JP7441100B2 - Motor control device and electric assist vehicle - Google Patents

Description

The present invention relates to anti-theft technology for electrically assisted vehicles.

For example, Patent Document 1 discloses that if the electric vehicle is switched to the anti-theft state in advance, when the electric vehicle is moved, the power supply from the power storage device can be restricted, regenerative braking, short-circuit braking, and the electric motor can be stopped. It discloses a technology that performs braking control to make movement of an electric vehicle difficult, such as setting a target value of rotational speed to zero. According to this technology, the anti-theft function cannot be activated unless power is constantly supplied to at least some devices, and the anti-theft function cannot be activated unless the device is switched to the anti-theft state when exiting the vehicle. do not have. That is, if you forget to switch to the anti-theft state when getting off the vehicle, the anti-theft function will not be activated. Furthermore, if the device starts running, it is considered to be in the normal use state even if the device is switched from the normal use state to the theft prevention state, and the vehicle must be put into the theft prevention state before it is taken away.

Further, for example, Patent Document 2 discloses a technique for preventing theft by short-circuiting a motor coil in conjunction with a power cutoff switch or a locking switch to generate a braking force. However, there is no consideration given to the case where the power switch is turned on inappropriately, and even in this case, the short circuit is released, so the locking operation and power off are performed as usual when getting off the vehicle.

Conventionally, vehicles are required to perform an anti-theft operation when exiting the vehicle, but this action is often forgotten, so it is important to activate the anti-theft function without performing any special operations as much as possible. is preferred.

Japanese Patent Application Publication No. 2006-273142 JP2002-264860A

Therefore, according to one aspect, an object of the present invention is to provide a technique for reducing the effort of activating an anti-theft function in an electrically assisted vehicle.

The motor control device according to the present invention includes a first control section that controls the motor, a second control section that controls the first control section, and a state in which power is not supplied to the second control section. and a start-up assisting section that detects that the motor is rotated by an external force and starts supplying power to the second control section. Then, when the power supply is started by the start-up assisting part or the user's instruction, the second control unit attempts user authentication or waits for the execution of the user authentication, and if the user authentication fails or for a predetermined period of time after the start-up. If the user authentication is not performed within the time limit, the first control section is caused to perform at least one of predetermined drive restriction and predetermined braking.

According to one aspect, since the anti-theft function is enabled as long as the power is turned off, the effort required to activate the anti-theft function is reduced.

FIG. 1 is a diagram showing the appearance of an electrically assisted bicycle. FIG. 2A is a diagram illustrating a configuration example of a motor drive control device and a battery pack. FIG. 2B is a diagram illustrating an example of a startup determination circuit. FIG. 3 is a diagram showing an example of the functional configuration of the control section in the first embodiment. FIG. 4 is a diagram showing an overview of the first embodiment. FIG. 5 is a diagram showing a processing flow according to the first embodiment. FIG. 6 is a diagram showing the processing flow of initial processing. FIG. 7 is a diagram showing a processing flow according to the first embodiment. FIG. 8 is a diagram showing a processing flow according to the second embodiment. FIG. 9 is a diagram showing an example of an IC card reader with an IC card holder according to the third embodiment. FIG. 10 is a diagram showing a processing flow according to the third embodiment. FIG. 11 is a diagram showing a processing flow according to the third embodiment. FIG. 12 is a diagram showing an example of an operation panel when another authentication method is adopted. FIG. 13 is a diagram showing a processing flow according to the fourth embodiment. FIG. 14 is a diagram showing an overview of the sixth embodiment. FIG. 15 is a diagram showing a configuration example of a motor drive control device and a battery pack in the sixth embodiment. FIG. 16 is a diagram showing an example of the functional configuration of the control section in the sixth embodiment. FIG. 17 is a diagram showing a processing flow according to the sixth embodiment. FIG. 18 is a diagram showing a processing flow according to the sixth embodiment. FIG. 19 is a diagram showing a processing flow according to the sixth embodiment. FIG. 20 is a diagram showing a processing flow of control processing based on usage restriction conditions. FIG. 21 is a diagram showing an overview of the seventh embodiment. FIG. 22 is a diagram showing a processing flow according to the seventh embodiment. FIG. 23 is a diagram showing a processing flow according to the seventh embodiment.

Embodiments of the present invention will be described below using an example of a power-assisted bicycle, which is an example of a power-assisted vehicle. However, the embodiments of the present invention are not limited to electrically assisted bicycles, but are applicable to motors that assist the movement of moving objects (e.g., trolleys, wheelchairs, elevators, etc.) that move according to human power. It is also applicable to motor drive control devices.

[Embodiment 1]
Figure 1 shows an external view of an electrically assisted bicycle. The electrically assisted bicycle 1 includes a motor drive control device 102, a battery pack 101, a torque sensor 103, a pedal rotation sensor 104, a motor 105, an operation panel 106, and a brake sensor 107. Note that the electrically assisted bicycle 1 also has a headlight, a freewheel, and a transmission.

The battery pack 101 includes, for example, a lithium ion secondary battery, a lithium ion polymer secondary battery, a nickel metal hydride storage battery, etc., and supplies power to the motor 105 via the motor drive control device 102, and controls the motor drive during regeneration. Charging is also performed using regenerated power from the motor 105 via the device 102 .

The torque sensor 103 is provided on a wheel attached to the crankshaft, detects the pedal force exerted by the driver, and outputs the detection result to the motor drive control device 102 . Further, like the torque sensor 103, the pedal rotation sensor 104 is provided on a wheel attached to the crankshaft, and outputs a pulse signal according to the rotation to the motor drive control device 102.

The motor 105 is, for example, a well-known three-phase brushless motor, and is mounted around the front wheel of the electrically assisted bicycle 1, for example. The motor 105 rotates the front wheels, and the rotor is connected to the front wheels directly or via a speed reducer or the like so that the rotor rotates in accordance with the rotation of the front wheels. Further, the motor 105 includes a rotation sensor such as a Hall element, and outputs rotor rotation information (for example, a Hall signal) to the motor drive control device 102.

The motor drive control device 102 performs predetermined calculations based on signals from the rotation sensor of the motor 105, the torque sensor 103, the pedal rotation sensor 104, etc., controls the drive of the motor 105, and also controls regeneration by the motor 105. .

The operation panel 106 receives, for example, an input instruction from the user regarding the presence or absence of assistance (for example, turning a power switch on and off), a desired assist ratio in the case of assistance, etc., and transmits the instruction input etc. to the motor drive control device 102. Output to. In addition, the operation panel 106 may have a function of displaying data calculated by the motor drive control device 102 such as travel distance, travel time, calorie consumption, and regenerated power amount. Further, the operation panel 106 may include a display section using an LED (Light Emitting Diode) or the like. As a result, the driver is presented with, for example, the charge level of the battery pack 101, the on/off state, the mode corresponding to the desired assist ratio, and the like.

Brake sensor 107 detects a driver's brake operation and outputs a signal related to the brake operation to motor drive control device 102 .

FIG. 2A shows a configuration example of the motor drive control device 102 and the battery pack 101 according to this embodiment. FIG. 2A shows a state in which the battery pack 101 and the motor drive control device 102 are connected, and the motor drive control device 102 includes a headlight whose lighting and extinguishing are controlled by the motor drive control device 102. 108, various sensors (here, the torque sensor 103, pedal rotation sensor 104, Hall sensor included in the motor, etc. are included), the operation panel 106, the brake sensor 107, the motor 105, etc. are connected.

The battery pack 101 according to this embodiment includes a battery management system 1010 called BMS (Battery Management System) and battery cells 1015. Battery management system 1010 includes a sensor 1011 and a control unit 1012.

The sensor 1011 is a sensor for observing the internal state of the battery pack 101, such as the temperature of the battery cell 1015 and a switch (not shown), the voltage of the entire battery cell 1015, and the voltage of each cell included in the battery cell 1015. The control unit 1012 is realized, for example, by a microprocessor that executes a predetermined program, and has a battery status monitoring function, a charge/discharge control function, a communication function with the motor drive control device 102, and the like.

The battery pack 101 is connected to the motor drive control device 102 through a connection part a for power supply and charging, a connection part b for communication, and a connection part c for grounding. In addition, a connection section for outputting the status of the battery pack 101 may be provided. Further, a plurality of communication connection parts b may be provided in some cases.

Further, the motor drive control device 102 according to the present embodiment includes a bridge circuit including FETs (Field Effect Transistors) S11 to S16, an FET_S17, a motor drive control unit 1023, diodes D1 to D3, and capacitors C1 and C2. , switches S1 to S3, FET_SW1, DC/DC converter 1021, control system 1022, and activation determination circuit 1024. Note that FET is also a type of switch.

The motor drive control unit 1023 controls switching of FET_S11 to S17 in accordance with instructions from the control system 1022. For example, when powering the motor 105 or performing regenerative braking, FET_S17 is turned on and FET_S11 to S16 are turned on or off in a predetermined pattern. Note that the motor drive control section 1023 receives power supply from the DC/DC converter 1021.

The DC/DC converter 1021 converts the output voltage of the battery pack 101 into a voltage for the operation panel 106, headlights 108, and control system 1022, and outputs the voltage to the operation panel 106, headlights 108, control system 1022, etc. do. Therefore, the DC/DC converter 1021 is connected to the connection part a for power supply and charging via FET_SW1. Note that the drain of FET_SW1 is connected to the DC/DC converter 1021, the source of FET_SW1 is connected to connection part a for power supply and charging, and the gate of FET_SW1 is connected to one end of switches S1 to S3. It is connected. Further, a capacitor C2 is connected between the line connected to the connection part a and the line connected to the connection part c.

The switches S1 to S3 are connected in parallel, and when one of them is turned on, FET_SW1 is turned on, and power from the battery pack 101 is supplied to the DC/DC converter 1021. Typically, when a user presses a power switch on the operation panel 106 to operate the motor drive control device 102, the switch S1 is turned on, so that power from the battery pack 101 is transferred to the DC/DC converter 1021. The control system 1022 is then supplied with power. This causes control system 1022 to start up and turn on switch S2. Switch S1 is on only while the power switch is pressed, during which time control system 1022 is activated. During startup, control system 1022 keeps switch S2 on.

In addition to such a configuration, the present embodiment includes a switch S3 and an auxiliary unit 1028 as components that assist in starting the control system 1022. The auxiliary section 1028 includes an activation determination circuit 1024, a capacitor C1, and diodes D1 to D3. Although FIG. 2A shows an example in which diodes D1 to D3 are provided, any one or two may be provided. The greater the number of diodes, the more stable the output voltage becomes.

The anode of diode D1 is connected to the connection between the source of FET_S11 and the drain of FET_S12, the anode of diode D2 is connected to the connection between the source of FET_S13 and the drain of FET_S14, and the anode of diode D3 is connected to the connection between the source of FET_S13 and the drain of FET_S14. is connected to the connection between the source of FET_S15 and the drain of FET_S16. The cathodes of the diodes D1 to D3 are connected to one end of the capacitor C1 and the input part of the activation determination circuit 1024. The other end of the capacitor C1 is connected to a grounding connection c. As a result, the voltage due to the back electromotive force generated when the motor 105 rotates when the power switch is not turned on and the FET_S11 to S16 are not performing power driving or regenerative braking is rectified, and the rectified voltage is is input to the activation determination circuit 1024.

A back electromotive force proportional to the rotational speed of the motor 105 is generated, so when the rotational speed exceeds a certain level, a voltage higher than a predetermined voltage is generated. Decide whether or not.

The activation determination circuit 1024 is connected to the control system 1022, and turns on the switch S3 when the rectified voltage exceeds a predetermined voltage while the control system 1022 is not activated. As a result, FET_SW1 is turned on, so that power is normally supplied from the battery pack 101 to the DC/DC converter 1021 and the control system 1022 is activated. Upon activation, control system 1022 turns on switch S2, as described above. Therefore, the control system 1022 instructs the activation determination circuit 1024 to turn off the switch S3. Then, in response to the instruction, the activation determination circuit 1024 turns off the switch S3.

FIG. 2B shows a circuit example of the activation determination circuit 1024. The activation determination circuit 1024 includes a comparator 2401, a power supply Vref, a NOT circuit 2402, and an AND circuit 2403. The positive input terminal of the comparator 2401 is connected to the cathodes of the diodes D1 to D3, and the negative input terminal is connected to the positive electrode of the power supply Vref. The negative pole of the power supply Vref is grounded. That is, the comparator 2401 determines whether the voltage due to the back electromotive force of the motor 105 is equal to or higher than Vref, and if the voltage due to the back electromotive force of the motor 105 is equal to or higher than Vref, it outputs high, and the voltage due to the reverse electromotive force of the motor 105 is output. If the voltage due to the electromotive force is less than Vref, a low signal is output. By appropriately setting Vref, the timing of starting the control system 1022 can be adjusted. That is, if Vref is a small value, the control system 1022 is activated even when the rotation of the motor 105 is small, and if Vref is a large value, the control system 1022 is not activated unless the rotation of the motor 105 increases. From the viewpoint of anti-theft, it is preferable that the control system 1022 be activated by a slight movement of the electrically assisted bicycle 1.

An input of NOT circuit 2402 is connected to control system 1022. The control system 1022 outputs high if it is starting, and outputs low if it is stopped. Therefore, the NOT circuit 2402 outputs low if it is activated, and outputs high if it is stopped. A first input of AND circuit 2403 is connected to the output of NOT circuit 2402, and a second input is connected to the output of comparator 2401. That is, when the control system 1022 is stopped and the voltage due to the back electromotive force of the motor 105 is equal to or higher than Vref, the AND circuit 2403 outputs a high signal and turns on the switch S3. On the other hand, when the control system 1022 is being activated or when the voltage due to the back electromotive force of the motor 105 is less than Vref, the AND circuit 2403 outputs a low signal and turns off the switch S3.

Note that the comparator 2401, the NOT circuit 2402, and the AND circuit 2403 may be configured with passive circuit elements, or a circuit configuration may be adopted in which they are operated by the back electromotive force of the motor 105. It is also possible to prepare a sub-power supply other than the above and adopt a circuit configuration in which power is supplied from the sub-power supply. Depending on the case, a circuit configuration that receives power supply from the battery pack 101 may be used.

Control system 1022 is configured to receive power supply from DC/DC converter 1021. The control system 1022 is also connected to the motor drive control unit 1023, and instructs the motor drive control unit 1023 to turn on and off FET_S11 to S16 in a predetermined pattern, and to turn on and off FET_S17.

Furthermore, the control system 1022 is connected to a torque sensor 103, a pedal rotation sensor 104, an operation panel 106, a brake sensor 107, a rotation sensor of the motor 105, and the like, and is further connected to the battery management system 1010 of the battery pack 101 for communication. Communication is performed via section b, and the entire motor drive control device 102 is controlled based on the state of the battery pack 101, operations on the operation panel 106, and data obtained by each sensor.

The control system 1022 includes a communication unit 221 for communicating with a mobile terminal such as a smartphone owned by a user, and a control unit 222 that performs various controls in cooperation with the communication unit 221. The control unit 222 includes, for example, a microprocessor 2221 that executes a predetermined program, and a memory 2222 (RAM (Random Access Memory), ROM (Read Only Memory), etc.) that records the predetermined program and stores data that is being processed. ). That is, the control function according to this embodiment is realized by the microprocessor 2221 executing a predetermined program. The communication unit 221 has, for example, a communication function in accordance with a short-range wireless communication standard such as Bluetooth (registered trademark). Note that the communication unit 221 may be disposed integrally with the operation panel 106, for example, or may be disposed within the control system 1022 as shown in FIG. 2A. That is, the arrangement of the communication section 221 is arbitrary.

The control unit 222 according to this embodiment has functions as shown in FIG.

The control unit 222 includes an authentication processing unit 2241, an authentication data storage unit 2242, and an anti-theft processing unit 2243. The authentication data storage section 2242 stores authentication data to be compared with the input user authentication data, and the authentication processing section 2241 stores the authentication data stored in the authentication data storage section 2242 and the input user authentication data. It is determined whether the user is a legitimate user by checking against the authentication data. The theft prevention processing section 2243 performs main control in this embodiment in cooperation with the authentication processing section 2241. For example, the authentication processing unit 2241 may execute authentication processing, determine whether or not to perform an operation to prevent theft based on the result of the authentication processing, or perform an operation to prevent theft based on the result of the authentication processing. The motor drive control unit 1023 is made to perform the process. Note that the theft prevention processing unit 2243 also determines whether or not to display on the display section of the operation panel 106, and when displaying on the display section of the operation panel 106, issues an instruction therefor.

Next, an overview of this embodiment will be explained using FIG. 4.

When an authorized user moves the powered-off electric assist bicycle 1 from the bicycle storage area, the auxiliary unit 1028 detects the back electromotive force generated by the motor 105 and causes the control system 1022 to start supplying power to the control system. 1022 is activated. On the other hand, the legitimate user starts the application 3100 installed on his/her smartphone 3000 and causes the communication unit 221 to transmit user authentication data.

For this purpose, for example, an authentication code is stored in advance as authentication data in the authentication data storage unit 2242 before shipping the electrically assisted bicycle 1, and the same authentication code is notified to the authorized user when the electrically assisted bicycle 1 is sold. I'll keep it. When a legitimate user installs a predetermined application 3100 on the smartphone 3000 and inputs an authentication code into the application 3100, the application 3100 performs predetermined encryption on the authentication code and stores it. Thereafter, for example, in response to an instruction from the user, the application 3100 transmits the encrypted authentication code to the communication unit 221 as user authentication data.

When the communication unit 221 of the electrically assisted bicycle 1 receives the user authentication data, it outputs it to the authentication processing unit 2241, and the authentication processing unit 2241 executes authentication processing using the authentication data stored in the authentication data storage unit 2242. do. If the authorized user enters the authentication code correctly, the authentication will be successful and the theft prevention processing unit 2243 will permit normal driving.

On the other hand, if the authentication is not successful within a predetermined time after the control system 1022 is activated, that is, if the communication unit 221 does not receive the user authentication data or if the authentication fails even if the communication unit 221 receives the user authentication data, the authentic Since the user is not the user, the theft prevention processing unit 2243 causes the motor drive control unit 1023 to perform an operation to prevent theft. Specifically, the short brake is applied to the motor 105, the motor 105 is always in a regenerative state, the motor 105 is prevented from performing power running drive, or the power running drive is suppressed (specifically, the output torque is the upper limit and assist ratio), or set the upper limit speed for power running to an extremely low speed (for example, from 0 km/h to 5 km/h) and forcibly generate regenerative braking when the upper limit speed is exceeded. Have them do something like this. Note that a so-called loss brake may be employed in which the generated electric power is consumed within the motor 105 while generating braking torque. As a result, the unauthorized user is prevented from traveling freely, and is forced to give up on using the electrically assisted bicycle 1.

Additionally, a warning display may be displayed on the operation panel 106, or if a speaker is provided on the operation panel 106, a buzzer sound or other warning sound may be output.

On the other hand, when a legitimate user gets off the electric assist bicycle 1, for example, by turning off the power switch on the operation panel 106, the user automatically performs authentication again when the electric assist bicycle 1 is moved next time. . Note that although there may be cases where the user forgets to turn off the power switch, if the pedal rotation and motor rotation are not performed for a certain period of time, the control system 1022 automatically turns off the switch S2 to shut down. In this way, even if the user forgets to turn off the power switch, the next time the electrically assisted bicycle 1 is moved, authentication is automatically performed again.

As a result, legitimate users only have to remember to perform the normal operation of turning off the power switch, and the authentication process is automatically performed, allowing them to activate the anti-theft function without any hassle. You will be able to do this.

Next, specific operation contents will be explained using FIGS. 5 to 7.

First, the user starts moving the electrically assisted bicycle 1. Then, the control unit 222 of the electrically assisted bicycle 1 executes initial processing (FIG. 5: Step S101). This initial processing will be explained using FIG. 6.

When the user moves the electrically assisted bicycle 1 with the power off, the motor 105 rotates and a back electromotive force is generated, so the activation determination circuit 1024 of the auxiliary unit 1028 detects the rotation of the motor 105 (FIG. 6: Step S161). Then, the activation determination circuit 1024 turns on the switch S3 and turns on the switch SW1, so power supply is started via the DC/DC 1021, and the control system 1022 is automatically activated (step S163). Thereafter, control system 1022 continues to turn on switch S2. Note that in this embodiment, the user himself/herself may turn on the power switch of the operation panel 106. In this case, since the switch S1 is turned on, the switch SW1 is turned on, power supply is started via the DC/DC 1021, and the control system 1022 is activated.

Then, the theft prevention processing unit 2243 of the control unit 222 initializes the authentication end flag to OFF (step S165). Further, the control unit 222 initializes the anti-theft function to OFF (step S167). This is overwhelmingly used by legitimate users, so it is set to off for the convenience of legitimate users. However, the anti-theft function may be initialized to ON at this stage to prevent smooth use of the electrically assisted bicycle 1 until the authentication is successful. For example, if the electric assist bicycle 1 is started to be moved from a bicycle storage area, there is often no problem even if the anti-theft function is initially activated because the authentication process starts immediately.

Furthermore, the theft prevention processing unit 2243 causes the authentication processing unit 2241 to start measuring the authentication waiting time (step S169). The process then returns to the process in FIG.

Returning to the explanation of the process in FIG. 5, after the initial process, the theft prevention processing unit 2243 determines whether the authentication end flag is off (step S103). If the authentication end flag is on, the process shifts to the process in FIG. 7 via terminal A. On the other hand, if the authentication end flag is off, the control unit 222 waits to receive a connection request via the communication unit 221 (step S105).

In response, the user operates the smartphone 3000 to start the application 3100. When the application 3100 of the smartphone 3000 is activated, it waits for the input of an authentication instruction from the user, and upon receiving the authentication instruction from the user (step S107), the application 3100 of the smartphone 3000 transmits a connection request to the communication unit 221 (step S107). S109).

If there is no connection request from the smartphone 3000 within a certain period of time, the process shifts to the process in FIG. 7 via terminal B. On the other hand, upon receiving a connection request from the smartphone 3000, the smartphone 3000 and the communication unit 221 establish a link (step S113). Note that if the link cannot be established, the process shifts to the process of FIG. 7 via terminal B.

Once the link is established, the application 3100 of the smartphone 3000 transmits user authentication data to the communication unit 221 (step S115). In response, the communication unit 221 receives user authentication data from the application 3100 of the smartphone 3000 (step S117), and outputs it to the authentication processing unit 2241. The authentication processing unit 2241 uses the authentication data stored in the authentication data storage unit 2242 to perform authentication processing on the user authentication data (step S121). For example, when an encrypted authentication code is received as user authentication data, the authentication code is decrypted and compared with the authentication code stored in the authentication data storage section 2242 to perform authentication processing. The authentication processing section 2241 outputs the authentication result to the theft prevention processing section 2243. The process then shifts to the process shown in FIG. 7 via terminal C.

Moving on to the description of the process in FIG. 7, the authentication processing unit 2241 determines whether or not the authentication is successful (step S123). If the authentication is successful, the authentication processing unit 2241 transmits the authentication success to the smartphone 3000 via the communication unit 221 (step S125). When the application 3100 of the smartphone 3000 receives data indicating successful authentication from the communication unit 221, the application 3100 displays the successful authentication on the display device (step S127). This allows the user to recognize that he or she can now drive normally.

Furthermore, the theft prevention processing unit 2243 sets the authentication end flag to ON (step S129). Furthermore, the theft prevention processing unit 2243 sets the theft prevention function to OFF (step S131). Step S131 can be omitted if the anti-theft function is set to off in the initial process. Then, the theft prevention processing unit 2243 starts displaying the operation panel 106 (step S133). Thereby, the user can recognize that the electrically assisted bicycle 1 is now in a state where normal traveling is possible. The process then moves to step S143.

On the other hand, if the authentication fails, that is, if incorrect user authentication data is received, there is a possibility that an unauthorized user has started using the electrically assisted bicycle 1. Then, the authentication processing unit 2241 notifies the smartphone 3000 of the authentication failure via the communication unit 221 (step S135).

When the application 3100 of the smartphone 3000 receives the data indicating the authentication failure from the communication unit 221, the application 3100 displays the authentication failure on the display device (step S137). In this case, for example, the application 3100 determines whether re-authentication is possible (step S147). For example, the number of times of authentication failure is counted, and it is determined whether or not the authentication has failed a predetermined number of times. If re-authentication is not possible, the application 3100 displays on the display device that the electrically assisted bicycle 1 is unusable (step S149). On the other hand, if re-authentication is possible, the application 3100 waits for a re-authentication instruction from the user, and upon receiving the re-authentication instruction from the user (step S151), the process proceeds to step S109 in FIG. Return to When instructing re-authentication, the user may be asked to re-enter the authentication code, for example.

If the authentication has failed or if connection to the smartphone 3000 is not possible (via terminal B), the authentication processing unit 2241 determines whether or not the authentication standby time measured in the initial process has elapsed (step S139). If the authentication standby time has not elapsed, the process moves to step S143. In this embodiment, since the user authentication data can be sent multiple times from the application 3100 of the smartphone 3000, even if authentication fails once, the authentication process is executed again until the authentication waiting time elapses. It looks like this.

On the other hand, if the authentication waiting time has elapsed without success in authentication, the authentication processing unit 2241 notifies the theft prevention processing unit 2243 that the authentication waiting time has elapsed. Then, the theft prevention processing unit 2243 turns on the theft prevention function (step S141). As a result, the theft prevention processing section 2243 causes the motor drive control section 1023 to perform an operation for theft prevention (step S142).

As mentioned above, for example, a short brake is applied to the motor 105 to prevent the vehicle from running. Alternatively, the motor 105 may be always in a regenerative state so that the vehicle can travel, but it may be made to feel uncomfortable to continue traveling, thereby hindering the vehicle from traveling. Furthermore, the motor 105 may be made to feel uncomfortable by not allowing the motor 105 to perform power running, or by suppressing the power running by suppressing the upper limit of output torque, assist ratio, or the like. Further, the upper limit speed for power running drive may be set to an extremely low speed (for example, from 0 km/h to 5 km/h), and when the upper limit speed is exceeded, regenerative braking is forcibly caused to prevent running. A combination of these may also be used. As a result, the unauthorized user is prevented from traveling freely, and is forced to give up on using the electrically assisted bicycle 1.

Additionally, a warning display may be displayed on the operation panel 106, or if a speaker is provided on the operation panel 106, a buzzer sound or other warning sound may be output.

Then, the control unit 1022 determines whether a shutdown instruction has been given by the user using the power switch on the operation panel 106, or whether an automatic shutdown condition is satisfied, such as that the motor and pedals have not been rotated for a certain period of time or more (step S143). If the shutdown is not performed, the process returns to the process of FIG. 5 via terminal D.

On the other hand, when shutting down, the control system 1022 shuts down (step S145).

Once it is shut down, it will start again from the initial process (Figure 6) and perform user authentication, so the user can automatically activate the anti-theft function by simply turning off the power when getting off the vehicle. It becomes like this.

[Embodiment 2]
In the first embodiment, a mode has been described in which re-authentication is not performed after initial user authentication before shutdown, but if the user forgets to turn off the power and leaves the electrically assisted bicycle 1. If this happens, an unauthorized user may start using the electrically assisted bicycle 1 while the power is on.

Therefore, in this embodiment, after the authentication end flag is turned on, the process shown in FIG. 8 is executed.

In this embodiment, it is assumed that measurement of the predetermined time for re-authentication starts after the authentication end flag is turned on in the first embodiment.

The theft prevention processing unit 2243 detects, for example, an event in which the vehicle speed calculated from the motor rotation is less than a threshold value and a predetermined time has elapsed since the previous authentication (step S201). For example, when a state such as stopping at an intersection is detected, it is determined whether a predetermined period of time has elapsed since the previous authentication, and if such conditions are met, it is assumed that this event has been detected. When this event is detected, measurement of authentication waiting time starts. This authentication waiting time may be the same as that in the first embodiment, or may be different. Since it is preferable to wait while the vehicle speed is less than the threshold value, a shorter time may be set than in the first embodiment.

Then, the theft prevention processing unit 2243 instructs the authentication processing unit 2241 to perform authentication, and the authentication processing unit 2241 transmits an authentication request to the smartphone 3000 via the communication unit 221 (step S203). Although it is assumed here that the link established in the first embodiment is maintained, the link may be established here. The authentication processing unit 2241 then waits to receive user authentication data (step S209).

On the other hand, upon receiving the authentication request from the communication unit 221 (step S205), the application 3100 of the smartphone 3000 returns user authentication data to the communication unit 221 (step S207). At this time, a display indicating that the authentication request has been received may be displayed on the display device of the smartphone 3000, and the smartphone 3000 may wait for an instruction from the user.

The authentication processing unit 2241 determines whether or not user authentication data has been received from the smartphone 3000 via the communication unit 221 (step S211), and if the user authentication data has not been received, the authentication processing unit 2241 It is determined whether the authentication standby time has elapsed (timed out), and if it has not timed out, the process returns to step S209 and waits for reception of user authentication data.

On the other hand, upon receiving the user authentication data, the authentication processing unit 2241 performs authentication processing on the received user authentication data using the authentication data stored in the authentication data storage unit 2242 (step S215). This is the same as step S121. Then, the authentication processing section 2241 outputs the authentication result to the theft prevention processing section 2243. Note that the authentication result may be notified to the smartphone 3000.

The theft prevention processing unit 2243 determines whether the authentication is successful or not (step S217). If the authentication is successful, the theft prevention processing unit 2243 instructs the authentication processing unit 2241 to measure a predetermined time for re-authentication, and waits until the next event is detected. (Step S223).

On the other hand, if the authentication has failed, the theft prevention processing unit 2243 turns on the theft prevention function (step S219). Thereby, the theft prevention processing unit 2243 causes the motor drive control unit 1023 to perform an operation for theft prevention (step S221).

By performing such processing, even if the user forgets to turn off the power when getting off the electric assist bicycle 1 and an unauthorized user rides it away, the anti-theft function can be turned on by re-authentication. Opportunities are available. In other words, even if an unauthorized user starts using the device midway through, the user will not be able to continue using it for a very long time.

Note that the reason why the vehicle speed is required to be less than the threshold in step S201 is to prevent the anti-theft function from suddenly turning on while driving. good. That is, although the processes from steps S203 to S223 are executed every predetermined period for re-authentication, it may be confirmed that the vehicle speed is less than the threshold value at the execution stage of step S219.

Furthermore, in a simple manner, it is periodically checked whether the link with the smartphone 3000 is maintained, and if it is confirmed that the link is disconnected, the vehicle speed is confirmed to be less than the threshold value. , the anti-theft function may be set to on.

[Embodiment 3]
In the first and second embodiments, the application 3100 of the smartphone 3000 is used, but authentication may be performed using another method.

In this embodiment, it is assumed that authentication is performed using, for example, a contactless IC card.

As schematically shown in FIG. 9, for example, an IC card reader with an IC card holder 5000 may be provided together with the operation panel 106 and connected to the control system 1022. Although shown here as being integrated with the operation panel 106, the IC card reader with IC card holder 5000 may be separated and installed on the electrically assisted bicycle 1.

In this embodiment, an authorized user sets an IC card 4000 into the IC card reader 5000 with an IC card holder when riding the electrically assisted bicycle 1.

The operation panel 106 includes an LED 1061 indicating power on/off, two 7-segment LEDs 1062, a switch 1065 for turning on or off the headlight 108, a switch 1064 for turning the power on/off and setting the mode. It also includes a mode display section 1063 for displaying the mode using an LED. Two 7-segment LEDs 1062 may be used to indicate authentication success or failure.

Predetermined user authentication data is recorded in such a non-contact type IC card 4000, and is read by an IC card reader 5000. In this embodiment, the authentication data storage unit 2242 holds authentication data so that it can correspond to user authentication data recorded on one or more IC cards 4000 distributed to those who are permitted to use the card. . For example, the same authentication data as the user authentication data recorded on each of the plurality of IC cards 4000 may be held, or a predetermined authentication data may be held for the user authentication data recorded on each of the plurality of IC cards 4000. The value obtained by performing the calculation may be held. This allows a group to share the electrically assisted bicycle 1.

Note that in this embodiment, it is assumed that the communication unit 221 shown in FIG. 2A is not used, and the IC card reader 5000 is connected to the control system 1022.

Next, specific operations in this embodiment will be described using FIGS. 10 and 11.

First, the user starts moving the electrically assisted bicycle 1. Then, the control unit 222 and the like execute initial processing (step S301). This process is the same as the process in FIG.

Then, the theft prevention processing unit 2243 determines whether the authentication completion flag is off (step S303). If the authentication end flag is set to OFF, the process shifts to the process in FIG. 11 via terminal H. On the other hand, if the authentication completion flag is on, the theft prevention processing unit 2243 instructs the authentication processing unit 2241 to perform processing, and the authentication processing unit 2241 waits for data reading by the IC card reader with IC card holder 5000 (step S305). The authentication processing unit 2241 waits for data reading for a certain period of time and determines whether data reading has been performed, that is, whether data has been received from the IC card reader 5000 by the IC card 4000 (step S307). If no data is read, the process shifts to the process shown in FIG. 11 via terminal G.

On the other hand, when data is received from the IC card reader 5000, the authentication processing unit 2241 performs authentication processing on the read data using the authentication data stored in the authentication data storage unit 2242 (step S309). ). The authentication processing section 2241 outputs the authentication result to the theft prevention processing section 2243. For example, the data received from the IC card reader 5000, that is, the user authentication data, is compared with the authentication data stored in the authentication data storage section 2242. During verification, a predetermined decoding process or a predetermined calculation may be performed. The process then shifts to the process shown in FIG. 11 via the terminal F.

Shifting to the explanation of the process in FIG. 11, the theft prevention processing unit 2243 determines whether or not the authentication is successful (step S311). If the authentication is successful, the theft prevention processing unit 2243 sets the authentication completion flag to ON (step S313). Further, the theft prevention processing unit 2243 sets the theft prevention function to OFF (step S315). Step S315 can be omitted if the anti-theft function is set to off in the initial process. Then, the theft prevention processing unit 2243 starts displaying the operation panel 106 (step S317). Thereby, the user can recognize that the electrically assisted bicycle 1 is now in a state where normal traveling is possible. The process then moves to step S337.

On the other hand, if the authentication fails, that is, if incorrect user authentication data is read, there is a possibility that an unauthorized user has started using the electrically assisted bicycle 1. Then, the theft prevention processing unit 2243 outputs, for example, a code representing authentication failure to the two 7-segment LEDs 1062 on the operation panel 106 (step S319). As shown in FIG. 9, "E" representing an error and "1" representing authentication failure may be displayed.

If the authentication fails or if the IC card reader 5000 cannot read data from the IC card 4000 (via terminal G), the authentication processing unit 2241 determines whether or not the authentication waiting time measured in the initial processing has elapsed. (Step S321). If the authentication standby time has not elapsed, the process moves to step S237. In this embodiment, since it is possible to accidentally insert a different IC card 4000 into the IC card holder, even if authentication fails once, the authentication process is executed again until the authentication wait time elapses. ing.

On the other hand, if the authentication waiting time has elapsed without success in authentication, the authentication processing unit 2241 notifies the theft prevention processing unit 2243 that the authentication waiting time has elapsed. Then, the theft prevention processing unit 2243 turns on the theft prevention function (step S323). As a result, the theft prevention processing section 2243 causes the motor drive control section 1023 to perform an operation for theft prevention (step S325). This step is similar to step S142 in the first embodiment.

Then, the control unit 1022 determines whether a shutdown instruction has been given by the user using the power switch on the operation panel 106, or whether an automatic shutdown condition is satisfied, such as that the motor and pedals have not been rotated for a certain period of time or more (step S337). If shutdown is not performed, the process returns to the process of FIG. 10 via terminal J.

On the other hand, when shutting down, the control system 1022 shuts down (step S339).

In this way, once the vehicle is shut down, it starts again from the initial process (Figure 6) and performs user authentication, so the user can activate the anti-theft function by simply turning off the power when getting off the vehicle. become able to.

When using the IC card 4000 instead of the smartphone 3000, user authentication data can be acquired more stably than short-range wireless communication.

Note that although an example using the IC card 4000 has been shown above, there are various variations in the method of acquiring user authentication data. For example, as schematically shown in FIG. 12, by providing a camera 1066 on the operation panel 106, it is possible to acquire image data for performing face authentication, for example. In this case, for example, feature data for face authentication of a legitimate user is extracted from image data using a predetermined algorithm and stored in the authentication data storage unit 2242, and during authentication processing, feature data is extracted from the image data using a predetermined algorithm. The authentication processing is executed by extracting the information and comparing the feature data stored in the authentication data storage unit 2242 with the feature data extracted this time.

Further, instead of face authentication, biometric authentication such as fingerprint authentication, vein authentication, iris authentication, etc. may be performed.

[Embodiment 4]
In the fourth embodiment as well, a mode has been described in which re-authentication is not performed after the initial user authentication is performed before shutting down. If this happens, an unauthorized user may start using the electrically assisted bicycle 1 while the power is on.

Therefore, in this embodiment as well, after the authentication end flag is turned on, the process shown in FIG. 13 is executed. Note that if the authorized user continues to use the electrically assisted bicycle 1, he or she continues to insert his or her IC card 4000 into the IC card reader with IC card holder 5000.

Further, in this embodiment, it is assumed that measurement of the predetermined time for re-authentication starts after the authentication end flag is turned on in the third embodiment.

The theft prevention processing unit 2243 detects, for example, an event in which the vehicle speed calculated from the motor rotation is less than a threshold value and a predetermined time has elapsed since the previous authentication (step S351). In this embodiment as well, when a state such as stopping at an intersection is detected, it is determined whether a predetermined period of time has passed since the previous authentication, and if such conditions are met, this event is detected. It shall be assumed that Note that when this event is detected, measurement of the authentication waiting time is started.

Then, the theft prevention processing unit 2243 instructs the authentication processing unit 2241 to perform authentication, and the authentication processing unit 2241 instructs the IC card reader 5000 to read data from the IC card 4000, and continues reading the data for a certain period of time. It waits (step S352).

The authentication processing unit 2241 waits for data reading for a certain period of time and determines whether data reading has been performed, that is, whether data has been received from the IC card reader 5000 by the IC card 4000 (step S353). If the data has not been read, the authentication processing unit 2241 determines whether the authentication waiting time has elapsed, that is, whether or not it has timed out (step S355). If the timeout has not occurred, the process returns to step S352. On the other hand, if the authentication waiting time elapses and times out, the process moves to step S361.

When data is read from the IC card 4000, the authentication processing unit 2241 performs authentication processing on the read data using authentication data stored in the authentication data storage unit 2242 (step S357). The authentication processing section 2241 outputs the authentication result to the theft prevention processing section 2243. This process is similar to step S309.

Then, the theft prevention processing unit 2243 determines whether or not the authentication is successful (step S359). If the authentication is successful, the current re-authentication process ends and the process waits until the next event. This confirms that a legitimate user is continuing to use it.

On the other hand, if the authentication fails, that is, if incorrect user authentication data is read, or if data cannot be read from the IC card 4000, there is a possibility that an unauthorized user has started riding the electrically assisted bicycle 1. Therefore, the theft prevention processing unit 2243 turns on the theft prevention function (step S361). As a result, the theft prevention processing section 2243 causes the motor drive control section 1023 to perform an operation for theft prevention (step S362). This step is similar to step S142 in the first embodiment.

Furthermore, the authentication processing unit 2241 outputs, for example, a code representing authentication failure to the two 7-segment LEDs 1062 on the operation panel 106 (step S363). As shown in FIG. 9, "E" representing an error and "1" representing authentication failure may be displayed.

By performing such processing, even if the user forgets to turn off the power when getting off the electric assist bicycle 1 and an unauthorized user rides it away, the anti-theft function can be turned on by re-authentication. Opportunities are available. In other words, even if an unauthorized user starts using the device midway through, the user will not be able to continue using it for a very long time.

Note that the reason why the vehicle speed is required to be less than the threshold in step S351 is to prevent the anti-theft function from suddenly turning on while driving. good. That is, although the processes from steps S352 to S363 are executed every predetermined period for re-authentication, it may be confirmed that the vehicle speed is less than a threshold value at the execution stage of step S362.

Furthermore, in a simple manner, it is periodically checked whether or not the IC card 4000 is inserted into the IC card reader 5000 with an IC card holder, and when it is confirmed that the IC card 4000 is removed, the vehicle speed is changed. After confirming that the value is less than the threshold value, the anti-theft function may be set to on.

This embodiment can be similarly applied even when biometric authentication is employed.

[Embodiment 5]
In the first to fourth embodiments, an example is shown in which the authentication process is performed by the electrically assisted bicycle 1, but the authentication process itself may be performed by a separately prepared authentication server. That is, the smartphone 3000 is used to transmit an identification code for identifying a specific electrically assisted bicycle 1 to an authentication server, cause the authentication server to perform user authentication, and send the authentication result from the authentication server to the electrically assisted bicycle specified by the identification code. The control system 1022 of the assisted bicycle 1 may be notified. In this case, the communication unit 221 does not perform communication according to the short-range wireless communication standard, but performs communication according to the data communication standard of a mobile phone, for example.

In this embodiment, since an authentication server is provided, various authentication methods can be employed.

[Embodiment 6]
In the first to fifth embodiments, if user authentication is successful, the electrically assisted bicycle 1 can be used without any restrictions. However, even after user authentication, in some cases, such as rental electrically assisted bicycles, usage restrictions may need to be imposed.

In this embodiment, it is assumed that not only user authentication but also confirmation of whether usage restriction conditions are satisfied is performed.

Note that the usage restriction conditions include conditions regarding travel distance, travel time, travel area, travel speed (vehicle speed), and the like. Here, conditions regarding the state in which usage is restricted are defined. For example, usage is restricted if the distance traveled exceeds 10 km, the travel time exceeds 2 hours, the travel area is outside a predetermined area, and the travel speed exceeds 20 km/h. Further, each condition may be associated with a usage restriction means. For example, usage restriction means may be individually set such that regenerative braking is applied when the traveling speed exceeds the upper limit, and short braking is applied in other cases. On the other hand, the same usage restriction means may be set for all conditions.

An overview of the operation in this embodiment will be explained using FIG. 14.

In this embodiment, the motor drive control device 102 includes a positioning unit that receives signals from a GPS (Global Positioning System) satellite 8000 and specifies position data. Further, the motor drive control device 102 calculates the traveling distance and traveling speed of the electrically assisted bicycle 1 from the motor rotation information from the motor 105, and measures the time elapsed since the authentication end flag was turned on, for example.

A legitimate user has installed an application 3100b for authentication and use of the electrically assisted bicycle 1 on the smartphone 3000, for example. The application 3100b communicates with the motor drive control device 102 according to, for example, a short-range wireless communication standard, and also communicates with a usage management server connected to a computer network 7000 such as the Internet. Do 6000.

The usage management server 6000 performs user authentication and processes such as billing. For example, billing details are determined according to usage restriction conditions. For example, if the usage restriction conditions are more relaxed, the fee will be higher, and if the usage restriction conditions are stricter, the fee will be lower. The usage management server 6000 generates usage restriction condition data representing the set usage restriction conditions and authenticated data, and transmits them to the application 3100b of the smartphone 3000.

The application 3100b of the smartphone 3000 transfers the authenticated data and usage restriction condition data to the motor drive control device 102. The motor drive control device 102 performs authentication using the authenticated data, holds usage restriction condition data in the case of successful authentication, and checks whether or not the usage restriction conditions are satisfied while the vehicle is running.

On the other hand, if the authentication fails, for example, similarly to the first embodiment, theft prevention operations are performed to prevent unauthorized users from freely using the electrically assisted bicycle 1.

FIG. 15 shows a configuration example of the motor drive control device 102 and the battery pack according to this embodiment. The difference from FIG. 2A is that the control system 1022 is now a control system 1022b, and the control system 1022b includes a communication unit 221 that performs communication according to the short-range wireless communication standard, and receives signals from the GPS satellite 8000. The positioning unit 223 includes a positioning unit 223 that generates position data based on the position information, and a control unit 222b that executes control in this embodiment. As shown in FIG. 2A, the control unit 222b is realized, for example, by the microprocessor 2221 executing a program, and stores the program and data in the memory 2222.

Further, an example of the functional configuration of the control section 222b according to this embodiment is shown in FIG.

The control unit 222b includes an authentication processing unit 2241b, an authentication data storage unit 2242b, a usage restriction condition data storage unit 2244, a determination unit 2245, and a restriction control unit 2246. The authentication data storage unit 2242b stores authentication data used to authenticate received authenticated data. The authentication processing unit 2241b executes authentication processing on the received authenticated data using the authentication data stored in the authentication data storage unit 2242b, and in the case of successful authentication, uses the received usage restriction condition data. The information is stored in the usage restriction condition data storage section 2244. Further, the determination unit 2245 determines whether the vehicle is traveling in accordance with the usage restriction conditions stored in the usage restriction condition data storage unit 2244, based on motor rotation information, position data, and the like. Note that the authentication data storage section 2242b may be unnecessary depending on the authentication method.

The restriction control unit 2246 causes the motor drive control unit 1023 to perform an operation to prevent theft in response to authentication failure, etc., or causes the motor drive control unit 1023 to perform an operation for preventing theft in response to a determination by the determination unit 2245 that the usage restriction conditions are satisfied. 1023 to execute the usage restriction operation.

Next, specific operations in this embodiment will be described using FIGS. 17 to 19.

The user starts the application 3100b installed on the smartphone 3000 and inputs a request to start using the electrically assisted bicycle 1. Then, the application 3100b transmits a usage start request to the usage management server 6000 (step S401). The usage management server 6000 receives a usage start request from the smartphone 3000 (step S403). Although not shown, at this stage, for example, authentication using a user ID and password may be performed.

The usage management server 6000 determines whether or not the usage start conditions are met based on the usage history, billing status, etc., and if the usage start conditions are met, the usage restriction conditions are also set based on the user's request from the application 3100b. is set, and usage restriction condition data including usage restriction conditions is generated (step S405). The usage management server 6000 then transmits the authenticated data and usage restriction condition data from the usage management server 6000 to the smartphone 3000 (step S407). The application 3100b of the smartphone 3000 receives the usage restriction condition data and the authenticated data from the usage management server 6000 (step S409).

Meanwhile, the user starts moving the electrically assisted bicycle 1. Then, the control unit 222b and the like of the electrically assisted bicycle 1 executes initial processing (step S411). This process is the same as the process in FIG. Note that the processing executed by the theft prevention processing unit 2243 is executed by the restriction control unit 2246.

After the initial processing, the restriction control unit 2246 determines whether the authentication end flag is off (step S413). If the authentication end flag is on, the process shifts to the process of FIG. 19 via terminal K. On the other hand, if the authentication end flag is off, the control unit 222b waits to receive a connection request via the communication unit 221 (step S417).

In response, the application 3100b of the smartphone 3000 transmits a connection request to the communication unit 221 of the electrically assisted bicycle 1 after step S409 (step S415).

If there is no connection request from the smartphone 3000 within a certain period of time, the process shifts to the process in FIG. 19 via the terminal L. On the other hand, upon receiving a connection request from the smartphone 3000, the smartphone 3000 and the communication unit 221 establish a link (step S421). Note that if the link cannot be established, the process moves to the process of FIG. 19 via the terminal L.

Once the link is established, the application 3100b of the smartphone 3000 transmits the authenticated data to the communication unit 221 (step S423). In response, the communication unit 221 receives authenticated data from the application 3100b of the smartphone 3000 (step S425), and outputs it to the authentication processing unit 2241b. The authentication processing unit 2241b uses the authentication data stored in the authentication data storage unit 2242b to perform authentication processing on the authenticated data (step S427). For example, it is determined whether the authenticated data is genuine authenticated data based on the authentication data stored in the authentication data storage section 2242b. The authentication processing section 2241b outputs the authentication result to the restriction control section 2246. The process then shifts to the process shown in FIG. 18 via the terminal M.

Moving on to the description of the process in FIG. 18, the authentication processing unit 2241b determines whether or not the authentication is successful (step S429). If the authentication fails here, the process shifts to the process of FIG. 19 via the terminal P. On the other hand, if the authentication is successful, the authentication processing unit 2241b transmits the authentication success to the smartphone 3000 via the communication unit 221 (step S431). When the application 3100b of the smartphone 3000 receives data indicating successful authentication from the communication unit 221, it displays the successful authentication on the display device (step S433). This allows the user to recognize that he or she can now drive normally.

Further, the restriction control unit 2246 sets the authentication end flag to ON (step S435). Furthermore, the restriction control unit 2246 sets the anti-theft function to OFF (step S437). Step S437 can be omitted if the anti-theft function is set to off in the initial process. Then, the restriction control unit 2246 starts displaying the operation panel 106 (step S439). Thereby, the user can recognize that the electrically assisted bicycle 1 is now in a state where normal traveling is possible.

The application 3100b of the smartphone 3000 further transmits usage restriction condition data to the communication unit 221 (step S441). The communication unit 221 receives the usage restriction condition data from the smartphone 3000, and stores it in the usage restriction condition data storage unit 2244 (step S443). Then, the restriction control unit 2246 instructs the determination unit 2245 to start processing, and the determination unit 2245 and restriction control unit 2246 start control processing based on the usage restriction conditions (step S445). If the travel time or travel distance is used as a usage restriction condition, the determination unit 2245 starts measuring the travel time or travel distance. This control process will be explained separately. The process then shifts to the process shown in FIG. 19 via the terminal K.

On the other hand, if the authentication fails, the process shifts to the process shown in FIG. The authentication failure is notified to the client (step S447).

When the application 3100b of the smartphone 3000 receives the data indicating the authentication failure from the communication unit 221, the application 3100b displays the authentication failure on the display device (step S449). In this case, for example, the application 3100b determines whether re-authentication is possible (step S451). For example, the number of times of authentication failure is counted, and it is determined whether or not the authentication has failed a predetermined number of times. If re-authentication is not possible, the application 3100b displays on the display device that the electrically assisted bicycle 1 is unusable (step S453). On the other hand, if re-authentication is possible, the application 3100b waits for a re-authentication instruction from the user, and upon receiving the re-authentication instruction from the user (step S455), the process returns to the process of FIG. return.

If the authentication fails or if connection to the smartphone 3000 is not possible (via terminal L), the authentication processing unit 2241b determines whether or not the authentication standby time measured in the initial process has elapsed (step S457). If the authentication standby time has not elapsed, the process moves to step S463. In this embodiment, since the authenticated data can be sent multiple times from the application 3100b of the smartphone 3000, even if authentication fails once, the authentication process is executed again until the authentication waiting time elapses. It looks like this.

On the other hand, if the authentication waiting time has elapsed without success in authentication, the authentication processing unit 2241b notifies the restriction control unit 2246 that the authentication waiting time has elapsed. Then, the restriction control unit 2246 turns on the anti-theft function (step S459). As a result, the restriction control unit 2246 causes the motor drive control unit 1023 to perform an operation for preventing theft (step S461). This process is similar to the first embodiment.

Then, the control unit 1022 determines whether a shutdown instruction has been given by the user using the power switch on the operation panel 106, or whether an automatic shutdown condition is satisfied, such as that the motor and pedals have not been rotated for a certain period of time or more (step S463). If shutdown is not performed, the process returns to the process of FIG. 17 via terminal R.

On the other hand, when shutting down, the control system 1022 shuts down (step S465).

Once it is shut down, it will start again from the initial process (Figure 6) and perform user authentication, allowing the user to activate the anti-theft function by simply turning off the power when getting off the vehicle. .

Next, an example of control processing based on usage restriction conditions will be described using FIG. 20.

First, the determination unit 2245 reads usage restriction condition data from the usage restriction condition data storage unit 2244, and obtains data related to the set usage restriction condition (step S501). For example, if travel time is a usage restriction condition, data on the current travel time is acquired, and if travel distance is a usage restriction condition, data on the current travel distance is acquired. The travel distance is calculated by, for example, motor rotation speed x wheel circumference.

Then, the determination unit 2245 determines whether the usage restriction conditions are satisfied based on the acquired data (step S503).

If a usage restriction condition is set regarding the traveling speed, it is determined whether the traveling speed exceeds a threshold value. If usage restriction conditions have been set for mileage, it is determined whether or not the mileage since the authentication end flag was turned on, for example, exceeds a threshold value. If a usage restriction condition regarding travel time is set, it is determined whether or not the travel time after the authentication end flag is turned on, for example, exceeds a threshold value. Further, if usage restriction conditions regarding the driving area have been set, it is determined whether the current position is outside the set area.

If the usage restriction conditions are not satisfied based on the acquired data, the determination unit 2245 causes the restriction control unit 2246 to execute normal control processing (step S507). Further, the determination unit 2245 causes the operation panel 106 to stop displaying that the usage restriction conditions are met. The process then moves to step S509.

On the other hand, if the usage restriction conditions are satisfied, the determination unit 2245 instructs the restriction control unit 2246 to restrict usage, and causes the operation panel 106 to display a message indicating that the usage restriction conditions are satisfied. If the operation panel 106 is capable of displaying the type of usage restriction condition, it will also display the type of usage restriction condition.

The restriction control unit 2246 performs, in accordance with the usage restriction instruction from the determination unit 2245, for example, forced regeneration control that forcibly performs regenerative braking, or constant speed regeneration that performs regenerative braking based on the difference between the set speed and the traveling speed. Control is executed (step S505).

In addition, in the case of forced regeneration control, it is control to perform regenerative braking so as to produce a predetermined amount of regeneration, for example. Normally, regenerative braking is not performed when the passenger pedals and the torque sensor 103 detects torque, but in this embodiment, when forced regeneration control is performed, the Regenerative braking is performed regardless of whether the passenger is pedaling or not. This makes it possible for the passenger to feel the difficulty of driving.

In the case of constant speed regeneration control, the amount of regeneration is determined based on the difference between the set speed (for example, the same value as the travel speed threshold. However, a lower threshold may be set) and the current travel speed, This is control to perform regenerative braking to produce the amount of regeneration. More specifically, when the current traveling speed exceeds the set speed, the amount of regeneration is set in proportion to the difference, forcing the vehicle to travel at the set speed or lower.

Whether to perform forced regeneration control or constant speed regeneration control may also be set in advance together with the usage restriction conditions. That is, constant speed regeneration control may be set for the usage restriction condition regarding the traveling speed, and forced regeneration control may be set for the usage restriction condition regarding the travel time.

Then, the control unit 222b determines whether a shutdown has been instructed or whether conditions for automatic shutdown have been satisfied (step S509). If there is no shutdown instruction and the automatic shutdown conditions are not met, the process returns to step S501. On the other hand, if a shutdown is instructed or if the automatic shutdown conditions are met, the process ends.

By executing the above-described processing, control may be performed to allow the vehicle to freely continue traveling if the usage restriction conditions are not met, and to prevent travel if the usage restriction conditions are met. Note that the power running drive may be limited as described in the first embodiment.

Note that in the processing flow described above, an example was shown in which user authenticated data and usage restriction condition data are received separately, but they are received together and registered in the usage restriction condition data storage unit 2244 when authentication is successful. You can do it like this.

[Embodiment 7]
This embodiment is a modification of the sixth embodiment so that the smartphone 3000 is not used like the third embodiment.

An overview of this embodiment is shown in FIG. In this embodiment, the user authentication data recorded on the IC card 4000 is read by the IC card reader with IC card holder 5000, and the communication unit 221 of the motor drive control device 102 is caused to transmit it to the usage management server 6000. Since the communication unit 221 directly communicates with the usage management server 6000 instead of the smartphone 3000, the communication unit 221 performs communication in accordance with, for example, data communication standards for mobile phones.

The usage management server 6000 executes authentication processing using the received user authentication data, and transmits the authentication result to the motor drive control device 102. If the authentication is successful, the usage management server 6000 also transmits usage restriction condition data for the user specified by the user authentication data to the motor drive control device 102. The motor drive control device 102 performs the same processing as in the third embodiment based on the authentication result. Further, if the authentication is successful, the motor drive control device 102 also performs control processing based on the usage restriction conditions defined in the usage restriction condition data.

Next, specific operations in this embodiment will be described using FIGS. 22 and 23.

First, the user starts moving the electrically assisted bicycle 1. Then, the control unit 222 and the like execute initial processing (step S601). This process is the same as the process in FIG. Note that the processing executed by the theft prevention processing unit 2243 is executed by the restriction control unit 2246.

After the initial processing, the restriction control unit 2246 determines whether the authentication end flag is off (step S603). If the authentication end flag is set to OFF, the process shifts to the process shown in FIG. 22 via the terminal T. On the other hand, if the authentication end flag is on, the restriction control unit 2246 instructs the authentication processing unit 2241b to perform processing, and the authentication processing unit 2241b waits for data reading by the IC card reader with IC card holder 5000 (step S605). ). The authentication processing unit 2241b waits for data reading for a certain period of time and determines whether data reading has been performed, that is, whether data has been received from the IC card reader 5000 by the IC card 4000 (step S607). If no data is read, the process shifts to the process shown in FIG. 23 via the terminal U.

On the other hand, when data is received from the IC card reader 5000, the authentication processing unit 2241b transmits the read data, that is, user authentication data, to the usage management server 6000 via the communication unit 221 (step S609).

The usage management server 6000 receives read data, that is, user authentication data (step S611), and executes authentication processing using the user authentication data (step S613). For example, it is determined whether the authentication data matches pre-registered authentication data. The usage management server 6000 then transmits the authentication result to the communication unit 221 (step S615). The authentication processing unit 2241b receives the authentication result via the communication unit 221 (step S617). The authentication processing section 2241b outputs the authentication result to the restriction control section 2246. The process shifts to the process shown in FIG. 23 via the terminal S.

Moving on to the description of the process in FIG. 23, the authentication processing unit 2241b determines whether or not the authentication was successful (step S619). If the authentication is successful, the restriction control unit 2246 sets the authentication end flag to on (step S621). Further, the restriction control unit 2246 sets the anti-theft function to OFF (step S623). Step S623 can be omitted if the anti-theft function is set to off in the initial process. Then, the restriction control unit 2246 starts displaying the operation panel 106 (step S625). Thereby, the user can recognize that the electrically assisted bicycle 1 is now in a state where normal traveling is possible.

Further, the restriction control unit 2246 transmits a request for usage restriction condition data to the usage management server 6000, for example, via the authentication processing unit 2241b and the communication unit 221 (step S627). When the usage management server 6000 receives the request for usage restriction condition data (step S629), it reads the usage restriction condition data for the user specified by the user authentication data, for example, and transmits it to the communication unit 221 (step S631). Note that, in the case of successful authentication, use restriction condition data may be transmitted together with the authentication result.

When the authentication processing unit 2241b receives the usage restriction condition data via the communication unit 221, it stores it in the usage restriction condition data storage unit 2244 (step S633). Then, the restriction control unit 2246 instructs the determination unit 2245 to start processing, and the determination unit 2245 and restriction control unit 2246 start control processing based on the usage restriction conditions (step S635). If the travel time or travel distance is used as a usage restriction condition, the determination unit 2245 starts measuring the travel time or travel distance. Regarding this control process, execution of the process shown in FIG. 20 is started. The process then moves to step S645.

On the other hand, if the authentication fails, that is, if incorrect user authentication data is read, there is a possibility that an unauthorized user has started using the electrically assisted bicycle 1. Then, the restriction control unit 2246 outputs, for example, a code representing authentication failure to the two 7-segment LEDs 1062 on the operation panel 106 (step S637). As shown in FIG. 9, "E" representing an error and "1" representing authentication failure may be displayed.

If the authentication fails or if the IC card reader 5000 cannot read data from the IC card 4000 (via terminal U), the authentication processing unit 2241b determines whether or not the authentication waiting time that was started to be measured in the initial processing has elapsed. (Step S639). If the authentication standby time has not elapsed, the process moves to step S645. In this embodiment, since a different IC card 4000 may be mistakenly pointed to the IC card holder, even if authentication fails once, the authentication process is executed again until the authentication wait time elapses. ing.

On the other hand, if the authentication waiting time elapses without success in authentication, the authentication processing unit 2241b notifies the restriction control unit 2246 that the authentication waiting time has elapsed. Then, the restriction control unit 2246 turns on the anti-theft function (step S641). As a result, the restriction control section 2246 causes the motor drive control section 1023 to perform an operation for preventing theft (step S643). This step is similar to step S142 in the first embodiment.

Then, the control unit 1022 determines whether a shutdown instruction has been given by the user using the power switch on the operation panel 106, or whether an automatic shutdown condition that, for example, the motor rotation and pedal rotation have not been performed for a certain period of time or more is satisfied (step S645). If the shutdown is not performed, the process returns to the process of FIG. 22 via the terminal V.

On the other hand, when shutting down, the control system 1022 shuts down (step S647).

In this way, once the vehicle is shut down, it starts again from the initial process (Figure 6) and performs user authentication, so the user can activate the anti-theft function by simply turning off the power when getting off the vehicle. become able to.

When using the IC card 4000 instead of the smartphone 3000, user authentication data can be acquired more stably than short-range wireless communication.

Note that although an example using the IC card 4000 has been shown above, there are various variations in the authentication method. Biometric authentication as described in the third embodiment may also be used.

[Embodiment 8]
In the sixth and seventh embodiments, as in the second embodiment, not only is authentication performed initially, but also authentication is performed thereafter, so that the user may forget to turn off the power and have the device stolen by an unauthorized user. It may also be possible to prevent this from happening.

Although the embodiments of the present invention have been described above, the present invention is not limited thereto. For example, depending on the purpose, any technical feature in each embodiment described above may be deleted, or any technical feature described in other embodiments may be added. Also good.

Furthermore, the functional block diagram described above is an example, and one functional block may be divided into a plurality of functional blocks, or a plurality of functional blocks may be integrated into one functional block. Regarding the processing flow, the order of steps may be changed or a plurality of steps may be executed in parallel, as long as the processing content remains the same.

Further, as for the control units 222 and 222b, part or all of them may be implemented with a dedicated circuit, or the functions described above may be realized by executing a program prepared in advance. Also good.

There are various types of user authentication that can be adopted in this embodiment, and the types are not limited to the types described above. The type of data used differs depending on the user authentication adopted, and the type of data used in the above explanation is only an example.

Further, instead of the usage restriction conditions described above, usage permission conditions may be set.

The embodiments described above can be summarized as follows.

The motor control device according to this embodiment includes a first control section (for example, motor drive control section 1023) that controls the motor, and a second control section (for example, control system 1022) that controls the first control section. , a starting auxiliary unit (for example, auxiliary unit 1028) that detects that the motor is rotated by an external force while no power is being supplied to the second control unit and starts supplying power to the second control unit; has. Then, when the power supply is started by the start-up assisting part or the user's instruction, the second control unit attempts user authentication or waits for the execution of the user authentication, and if the user authentication fails (for a predetermined period of time after the start-up) (including cases in which user authentication is not successful within a predetermined period of time) or if the user authentication is not performed within a predetermined period of time after startup, the first control unit is configured to set predetermined drive limits and predetermined braking. and at least one of the following.

According to this motor control device, as long as the power is off, if an unauthorized user performs an action such as rotating the motor or turns on the power himself, it will automatically attempt user authentication or perform other operations. Since the device waits for user authentication by the authentication device, the anti-theft function is activated unless the user is a legitimate user. On the other hand, if the user is a legitimate user, the user authentication will be successful and the user will be able to use the service as usual. In other words, the effort required to activate the anti-theft function can be reduced.

Note that the second control unit described above attempts user re-authentication or waits for the user re-authentication after the user authentication is successful, and if the user re-authentication fails or the user re-authentication is the second one. If it is not performed within a predetermined time, at least one of a predetermined second drive restriction and a predetermined second braking may be performed.

Even if the user forgets to turn off the power, the anti-theft function is activated if there is a problem after re-authenticating the user, thereby making it possible to prevent the user from driving. Note that, for example, if the speed of the electrically assisted vehicle is less than the threshold, at least one of the predetermined second drive restriction and the predetermined second braking can be performed, and sufficient safety can be achieved. Secured. Furthermore, user re-authentication may be attempted in a state where the speed of the device equipped with the motor is less than a threshold value. Greater safety.

Furthermore, the second control unit described above may automatically transition to the power-off state when predetermined running conditions are met. Even if you forget to turn off the power, the theft deterrent effect will be enhanced if, for example, the event that the motor or pedal has not been rotated for a certain period of time is detected and the power is automatically turned off.

Note that the predetermined drive limitation or the second drive limitation described above may be suppression or prohibition of assist drive. Further, the predetermined braking or the second braking may be short braking, regenerative braking, or braking that causes the generated power to be consumed within the motor while producing braking torque. Various measures can be adopted and combinations of various measures are possible to prevent unauthorized users from running freely.

Furthermore, the second control unit described above executes user authentication based on authentication data received from an external communication device (for example, the user's smartphone 3000), or ) may wait for user authentication to be performed. For example, user authentication may be performed in conjunction with a smartphone.

Further, the present motor control device may further include an IC card reader or a biometric data reading section. In this case, the second control unit described above performs user authentication based on authentication data read from the IC card by an IC card reader or authentication data read from the user by a biometric data reading unit, or It may be arranged to wait for an external authentication device to perform user authentication based on authentication data read from an IC card by an IC card reader or authentication data read from a user by a biometric data reader. In this way, it is possible to link not only with smartphones but also with IC cards and utilize biometric authentication.

Furthermore, the second control unit described above further determines whether or not the set usage restriction conditions are satisfied or whether the set usage permission conditions are violated, and determines whether the usage restriction conditions are satisfied. or if it is determined that the usage permission conditions are violated, at least one of a predetermined third drive restriction and a predetermined third braking (for example, step S505) is performed. You can do it like this. Even if user authentication is successful, it may not be the appropriate use. By setting usage restriction conditions or usage availability conditions in this way, it is confirmed whether or not the usage is being done appropriately, and if the usage is not appropriate, the usage is prevented. Since the user authentication has been successful, the degree to which usage is hindered may be lowered than when the user authentication has failed.

Regarding the third drive restriction, as described above, a short brake is applied to the motor to prevent running. Alternatively, the motor may always be in a regenerative state so that the vehicle can travel, but the vehicle may feel uncomfortable to continue traveling, thus hindering the vehicle from traveling. Furthermore, the motor may be made to feel uncomfortable by not allowing the motor to perform power running, or by suppressing power running by suppressing the upper limit of output torque, assist ratio, or the like. Furthermore, the upper limit speed at which power running drive is performed may be set to an extremely low speed, and when the upper limit speed is exceeded, regenerative braking is forcibly caused to impede running. A combination of these may also be used.

Furthermore, regarding the third braking, not only forced regeneration control that forcibly performs regenerative braking, constant speed regeneration control that performs regenerative braking based on the difference between the set speed and the traveling speed, but also short braking or braking torque In some cases, this is braking that causes the generated power to be consumed within the motor while causing the

Note that the conditions included in the usage restriction conditions or the usage permission conditions may be at least one of travel time, travel distance, travel speed, and geographical conditions.

Further, the second control unit described above may start displaying the operation panel after the user authentication is successful. The user can easily recognize that user authentication has been successful. Conversely, while attempting user authentication or waiting for user authentication to be performed, the operation panel display may be suppressed. This is to hide automatic startup from unauthorized users.

Further, the second control unit described above is configured to display a warning on the operation panel or output an alarm sound if user authentication fails or if user authentication is not performed within a predetermined period. It's okay. This is to increase the effectiveness of deterring theft by indicating to the outside that the user is an unauthorized user.

Such configurations are not limited to those described in the embodiments, and may be implemented with other configurations that provide substantially the same effects.

2241, 2241b Authentication processing section 2242, 2242b Authentication data storage section 2243 Anti-theft processing section 2244 Usage restriction condition data storage section 2245 Judgment section 2246 Restriction control section

Claims (11)

a first control unit that controls the motor;
a second control section that controls the first control section;
a starting auxiliary unit that detects that the motor is rotated by an external force while no power is being supplied to the second control unit and starts supplying power to the second control unit;
has
The second control unit includes:
When power is started to be supplied to the second control unit by the start-up assisting unit in a state where power is not being supplied to the second control unit , user authentication is attempted or the user authentication is waited for. If the user authentication fails or if the user authentication is not performed within a predetermined time after startup, the first control unit is configured to apply at least one of a predetermined drive restriction and a predetermined braking. motor control device. The second control unit includes:
If the user re-authentication is attempted or the user re-authentication is waited for after the user authentication is successful, and the user re-authentication fails or the user re-authentication is not performed within a second predetermined time, The motor control device according to claim 1, wherein at least one of a predetermined second drive restriction and a predetermined second braking is performed. The second control unit includes:
The motor control device according to claim 1 or 2, wherein the motor control device automatically transitions to a power-off state when a predetermined running condition is satisfied. The predetermined drive limitation or the second drive limitation is suppression or prohibition of assist drive,
The motor according to any one of claims 1 to 3, wherein the predetermined braking or the second braking is short braking, regenerative braking, or braking that causes generated power to be consumed within the motor while producing braking torque. Control device. The second control unit,
The user authentication is performed based on authentication data received from an external communication device, or
The motor control device according to any one of claims 1 to 4, wherein the motor control device waits for user authentication to be performed by an authentication device. It further includes an IC card reader or a biometric data reading section,
The second control unit,
The user authentication is performed based on authentication data read from the IC card by the IC card reader or authentication data read from the user by the biometric data reader, or the authentication read from the IC card by the IC card reader. The motor control device according to any one of claims 1 to 4, wherein the motor control device waits for an external authentication device to perform user authentication based on data or authentication data read from the user by the biometric data reading unit. The second control unit includes:
We further determine whether the set usage restriction conditions are met or the set usage permission conditions are violated, and if it is determined that the usage restriction conditions are met or the usage permission conditions are violated. The motor control device according to any one of claims 1 to 6, wherein when it is determined that the motor control device is present, at least one of a predetermined third drive restriction and a predetermined third braking is performed. The motor control device according to claim 7, wherein the conditions included in the usage restriction conditions or the usage permission conditions are at least one of travel time, travel distance, travel speed, and geographical conditions. The second control unit includes:
The motor control device according to any one of claims 1 to 8, wherein the operation panel display is started after the user authentication is successful. The second control unit includes:
Any one of claims 1 to 9, wherein if the user authentication fails or if the user authentication is not performed within the predetermined time , a warning display or an alarm sound is output on the operation panel. motor control device. An electrically assisted vehicle comprising the motor control device according to any one of claims 1 to 10.

Images