JP7247709B2 - Work Machine Certification System, Work Machine Certification Method, and Work Machine Certification Program - Google Patents

Description

The present invention relates to a working machine authentication system, a working machine authentication method, and a working machine authentication program for performing authentication of a working machine.

For example, Japanese Unexamined Patent Application Publication No. 2002-100001 describes that an authentication device (wireless authentication device in the same document) possessed by an operator of a work machine is authenticated.

JP 2016-196759 A

Even if the authentication device possessed by the operator of the work machine is authorized, if the operator possessing this authentication device is not authorized, or if the information such as the program that controls the operation of the work machine is not authorized, the work machine may operate incorrectly. Therefore, it is required to determine whether the operation of the work machine is normal (authenticate the operation). Here, variations occur in the operation of the work machine depending on how the work machine is used. Therefore, for example, it is difficult to determine whether the operation of the work machine is normal by simply comparing the operation of the work machine registered in advance with the current operation of the work machine.

SUMMARY OF THE INVENTION Accordingly, it is an object of the present invention to provide a working machine authentication system, a working machine authentication method, and a working machine authentication program capable of authenticating the operation of a working machine even when the usage status of the working machine changes. .

A work machine authentication system of a first means includes a sensor, a storage unit, a usage status acquisition unit, an authentication information generation unit, an authentication control information determination unit, and a determination unit. The sensor is provided on the working machine. The storage unit stores first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation. The usage status acquisition unit acquires a second usage status of the work machine. The authentication information generating section generates second authentication information based on a value obtained by the sensor when the working machine performs the specific operation. The authentication control information determination unit determines an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status. The determination unit determines whether or not to permit authentication by comparing the second authentication information and the allowable value.

The working machine authentication method of the second means authenticates a working machine having a sensor. The work machine authentication method includes a storage step, a usage status acquisition step, an authentication information generation step, an authentication control information determination step, and a judgment step. The storing step stores the first authentication information generated based on the value obtained by the sensor when the work machine is in the first usage state and when the work machine performs a specific operation. The usage status acquisition step acquires a second usage status of the work machine. The authentication information generating step generates second authentication information based on a value obtained by the sensor when the work machine performs the specific operation. The authentication control information determining step determines an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status. The determination step determines whether or not to permit the authentication by comparing the second authentication information and the allowable value.

A working machine authentication program of the third means performs authentication regarding a working machine having a sensor. The work machine authentication program causes the computer to execute a storage step, a usage status acquisition step, an authentication information generation step, an authentication control information determination step, and a determination step. The storing step stores the first authentication information generated based on the value obtained by the sensor when the work machine is in the first usage state and when the work machine performs a specific operation. The usage status acquisition step acquires a second usage status of the work machine. The authentication information generating step generates second authentication information based on a value obtained by the sensor when the work machine performs the specific operation. The authentication control information determining step determines an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status. The determination step determines whether or not to permit the authentication by comparing the second authentication information and the allowable value.

By each of the first means, the second means, and the third means, it is possible to authenticate the operation of the work machine even if the usage condition of the work machine changes.

1 is a block diagram showing a working machine authentication system 1 of a first embodiment; FIG. It is the figure which looked at the work machine 10 shown in FIG. 1 from the side. 2 is a diagram showing an outline of processing of the work machine authentication system 1 shown in FIG. 1; FIG. 2 is a flowchart showing the operation of the working machine authentication system 1 shown in FIG. 1; FIG. 5 is a diagram showing the specific number N and tolerance σ determined in step S23 shown in FIG. 4; 5 is a flowchart showing step S30 shown in FIG. 4; FIG. 5 is a flow chart showing step S50 shown in FIG. 4. FIG. It is a block diagram which shows the working machine authentication system 201 of 2nd Embodiment. FIG. 9 is a flow chart showing the operation during authentication of the work machine authentication system 201 shown in FIG. 8. FIG. It is a block diagram which shows the working machine authentication system 301 of 3rd Embodiment. FIG. 11 is a flow chart showing the operation during authentication of the work machine authentication system 301 shown in FIG. 10; FIG.

(First embodiment)
A working machine authentication system 1 according to the first embodiment will be described with reference to FIGS. 1 to 7. FIG.

The working machine authentication system 1 is a system that authenticates the working machine 10 shown in FIG. The work machine authentication system 1 determines whether the operation of the work machine 10 is normal. By determining the operation of the work machine 10, the work machine authentication system 1 may determine whether the information (for example, programs and parameters) controlling the operation of the work machine 10 is valid. It may be possible to determine whether the operator is legitimate. The working machine authentication system 1 determines that the operation of the working machine 10 is normal (authentication is permitted) if the working machine 10 performs an operation that matches or substantially matches an operation registered in advance in the storage unit 53 (details will be described later). ). The working machine authentication system 1 includes a working machine 10 and an authentication device 50 (computer).

The work machine 10 is a machine that performs various kinds of work, such as a construction machine that performs construction work, such as a shovel or a crane. Hereinafter, as shown in FIG. 2, the case where the work machine 10 is a shovel will be described. The work machine 10 includes a lower traveling body 11, an upper revolving body 13, an attachment 15, an input device 21, a sensor 23 shown in FIG. 1, and a controller 30 (computer).

The undercarriage 11 allows the work machine 10 to travel, as shown in FIG. The upper revolving body 13 is rotatably mounted on the lower traveling body 11 . The upper revolving body 13 has a cab 13a for operating the work machine 10 by an operator.

The attachment 15 is a part that performs work, and includes, for example, a boom 15a, an arm 15b, and a tip attachment 15c. The boom 15 a can be raised and lowered (rotated) with respect to the upper swing body 13 . Arm 15b is rotatable with respect to boom 15a. The tip attachment 15c is provided at the tip of the attachment 15 and is rotatable with respect to the arm 15b. The tip attachment 15c may be, for example, a bucket for scooping earth and sand, a device for pinching an object (such as a grapple), or a device for crushing (such as a breaker).

The input device 21 is a device operated by an operator of the work machine 10 . The input device 21 is arranged, for example, inside the cab 13a. The input device 21 includes a cluster gauge 21a, an operating lever 21b, and a lever lock 21c. The cluster gauge 21a is an operation panel for performing various operations. The cluster gauge 21a has at least one button. The buttons of the cluster gauge 21a may be physical buttons or buttons displayed on the screen. The operating lever 21b is a portion (operating portion) for operating the work machine 10 . The operation lever 21 b is for operating the travel of the lower traveling body 11 , the turning of the upper revolving body 13 with respect to the lower traveling body 11 , and the operation of the attachment 15 . The lever lock 21c is raised and lowered when the operator enters and exits the cab 13a, and switches between enabling and disabling (locking) the operation of the operating lever 21b. An input device 21 other than the above example may be provided, for example, a pedal for operating the work machine 10 may be provided.

The sensor 23 (see FIG. 1) detects various information and obtains sensor values (detected values). [Example A1] The sensor 23 shown in FIG. 1 detects the surrounding conditions of the work machine 10 . [Example A1a] The sensor 23 detects temperature, humidity, and the like (surrounding environment) around the working machine 10 . [Example A1b] The sensor 23 may include a camera that captures the surroundings of the work machine 10 . [Example A2] The sensor 23 may detect the operation state of the input device 21 . [Example A2a] Specifically, the sensor 23 may detect ON/OFF of the button of the cluster gauge 21a or the lever lock 21c (may include an ON/OFF sensor). [Example A2b] The sensor 23 may detect the operation of the control lever 21b. Specifically, the sensor 23 may detect the hydraulic pressure or electric current that changes with the operation of the control lever 21b. [Example A3] The sensor 23 may detect the internal state of the work machine 10 . [Example A3a] For example, the sensor 23 may detect information about the engine of the work machine 10 (for example, fuel injection amount, rotation speed, water temperature, etc.). [Example A3b] The sensor 23 may detect information about the hydraulic circuit that operates the work machine 10 (for example, the pressure of the pump, the temperature of the hydraulic oil, the current value input to the proportional valve, etc.). [Example A4] The sensor 23 may detect the attitude of the work machine 10 (for example, the angle of the upper rotating body 13 with respect to the lower traveling body 11 shown in FIG. 2, the angle of the boom 15a with respect to the upper rotating body 13, etc.). [Example A5] The sensor 23 shown in FIG. 1 may detect the position of the work machine 10 . Note that the sensor 23 may be able to detect only some of the detection targets in the above example. Also, the sensor 23 may be the controller 30 (the sensor value may be information stored in the controller 30).

The controller 30 performs signal input/output, computation (processing, calculation, determination, etc.), information storage, and the like. The controller 30 includes a work machine side transmitter/receiver 31 , a holding unit 33 , a usage status acquisition unit 35 , and an authentication information generation unit 37 .

The work machine side transmission/reception unit 31 (simply “transmission/reception unit” in FIG. 1 ) transmits and receives information to and from the authentication device 50 . The holding unit 33 holds (stores) information. The holding unit 33 holds, for example, an ID (identification) (working machine identification code) that is a code for identifying the working machine 10 . The usage status acquisition unit 35 acquires the usage status of the work machine 10 (described later). The authentication information generation unit 37 generates second authentication information C2 (see FIG. 3) (described later).

The authentication device 50 is a device for authenticating the work machine 10 . The authentication device 50 is provided outside the work machine 10 . The authentication device 50 is operated by at least one of an administrator and an operator of the work machine 10, for example. Specifically, the authentication device 50 may be, for example, a smartphone, a notebook PC (personal computer), or a server. The authentication device 50 includes an authentication device side transmission/reception section 51 , a storage section 53 , an authentication control information determination section 55 and a determination section 57 .

The authentication device side transmission/reception unit 51 (“transmission/reception unit” in FIG. 1 ) transmits and receives information to and from the work machine 10 . The communication between the authentication device side transmitting/receiving section 51 and the work machine side transmitting/receiving section 31 may be wired only, wireless only, or a mixture of wired and wireless. The communication between the authentication device side transmitting/receiving section 51 and the work machine side transmitting/receiving section 31 may be direct or via a communication device (not shown) (may be indirect). Communication between the authentication device side transmitting/receiving section 51 and the working machine side transmitting/receiving section 31 may be multi-hop communication, provided that a reliable path can be established by, for example, verifying the authenticity of the communication device passing through. .

Storage unit 53 holds a database, and stores (holds) a first usage state, a first authentication code, and the like, which will be described later. In order to suppress information leakage by a third party (attacker) and to make the work machine authentication system 1 robust, it is preferable that the tamper resistance of the storage unit 53 is as high as possible. Specifically, for example, the storage unit 53 may use a TPM (Trusted Platform Module) or a TEE (Trusted Execution Environment). A digital signature may be attached to the information stored in the storage unit 53 . The information stored in storage unit 53 may be encrypted.

The authentication control information determination unit 55 determines the content used for determination by the determination unit 57, and specifically determines a specific number N and tolerance σ, which will be described later.

The determination unit 57 determines whether the operation of the work machine 10 is normal (authentication permitted) or not (authentication rejected) (described later).

(activation)
The work machine authentication system 1 is configured to operate as follows. An overview of the operation of the work machine authentication system 1 is as follows. Here, a case where the object of authentication by the working machine authentication system 1 is mainly information (control information) for controlling the operation of the working machine 10 will be described. The storage unit 53 stores the information before the authentication of the authentication target is performed. Specifically, work machine 10 performs a specific operation (specific operation) based on regular control information. The usage status (first usage status) of the work machine 10 at this time and the first authentication information C1 generated based on the sensor value obtained from the sensor 23 at this time are stored in the storage unit 53 (this The time of memory is hereinafter referred to as "time of registration").

After that, when the authentication target is authenticated (hereinafter referred to as "at the time of authentication"), the working machine 10 performs a specific operation. The second authentication information C2 is generated based on the sensor value obtained by the sensor 23 at this time (step S30 (see FIG. 4)). The determination unit 57 then compares the first authentication information C1 and the second authentication information C2 (step S50 (see FIG. 4)) to determine whether the authentication target is legitimate.

Here, the usage status (first usage status) of the work machine 10 at the time of registration and the usage status (second usage status) of the work machine 10 at the time of authentication may differ. In this case, even if work machine 10 performs a specific operation based on the normal control information during authentication, the sensor value at the time of registration and the sensor value at the time of authentication may differ greatly. Even in such a case, the allowable value C3 of the second authentication information C2 shown in FIG. adjusted (step S23 (see FIG. 4)). Details of the operation of the work machine authentication system 1 shown in FIG. 1 will be described below.

(At the time of registration)
The operation of the work machine authentication system 1 at the time of registration is as follows.

(Status of use)
The usage status acquisition unit 35 acquires the usage status (first usage status) of the work machine 10 (step S1). Examples of usage are as follows. [Example B] The usage status includes the surrounding status (surrounding environment) of the work machine 10 . A situation around work machine 10 is detected by sensor 23 . [Example B1] For example, the conditions of use may include temperature, humidity, and atmospheric pressure. [Example C] The usage status may include the status of the work machine 10 itself. The status of work machine 10 itself may be detected by sensor 23 or may be information stored in controller 30 .

[Example D] The usage status may include information about the degree of deterioration of the work machine 10 . If the work machine 10 is brand new at the time of registration, the degree of deterioration may be set to zero, for example. [Example D1] The usage status may include information about time. [Example D1a] For example, the usage status may include the time from a certain point in time (for example, when the work machine 10 was manufactured) to the present. [Example D1b] For example, the usage status may include the operating time of the work machine 10 (time during which the engine is driven, etc.). [Example D2] The usage status may include information about factors that affect the hydraulic piping of the work machine 10 . [Example D3] The usage status may include the status of work performed by the work machine 10 from a certain time to the present. [Example D3a] The usage status may include the details of the work performed by the work machine 10 . [Example D3b] The usage status may include the load (for example, maximum value, integrated value, etc.) applied to the work machine 10 during the work performed by the work machine 10 . [Example D4] The usage status may include the amount of operation of the work machine 10 from a certain time point to the present (integrated value of distance, integrated value of rotation angle, etc.). [Example D5] For example, if the work machine 10 is a shovel, the usage status may include the relationship between the type of the tip attachment 15c shown in FIG. 2 and the work time. Specifically, for example, the usage status may include working hours when the tip attachment 15c is a bucket. The usage conditions may include working time when the tip attachment 15c is a device (such as a breaker) for crushing.

(Specific operation, sensor value, authentication information)
The working machine 10 shown in FIG. 1 performs a specific operation based on regular control information. The sensor 23 detects the state of the work machine 10 at this time and outputs a sensor value. Then, the authentication information generation unit 37 generates authentication information (first authentication information C1) based on the sensor value.

The sensor value of the sensor 23 and the specific operation for obtaining this sensor value, which are used to generate the first authentication information C1, are appropriately selected according to the authentication object. The sensor value and the specific operation used to generate the first authentication information C1 are selected so that the authentication information generated based on the sensor value differs depending on whether the authentication target is legitimate or not. A specific action may be a physical action (movement, rotation, pressure change, etc.) or an electrical action. The sensor value may be a physical actuation detection value or an electrical detection value. Specific examples of the sensor 23 are as shown in [Example A1] to [Example A5] above.

The authentication information is information for determining whether the operation of the work machine 10 is normal. The authentication information is a unique (or substantially unique) value for each authentication target. The authentication information is information generated by a Physically Unclonable Function (PUF) that utilizes variations in the operation of work machine 10 . A specific example of generating the first authentication information C1 is the same as a specific example of generating the second authentication information C2, which will be described later.

(Memory)
The storage unit 53 stores the first authentication information C1 in the first usage state (step S3, storage step). More specifically, the storage unit 53 stores the first authentication information C1 generated based on the sensor value obtained by the sensor 23 when the working machine 10 performs the specific operation in the first usage state. . The storage unit 53 stores the first use state acquired by the use state acquisition unit 35 and the first authentication information C1 generated by the authentication information generation unit 37 as a set (in association with each other). . In addition, a plurality of sets of the first usage status and the first authentication information C1 are obtained by specific operations of the work machine 10 under various usage statuses. Then, the storage unit 53 may store the plurality of sets.

The storage unit 53 may store the first usage status, the first authentication information C1, and the ID of the work machine 10 as a set. In this case, information regarding a plurality of work machines 10 can be stored in the storage unit 53 . When the authentication target is the operator, the storage unit 53 may store the first usage status, the first authentication information C1, and the operator's ID (operator identification code) as a set. In this case, information about multiple operators can be stored in the storage unit 53 . The storage unit 53 may store the first usage status, the first authentication information C1, the ID of the work machine 10, and the ID of the operator as a set.

(at the time of authentication)
The operation of the working machine authentication system 1 at the time of authentication (working machine authentication method, working machine authentication program) is as follows. FIG. 3 shows an overview of the processing flow of the work machine authentication system 1 at the time of authentication, and FIG. 4 shows the details. Each step will be described below with reference to FIG.

The usage status acquisition unit 35 shown in FIG. 1 acquires (collects) the second usage status (step S11, usage status acquisition step). The second usage status is the usage status of the work machine 10 at the time of authentication (current when step S11 is performed). Work machine 10 transmits the second usage status to authentication device 50 (step S19). This transmission/reception is performed by the work machine side transmission/reception section 31 and the authentication device side transmission/reception section 51 (the same applies to the following transmission/reception). At this time, work machine 10 may transmit the ID of work machine 10 to authentication device 50 .

The authentication device 50 collates the information received from the work machine 10 with the information stored in the storage unit 53 (step S21). Specifically, for example, the authentication device 50 extracts information that matches the received ID from the information in the storage unit 53 . The authentication device 50 extracts, from the information in the storage unit 53, the first usage condition (reference data) that matches the received second usage condition or that is close (for example, closest) to the received second usage condition.

The authentication device 50 compares the second usage status and the first usage status. Specifically, the authentication device 50 calculates the difference between the second usage status and the first usage status (step S22). Specifically, for example, the authentication control information determination unit 55 weights and totals the differences in the values (for example, temperature, humidity, and degree of deterioration) that constitute the usage status, thereby determining the first usage status and the first usage status. 2, the difference from the usage status may be calculated. For example, the more severe the work performed by the work machine 10 between the time of registration and the time of authentication, the greater the calculated difference. For example, the longer the operation time of the work machine 10 from the time of registration to the time of authentication, the greater the calculated difference. For example, the greater the difference in the surrounding conditions (temperature, humidity, etc.) of the work machine 10 between the time of registration and the time of authentication, the greater the calculated difference.

The authentication control information determination unit 55 determines authentication control information (parameters used for authentication) (step S23, authentication control information determination step). Specifically, the authentication control information determination unit 55 determines the specific number N and the tolerance σ. Details of determination of the authentication control information by the authentication control information determination unit 55 are as follows. As described above, the first usage status of work machine 10 at the time of registration and the second usage status of work machine 10 at the time of authentication may differ. In this case, even if the object to be authenticated is legitimate, the sensor value when the work machine 10 performs the specific operation may differ greatly between when it is registered and when it is authenticated. Then, even if the authentication target is legitimate, the second authentication information C2 at the time of authentication is different from the first authentication information C1 at the time of registration. Therefore, with a simple authentication method that does not consider changes in the usage of the work machine 10, there is a risk that the authentication will not be permitted (passed) even though the authentication target is legitimate.

Therefore, the authentication control information determining unit 55 is designed so that authentication can be realized even if the second usage status changes with respect to the first usage status and the second authentication information C2 changes with respect to the first authentication information C1. do. Specifically, the authentication control information determining unit 55 determines the allowable value C3 (see FIG. 5) of the second authentication information C2 based on the comparison (more specifically, the difference) between the second usage status and the first usage status. is dynamically changed (determined). The allowable value C3 has a range (there is a range of values between the minimum value and the maximum value of the allowable value C3). The allowable value C3 is, for example, within the range of "(value of the first authentication information C1) - (tolerance σ)" or more and "(value of the first authentication information C1) + (tolerance σ)" or less. value. The tolerance σ for determining the minimum value of the tolerance C3 and the tolerance σ for determining the maximum value of the tolerance C3 may be the same value or different values. The authentication control information determination unit 55 sets the allowable value C3 (tolerance σ) wider as the difference between the first usage status and the second usage status increases. On the other hand, if the allowable degree σ is simply increased, the second authentication information C2 may be included in the allowable value C3 even when the authentication target is unauthorized.

Therefore, the authentication control information determination unit 55 shown in FIG. 1 dynamically changes (determines) the specific number N based on the comparison (specifically, the difference) between the second usage status and the first usage status. The specific number N is the number of second authentication information C2 used for authentication, and is the number of times the second authentication information C2 and the allowable value C3 are compared. The authentication control information determining unit 55 determines a larger specific number N as the difference between the first usage status and the second usage status increases. Note that the specific number N may be one.

A specific example of the tolerance σ and the specific number N determined by the authentication control information determination unit 55 is shown in FIG. A graph G1 is an example of information (reference data) extracted in step S21. Graph G1 is time-series data of authentication information (first authentication information C1) generated when work machine 10 performs a specific operation for a certain period of time. Then, as shown in graphs G2 and G3, the greater the difference between the first usage status and the second usage status, the greater the difference between the first usage status and the second usage status, the greater the tolerance σ and the greater (larger) the specific number N. set. Circles shown in graphs G2 and G3 are second authentication information C2 generated when work machine 10 performs a specific operation. The number of circle marks is the specific number N. A vertical line that overlaps the first authentication information C1 in the graphs G2 and G3 indicates the range of the allowable value C3. The longer the vertical line, the wider the tolerance σ.

Authentication device 50 shown in FIG. 1 transmits specific number N and an operation command to work machine 10 (step S29). This "operation instruction" is an instruction for causing the work machine 10 to perform a specific operation. For example, if the object to be authenticated is control information, the "operation command" may be a signal for causing the work machine 10 to perform a specific operation, or an instruction (for example, display etc.) can be used. For example, if the subject to be authenticated is an operator, the "operation instruction" is an instruction to cause the operator to perform an operation that causes work machine 10 to perform a specific operation. The number of activation instructions may be one or more.

The authentication information generation unit 37 generates the second authentication information C2 (step S30, authentication information generation step). The authentication information generation unit 37 generates second authentication information C2 at the time of authentication (current when the work machine 10 is in the second usage state). More specifically, the sensor value of sensor 23 is obtained when work machine 10 performs a specific operation. At this time, for example, time-series data of sensor values is obtained. The authentication information generator 37 then generates the second authentication information C2 from this sensor value. Specifically, for example, the second authentication information C2 is a bit string. When the sensor 23 detects values such as angles, pressure values, and current values, the sensor values are converted into binary bit strings. When the sensor 23 detects ON and OFF, ON is 0/1 and OFF is 1/0 (ON and OFF may be reversed). The bit strings obtained from each sensor value are then combined. The combined bit string may be used as the second authentication information C2 as it is. Further, at least one of the sensor value and the bit string obtained from the sensor value may be converted by a predetermined function one or more times.

The authentication information generation unit 37 generates a specific number N of second authentication information C2. Specifically, for example, the authentication information generation unit 37 repeats generation of the i-th second authentication information C2 until i reaches the specific number N, as shown in FIG. Note that the initial value of i is 1.

The work machine 10 shown in FIG. 1 transmits the specific number N of second authentication information C2 to the authentication device 50 (step S39).

The determination unit 57 determines whether or not to permit authentication by comparing the received second authentication information C2 and the allowable value C3 of the second authentication information C2 (see FIG. 5, the same applies to the allowable value C3 below). (step S50, determination step). Specifically, the determination unit 57 determines that the received second authentication information C2 is equal to or greater than “(first authentication information C1)−(allowance σ)” and “(first authentication information C1)+(allowance σ)” It is determined whether or not it is included in the following range.

When the specific number N is more than one, the determination unit 57 sets each of the specific number N of the second authentication information C2 as the allowable value C3 (the allowable value C3 corresponding to each of the specific number N of the second authentication information C2). compare. Then, the determination unit 57 calculates the number of times (permissible number of times k) that it is determined that the second authentication information C2 is included in the allowable value C3. Specifically, for example, the determination unit 57 repeats the comparison between the j-th second authentication information C2 and the allowable value C3 until j reaches the specific number N, as shown in FIG. Note that the initial value of j is 1, and the initial value of the allowable number of times k is 0.

The determination unit 57 compares the allowable number of times k with a threshold Th for the allowable number of times k (step S61). The threshold Th is set in the determination section 57 . The threshold Th is, for example, a value based on a specific number N (for example, N/2). Note that when the specific number N is 1, the threshold Th is 1. When the allowable number of times k is equal to or greater than the threshold Th, the determination unit 57 sets the authentication result as "authentication permitted" (authentication success) (step S62). When the allowable number of times k is less than the threshold Th, the determination unit 57 sets the authentication result as "authentication refusal" (authentication failure) (step S63).

The authentication device 50 transmits the authentication result to the work machine 10 (step S69). Work machine 10 receives the authentication result (step S71). For example, if work machine 10 receives authorization, work machine 10 may continue to operate. For example, when the work machine 10 receives an authentication refusal, the work machine 10 may restrict the operation of the work machine 10, or may output a notification to the effect that the authentication has failed.

(effect)
The effects of the working machine authentication system 1 shown in FIG. 1 are as follows.

(Effect of the first invention)
The work machine authentication system 1 includes a sensor 23 , a storage unit 53 , a usage status acquisition unit 35 , an authentication information generation unit 37 , an authentication control information determination unit 55 and a determination unit 57 . Sensor 23 is provided on work machine 10 .

[Configuration 1-1] Storage unit 53 is generated based on a value (sensor value) obtained by sensor 23 when work machine 10 is in the first usage state and when work machine 10 performs a specific operation. The first authentication information C1 obtained is stored.

[Arrangement 1-2] The usage status acquisition unit 35 acquires the second usage status of the work machine 10 (see step S11 (see FIG. 4)).

[Configuration 1-3] The authentication information generator 37 generates the second authentication information C2 based on the value obtained by the sensor 23 when the work machine 10 performs the specific operation (see step S30).

[Configuration 1-4] The authentication control information determining unit 55 determines the allowable value C3 (see FIG. 5) of the second authentication information C2 based on the comparison between the second usage status and the first usage status (step S23 reference).

[Configuration 1-5] The determination unit 57 determines whether or not to permit authentication by comparing the second authentication information C2 and the allowable value C3 (see step S50).

In the work machine authentication system 1, the first authentication information C1 and the second authentication information C2 generated based on the sensor value of the sensor 23 when the work machine 10 performs the specific operation are used for authentication (the above [Configuration 1 -1] and [Configuration 1-3]). On the other hand, the sensor value when work machine 10 performs a specific operation changes depending on the usage status of work machine 10 . Therefore, for example, it is difficult to determine whether or not to permit authentication simply based on whether or not the first authentication information C1 and the second authentication information C2 match. Therefore, in the above [Configuration 1-1], the first usage status of the work machine 10 when the first authentication information C1 is generated is stored. In the above [configuration 1-2], the second usage status (usage status at the time of authentication) of the work machine 10 is acquired. In [Configuration 1-4] above, the allowable value C3 (see FIG. 5) of the second authentication information C2 is determined based on the comparison between the second usage status and the first usage status. Then, as in [Configuration 1-5] above, the second authentication information C2 and the allowable value C3 are compared (see FIG. 5). Therefore, compared to the case where it is determined whether or not to permit the authentication without considering the usage status of the work machine 10, the authentication generated based on the sensor value of the sensor 23 when the work machine 10 performs the specific operation Properly perform informed authentication. Therefore, the operation of the work machine 10 can be authenticated even if the usage condition of the work machine 10 changes.

(Effect of the second invention)
[Configuration 2] As shown in FIG. 5, there is a range of values between the minimum and maximum values of the allowable value C3.

If the first usage status and the second usage status are different, a difference (fluctuation) may occur between the first authentication information C1 and the second authentication information C2. Therefore, in the above [Configuration 2], the allowable value C3 has a range of values. Therefore, even if the first usage status and the second usage status are different, the second authentication information C2 when the authentication target is legitimate is likely to be included in the allowable value C3. As a result, authentication by the work machine authentication system 1 (see FIG. 1) can be performed more appropriately.

(Effect of the third invention)
[Configuration 3] The authentication control information determination unit 55 widens the allowable value C3 as the difference between the first usage status and the second usage status increases.

It is assumed that the difference between the first authentication information C1 and the second authentication information C2 increases as the difference between the first usage status and the second usage status increases. Therefore, according to [configuration 3], even if the first usage status and the second usage status are different, the second authentication information C2 is likely to be included in the allowable value C3 when the authentication target is legitimate. As a result, authentication by the work machine authentication system 1 shown in FIG. 1 can be performed more appropriately.

(Effect of the fourth invention)
[Configuration 4] The authentication control information determination unit 55 determines a specific number N (see FIG. 5), which is the number of second authentication information C2 used for authentication, based on a comparison between the first usage status and the second usage status. do.

When the number of second authentication information C2 used for authentication is fixed to a constant value, when the number of times of determination between the second authentication information C2 and the allowable value C3 is too small to perform authentication appropriately, There are cases where the number of times is too large and wasteful processing occurs. Therefore, according to the above [configuration 4], the number of second authentication information C2 can be determined to be an appropriate specific number N (see FIG. 5) based on the comparison between the first usage status and the second usage status. As a result, authentication by the work machine authentication system 1 can be performed more appropriately.

(Effect of the fifth invention)
[Arrangement 5] The authentication information generation unit 37 generates a specific number N (see FIG. 5) of second authentication information C2. The determining unit 57 compares each of the specific number N of the second authentication information C2 with the allowable value C3 (step S50 (see FIG. 4)), and determines that the second authentication information C2 is included in the allowable value C3. A certain allowable number of times k is calculated. The determination unit 57 determines whether or not to permit authentication based on a comparison between the threshold value Th set in the determination unit 57 and the allowable number of times k (step S61 (see FIG. 4)).

For example, when the difference between the first usage status and the second usage status is large, the second authentication information C2 may not be included in the allowable value C3 (see FIG. 5) even if the authentication target is legitimate. obtain. Therefore, in the above [Configuration 5], a threshold Th for the number of times the second authentication information C2 is included in the allowable value C3 (allowable number of times k) is set. Then, whether or not to permit the authentication is determined based on the comparison between the allowable number of times k and the threshold value Th. Therefore, it is possible to determine whether or not to permit the authentication even if the authentication target is legitimate and the second authentication information C2 is not included in the allowable value C3. As a result, authentication by the work machine authentication system 1 can be performed more appropriately.

(Effect of the sixth invention)
[Configuration 6] The authentication control information determining unit 55 increases the specific number N as the difference between the first usage status and the second usage status increases (see FIG. 5).

It is assumed that the larger the difference between the first usage status and the second usage status, the greater the fluctuation of the second authentication information C2 with respect to the first authentication information C1. Therefore, in the above [Configuration 6], the specific number N is increased as the difference between the first usage status and the second usage status increases. Then, as the difference between the first usage status and the second usage status increases, the number of comparisons between the second authentication information C2 and the allowable value C3 (see [Configuration 5] above) increases. Therefore, authentication by the work machine authentication system 1 can be performed more appropriately.

(Effect of the seventh invention)
[Arrangement 7] The storage unit 53 stores a set of the first usage status, the first authentication information C1, and the working machine identification code (ID) for uniquely identifying the working machine 10 .

With the above [Configuration 7], information on a plurality of work machines 10 can be stored in the common storage unit 53 .

(Effect of the eighth invention)
[Construction 8-1] The working machine authentication method authenticates the working machine 10 having the sensor 23 . The work machine authentication method includes a storage step, a usage status acquisition step, an authentication information generation step, an authentication control information determination step, and a judgment step.

[Construction 8-2] The storing step (step S3 (see FIG. 4)) is a value ( sensor value) is stored. The usage status acquisition step (step S11) acquires a second usage status of the work machine 10 . The authentication information generation step (step S30) generates the second authentication information C2 based on the value obtained by the sensor 23 when the working machine 10 performs the specific operation. The authentication control information determination step (step S23) determines the allowable value C3 (see FIG. 5) of the second authentication information C2 based on the comparison between the second usage status and the first usage status. A determination step (step S50) determines whether or not to permit the authentication by comparing the second authentication information C2 and the allowable value C3.

According to [Configuration 8-1] and [Configuration 8-2], similar to the effects of [Configuration 1-1] to [Configuration 1-5], even if the usage status of the work machine 10 changes, 10 activations can be authenticated.

(Effect of the ninth invention)
[Arrangement 9] The work machine authentication program authenticates the work machine 10 having the sensor 23 . The work machine authentication program causes the computer (authentication device 50 and controller 30) to execute a storage step, a usage status acquisition step, an authentication information generation step, an authentication control information determination step, and a determination step. It also has the same configuration as [Configuration 8-2] above.

According to [Configuration 9], the operation of the work machine 10 can be authenticated even if the usage condition of the work machine 10 changes, similarly to the effects of [Configuration 1-1] to [Configuration 1-5].

(Second embodiment)
A working machine authentication system 201 (see FIG. 8) of the second embodiment will be described with reference to FIGS. 8 and 9 in terms of differences from the first embodiment. In the work machine authentication system 201 of the second embodiment, the common points with the first embodiment are denoted by the same reference numerals as those of the first embodiment, and description thereof is omitted. The description of the third embodiment, which will be described later, is also the same as to the point of omitting the description of the common points.

The work machine authentication system 201 detects falsification of information transmitted from the work machine 10 shown in FIG. 8 to the authentication device 50 by MAC (Message Authentication Code).

The work machine 10 includes a work machine-side MAC generator 241 (“MAC generator” in FIG. 8). The work machine-side MAC generation unit 241 generates a MAC from information, specifically, for example, from information including at least one of the second usage status and the second authentication information C2.

The authentication device 50 has a falsification detection unit 261 . The tampering detection unit 261 includes an authentication device side MAC generation unit 261a (“MAC generation unit” in FIG. 8) and a MAC determination unit 261b. The authentication-apparatus-side MAC generation unit 261a generates a MAC from information in the same manner as the work-machine-side MAC generation unit 241 does. The authentication device side MAC generation section 261a and the work machine side MAC generation section 241 share key information for MAC generation (have a common key). The MAC determination unit 261b determines whether the MAC is correct (described later).

(activation)
Differences in the operation of the working machine authentication system 201 of the present embodiment from the operation (working machine authentication method, working machine authentication program) of the working machine authentication system 1 (see FIG. 1) of the first embodiment are as follows. be. Each step below will be described with reference to FIG.

(Usage example 1 of MAC)
The work machine side MAC generator 241 generates a MAC based on the information including the second usage status acquired in step S11. The “information including the second usage status” may include the ID of the work machine 10 . Work machine 10 combines the generated MAC and the information including the second usage status (step S212), and transmits the combined information to authentication device 50 (step S219).

Authentication-apparatus-side MAC generator 261 a generates a MAC based on the “information including the second usage status” received from work machine 10 . The MAC determination unit 261b then compares the MAC generated by the authentication device 50 and the MAC received from the work machine 10 (step S220). Specifically, the MAC determination unit 261b determines whether or not the MACs match each other. If the information received by authentication device 50 matches the information sent by work machine 10, the MACs match each other. In this case, the process proceeds to step S21. On the other hand, when the information received by the authentication device 50 does not match the information transmitted by the work machine 10 (if it has been tampered with), the MACs do not match each other. In this case, the authentication device 50 (for example, the determination unit 57) determines "authentication rejected" (step S63). Therefore, it is possible to prevent a third party (attacker) from breaking through the authentication of the work machine authentication system 201 with falsified information.

(Usage example 2 of MAC)
The work machine side MAC generator 241 generates a MAC based on information including the second authentication information C2 generated in step S30. The work machine-side MAC generation unit 241 may generate one MAC for each of the N pieces of second authentication information C2, or may generate only one MAC for each of the N pieces of second authentication information C2. . Work machine 10 combines the generated MAC and information including second authentication information C2 (step S231), and transmits the combined information to authentication device 50 (step S239).

The authentication-apparatus-side MAC generation unit 261a generates a MAC based on "information including the second authentication information C2" received from the work machine 10. FIG. The MAC determination unit 261b then compares the MAC generated by the authentication device 50 and the MAC received from the work machine 10 (step S240). If the MACs match, the process proceeds to step S50. If the MACs do not match, the authentication device 50 determines that "authentication is rejected" (step S63).

Note that only one of the above "(Usage example 1 of MAC)" and "(Usage example 2 of MAC)" may be performed. MAC may also be used during storage (see FIG. 4).

(Third embodiment)
A working machine authentication system 301 (see FIG. 10) of the third embodiment will be described with reference to FIGS. 10 to 11 for differences from the first embodiment.

The work machine authentication system 301 uses Nonce (Number used once) to determine whether the information received by the authentication device 50 shown in FIG. to detect

The authentication device 50 includes a nonce generator 363 and a nonce manager 365 . The nonce generator 363 generates a nonce. The Nonce is a disposable value that differs each time (each time it is generated, each time it is sent to work machine 10), and may be, for example, a random number, a sequence number, the current time, or the like. The nonce management unit 365 associates and stores (manages) the ID of the work machine 10 and the nonce generated by the nonce generation unit 363, for example.

(activation)
The difference between the operation of the working machine authentication system 1 (see FIG. 1) of the first embodiment and the operation of the working machine authentication system 301 of the present embodiment is as follows. Each step below will be described with reference to FIG.

The nonce generator 363 of the authentication device 50 generates a nonce. The nonce management unit 365 stores the generated nonce and the ID of the work machine 10 to which the nonce is transmitted as a set. The authentication device 50 then transmits the generated Nonce (step S329). The authentication device 50 may transmit the nonce together with information other than the nonce (for example, the specific number N and the operation command) that is information to be transmitted from the authentication device 50 to the work machine 10 .

Work machine 10 combines the information to be transmitted to authentication device 50 (eg, second authentication information C2) with the Nonce received from authentication device 50 (step S338). Work machine 10 may convert the received Nonce with a function. Work machine 10 then transmits the combined information to authentication device 50 (step S339).

Authentication device 50 (for example, determination unit 57) compares the nonce received from work machine 10 with the nonce transmitted to work machine 10 (that is, the nonce stored in nonce management unit 365) (step S340). Specifically, the authentication device 50 determines whether each nonce matches each other. When work machine 10 converts the nonce with a function, authentication device 50 may convert the nonce transmitted to work machine 10 with a function (function used for conversion by work machine 10). Further, authentication device 50 may convert the nonce received from work machine 10 using an inverse function (the inverse function of the function used for conversion by work machine 10). If the sender of the information received by the authentication device 50 is legitimate (specifically, the work machine 10 that sent the nonce from the authentication device 50), the nonces match each other. In this case, the process proceeds to step S50. On the other hand, if the sender of the information received by the authentication device 50 is not authorized (specifically, it is not the work machine 10 that sent the nonce from the authentication device 50), the nonces do not match each other. Specifically, if a third party steals information exchanged between authentication device 50 and work machine 10 and then sends a copy of the stolen information to authentication device 50, the nonces do not match each other. In this case, the authentication device 50 (for example, the determination unit 57) determines "authentication rejected" (step S63). Therefore, it is possible to prevent a third party from breaching the authentication of the work machine authentication system 301 with information stolen.

In the example shown in FIG. 11, the information that the work machine 10 transmits to the authentication device 50 and that combines the Nonce is the second authentication information C2. may be sent). In this case, before step S21, the nonce transmitted by the authentication device 50 is compared with the received nonce (similar to step S340). Nonce may also be used during storage (see FIG. 4).

(Modification 1)
The working machine authentication system 1 shown in FIG. 1 detects whether the information received by the authentication device 50 is sent from a legitimate sender (working machine 10) (whether it is a spoof) as follows. may The work machine 10 and the authentication device 50 store common key information in advance. Work machine 10 combines key information held by work machine 10 with information to be transmitted to authentication device 50 , and transmits the combined information to authentication device 50 . Then, authentication device 50 compares the key information received from work machine 10 with the key information stored in authentication device 50 before receiving the key information from work machine 10 . If the pieces of key information do not match each other, the authentication device 50 determines that "authentication is rejected" (step S63 (see FIG. 4)). It should be noted that the transmitting side (here, the work machine 10) and the receiving side (here, the authentication device 50) may be reversed to each other (the same applies to the above-described embodiment, and to the following modifications).

(Modification 2)
Information exchanged between work machine 10 and authentication device 50 may be encrypted. Specifically, for example, the work machine 10 and the authentication device 50 store common key information. Work machine 10 encrypts information to be transmitted to authentication device 50 with key information stored in work machine 10 . The authentication device 50 then decrypts the received information using the key information stored in the authentication device 50 . If the authentication device 50 cannot decrypt the information correctly, it determines that the authentication is rejected (step S63 (see FIG. 4)).

(Other modifications)
The above embodiments may be modified in various ways. For example, components from different embodiments may be combined. For example, the connection of each component of the block diagrams shown in FIGS. 1, 8, and 10 may be changed. For example, the order of the steps of the flowcharts shown in FIGS. 4, 9, and 11 may be changed, some steps may not be performed, and steps of different flowcharts may be combined. For example, the number of components may vary and some components may not be provided. For example, what has been described as a plurality of mutually different components may be treated as one member or part. For example, what has been described as one member or portion may be divided into a plurality of different members or portions.

For example, MAC comparison (second embodiment), nonce comparison (third embodiment), key information comparison (modification 1), and information encryption and decryption (modification 2). Two or more of the examples may be combined.

For example, the positions of the respective components of work machine 10 and authentication device 50 shown in FIG. 1 and the like may not be those shown in FIG. 1 and the like. For example, the authentication device 50 shown in FIG. 1 may be mounted on the work machine 10 . For example, the authentication device 50 may be divided into multiple parts (server, smart phone, etc.). For example, the authentication information generator 37 may be in the authentication device 50 . In this case, work machine 10 may transmit the sensor value to authentication device 50, and authentication information generating section 37 of authentication device 50 may generate second authentication information C2.

As described above, the authentication target of the work machine authentication system 1 may be the operator. Since operators have operating habits, even if different operators operate in the same way, the actual operation of the work machine 10 is different. Therefore, the work machine authentication system 1 can determine whether the operator is legitimate. Specifically, at the time of registration, the operator operates the work machine 10 to perform a specific operation. Then, the working machine 10 performs a specific operation, and the sensor 23 outputs a sensor value. The first authentication information C1 is generated based on this sensor value. First authentication information C<b>1 and the first usage status of work machine 10 at this time are stored in storage unit 53 . Then, at the time of authentication, the operator operates the working machine 10 so as to perform a specific operation. Then, the working machine 10 performs a specific operation, and the sensor 23 outputs a sensor value. The second authentication information C2 is generated based on this sensor value. Then, as in the above embodiment, the determination unit 57 determines whether or not to permit the authentication by comparing the second authentication information C2 and the allowable value C3. This makes it possible to determine whether the operator is legitimate.

Reference Signs List 1, 201, 301 working machine authentication system 10 working machine 23 sensor 30 controller (computer)
35 usage acquisition unit 37 authentication information generation unit 50 authentication device (computer)
53 storage unit 55 authentication control information determination unit 57 determination unit C1 first authentication information C2 second authentication information C3 allowable value N specific number k allowable number of times

Claims (15)

a sensor provided on the working machine;
a storage unit that stores first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition unit that acquires a second usage status of the work machine;
an authentication information generation unit that generates second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining unit that determines an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination unit that determines whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
There is a range of values between the minimum and maximum allowable values,
The authentication control information determining unit widens the range of the allowable value as the difference between the first usage status and the second usage status increases.
Work machine authentication system. a sensor provided on the working machine;
a storage unit that stores first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition unit that acquires a second usage status of the work machine;
an authentication information generation unit that generates second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining unit that determines an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination unit that determines whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
The authentication control information determination unit determines a specific number, which is the number of the second authentication information used for authentication, based on a comparison between the first usage status and the second usage status.
Work machine authentication system. a sensor provided on the working machine;
a storage unit that stores first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition unit that acquires a second usage status of the work machine;
an authentication information generation unit that generates second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining unit that determines an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination unit that determines whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
The storage unit stores the first usage status, the first authentication information, and a working machine identification code for uniquely identifying the working machine as a set.
Work machine authentication system. a sensor provided on the working machine;
a storage unit that stores first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition unit that acquires a second usage status of the work machine;
an authentication information generation unit that generates second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining unit that determines an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination unit that determines whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
Each of the first authentication information and the second authentication information is a value unique to each sensor, which varies from sensor to sensor, and a value unique to each operator, which varies from operator to operator of the work machine. generated based on values that include at least one of
Work machine authentication system. The work machine authentication system according to claim 2 ,
The authentication information generating unit generates the specific number of the second authentication information,
The determination unit compares each of the specific number of the second authentication information with the allowable value, calculates an allowable number of times that the second authentication information is determined to be included in the allowable value, and performs the determination. Determine whether to permit authentication based on a comparison between the threshold set in the unit and the allowable number of times,
Work machine authentication system. A work machine authentication system according to claim 5,
The authentication control information determination unit increases the specific number as the difference between the first usage status and the second usage status increases.
Work machine authentication system. The work machine authentication system according to any one of claims 2 to 6 ,
there is a range of values between the minimum and maximum allowable values;
Work machine authentication system. A working machine authentication method for authenticating a working machine having a sensor, comprising:
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
There is a range of values between the minimum and maximum allowable values,
The authentication control information determining step widens the range of the allowable value as the difference between the first usage status and the second usage status increases.
Work machine authentication method. A working machine authentication method for authenticating a working machine having a sensor, comprising:
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
The authentication control information determining step determines a specific number, which is the number of the second authentication information used for authentication, based on a comparison between the first usage status and the second usage status.
Work machine authentication method. A working machine authentication method for authenticating a working machine having a sensor, comprising:
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
The storing step stores the first usage status, the first authentication information, and a working machine identification code for uniquely identifying the working machine as a set.
Work machine authentication method. A working machine authentication method for authenticating a working machine having a sensor, comprising:
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
with
Each of the first authentication information and the second authentication information includes a value unique to each sensor that varies from sensor to sensor, and a value unique to each operator that varies from operator to operator of the work machine. generated based on a value that includes at least one of
Work machine authentication method. A working machine certification program for certifying a working machine having a sensor,
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
on the computer , and
There is a range of values between the minimum and maximum allowable values,
The authentication control information determining step widens the range of the allowable value as the difference between the first usage status and the second usage status increases.
Work Machine Certification Program. A working machine certification program for certifying a working machine having a sensor,
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
on the computer , and
The authentication control information determining step determines a specific number, which is the number of the second authentication information used for authentication, based on a comparison between the first usage status and the second usage status.
Work Machine Certification Program. A working machine certification program for certifying a working machine having a sensor,
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
on the computer , and
The storing step stores the first usage status, the first authentication information, and a working machine identification code for uniquely identifying the working machine as a set.
Work Machine Certification Program. A working machine certification program for certifying a working machine having a sensor,
a storage step of storing first authentication information generated based on a value obtained by the sensor when the work machine is in a first usage state and when the work machine performs a specific operation;
a usage status acquisition step of acquiring a second usage status of the work machine;
an authentication information generating step of generating second authentication information based on a value obtained by the sensor when the work machine performs the specific operation;
an authentication control information determining step of determining an allowable value of the second authentication information based on a comparison between the second usage status and the first usage status;
a determination step of determining whether or not to permit authentication by comparing the second authentication information and the allowable value;
on the computer , and
Each of the first authentication information and the second authentication information includes a value unique to each sensor that varies from sensor to sensor, and a value unique to each operator that varies from operator to operator of the work machine. generated based on a value that includes at least one of
Work Machine Certification Program.

Images