TW202415569A - Autonomous vehicle communication security system and method in which the autonomous vehicle communication security system includes a vehicle-mounted communication device and a terminal communication device - Google Patents

Autonomous vehicle communication security system and method in which the autonomous vehicle communication security system includes a vehicle-mounted communication device and a terminal communication device Download PDF

Info

Publication number
TW202415569A
TW202415569A TW111139125A TW111139125A TW202415569A TW 202415569 A TW202415569 A TW 202415569A TW 111139125 A TW111139125 A TW 111139125A TW 111139125 A TW111139125 A TW 111139125A TW 202415569 A TW202415569 A TW 202415569A
Authority
TW
Taiwan
Prior art keywords
vehicle
communication
terminal
processor
communication device
Prior art date
Application number
TW111139125A
Other languages
Chinese (zh)
Inventor
張偉鉉
Original Assignee
財團法人車輛研究測試中心
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 財團法人車輛研究測試中心 filed Critical 財團法人車輛研究測試中心
Priority to TW111139125A priority Critical patent/TW202415569A/en
Publication of TW202415569A publication Critical patent/TW202415569A/en

Links

Images

Landscapes

  • Selective Calling Equipment (AREA)

Abstract

An autonomous vehicle communication security system and method are provided. The system includes a vehicle-mounted communication device and a terminal communication device. At least two communication channels are established between the vehicle-mounted communication device and the terminal communication device. At least one vehicle-mounted processor of the vehicle-mounted communication device generates a key based on at least one piece of vehicle information, stores the key in a packet, encrypts and compresses the packet, and transmits it to the outside through the at least two communication channels. At least one terminal processor of the terminal communication device receives at least two encrypted and compressed packets from the at least two communication channels, and decompresses and decrypts them to obtain at least two keys to be verified. The terminal processor determines whether the at least two keys to be verified are consistent to control the connection status of the at least two communication channels.

Description

自動駕駛車輛通訊安全系統及方法Autonomous driving vehicle communication safety system and method

本發明涉及一種通訊安全系統及通訊方法,特別是指自動駕駛車輛通訊安全系統及方法。The present invention relates to a communication safety system and a communication method, and in particular to an automatic driving vehicle communication safety system and method.

一自動駕駛車輛可透過無線通訊技術連線至一路側單元(Road Side Unit, RSU)、一後台資訊站或另一自動駕駛車輛,如此一來,該自動駕駛車輛除了可分享本身的車輛資訊(例如:衛星定位座標、加減速資訊、行車影像、路況與車速...等)至該路側單元、該後台資訊站或該另一自動駕駛車輛,也可從該路側單元、該後台資訊站或該另一自動駕駛車輛接收資料,並據以進行自動駕駛決策,例如車速控制(定速、加速、減速、煞車)、路線控制(如:直行、轉彎、超車、路邊停靠)及變換車隊隊形…等。An autonomous vehicle can be connected to a road side unit (RSU) through wireless communication technology. RSU), a background information station or another autonomous vehicle. In this way, the autonomous vehicle can not only share its own vehicle information (such as satellite positioning coordinates, acceleration and deceleration information, driving images, road conditions and speed, etc.) with the roadside unit, the background information station or the other autonomous vehicle, but also receive data from the roadside unit, the background information station or the other autonomous vehicle and make autonomous driving decisions based on it, such as speed control (constant speed, acceleration, deceleration, braking), route control (such as: straight, turning, overtaking, roadside parking) and changing the formation of the convoy, etc.

由此可見,無線通訊技術已是該自動駕駛車輛的重要配備,確保該自動駕駛車輛的通訊安全固然是一重要課題。舉例而言,若該自動駕駛車輛與其連線對象之間的通訊被駭客入侵並竄改資料,該自動駕駛車輛及連線對象恐收到錯誤資訊,導致該自動駕駛車輛根據錯誤資訊而無法做出正確的駕駛決策,且該自動駕駛車輛的連線對象根據錯誤資訊而無法有效掌握該自動駕駛車輛的行車狀況。It can be seen that wireless communication technology has become an important feature of the autonomous vehicle, and ensuring the communication security of the autonomous vehicle is of course an important issue. For example, if the communication between the autonomous vehicle and its connected object is hacked and the data is tampered with, the autonomous vehicle and the connected object may receive erroneous information, causing the autonomous vehicle to be unable to make correct driving decisions based on the erroneous information, and the connected object of the autonomous vehicle cannot effectively grasp the driving status of the autonomous vehicle based on the erroneous information.

有鑒於此,本發明的主要目的是提供一種自動駕駛車輛通訊安全系統及方法,以期實現多通訊通道之間的交互驗證,提高自動駕駛車輛及連線對象之間的通訊安全。In view of this, the main purpose of the present invention is to provide an autonomous vehicle communication security system and method, so as to realize interactive verification between multiple communication channels and improve the communication security between the autonomous vehicle and the connection object.

本發明自動駕駛車輛通訊安全系統包含: 一車載通訊裝置,供設置在一自動駕駛車輛,且包含至少一車載處理器與電性連接所述車載處理器的複數車載通訊介面,所述車載處理器根據該自動駕駛車輛的至少一本車資訊產生一金鑰,將該金鑰儲存於一封包;以及 一終端通訊裝置,與該車載通訊裝置分離設置,且包含至少一終端處理器與電性連接所述終端處理器的複數終端通訊介面,該複數終端通訊介面中的至少兩者與該複數車載通訊介面中的至少兩者建立至少兩通訊通道; 其中,所述車載處理器加密與壓縮該封包後透過至少兩通訊通道對外傳輸,所述終端處理器分別從該至少兩通訊通道接收至少兩被加密與被壓縮的封包,並分別解壓縮和解密該至少兩被加密與被壓縮的封包後,得到至少兩待驗證金鑰;所述終端處理器判斷該至少兩待驗證金鑰是否一致,以控制該至少兩通訊通道的連線狀態。 The autonomous vehicle communication safety system of the present invention comprises: an on-board communication device, which is provided in an autonomous vehicle and comprises at least one on-board processor and a plurality of on-board communication interfaces electrically connected to the on-board processor, wherein the on-board processor generates a key according to at least one vehicle information of the autonomous vehicle and stores the key in a package; and a terminal communication device, which is provided separately from the on-board communication device and comprises at least one terminal processor and a plurality of terminal communication interfaces electrically connected to the terminal processor, wherein at least two of the plurality of terminal communication interfaces establish at least two communication channels with at least two of the plurality of on-board communication interfaces; The vehicle-mounted processor encrypts and compresses the packet and transmits it externally through at least two communication channels. The terminal processor receives at least two encrypted and compressed packets from the at least two communication channels respectively, and decompresses and decrypts the at least two encrypted and compressed packets respectively to obtain at least two keys to be verified. The terminal processor determines whether the at least two keys to be verified are consistent to control the connection status of the at least two communication channels.

本發明自動駕駛車輛通訊安全方法,於一車載通訊裝置與一終端通訊裝置實施,該車載通訊裝置與該終端通訊裝置之間建立至少兩通訊通道,該自動駕駛車輛通訊安全方法包含: 由該車載通訊裝置的至少一車載處理器根據一自動駕駛車輛的至少一本車資訊產生一金鑰; 由所述車載處理器將該金鑰儲存於一封包,並加密與壓縮該封包後,分別透過該至少兩通訊通道對外傳輸; 由該終端通訊裝置的至少一終端處理器分別從該至少兩通訊通道接收至少兩被加密與被壓縮的封包; 由所述終端處理器分別解壓縮和解密該至少兩被加密與被壓縮的封包後,得到至少兩待驗證金鑰;以及 由所述終端處理器判斷該至少兩待驗證金鑰是否一致,以控制該至少兩通訊通道的連線狀態。 The autonomous vehicle communication security method of the present invention is implemented in a vehicle communication device and a terminal communication device, and at least two communication channels are established between the vehicle communication device and the terminal communication device. The autonomous vehicle communication security method comprises: At least one vehicle processor of the vehicle communication device generates a key according to at least one vehicle information of an autonomous vehicle; The vehicle processor stores the key in a packet, encrypts and compresses the packet, and transmits it to the outside through the at least two communication channels respectively; At least one terminal processor of the terminal communication device receives at least two encrypted and compressed packets from the at least two communication channels respectively; The terminal processor decompresses and decrypts the at least two encrypted and compressed packets respectively to obtain at least two keys to be verified; and the terminal processor determines whether the at least two keys to be verified are consistent to control the connection status of the at least two communication channels.

本發明由所述車載處理器將獨一無二的該金鑰儲存於該封包中,根據該車載通訊裝置和該終端通訊裝置之間的協同運作,即涉及該封包的加密、壓縮、透過該至少兩通訊通道進行傳輸、解壓縮、解密後,所述終端處理器取得分別對應於該至少兩通訊通道的待驗證金鑰。The present invention stores the unique key in the packet by the vehicle-mounted processor. According to the cooperative operation between the vehicle-mounted communication device and the terminal communication device, that is, after the packet is encrypted, compressed, transmitted through the at least two communication channels, decompressed, and decrypted, the terminal processor obtains the keys to be verified corresponding to the at least two communication channels respectively.

本發明由所述終端處理器判斷該至少兩待驗證金鑰為是否彼此一致,以實現多通訊通道交互驗證的目的,說明如後。當所述終端處理器判斷該至少兩待驗證金鑰為彼此一致時,代表該車載通訊裝置和該終端通訊裝置之間的多個通訊通道是安全的,而可維持目前的連線狀態。反之,當所述終端處理器判斷出該至少兩待驗證金鑰不一致時,代表該車載通訊裝置和該終端通訊裝置之間的多個通訊通道相對不安全,理由在於駭客可能入侵該通訊通道並竄改封包資料,此時,本發明可立即改變該至少兩通訊通道的連線狀態,藉此避免在通訊通道不安全的疑慮下傳輸資料,確保通訊安全。The present invention determines whether the at least two keys to be verified are consistent with each other by the terminal processor to achieve the purpose of interactive verification of multiple communication channels, as described below. When the terminal processor determines that the at least two keys to be verified are consistent with each other, it means that the multiple communication channels between the vehicle-mounted communication device and the terminal communication device are safe and the current connection status can be maintained. On the contrary, when the terminal processor determines that the at least two keys to be verified are inconsistent, it means that the multiple communication channels between the vehicle-mounted communication device and the terminal communication device are relatively unsafe, because hackers may invade the communication channel and tamper with the packet data. At this time, the present invention can immediately change the connection status of the at least two communication channels, thereby avoiding data transmission under the suspicion of unsafe communication channels, ensuring communication security.

一般而言,自動駕駛車輛可透過無線通訊技術連線至一終端,該終端可為路側單元(Road Side Unit, RSU)或後台資訊站,另對於由多部自動駕駛車輛組成的車隊來說,該終端亦可為另一部自動駕駛車輛。該自動駕駛車輛可從該終端接收資料並據以進行自動駕駛決策,例如車速控制(定速、加速、減速、煞車)、路線控制(如:直行、轉彎、超車、路邊停靠)及變換車隊隊形…等,但不以此為限。Generally speaking, an autonomous vehicle can be connected to a terminal via wireless communication technology, which can be a road side unit (RSU) or a background information station. For a convoy consisting of multiple autonomous vehicles, the terminal can also be another autonomous vehicle. The autonomous vehicle can receive data from the terminal and make autonomous driving decisions based on it, such as speed control (constant speed, acceleration, deceleration, braking), route control (such as: straight, turning, overtaking, roadside parking) and changing the convoy formation, etc., but not limited to this.

請參考圖1,本發明自動駕駛車輛通訊安全系統的實施例包含一車載通訊裝置10與一終端通訊裝置20。該車載通訊裝置10供設置在一自動駕駛車輛,可理解的是,該自動駕駛車輛可具有衛星定位功能(GPS)、慣性量測功能(Inertial measurement)與行車影像記錄功能...等,其中,該自動駕駛車輛可為車隊中的其中之一車輛,或可為非車隊的一獨立車輛。該終端通訊裝置20供設置在一終端,而與該車載通訊裝置10分離設置,如前所述,該終端可為另一部自動駕駛車輛、路側單元或後台資訊站。Please refer to FIG1 , an embodiment of the autonomous vehicle communication safety system of the present invention includes a vehicle communication device 10 and a terminal communication device 20. The vehicle communication device 10 is provided in an autonomous vehicle. It is understood that the autonomous vehicle may have a satellite positioning function (GPS), an inertial measurement function, and a driving image recording function, etc., wherein the autonomous vehicle may be one of the vehicles in a convoy, or may be an independent vehicle outside the convoy. The terminal communication device 20 is provided at a terminal and is separated from the vehicle-mounted communication device 10. As mentioned above, the terminal may be another autonomous vehicle, a roadside unit or a background information station.

該車載通訊裝置10包含至少一車載處理器11與電性連接所述車載處理器11的複數車載通訊介面12,也就是說,該車載通訊裝置10可包含一個或多個車載處理器11,且該多個車載處理器11可應用於分散式網路管理,為便於說明,本發明以一個車載處理器11為例,但不以此為限。該車載處理器11為處理器晶片,該車載處理器11可透過該自動駕駛車輛的一車載診斷系統(例如OBD-II)及/或一控制器區域網路匯流排(CAN Bus)接收一車輛資訊,該車輛資訊可包含識別碼(Identification, ID)、車身編號(Vehicle Identification Number, VIN)、自動駕駛作業系統的系統時間、車輛座標(例如GPS座標)、加減速資訊(例如可包含油門開度信號、速度控制信號及/或煞車信號)、行車影像、路況與車速中的至少一者,另一方面,該車載處理器11亦從自動駕駛作業系統取得一系統編碼與一登錄碼,該登錄碼代表使用數位鑰匙或遙控器啟動該自動駕駛車輛的使用者身份。該複數車載通訊介面12分別為無線通訊介面且可包含行動通訊介面與短距離無線通訊介面,該複數車載通訊介面12的類型(例如所使用的通訊協定)彼此不同。The vehicle communication device 10 includes at least one vehicle processor 11 and a plurality of vehicle communication interfaces 12 electrically connected to the vehicle processor 11. That is, the vehicle communication device 10 may include one or more vehicle processors 11, and the plurality of vehicle processors 11 may be applied to distributed network management. For the convenience of explanation, the present invention takes one vehicle processor 11 as an example, but is not limited thereto. The vehicle processor 11 is a processor chip. The vehicle processor 11 may receive vehicle information through a vehicle diagnostic system (such as OBD-II) and/or a controller area network bus (CAN Bus) of the autonomous vehicle. The vehicle information may include an identification code (ID), a vehicle identification number (Vehicle Identification Number, VIN), system time of the automatic driving system, vehicle coordinates (such as GPS coordinates), acceleration and deceleration information (such as throttle opening signal, speed control signal and/or brake signal), driving image, road condition and at least one of vehicle speed. On the other hand, the vehicle processor 11 also obtains a system code and a login code from the automatic driving system, and the login code represents the identity of the user who uses a digital key or a remote control to start the automatic driving vehicle. The multiple vehicle communication interfaces 12 are wireless communication interfaces and can include a mobile communication interface and a short-range wireless communication interface. The types of the multiple vehicle communication interfaces 12 (such as the communication protocols used) are different from each other.

該終端通訊裝置20包含至少一終端處理器21與電性連接所述終端處理器21的複數終端通訊介面22,也就是說,該終端通訊裝置20可包含一個或多個終端處理器21,且該多個終端處理器21可應用於分散式網路管理,為便於說明,本發明以一個終端處理器21為例,但不以此為限。該終端處理器21為處理器晶片,該複數終端通訊介面22分別為無線通訊介面,該複數終端通訊介面22中的至少兩者的類型對應於該複數車載通訊介面12中的至少兩者的類型,或於其他實施例中,該複數車載通訊介面12與該複數終端通訊介面22亦可完全對應。The terminal communication device 20 includes at least one terminal processor 21 and a plurality of terminal communication interfaces 22 electrically connected to the terminal processor 21. That is, the terminal communication device 20 may include one or more terminal processors 21, and the plurality of terminal processors 21 may be applied to distributed network management. For ease of explanation, the present invention takes one terminal processor 21 as an example, but is not limited thereto. The terminal processor 21 is a processor chip, and the plurality of terminal communication interfaces 22 are wireless communication interfaces respectively. The types of at least two of the plurality of terminal communication interfaces 22 correspond to the types of at least two of the plurality of vehicle communication interfaces 12, or in other embodiments, the plurality of vehicle communication interfaces 12 and the plurality of terminal communication interfaces 22 may also completely correspond.

舉例而言,該複數車載通訊介面12和該複數終端通訊介面22可包含5G(5th Generation, 第五代)行動通訊介面、4G(4th Generation, 第四代)行動通訊介面、C-V2X(Cellular Vehicle-to-Everything, 蜂巢式車聯網)通訊介面、Wi-Fi通訊介面、BLE(藍牙低耗功)通訊介面及次世代(Next Generation)通訊介面中的至少兩者,本發明不以前述例舉的通訊介面為限。請參考圖2所示的範例,該複數車載通訊介面12可包含5G行動通訊介面、4G行動通訊介面、C-V2X通訊介面、Wi-Fi通訊介面與BLE通訊介面;該複數終端通訊介面22可包含5G行動通訊介面、C-V2X通訊介面和Wi-Fi通訊介面。For example, the plurality of vehicle communication interfaces 12 and the plurality of terminal communication interfaces 22 may include at least two of a 5G (5th Generation) mobile communication interface, a 4G (4th Generation) mobile communication interface, a C-V2X (Cellular Vehicle-to-Everything) communication interface, a Wi-Fi communication interface, a BLE (Bluetooth Low Energy) communication interface, and a next generation communication interface. The present invention is not limited to the aforementioned communication interfaces. Please refer to the example shown in Figure 2, the multiple vehicle communication interfaces 12 may include a 5G mobile communication interface, a 4G mobile communication interface, a C-V2X communication interface, a Wi-Fi communication interface and a BLE communication interface; the multiple terminal communication interfaces 22 may include a 5G mobile communication interface, a C-V2X communication interface and a Wi-Fi communication interface.

藉此,當設置在該自動駕駛車輛的車載通訊裝置10與設置在該終端的終端通訊裝置20進入彼此的通訊範圍,雙方即可進行一交握流程(handshake),交握完成後,該複數終端通訊介面22即可分別連線該複數車載通訊介面12以進行雙向資料傳輸。以下說明本發明在該車載通訊裝置10與該終端通訊裝置20之間實施通訊安全的實施例。Thus, when the vehicle-mounted communication device 10 installed in the autonomous vehicle and the terminal communication device 20 installed in the terminal enter into each other's communication range, both parties can perform a handshake process. After the handshake is completed, the plurality of terminal communication interfaces 22 can be respectively connected to the plurality of vehicle-mounted communication interfaces 12 to perform two-way data transmission. The following describes an embodiment of the present invention for implementing communication security between the vehicle-mounted communication device 10 and the terminal communication device 20.

如前所述,該複數終端通訊介面22中的至少兩者的類型對應於該複數車載通訊介面12中的至少兩者的類型,故該複數終端通訊介面22中的至少兩者與該複數車載通訊介面12中的至少兩者建立至少兩通訊通道CH,使該車載處理器11與該終端處理器21之間能透過該至少兩通訊通道CH彼此交換封包,以前述例舉的通訊介面為例,該至少兩通訊通道CH可包含5G通訊通道、4G通訊通道、C-V2X通訊通道、Wi-Fi通訊通道、BLE通訊通道和次世代通訊通道中的至少兩者。另以圖2為例,該車載通訊裝置10與該終端通訊裝置20之間所建立的通訊通道可包含5G通訊通道CH1、C-V2X通訊通道CH2與Wi-Fi通訊通道CH3,該車載處理器11與該終端處理器21之間可同時透過該5G通訊通道CH1、該C-V2X通訊通道CH2與該Wi-Fi通訊通道CH3交換封包。As mentioned above, the types of at least two of the plurality of terminal communication interfaces 22 correspond to the types of at least two of the plurality of vehicle communication interfaces 12, so at least two of the plurality of terminal communication interfaces 22 establish at least two communication channels CH with at least two of the plurality of vehicle communication interfaces 12, so that the vehicle processor 11 and the terminal processor 21 can exchange packets with each other through the at least two communication channels CH. Taking the aforementioned communication interface as an example, the at least two communication channels CH may include at least two of a 5G communication channel, a 4G communication channel, a C-V2X communication channel, a Wi-Fi communication channel, a BLE communication channel, and a next-generation communication channel. Taking Figure 2 as an example, the communication channel established between the vehicle communication device 10 and the terminal communication device 20 may include a 5G communication channel CH1, a C-V2X communication channel CH2, and a Wi-Fi communication channel CH3. The vehicle processor 11 and the terminal processor 21 may exchange packets through the 5G communication channel CH1, the C-V2X communication channel CH2, and the Wi-Fi communication channel CH3 at the same time.

請參考圖3,該車載處理器11根據該自動駕駛車輛的至少一本車資訊30透過一編碼演算法(Key Generator Algorithm)產生一金鑰31,所述本車資訊30包含如前所述的車輛資訊、系統編碼與登錄碼,其中,該編碼演算法為所屬技術領域中的通常知識,簡言之,舉例來說,所述本車資訊30的資料格式可為數字、英文字碼或代碼所構成的編碼,亦即所述本車資訊30的中的車輛資訊、系統編碼與登錄碼是可被該車載處理器11存取的編碼,該車載處理器11執行該編碼演算法時,可根據所述本車資訊30的編碼為基礎進行重新編碼,例如在所述本車資訊30的編碼中插入隨機亂數,進而產生該金鑰31。3, the vehicle processor 11 uses a coding algorithm (Key Generator) according to at least one vehicle information 30 of the autonomous vehicle. The vehicle information 30 includes the vehicle information, system code and registration code as mentioned above, wherein the coding algorithm is common knowledge in the relevant technical field. In short, for example, the data format of the vehicle information 30 can be a code composed of numbers, English codes or codes, that is, the vehicle information, system code and registration code in the vehicle information 30 are codes that can be accessed by the vehicle processor 11. When the vehicle processor 11 executes the coding algorithm, it can re-encode based on the code of the vehicle information 30, for example, inserting random numbers into the code of the vehicle information 30 to generate the key 31.

於所述本車資訊30中,該車輛資訊反映該車輛當下即時行車狀態,故可理解的是,該自動駕駛車輛與其他車輛在同一時間幾乎不會有完全相同的車輛資訊,且在該自動駕駛車輛行駛的過程中,其車輛資訊(例如車輛座標、車速...等)是隨時間變化的,故該自動駕駛車輛在不同時間點的車輛資訊也不完全相同,再者,該系統編碼與該登錄碼皆具備唯一性,故整體來看,從所述本車資訊30演算而來的該金鑰31確實為獨一無二的金鑰,該金鑰31無法被直接仿製。In the vehicle information 30, the vehicle information reflects the current real-time driving status of the vehicle, so it is understandable that the automatic driving vehicle and other vehicles will hardly have exactly the same vehicle information at the same time, and during the driving process of the automatic driving vehicle, its vehicle information (such as vehicle coordinates, vehicle speed, etc.) changes with time, so the vehicle information of the automatic driving vehicle at different time points is not exactly the same. Furthermore, the system code and the registration code are both unique, so overall, the key 31 calculated from the vehicle information 30 is indeed a unique key, and the key 31 cannot be directly copied.

該車載處理器11產生該金鑰31後,將該金鑰31儲存於一資料封包(以下簡稱為一封包),如此一來,該金鑰31可確保該封包來自於特定的該自動駕駛車輛的車載通訊裝置10。請參考圖4,該封包40的訊息框(即:資料格式)可包含一開始符號401、一序號402、一時間403、該金鑰31、該車輛資訊404、一檢查碼405與一結束符號406,該開始符號401和該結束符號406用以定義該封包40的完整性,該序號402與該時間403能提供該封包40發送的時序資訊,該檢查碼405可為但不限於循環冗餘校驗碼(Cyclic Redundancy Check, CRC)或曼徹斯特碼(Manchester)。其中,該金鑰31的儲存位置可預設在於該開始符號401與該結束符號406之間的任何位置,只要在建構本發明的系統時,將該車載處理器11與該終端處理器21設置為處理相同的封包資料格式即可,也就是說,該車載處理器11將該金鑰31儲存在該封包40中的特定位置,該終端處理器21能從該封包40中的一特定位置讀取該金鑰31,例如圖4所示的封包40中,該金鑰31的特定位置位於該時間403與該車輛資訊404之間。After the vehicle-mounted processor 11 generates the key 31, it stores the key 31 in a data packet (hereinafter referred to as a packet). In this way, the key 31 can ensure that the packet comes from the specific vehicle-mounted communication device 10 of the autonomous vehicle. Please refer to Figure 4. The message frame (i.e., data format) of the packet 40 may include a start symbol 401, a sequence number 402, a time 403, the key 31, the vehicle information 404, a check code 405 and an end symbol 406. The start symbol 401 and the end symbol 406 are used to define the integrity of the packet 40. The sequence number 402 and the time 403 can provide timing information for the transmission of the packet 40. The check code 405 may be, but is not limited to, a cyclic redundancy check code (CRC) or a Manchester code. The storage location of the key 31 can be preset at any location between the start symbol 401 and the end symbol 406, as long as the on-board processor 11 and the terminal processor 21 are set to process the same packet data format when constructing the system of the present invention. In other words, the on-board processor 11 stores the key 31 at a specific location in the packet 40, and the terminal processor 21 can read the key 31 from a specific location in the packet 40. For example, in the packet 40 shown in FIG. 4 , the specific location of the key 31 is between the time 403 and the vehicle information 404.

該車載處理器11產生該封包40後,請參考圖5,對該封包40進行加密與壓縮而產生一被加密與被壓縮的封包40’,再透過與該終端通訊裝置20連線的每個車載通訊介面12對外傳輸該被加密與被壓縮的封包40’;故以圖2所示的實施例為例,該車載處理器11分別透過該5G通訊通道CH1、該C-V2X通訊通道CH2和該Wi-Fi通訊通道CH3傳輸該被加密與被壓縮的封包40’給該終端通訊裝置20中對應的終端通訊介面22。需說明的是,該封包40的加密手段與壓縮手段為所屬技術領域的通常知識,舉例而言,所述加密手段可採用對稱加密(Symmetric-key algorithm)、進階加密標準(Advanced Encryption Standard, AES)或序列加密(Stream cipher),但不以此為限;所述壓縮手段可採用非破壞性資料壓縮(Lossless compression)的算數編碼(Arithmetic Coding)或霍夫曼編碼(Huffman Coding),但不以此為限。After the vehicle-mounted processor 11 generates the packet 40, please refer to Figure 5, the packet 40 is encrypted and compressed to generate an encrypted and compressed packet 40', and then the encrypted and compressed packet 40' is transmitted to the outside through each vehicle-mounted communication interface 12 connected to the terminal communication device 20; therefore, taking the embodiment shown in Figure 2 as an example, the vehicle-mounted processor 11 transmits the encrypted and compressed packet 40' to the corresponding terminal communication interface 22 in the terminal communication device 20 through the 5G communication channel CH1, the C-V2X communication channel CH2 and the Wi-Fi communication channel CH3 respectively. It should be noted that the encryption means and compression means of the packet 40 are common knowledge in the relevant technical fields. For example, the encryption means may adopt symmetric-key algorithm, Advanced Encryption Standard (AES) or stream cipher, but not limited thereto; the compression means may adopt non-destructive data compression (lossless compression) arithmetic coding (Arithmetic Coding) or Huffman Coding (Huffman Coding), but not limited thereto.

本發明中,請參考圖5,該終端處理器21從各該終端通訊介面22接收該被加密與被壓縮的封包40’後,解壓縮和解密該被加密與被壓縮的封包40’而成為一待驗證封包41,正常來說,該待驗證封包41的內容等同於該封包40的內容,換言之,該終端處理器21是將各該被加密與被壓縮的封包40’進行解壓縮和解密後還原為該封包40。可理解的是,在建構本發明的系統時,將該終端處理器21所實施的解壓縮和解密手段設置為對應於該車載處理器11所實施的所述加密與壓縮手段,使該終端處理器21可將各該被加密與被壓縮的封包40’還原為該封包40。In the present invention, please refer to Figure 5. After the terminal processor 21 receives the encrypted and compressed packet 40' from each terminal communication interface 22, it decompresses and decrypts the encrypted and compressed packet 40' to form a packet 41 to be verified. Normally, the content of the packet 41 to be verified is equivalent to the content of the packet 40. In other words, the terminal processor 21 decompresses and decrypts each encrypted and compressed packet 40' and restores it to the packet 40. It is understandable that when constructing the system of the present invention, the decompression and decryption means implemented by the terminal processor 21 are set to correspond to the encryption and compression means implemented by the vehicle-mounted processor 11, so that the terminal processor 21 can restore each encrypted and compressed packet 40' to the packet 40.

整體來看,該終端處理器21從該複數終端通訊介面22分別接收複數被加密與被壓縮的封包40’,並分別解壓縮和解密該複數被加密與被壓縮的封包40’而得到複數待驗證封包41,再讀取各該待驗證封包41中該特定位置的資料以作為一待驗證金鑰,故一個待驗證金鑰可對應至一個通訊通道CH。In general, the terminal processor 21 receives a plurality of encrypted and compressed packets 40' from the plurality of terminal communication interfaces 22, respectively, and decompresses and decrypts the plurality of encrypted and compressed packets 40' to obtain a plurality of packets to be verified 41, and then reads the data at the specific position in each of the packets to be verified 41 as a key to be verified, so one key to be verified can correspond to one communication channel CH.

該終端處理器21判斷從該至少兩通訊通道CH接收的該複數待驗證金鑰是否一致,以根據判斷結果控制該至少兩通訊通道CH的連線狀態。以圖2所示的實施例為例,並配合參考圖6,該終端處理器21可得到一第一待驗證金鑰P1、一第二待驗證金鑰P2以及一第三待驗證金鑰P3(步驟S01),其中,該第一待驗證金鑰P1來自從該5G通訊通道CH1(5G行動通訊介面)接收的被加密與被壓縮的封包40’,該第二待驗證金鑰P2來自從該C-V2X通訊通道CH2(C-V2X通訊介面)接收的被加密與被壓縮的封包40’,該第三待驗證金鑰P3來自從該Wi-Fi通訊通道CH3(Wi-Fi通訊介面)接收的被加密與被壓縮的封包40’。The terminal processor 21 determines whether the plurality of keys to be verified received from the at least two communication channels CH are consistent, so as to control the connection status of the at least two communication channels CH according to the determination result. Taking the embodiment shown in FIG. 2 as an example, and referring to FIG. 6 , the terminal processor 21 can obtain a first key to be verified P1, a second key to be verified P2, and a third key to be verified P3 (step S01), wherein the first key to be verified P1 comes from the encrypted and compressed packet 40' received from the 5G communication channel CH1 (5G mobile communication interface), the second key to be verified P2 comes from the encrypted and compressed packet 40' received from the C-V2X communication channel CH2 (C-V2X communication interface), and the third key to be verified P3 comes from the encrypted and compressed packet 40' received from the Wi-Fi communication channel CH3 (Wi-Fi communication interface).

然後,該終端處理器21判斷該第一待驗證金鑰P1、該第二待驗證金鑰P2和該第三待驗證金鑰P3是否彼此一致(步驟S02),若是,代表該車載通訊裝置10和該終端通訊裝置20之間的通訊通道是安全的,該終端處理器21可維持目前該複數終端通訊介面22和該複數車載通訊介面12的連線狀態(步驟S03)。Then, the terminal processor 21 determines whether the first key to be verified P1, the second key to be verified P2 and the third key to be verified P3 are consistent with each other (step S02). If so, it means that the communication channel between the vehicle communication device 10 and the terminal communication device 20 is secure, and the terminal processor 21 can maintain the current connection status of the multiple terminal communication interfaces 22 and the multiple vehicle communication interfaces 12 (step S03).

相反的,當該終端處理器21判斷該第一待驗證金鑰P1、該第二待驗證金鑰P2和該第三待驗證金鑰P3不一致,代表從該車載通訊裝置10傳送到該終端通訊裝置20的任一資料封包已被竄改,導致該車載通訊裝置10和該終端通訊裝置20之間的通訊通道是不安全的,此時,該終端處理器21可改變目前該至少兩通訊通道CH的連線狀態(步驟S04),例如先中斷目前該複數終端通訊介面22和該複數車載通訊介面12之間的連線,並等待一預設時間後重新交握及建立連線。On the contrary, when the terminal processor 21 determines that the first key to be verified P1, the second key to be verified P2 and the third key to be verified P3 are inconsistent, it means that any data packet transmitted from the vehicle communication device 10 to the terminal communication device 20 has been tampered with, resulting in that the communication channel between the vehicle communication device 10 and the terminal communication device 20 is insecure. At this time, the terminal processor 21 can change the current connection status of the at least two communication channels CH (step S04), for example, first disconnecting the current connection between the plurality of terminal communication interfaces 22 and the plurality of vehicle communication interfaces 12, and waiting for a preset time before re-handshaking and re-establishing the connection.

本發明中,該車載處理器11可並非總是透過該至少兩通訊通道CH對外傳輸加密與壓縮後的該封包40,對應的,該終端處理器21也並非總是從該至少兩通訊通道CH接收該複數被加密與被壓縮的封包40’,以及對其進行解壓縮、解密與驗證,故可相對節省該車載處理器11與該終端處理器21的運算資源,並提升驗證效率,說明如下。In the present invention, the vehicle-mounted processor 11 may not always transmit the encrypted and compressed packet 40 to the outside through the at least two communication channels CH. Correspondingly, the terminal processor 21 may not always receive the multiple encrypted and compressed packets 40' from the at least two communication channels CH and decompress, decrypt and verify them. Therefore, the computing resources of the vehicle-mounted processor 11 and the terminal processor 21 can be relatively saved and the verification efficiency can be improved, as explained below.

如前所述,圖1所示該複數終端通訊介面22分別連線該複數車載通訊介面12而建立至少兩通訊通道CH,該車載控制器11可從該至少兩通訊通道CH中預設一者作為一主要通訊通道,其他通訊通道CH則作為備用通訊通道。以圖2為例,一般而言,因為5G行動通訊的資料傳輸速度最快,故可預設該5G通訊通道CH1為該主要通訊通道,該C-V2X通訊通道CH2和該Wi-Fi通訊通道CH3分別為備用通訊通道。As mentioned above, the plurality of terminal communication interfaces 22 shown in FIG1 are respectively connected to the plurality of vehicle communication interfaces 12 to establish at least two communication channels CH, and the vehicle controller 11 can preset one of the at least two communication channels CH as a main communication channel, and the other communication channels CH as backup communication channels. Taking FIG2 as an example, generally speaking, because the data transmission speed of 5G mobile communication is the fastest, the 5G communication channel CH1 can be preset as the main communication channel, and the C-V2X communication channel CH2 and the Wi-Fi communication channel CH3 can be respectively used as backup communication channels.

在該自動駕駛車輛實際運行時,該車載通訊裝置10與該終端通訊裝置20的連線狀態係僅透過該主要通訊通道傳輸該被加密與被壓縮的封包40’,各該備用通訊通道為閒置狀態而沒有傳送資料封包,故如圖7A所示該主要通訊通道的資料傳輸狀態,其方波波峰50代表該被加密與被壓縮的封包40’在該主要通訊通道中被傳輸的狀態,相鄰方波波峰50之間定義有一間隔時間t0。When the autonomous vehicle is actually running, the connection status between the vehicle communication device 10 and the terminal communication device 20 is to transmit the encrypted and compressed packet 40' only through the main communication channel, and each of the backup communication channels is in an idle state without transmitting data packets. Therefore, as shown in FIG. 7A , the data transmission status of the main communication channel, the square wave peak 50 represents the state of the encrypted and compressed packet 40' being transmitted in the main communication channel, and an interval time t0 is defined between adjacent square wave peaks 50.

於一實施例中,該車載處理器11可於一隨機時間同時透過該至少兩通訊通道CH對外傳輸加密與壓縮後的該封包40,也就是說,該車載處理器11於該隨機時間同時透過該主要通訊通道和各該備用通訊通道傳輸該被加密與被壓縮的封包40’,藉此,使該終端處理器21對應地於該隨機時間分別從該至少兩通訊通道CH接收該複數被加密與被壓縮的封包40’,以對其進行解壓縮、解密與驗證。如圖7B所示該備用通訊通道的資料傳輸狀態,其方波波峰51代表該被加密與被壓縮的封包40’在各該備用通訊通道中被傳輸的狀態,其相鄰方波波峰51之間的隨機時間t1、t2、t3彼此不同,且各該隨機時間t1、t2、t3大於圖7A所示的各該間隔時間t0。In one embodiment, the on-board processor 11 can transmit the encrypted and compressed packet 40 to the outside through the at least two communication channels CH at a random time. That is, the on-board processor 11 transmits the encrypted and compressed packet 40' through the main communication channel and each of the backup communication channels at the random time, thereby allowing the terminal processor 21 to correspondingly receive the multiple encrypted and compressed packets 40' from the at least two communication channels CH at the random time to decompress, decrypt and verify them. As shown in FIG. 7B , the data transmission status of the backup communication channel, the square wave peak 51 represents the status of the encrypted and compressed packet 40' being transmitted in each of the backup communication channels, and the random times t1, t2, and t3 between adjacent square wave peaks 51 are different from each other, and each of the random times t1, t2, and t3 is greater than the interval time t0 shown in FIG. 7A .

於另一實施例中,該車載處理器11可於一預設時間透過該至少兩通訊通道CH同時對外傳輸加密與壓縮後的該封包40,也就是說,該車載處理器11於該預設時間同時透過該主要通訊通道和各該備用通訊通道傳輸該被加密與被壓縮的封包40’,藉此,使該終端處理器21對應地於該預設時間分別從該至少兩通訊通道CH接收該複數被加密與被壓縮的封包40’,以對其進行解壓縮、解密與驗證。如圖7C所示該備用通訊通道的資料傳輸狀態,其方波波峰52代表該被加密與被壓縮的封包40’在各該備用通訊通道中被傳輸的狀態,其相鄰方波波峰52之間的預設時間T彼此相同,且該預設時間T大於圖7A所示的各該間隔時間t0。In another embodiment, the on-board processor 11 may simultaneously transmit the encrypted and compressed packet 40 to the outside through the at least two communication channels CH at a preset time. That is, the on-board processor 11 simultaneously transmits the encrypted and compressed packet 40' through the main communication channel and each of the backup communication channels at the preset time, thereby enabling the terminal processor 21 to correspondingly receive the multiple encrypted and compressed packets 40' from the at least two communication channels CH at the preset time to decompress, decrypt and verify them. As shown in FIG. 7C , the data transmission status of the backup communication channel, the square wave peak 52 represents the status of the encrypted and compressed packet 40′ being transmitted in each of the backup communication channels, and the preset time T between adjacent square wave peaks 52 are the same, and the preset time T is greater than the interval time t0 shown in FIG. 7A .

因為圖7B所示的隨機時間t1、t2、t3以及圖7C所示的預設時間T皆大於圖7A所示的各該間隔時間t0,代表該車載處理器11為間歇式的透過該至少兩通訊通道CH同時對外傳輸加密與壓縮後的該封包40,該終端處理器21也為間歇式的從該至少兩通訊通道CH接收該複數被加密與被壓縮的封包40’,以及對其進行解壓縮、解密與驗證,故可相對節省該車載處理器11與該終端處理器21的運算資源,並提升驗證效率。Because the random times t1, t2, t3 shown in FIG. 7B and the default time T shown in FIG. 7C are all greater than the interval times t0 shown in FIG. 7A , it means that the vehicle-mounted processor 11 transmits the encrypted and compressed packet 40 to the outside through the at least two communication channels CH at the same time in an intermittent manner, and the terminal processor 21 also receives the multiple encrypted and compressed packets 40' from the at least two communication channels CH in an intermittent manner, and decompresses, decrypts and verifies them, thereby relatively saving the computing resources of the vehicle-mounted processor 11 and the terminal processor 21 and improving the verification efficiency.

綜上所述,為確保自動駕駛車輛和終端之間的通訊安全,本發明由該車載處理器11產生獨一無二的該金鑰31,並將該金鑰31儲存於該封包40,根據該車載通訊裝置10和該終端通訊裝置20之間的協同運作(已如前所述),當該終端處理器21判斷出該至少兩待驗證金鑰不一致時,代表該車載通訊裝置10和該終端通訊裝置20之間的該至少兩通訊通道CH可能被駭客入侵並竄改封包資料,故本發明可立即改變該至少兩通訊通道CH的連線狀態,藉此避免在通訊通道CH不安全的疑慮下傳輸資料,確保通訊安全。In summary, in order to ensure the communication security between the autonomous vehicle and the terminal, the present invention generates a unique key 31 by the vehicle processor 11 and stores the key 31 in the packet 40. According to the cooperative operation between the vehicle communication device 10 and the terminal communication device 20 (as described above), when the terminal processor 21 determines that the at least two keys to be verified are inconsistent, it means that the at least two communication channels CH between the vehicle communication device 10 and the terminal communication device 20 may be hacked and the packet data may be tampered with. Therefore, the present invention can immediately change the connection status of the at least two communication channels CH, thereby avoiding data transmission under the suspicion that the communication channel CH is insecure, thereby ensuring communication security.

此外,該封包40中的檢查碼405以及該車載處理器11對該封包40所實施的加密與壓縮也都是保護資料安全的環節,其中,該終端處理器21根據該檢查碼405可初步判斷該封包40的資料訊息是否正確,若該檢查碼405發生錯誤,該終端處理器21可立即判斷該封包40是有異常的封包,並可對應控制該至少兩通訊通道CH的連線狀態;另一方面,該封包40經過壓縮後除了可減輕傳輸時的負擔,壓縮同樣也是加密的環節之一,故整體來看,本發明對該封包40實施的加密與壓縮,相當於對該封包40實施複合式加密,加強保護封包安全性。In addition, the checksum 405 in the packet 40 and the encryption and compression performed by the onboard processor 11 on the packet 40 are also steps to protect data security. The terminal processor 21 can preliminarily determine whether the data message of the packet 40 is correct based on the checksum 405. If the checksum 405 is wrong, the terminal processor 21 can immediately determine whether the packet 40 is correct. 40 is an abnormal packet, and can control the connection status of the at least two communication channels CH accordingly; on the other hand, the packet 40 can not only reduce the burden of transmission after compression, but compression is also one of the encryption links. Therefore, overall, the encryption and compression implemented by the present invention on the packet 40 is equivalent to implementing composite encryption on the packet 40 to enhance the security of the protection packet.

10:車載通訊裝置 11:車載處理器 12:車載通訊介面 20:終端通訊裝置 21:終端處理器 22:終端通訊介面 30:本車資訊 31:金鑰 40:封包 41:待驗證封包 40’:被加密與被壓縮的封包 401:開始符號 402:序號 403:時間 404:車輛資訊 405:檢查碼 406:結束符號 50,51,52:方波波峰 CH:通訊通道 CH1:5G通訊通道 CH2:C-V2X通訊通道 CH3:Wi-Fi通訊通道 P1:第一待驗證金鑰 P2:第二待驗證金鑰 P3:第三待驗證金鑰 t0:間隔時間 t1,t2,t3:隨機時間 T:預設時間 10: On-board communication device 11: On-board processor 12: On-board communication interface 20: Terminal communication device 21: Terminal processor 22: Terminal communication interface 30: Vehicle information 31: Key 40: Packet 41: Packet to be verified 40’: Encrypted and compressed packet 401: Start symbol 402: Sequence number 403: Time 404: Vehicle information 405: Checksum 406: End symbol 50,51,52: Square wave peak CH: Communication channel CH1: 5G communication channel CH2: C-V2X communication channel CH3: Wi-Fi communication channel P1: First key to be verified P2: Second key to be verified P3: Third key to be verified t0: Interval time t1, t2, t3: Random time T: Default time

圖1:本發明自動駕駛車輛通訊安全系統的方塊示意圖。 圖2:本發明自動駕駛車輛通訊安全系統的一實施例的方塊示意圖。 圖3:本發明中,由車載處理器根據本車資訊透過編碼演算法產生金鑰的流程示意圖。 圖4:本發明中,封包的資料格式的示意圖。 圖5:本發明中,車載處理器與終端處理器處理封包的流程示意圖。 圖6:本發明中,終端處理器判斷複數待驗證金鑰是否一致的流程示意圖。 圖7A:本發明中,車載通訊裝置與終端通訊裝置之間的主要通訊通道的資料傳輸狀態示意圖。 圖7B:本發明中,車載通訊裝置與終端通訊裝置之間的備用通訊通道的資料傳輸狀態示意圖(一)。 圖7C:本發明中,車載通訊裝置與終端通訊裝置之間的備用通訊通道的資料傳輸狀態示意圖(二)。 Figure 1: Block diagram of the autonomous vehicle communication safety system of the present invention. Figure 2: Block diagram of an embodiment of the autonomous vehicle communication safety system of the present invention. Figure 3: In the present invention, a schematic diagram of the process of generating a key by a vehicle-mounted processor through a coding algorithm based on the vehicle information. Figure 4: In the present invention, a schematic diagram of the data format of a packet. Figure 5: In the present invention, a schematic diagram of the process of processing a packet by a vehicle-mounted processor and a terminal processor. Figure 6: In the present invention, a schematic diagram of the process of a terminal processor determining whether multiple keys to be verified are consistent. Figure 7A: In the present invention, a schematic diagram of the data transmission status of the main communication channel between the vehicle-mounted communication device and the terminal communication device. Figure 7B: In the present invention, a schematic diagram of the data transmission status of the backup communication channel between the vehicle-mounted communication device and the terminal communication device (I). Figure 7C: In the present invention, a schematic diagram of the data transmission status of the backup communication channel between the vehicle-mounted communication device and the terminal communication device (II).

10:車載通訊裝置 10: In-vehicle communication device

11:車載處理器 11: On-board processor

12:車載通訊介面 12: In-vehicle communication interface

20:終端通訊裝置 20: Terminal communication device

21:終端處理器 21: Terminal Processor

22:終端通訊介面 22: Terminal communication interface

30:本車資訊 30: Vehicle information

31:金鑰 31: Key

40’:被加密與被壓縮的封包 40’: Encrypted and compressed packets

CH:通訊通道 CH: Communication channel

Claims (20)

一種自動駕駛車輛通訊安全系統,包含: 一車載通訊裝置,供設置在一自動駕駛車輛,且包含至少一車載處理器與電性連接所述車載處理器的複數車載通訊介面,所述車載處理器根據該自動駕駛車輛的至少一本車資訊產生一金鑰,將該金鑰儲存於一封包;以及 一終端通訊裝置,與該車載通訊裝置分離設置,且包含至少一終端處理器與電性連接所述終端處理器的複數終端通訊介面,該複數終端通訊介面中的至少兩者與該複數車載通訊介面中的至少兩者建立至少兩通訊通道; 其中,所述車載處理器加密與壓縮該封包後透過至少兩通訊通道對外傳輸,所述終端處理器分別從該至少兩通訊通道接收至少兩被加密與被壓縮的封包,並分別解壓縮和解密該至少兩被加密與被壓縮的封包後,得到至少兩待驗證金鑰;所述終端處理器判斷該至少兩待驗證金鑰是否一致,以控制該至少兩通訊通道的連線狀態。 An autonomous vehicle communication safety system comprises: an on-board communication device, provided in an autonomous vehicle, comprising at least one on-board processor and a plurality of on-board communication interfaces electrically connected to the on-board processor, wherein the on-board processor generates a key according to at least one vehicle information of the autonomous vehicle and stores the key in a package; and a terminal communication device, provided separately from the on-board communication device, comprising at least one terminal processor and a plurality of terminal communication interfaces electrically connected to the terminal processor, wherein at least two of the plurality of terminal communication interfaces establish at least two communication channels with at least two of the plurality of on-board communication interfaces; The vehicle-mounted processor encrypts and compresses the packet and transmits it externally through at least two communication channels. The terminal processor receives at least two encrypted and compressed packets from the at least two communication channels respectively, and decompresses and decrypts the at least two encrypted and compressed packets respectively to obtain at least two keys to be verified. The terminal processor determines whether the at least two keys to be verified are consistent to control the connection status of the at least two communication channels. 如請求項1所述之自動駕駛車輛通訊安全系統,其中,所述車載處理器於一隨機時間透過該至少兩通訊通道對外傳輸加密與壓縮後的該封包,使所述終端處理器對應地分別從該至少兩通訊通道接收該至少兩被加密與被壓縮的封包。The automatic driving vehicle communication safety system as described in claim 1, wherein the vehicle-mounted processor transmits the encrypted and compressed packet to the outside through the at least two communication channels at a random time, so that the terminal processor correspondingly receives the at least two encrypted and compressed packets from the at least two communication channels respectively. 如請求項1所述之自動駕駛車輛通訊安全系統,其中,所述車載處理器於一預設時間透過該至少兩通訊通道對外傳輸加密與壓縮後的該封包,使所述終端處理器對應地分別從該至少兩通訊通道接收該至少兩被加密與被壓縮的封包。The automatic driving vehicle communication safety system as described in claim 1, wherein the vehicle-mounted processor transmits the encrypted and compressed packet to the outside through the at least two communication channels at a preset time, so that the terminal processor correspondingly receives the at least two encrypted and compressed packets from the at least two communication channels respectively. 如請求項1至3中任一項所述之自動駕駛車輛通訊安全系統,其中,所述本車資訊包含一車輛資訊、一系統編碼與一登錄碼。An automatic driving vehicle communication safety system as described in any one of claims 1 to 3, wherein the vehicle information includes vehicle information, a system code and a registration code. 如請求項4所述之自動駕駛車輛通訊安全系統,其中,該封包的資料格式包含一開始符號、一序號、一時間、該金鑰、該車輛資訊、一檢查碼與一結束符號。An automatic driving vehicle communication safety system as described in claim 4, wherein the data format of the packet includes a start symbol, a sequence number, a time, the key, the vehicle information, a check code and an end symbol. 如請求項4所述之自動駕駛車輛通訊安全系統,其中,所述車載處理器從一自動駕駛作業系統取得該系統編碼與該登錄碼,該登錄碼代表使用一數位鑰匙或一遙控器啟動該自動駕駛車輛的使用者身份; 該車輛資訊包含識別碼、車身編號、該自動駕駛作業系統的系統時間、車輛座標、加減速資訊、行車影像、路況與車速中的至少一者。 The autonomous vehicle communication safety system as described in claim 4, wherein the vehicle processor obtains the system code and the login code from an autonomous driving operating system, the login code representing the identity of a user who uses a digital key or a remote control to start the autonomous vehicle; The vehicle information includes at least one of an identification code, a vehicle body number, the system time of the autonomous driving operating system, vehicle coordinates, acceleration and deceleration information, driving images, road conditions and vehicle speed. 如請求項5所述之自動駕駛車輛通訊安全系統,其中,該金鑰儲存在該開始符號與該結束符號之間的任何位置。An automatic driving vehicle communication safety system as described in claim 5, wherein the key is stored at any position between the start symbol and the end symbol. 如請求項1所述之自動駕駛車輛通訊安全系統,其中,該終端通訊裝置供設置在一終端,該終端為一路側單元、一後台資訊站或另一自動駕駛車輛。As described in claim 1, the autonomous vehicle communication safety system, wherein the terminal communication device is provided at a terminal, which is a sideline unit, a backend information station or another autonomous vehicle. 如請求項1所述之自動駕駛車輛通訊安全系統,其中,該複數車載通訊介面和該複數終端通訊介面包含一5G行動通訊介面、一4G行動通訊介面、一C-V2X通訊介面、一Wi-Fi通訊介面、一BLE介面及一次世代通訊介面中的至少兩者。An autonomous vehicle communication safety system as described in claim 1, wherein the plurality of vehicle communication interfaces and the plurality of terminal communication interfaces include at least two of a 5G mobile communication interface, a 4G mobile communication interface, a C-V2X communication interface, a Wi-Fi communication interface, a BLE interface, and a first-generation communication interface. 如請求項1所述之自動駕駛車輛通訊安全系統,其中,所述本車資訊是可被所述車載處理器存取的編碼。An autonomous vehicle communication safety system as described in claim 1, wherein the vehicle information is encoded and accessible by the vehicle processor. 一種自動駕駛車輛通訊安全方法,於一車載通訊裝置與一終端通訊裝置實施,該車載通訊裝置與該終端通訊裝置之間建立至少兩通訊通道,該自動駕駛車輛通訊安全方法包含: 由該車載通訊裝置的至少一車載處理器根據一自動駕駛車輛的至少一本車資訊產生一金鑰; 由所述車載處理器將該金鑰儲存於一封包,並加密與壓縮該封包後,分別透過該至少兩通訊通道對外傳輸; 由該終端通訊裝置的至少一終端處理器分別從該至少兩通訊通道接收至少兩被加密與被壓縮的封包; 由所述終端處理器分別解壓縮和解密該至少兩被加密與被壓縮的封包後,得到至少兩待驗證金鑰;以及 由所述終端處理器判斷該至少兩待驗證金鑰是否一致,以控制該至少兩通訊通道的連線狀態。 A method for communication security of an autonomous vehicle is implemented in an in-vehicle communication device and a terminal communication device, wherein at least two communication channels are established between the in-vehicle communication device and the terminal communication device, and the method for communication security of an autonomous vehicle comprises: At least one in-vehicle processor of the in-vehicle communication device generates a key according to at least one vehicle information of an autonomous vehicle; The in-vehicle processor stores the key in a packet, encrypts and compresses the packet, and transmits it to the outside through the at least two communication channels respectively; At least one terminal processor of the terminal communication device receives at least two encrypted and compressed packets from the at least two communication channels respectively; The terminal processor decompresses and decrypts the at least two encrypted and compressed packets respectively to obtain at least two keys to be verified; and the terminal processor determines whether the at least two keys to be verified are consistent to control the connection status of the at least two communication channels. 如請求項11所述之自動駕駛車輛通訊安全方法,其中,所述車載處理器於一隨機時間分別透過該至少兩通訊通道對外傳輸加密與壓縮後的該封包至該終端通訊裝置。The autonomous vehicle communication security method as described in claim 11, wherein the vehicle-mounted processor transmits the encrypted and compressed packet to the terminal communication device through the at least two communication channels at a random time. 如請求項11所述之自動駕駛車輛通訊安全方法,其中,所述車載處理器於一預設時間分別透過該至少兩通訊通道對外傳輸加密與壓縮後的該封包至該終端通訊裝置。The autonomous vehicle communication security method as described in claim 11, wherein the vehicle-mounted processor transmits the encrypted and compressed packet to the terminal communication device through the at least two communication channels at a preset time. 如請求項11至13中任一項所述之自動駕駛車輛通訊安全方法,其中,所述本車資訊包含一車輛資訊、一系統編碼與一登錄碼。An automatic driving vehicle communication security method as described in any one of claims 11 to 13, wherein the vehicle information includes vehicle information, a system code and a registration code. 如請求項14所述之自動駕駛車輛通訊安全方法,其中,該封包的資料格式包含一開始符號、一序號、一時間、該金鑰、該車輛資訊、一檢查碼與一結束符號。An autonomous vehicle communication security method as described in claim 14, wherein the data format of the packet includes a start symbol, a sequence number, a time, the key, the vehicle information, a check code and an end symbol. 如請求項14所述之自動駕駛車輛通訊安全方法,其中,所述車載處理器從一自動駕駛作業系統取得該系統編碼與該登錄碼,該登錄碼代表使用一數位鑰匙或一遙控器啟動該自動駕駛車輛的使用者身份; 該車輛資訊包含識別碼、車身編號、該自動駕駛作業系統的系統時間、車輛座標、加減速資訊、行車影像、路況與車速中的至少一者。 The autonomous vehicle communication security method as described in claim 14, wherein the vehicle processor obtains the system code and the login code from an autonomous driving operating system, the login code representing the identity of a user who uses a digital key or a remote control to start the autonomous vehicle; The vehicle information includes at least one of an identification code, a vehicle body number, the system time of the autonomous driving operating system, vehicle coordinates, acceleration and deceleration information, driving images, road conditions and vehicle speed. 如請求項15所述之自動駕駛車輛通訊安全方法,其中,該金鑰儲存在該開始符號與該結束符號之間的任何位置。An autonomous vehicle communication security method as described in claim 15, wherein the key is stored at any position between the start symbol and the end symbol. 如請求項11所述之自動駕駛車輛通訊安全方法,其中,該終端通訊裝置供設置在一終端,該終端為一路側單元、一後台資訊站或另一自動駕駛車輛。The autonomous vehicle communication safety method as described in claim 11, wherein the terminal communication device is provided at a terminal, which is a sideline unit, a backend information station or another autonomous vehicle. 如請求項11所述之自動駕駛車輛通訊安全方法,其中,該至少兩通訊通道包含一5G通訊通道、一4G通訊通道、一C-V2X通訊通道、一Wi-Fi通訊通道、一BLE通訊通道和一次世代通訊通道中的至少兩者。The autonomous vehicle communication security method as described in claim 11, wherein the at least two communication channels include at least two of a 5G communication channel, a 4G communication channel, a C-V2X communication channel, a Wi-Fi communication channel, a BLE communication channel, and a first-generation communication channel. 如請求項11所述之自動駕駛車輛通訊安全方法,其中,所述本車資訊是可被所述車載處理器存取的編碼。An autonomous vehicle communication security method as described in claim 11, wherein the vehicle information is encoded and accessible by the vehicle processor.
TW111139125A 2022-10-14 2022-10-14 Autonomous vehicle communication security system and method in which the autonomous vehicle communication security system includes a vehicle-mounted communication device and a terminal communication device TW202415569A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW111139125A TW202415569A (en) 2022-10-14 2022-10-14 Autonomous vehicle communication security system and method in which the autonomous vehicle communication security system includes a vehicle-mounted communication device and a terminal communication device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW111139125A TW202415569A (en) 2022-10-14 2022-10-14 Autonomous vehicle communication security system and method in which the autonomous vehicle communication security system includes a vehicle-mounted communication device and a terminal communication device

Publications (1)

Publication Number Publication Date
TW202415569A true TW202415569A (en) 2024-04-16

Family

ID=91622463

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111139125A TW202415569A (en) 2022-10-14 2022-10-14 Autonomous vehicle communication security system and method in which the autonomous vehicle communication security system includes a vehicle-mounted communication device and a terminal communication device

Country Status (1)

Country Link
TW (1) TW202415569A (en)

Similar Documents

Publication Publication Date Title
US10965450B2 (en) In-vehicle networking
CN112543927B (en) Equipment upgrading method and related equipment
CN108347331B (en) Method and device for safe communication between T _ Box device and ECU device in Internet of vehicles system
CN111314274B (en) Vehicle-mounted terminal and center platform bidirectional authentication method and system
EP3690643B1 (en) Vehicle-mounted device upgrading method and related device
US20220276855A1 (en) Method and apparatus for processing upgrade package of vehicle
CN109862040A (en) A kind of safety certifying method and Verification System
CN106572106B (en) Method for transmitting message between TBOX terminal and TSP platform
WO2019212403A1 (en) Method for upgrading vehicle-mounted device, and related device
WO2016134610A1 (en) Road train data authentication method and on-board terminal
CN110621014B (en) Vehicle-mounted equipment, program upgrading method thereof and server
CN110149611B (en) Identity verification method, equipment, system and computer readable medium
CN110324222A (en) A kind of vehicle CAN bus data interactive system and its exchange method
CN111818483B (en) V2V vehicle networking communication system and method based on 5G
CN112423262B (en) Motorcade key negotiation method, storage medium and vehicle
WO2021135999A1 (en) V2x communication method and device, and vehicle
JP2009531904A (en) Data transmission and reception methods, in particular secure communication between aircraft and ground station, related devices and aircraft equipped with such devices
CN113163375B (en) Air certificate issuing method and system based on NB-IoT communication module
US20190305939A1 (en) Vehicle communication system and vehicle communication method
CN110798320B (en) Vehicle information sharing method and device and vehicle-mounted equipment
TW202415569A (en) Autonomous vehicle communication security system and method in which the autonomous vehicle communication security system includes a vehicle-mounted communication device and a terminal communication device
CN114785521B (en) Authentication method, authentication device, electronic equipment and storage medium
CN117978410A (en) Communication safety system and method for automatic driving vehicle
CN114499958A (en) Control method and device, vehicle and storage medium
US20240199078A1 (en) Autonomous vehicle communication safety system and method thereof