  In the embodiment illustrated in FIGS. 1 to 4, as illustrated in FIG. 2, the maintenance tool device 1 includes a script command interpretation unit 34 and a script command execution unit 35. The script command interpreting unit 34 is configured to sequentially interpret one or more commands described in the script described above. The script command interpreter 34 can interpret various commands described according to a predetermined script language by translating the commands into machine language. Upon receiving the execution command Ie, the script command interpreting unit 34 starts the execution of the script and interprets the commands described from the start to the end of the script sequentially according to control commands such as loops and conditional branches. I will do it.

  Note that the execution command Ie may be received by the maintenance tool device 1 from the outside by radio, or the execution start switch (not shown) of the maintenance tool device 1 may be turned on. Or a signal output when the terminal unit 4 (described later) of the maintenance tool device 1 is connected to the vehicle-side connector 7c. Further, the script is stored in advance in a removable storage medium 61 which is a storage medium such as a micro SD, and the removable storage medium 61 is inserted into a memory slot (not shown) provided in the maintenance tool device 1, or a script is externally provided. By performing communication, the execution by the maintenance tool device 1 may be enabled.

  On the other hand, the script command execution unit 35 is configured to execute predetermined processing described in the script via the vehicle network 7n by sequentially executing the commands sequentially interpreted by the script command interpretation unit 34. The script command execution unit 35 executes the command (machine language) interpreted by the script command interpretation unit 34. For example, the script command execution unit 35 transmits a command to the ECU 8 via the terminal unit 4 (described later) and the vehicle network 7n according to the input from the script command interpretation unit 34. In addition, it receives a response to the transmitted command and delivers it to the script command execution unit 35. Then, the script command interpreting unit 34 checks the execution result (success or failure of the command) for the interpreted command, and proceeds with the execution of the script while selecting the next command of the script according to the execution result of the command. Go. As described above, the mutually connected script command interpreting unit 34 and script command executing unit 35 cooperate to execute the script.

  In the vehicle maintenance system 10 having the above-described configuration, the transmission device 9 installed at a remote location via the communication network 92 updates the control program, collects logs, and changes settings for the plurality of maintenance tool devices 1. The maintenance tool device 1 is installed by transmitting an execution command Ie for instructing execution of maintenance such as maintenance data, which is various data such as a script file used for maintenance, an update program, and setting information. Maintenance work such as updating software, changing settings, and collecting logs for a plurality of target vehicles 7 can be performed.

  As described above, when the target vehicle 7 is maintained from a remote place via the maintenance tool device 1, there is a possibility of information leakage due to interception of communication data on the communication path. In particular, as shown in FIG. 1, when a wireless section W exists on a communication path between the transmitting device 9 and the maintenance tool device 1, the possibility of information leakage increases. Therefore, in the vehicle maintenance system 10 of the present invention, each of the plurality of divided data B obtained by dividing the maintenance data D on the transmitting device 9 side is transmitted to any one of the plurality of maintenance tool devices 1. By improving communication security and communicating the divided data B received by each of the plurality of maintenance tool devices 1, each maintenance tool device 1 acquires the maintenance data D.

  Hereinafter, the maintenance tool device 1 and the transmission device 9 that implement the above-described method will be described with reference to FIGS. FIG. 5 is a diagram for explaining a communication process between the transmitting device 9 and the maintenance tool device 1 according to the embodiment of the present invention, and transmits the divided maintenance data D to the three maintenance tool devices 1. This is an example of the case.

  Note that the maintenance tool device 1 and the transmission device 9 in FIGS. 4 and 5 are computers and include a processor (not shown) (not shown) and a storage device including a memory such as a ROM and a RAM. The processor operates (such as data operation) in accordance with the instructions of the program loaded in the memory (RAM) to execute the above-described script execution function and various processes described later.

  First, the transmitting device 9 will be described. As shown in FIG. 5, the transmitting device 9 includes a plurality (m) of a plurality of (m) obtained by dividing arbitrary maintenance data D to be transmitted to each of the plurality of maintenance tool devices 1. The divided data B is transmitted to the same number (m) of the specific maintenance tool devices 1 as the plurality of divided data B among the plurality of maintenance tool devices 1 installed in the target vehicle 7 via the communication network 92. That is, each of the plurality of (m) divided data B constitutes a different part of one piece of maintenance data D, and the transmitting device 9 is configured such that each of the plurality of (m) maintenance tool devices 1 Communicate to receive different parts. The number of the divided data B (the number of divisions) may be the same number (n) as the target vehicle 7 or may be two or more which is smaller than the target vehicle 7 (m ≦ n). The division of the maintenance data D may be performed by the transmitting device 9 or by another device.

  More specifically, the number of divisions (m) of the maintenance data D is shared in advance between the transmitting device 9 and the plurality of maintenance tool devices 1. For example, even if the above-mentioned sharing is performed, a maintenance person between a remote place and a local place is determined in advance, and is input as setting information in advance to the transmitting device 9 and the plurality of maintenance tool devices 1 in advance. good. Alternatively, the above-described sharing may be performed by performing communication between the transmission device 9 and the plurality of maintenance tool devices 1. Specifically, the maintenance tool device 1 is configured to perform communication with the transmission device 9 when activated by being supplied with power in an installation state of the target vehicle 7 or the like, while transmitting device The number 9 may be the number of divisions (m) of the number of the maintenance tool devices 1 that have received the start notification before dividing the maintenance data D. The transmitting device 9 may notify the determined number of divisions (m) to the plurality of maintenance tool devices 1 in advance or together with the transmission of the divided data B. The maintenance tool device 1 may acquire the communication address of the transmission device 9 from, for example, the removable storage medium 61.

  The transmitting device 9 generates a plurality of communication frames (IP packets and MAC frames in this embodiment) for individually carrying each of the m pieces of divided data B. Is different for each divided data B (for each IP packet). Thereby, each divided data B is transmitted to mutually different maintenance tool devices 1 indicated by the destination of the IP packet.

  The transmitting device 9 stores restoration information (for example, an order) used for restoring the maintenance data D from all the divided data B after division in a communication frame together with each divided data B (for example, a data portion such as an IP packet). May be sent). This restoration information may include the number of divisions (m). Further, the restoration information may include information that can be calculated based on the maintenance data D such as a checksum of the maintenance data D before division so that an error can be confirmed on the receiving side.

Next, the maintenance tool device 1 will be described.
As shown in FIG. 4, each of the plurality of maintenance tool devices 1 includes a first communication unit 21, a second communication unit 22, and a restoration unit 31. In the embodiment illustrated in FIG. 4, the control unit 3 includes the above-described restoration unit 31, the script instruction interpretation unit 34 and the script instruction execution unit 35 described above, and the maintenance execution unit 32 described below. When the CPU operates according to the command, processing corresponding to the function of the control unit 3 is performed.
The above configuration (functional unit) of the maintenance tool device 1 will be described.

  In the following description, unless otherwise specified, the transmitting device 9 transmits the divided data B separately to all the maintenance tool devices 1 installed in the target vehicle 7. That is, the number of the maintenance tool devices 1 to which the transmitting device 9 transmits the divided data B is the same as the number of the target vehicles 7 (m = n).

  The first communication unit 21 is a functional unit configured to receive the divided data Ba addressed to the own device and transmitted by the transmission device 9 described above. Specifically, each maintenance tool device 1 receives a communication frame (such as a MAC frame or an IP packet) destined for itself and takes in the divided data B stored in its data portion. By not receiving the communication frame addressed to the device, the other divided data B is not received. In the embodiment shown in FIGS. 1 to 5, the first communication unit 21 receives the divided data Ba addressed to itself from the base station 95 b of the mobile communication network 95 and inputs the data to the control unit 3. ing. The control unit 3 saves (temporarily saves) the divided data Ba addressed to the own device input from the first communication unit 21 in the memory.

  The second communication unit 22 transmits the divided data Ba addressed to the own device received by the above-described first communication unit 21 to all the other maintenance tool devices 1, and all the other specific maintenance tool devices 1 This is a functional unit configured to receive the divided data Bb destined for another device held by receiving the divided data Bb addressed to the device. In other words, each maintenance tool device 1 receiving the divided data Ba addressed to the own device communicates the divided data Ba addressed to the own device received by the first communication unit 21 via the second communication unit 22. , And operate so as to be shared with all other maintenance tool devices 1. At this time, the second communication unit 22 may transmit and receive the divided data B by broadcast or multicast, or may transmit and receive it by unicast. Further, each maintenance tool device 1 may transmit the divided data Ba addressed to itself via the second communication unit 22 at an arbitrary timing after receiving the data, or a request from another maintenance tool device 1 May be transmitted as a response. Note that the second communication unit 22 of the maintenance tool device 1 that does not directly receive the divided data B from the transmission device 9 instead of the specific maintenance tool device 1 transmits the divided data Ba addressed to the own device because it does not receive it. In addition, all the specific maintenance tool devices 1 serving as the other devices receive all the divided data Bb addressed to the other device, respectively, received from the transmitting device 9.

  In the embodiment illustrated in FIGS. 1 to 5, each maintenance tool device 1 is configured to wirelessly communicate with another maintenance tool device 1 via the second communication unit 22. More specifically, the second communication unit 22 wirelessly communicates using a wireless communication technology having a shorter radio wave reach than the first communication unit 21. Specifically, since the first communication unit 21 communicates with the base station 95b of the mobile communication network 95, the wireless communication technology used by the second communication unit 22 is Bluetooth (registered trademark), wireless LAN (for example, ad hoc mode). And the like. The wireless communication technology used by the second communication unit 22 may use a communication technology capable of routing received data to the second communication unit 22 included in another maintenance tool device 1.

The second communication unit 22 is connected to the control unit 3, transmits the divided data Ba addressed to the own device input from the control unit 3, and inputs the received divided data Bb addressed to the other device to the control unit. It is supposed to. The control unit 3 stores the divided data Bb addressed to the other device input from the second communication unit 22 in the memory. Further, each maintenance tool device 1 may notify the transmitting device 9 of an error when not all divided data are collected even after the appropriately set timeout time has elapsed.
However, the present invention is not limited to the present embodiment, and the second communication units 22 of the respective maintenance tool devices 1 may be connected by wires.

  The restoration unit 31 is configured to restore the maintenance data D from the divided data Ba received by the first communication unit 21 and addressed to the own device, and the divided data Bb received by the second communication unit 22 and addressed to all other devices. It is a functional unit. The first communication unit 21 obtains the divided data Ba destined for the own device, and the second communication unit 22 obtains the divided data Bb destined for another device, which is all the remaining divided data B constituting the maintenance data D. . Therefore, the restoration unit 31 can restore the maintenance data D before division from the plurality of division data B thus obtained. As described above, each maintenance tool device 1 complements by obtaining the divided data B other than the divided data Ba destined for itself from the other maintenance tool devices 1 so that the maintenance data that the transmitting device 9 tries to communicate with is obtained. D can be obtained appropriately.

  For example, the restoration unit 31 may restore the maintenance data D from the plurality of divided data B using the above-described restoration information included in the data part of the IP packet. When the restoration information includes the checksum of the maintenance data D before the division, the restoration unit 31 calculates the checksum of the restored maintenance data D, and compares the checksum with the received checksum. By confirming the coincidence, it may be confirmed that there is no error in the restored maintenance data D. Then, when detecting an error, the restoration unit 31 may transmit to the transmitting device 9 that the error has been detected, such as a retransmission request.

  For example, when the maintenance data D is large-capacity data having a large data amount, for example, when the maintenance data D is update data (update program) of the control program, the large-capacity data portions are respectively replaced with the maintenance data. D may be used. In this case, the transmitting device 9 transmits the plurality of maintenance data D, which respectively configure different portions of the large-capacity data, to the maintenance tool device 1, thereby completing the entire transmission processing. 1 can be restored in units of maintenance data D. By doing so, it becomes possible to send the update data to the target ECU 8 while receiving the update data, and the processing time can be reduced.

  In the embodiment illustrated in FIGS. 1 to 5, the first communication unit 21, the second communication unit 22, the restoring unit 31, and the handheld type holding case 5 described below hold the first communication unit 21, It is a handy type device.

  According to the above configuration, each of the plurality of maintenance tool devices 1 is configured to receive the maintenance data D from the transmission device 9 via the communication network 92 in a state where each of the plurality of maintenance tool devices 1 is installed in a different target vehicle 7. You. Specifically, each of the plurality of maintenance tool devices 1 receives a part of the plurality of divided data B constituting a different part of one piece of maintenance data D from the transmitting device 9 and receives the received divided data B Is transmitted to the other maintenance tool device 1 to acquire all the divided data B constituting the maintenance data D, thereby restoring the maintenance data D. As described above, by dividing and communicating the plurality of divided data B constituting the maintenance data D to the plurality of maintenance tool devices 1, each maintenance tool device 1 can maintain the maintenance data while improving communication security against interception and the like. D can be obtained.

  More specifically, in the embodiment illustrated in FIG. 4, each of the plurality of maintenance tool devices 1 having the above-described configuration includes, in addition to the above-described configuration, the maintenance execution unit 32, the terminal unit 4, and the handy-type holding case. 5 is further provided. Next, the configuration of each maintenance tool device 1 will be described with reference to FIG.

  The terminal unit 4 is configured to be detachable from a vehicle-side connector 7c connected to a vehicle network 7n in the target vehicle 7 (see FIG. 3). In other words, the terminal portion 4 is a connector configured to be fitted to the vehicle-side connector 7c, and the terminal portion 4 and the vehicle-side connector 7c are fitted in the vehicle-side connector 7c (connection state). And are electrically connected. The vehicle-side connector 7c is electrically connected to the ECU 8 via a vehicle network 7n. Therefore, by connecting the terminal unit 4 to the vehicle-side connector 7c, the maintenance tool device 1 and the ECU 8 are electrically connected via the vehicle network 7n. In some embodiments, as shown in FIG. 1, it may be connected to the vehicle-side connector 7c via an extension cable 75. In some other embodiments, as shown in FIG. 3, the terminal portion 4 may be directly connected to the vehicle-side connector 7c.

  In the embodiment shown in FIGS. 1 to 5, the maintenance tool device 1 connects the terminal unit 4 to the vehicle-side connector 7 c to establish a connection state, so that the power from the battery 7 b mounted on the target vehicle 7 is obtained. Is supplied through the terminal section 4. After the supplied power is transformed from 12 V to a desired voltage (3.3 V, 5 V, or the like) by the converter 64, power is supplied to the control unit 3. As described above, the weight is reduced by not providing the power supply unit inside the maintenance tool device 1. However, in some other embodiments, a dry battery, a rechargeable battery, or the like may be incorporated.

  The maintenance execution unit 32 is a functional unit configured to execute maintenance processing on the target vehicle 7 via the terminal unit 4 based on the maintenance data D restored by the restoration unit 31. The maintenance process includes, for example, a process of updating the control program of the ECU 8, a process of collecting logs, a process of checking settings, updating settings and the like. In the embodiment illustrated in FIGS. 1 to 5, the maintenance execution unit 32 has the above-described script execution function. Then, when a script (maintenance data D) is input from the restoration unit 31, a maintenance process is executed according to the script. When update data (maintenance data D) such as a control program is input from the restoration unit 31, the update data is transmitted to the vehicle network 7n via the terminal unit 4 so that the update target ECU 8 Send update data to the server.

  The handy type holding case 5 is a housing, and is configured to hold the above-described terminal unit 4, first communication unit 21, second communication unit 22, restoration unit 31, and maintenance execution unit 32. Thus, the maintenance tool device 1 is of a handy type. More specifically, in the embodiment illustrated in FIGS. 1 to 5, as illustrated in FIG. 4, the handheld holding case 5 includes a first communication unit 21, a second communication unit 22, a terminal unit 4, and a control unit 3 ( The restoring unit 31 and the maintenance execution unit 32 are housed inside, and at least a part of the terminal unit 4 is configured to be held in a state where the terminal unit 4 is exposed to the outside. The connection with the vehicle-side connector 7c is facilitated.

  The maintenance execution unit 32 may transmit the execution result of the maintenance process to the transmission device 9. For example, when the maintenance process is a process of updating the control program of the ECU 8 or a process of updating the setting of the ECU 8, the status may be a success or failure of the update. When the setting confirmation and the maintenance processing are log collection processing, the setting information and log information obtained as a result are obtained. At this time, the maintenance execution unit 32 may transmit the transmission data to the transmission device 9 from the first communication unit 21 by encrypting the transmission data. Alternatively, each maintenance tool device 1 divides the transmission data into a plurality of pieces and sends the data to another maintenance tool device 1 via the second communication unit 22 or the like, thereby dividing the transmission data into a plurality of transmission tool 9 from the plurality of maintenance tool devices 1. The transmitting device 9 may transmit the data B, and may restore the transmitting data from the plurality of divided data B.

  According to the above configuration, the maintenance tool device 1 is connected to the first communication unit 21, the second communication unit 22, the control unit 3 (the restoration unit 31, the maintenance execution unit 32, and the like), and the terminal unit 4 is connected to the handy holding case 5 By being configured to be housed in the inside, a handy-type maintenance tool device 1 that is small and light in weight and easy to carry and handle can be provided.

  In some embodiments, as shown in FIGS. 1 to 5, the above-described first communication unit 21 receives the divided data B transmitted through the wireless section W configuring at least a part of the communication network 92. It is configured to be. Further, the transmitting device 9 transmits the dummy data Dd such that the dummy data Dd is transmitted in the wireless section W in which the divided data B destined to each of the above-described specific maintenance tool devices 1 to which the divided data B is transmitted is transmitted. It is configured to

  More specifically, for example, when all the divided data B constituting the maintenance data D transmitted through the wireless section W are intercepted, the possibility that the maintenance data D is restored increases by that much. Therefore, by transmitting the dummy data Dd, which is data that does not form the maintenance data D, when transmitting the divided data B from the transmitting device 9, even if all the data transmitted in the wireless section W is intercepted, The dummy data Dd that becomes invalid with respect to the restoration of the maintenance data D is also intercepted, thereby making it more difficult for the eavesdropper to restore the maintenance data D.

  Specifically, the transmitting device 9 may transmit the dummy data Dd to the maintenance tool device 1 that is not used for maintenance, such as being not installed in the vehicle or not being activated. By doing so, it is possible to send the dummy data Dd that passes through the same wireless section W as the plurality of maintenance tool devices 1 installed in the plurality of target vehicles 7. Further, since the destination of the dummy data Dd is the maintenance tool device 1, it is more difficult to distinguish the dummy data Dd from the plurality of divided data B included in the intercepted data. In some other embodiments, the destination of the dummy data Dd may be an address of another device or a non-existent device as long as the address is transmitted in the wireless section W.

  According to the above-described configuration, the transmission device 9 includes, together with the plurality of divided data B constituting the maintenance data D, the dummy data Dd addressed to the dummy device such as the maintenance tool device 1 not installed in the target vehicle 7. Send Accordingly, when a plurality of maintenance tool devices 1 installed in the target vehicle 7 receive the divided data B via the same wireless master station, even if all data in the wireless section W is intercepted, a dummy By including the data Dd, it is possible to make it more difficult for the eavesdropper to restore the maintenance data D, and it is possible to further improve communication security.

  In some embodiments, the transmitting device 9 performs encryption corresponding to each of the plurality of specific maintenance tool devices 1 described above, which are the destinations of the divided data B, and then executes the encrypted divided data B. B is configured to be transmitted. In the embodiment shown in FIGS. 1 to 5, the transmitting device 9 and each maintenance tool device 1 have a common random number table. Then, the transmitting device 9 transmits the data after changing the arrangement of the data (64-byte data or the like) included in each divided data B based on the common random number table. On the other hand, each maintenance tool device 1 changes the arrangement of the received divided data B after the arrangement has been changed based on the same common random number table, thereby generating the divided data B before the arrangement change. It has become.

  Note that the common random number table included in each maintenance tool device 1 may be the same or different. If they are different, the transmitting device 9 holds each of the common random number tables corresponding to the respective maintenance tool devices 1. Further, as the encryption algorithm, another well-known algorithm may be adopted, or at least one of the plurality of maintenance tool devices 1 may have a different encryption algorithm from the others.

  According to the above configuration, the transmitting device 9 performs encryption on each of the plurality of divided data B constituting the maintenance data D in accordance with the destination maintenance tool device 1. As a result, communication security can be further improved.

  In some embodiments, the maintenance tool device 1 is configured such that the maintenance data D restored by the restoration unit 31 is deleted after an arbitrary predetermined time has elapsed from the completion of the maintenance processing. May be.

  Specifically, for example, the restoration unit 31 stores the maintenance data D obtained by the restoration in a volatile memory such as a RAM, and the maintenance execution unit 32 (described later) stores the maintenance data D stored in the volatile memory. The data D may be obtained. By doing so, the information on the volatile memory is cleared when the power of the maintenance tool device 1 is turned off, so that the maintenance data D for the maintenance processing may be unnecessarily stored inside the maintenance tool device 1. And highly confidential data can be protected. Further, as described above, when each of the portions of large-capacity data such as update data is used as the maintenance data D, each maintenance data D is temporarily stored in a relatively small capacity memory. It is also possible to protect highly confidential data.

  Further, for example, the maintenance tool device 1 has a built-in clock and is stored in a nonvolatile memory including the removable storage medium 61 after a set date and time or after a predetermined period set after completion of the maintenance process. An erasing unit configured to erase all information may be further provided. The erasure target of the erasure unit may include a volatile memory included in the maintenance tool device 1. In this way, security when the device is lost can be ensured.

  The present invention is not limited to the above-described embodiment, and includes a form in which the above-described embodiment is modified and a form in which these forms are appropriately combined.

Reference Signs List 10 Vehicle maintenance system 1 Maintenance tool device 21 First communication unit 22 Second communication unit 3 Control unit 31 Restoration unit 32 Maintenance execution unit 34 Script instruction interpretation unit 35 Script instruction execution unit 4 Terminal unit 5 Handy holding case 61 Removable Storage medium 62 Display unit 63 Light emitting unit 64 Converter 7 Target vehicle 7b Battery 7c Vehicle-side connector 7n Vehicle network 7s Vehicle compartment 71 Dashboard 72 Tool installation unit 74 Floor panel 75 Extension cable 8 Electronic control unit 9 Transmission device 92 Communication network 93 LAN
94 WAN
95 Mobile communication network 95b Base station D Maintenance data B Maintenance data divided data Ba Divided data addressed to own device Bd Divided data addressed to other device Dd Dummy data Ie Execution command W Wireless section

Claims (6)

A plurality of maintenance tool devices configured to be connected to a plurality of target vehicles to be maintained;
A plurality of divided data obtained by dividing the maintenance data are transmitted to the same number of the specified maintenance tool devices as the plurality of divided data of the plurality of maintenance tool devices via a communication network. And a transmitting device,
Each of the plurality of maintenance tool devices,
A first communication unit configured to receive the divided data addressed to the own device transmitted by the transmitting device;
The divided data addressed to the own device received by the first communication unit is transmitted to all the other maintenance tool devices, and the divided data addressed to the other device held by all the specific maintenance tool devices is received. A second communication unit configured;
A restoration unit configured to restore the maintenance data from the divided data addressed to the own device received by the first communication unit and the divided data addressed to all of the other devices received by the second communication unit. A maintenance system for a vehicle, comprising: Each of the plurality of maintenance tool devices,
A terminal portion detachable from a vehicle-side connector connected to a vehicle network in the target vehicle,
A maintenance execution unit configured to execute a maintenance process on the target vehicle via the terminal unit based on the maintenance data restored by the restoration unit;
The vehicle according to claim 1, further comprising: a handy-type holding case that holds the terminal unit, the first communication unit, the second communication unit, the restoration unit, and the maintenance execution unit. Maintenance system. The first communication unit is configured to receive the divided data transmitted in a wireless section forming at least a part of the communication network,
3. The transmission device according to claim 2, wherein the transmission device is configured to transmit the dummy data such that the dummy data is transmitted in the wireless section in which the divided data is transmitted to each of the specific maintenance tool devices. The vehicle maintenance system according to claim 1.   The vehicle maintenance system according to claim 3, wherein the first communication unit is configured to receive the divided data addressed to the own device from a base station of a mobile communication network forming the wireless section. .   5. The maintenance tool device according to claim 2, wherein the maintenance data restored by the restoration unit is deleted after a lapse of a predetermined time from completion of the maintenance processing. The vehicle maintenance system according to any one of claims 1 to 4.   The transmission device according to claim 1, wherein after performing encryption corresponding to each of the plurality of specific maintenance tool devices, the transmission device transmits the encrypted divided data. The vehicle maintenance system according to any one of claims 5 to 13.

Images