TWI836601B - Charging control system with secure communication and method thereof - Google Patents
Charging control system with secure communication and method thereof Download PDFInfo
- Publication number
- TWI836601B TWI836601B TW111134751A TW111134751A TWI836601B TW I836601 B TWI836601 B TW I836601B TW 111134751 A TW111134751 A TW 111134751A TW 111134751 A TW111134751 A TW 111134751A TW I836601 B TWI836601 B TW I836601B
- Authority
- TW
- Taiwan
- Prior art keywords
- battery management
- management system
- charging
- charging device
- charging control
- Prior art date
Links
- 230000006854 communication Effects 0.000 title claims abstract description 99
- 238000004891 communication Methods 0.000 title claims abstract description 98
- 238000000034 method Methods 0.000 title claims abstract description 66
- 238000012544 monitoring process Methods 0.000 claims abstract description 8
- 230000004044 response Effects 0.000 claims description 30
- 238000003745 diagnosis Methods 0.000 claims description 9
- 238000012545 processing Methods 0.000 claims description 9
- 238000012795 verification Methods 0.000 abstract description 23
- 238000001514 detection method Methods 0.000 abstract 1
- 230000008569 process Effects 0.000 description 35
- 238000005516 engineering process Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 101001121408 Homo sapiens L-amino-acid oxidase Proteins 0.000 description 1
- 102100026388 L-amino-acid oxidase Human genes 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000008054 signal transmission Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02T—CLIMATE CHANGE MITIGATION TECHNOLOGIES RELATED TO TRANSPORTATION
- Y02T10/00—Road transport of goods or passengers
- Y02T10/60—Other road transportation technologies with climate change mitigation effect
- Y02T10/70—Energy storage systems for electromobility, e.g. batteries
Landscapes
- Charge And Discharge Circuits For Batteries Or The Like (AREA)
Abstract
Description
本發明係關於電動車充電控制之技術,尤指一種具安全通訊之充電控制系統及其方法。 The present invention relates to the technology of electric vehicle charging control, and in particular, to a charging control system with secure communication and a method thereof.
電動汽車(blade electric vehicle,BEV)是指以車載電源為動力,用電機馬達驅動車輛行駛,符合道路交通法規以及安全法規中各項要求的車輛。電動汽車採用車載電源為動力源,減少非可再生資源-石油的消耗,零排放無汙染,成為當今汽車工業的最大熱點。 Blade electric vehicle (BEV) refers to a vehicle that uses an onboard power source as a power source, uses an electric motor to drive the vehicle, and complies with various requirements of road traffic regulations and safety regulations. Electric vehicles use onboard power sources as a power source, reduce the consumption of non-renewable resources-oil, have zero emissions and no pollution, and have become the biggest hot spot in today's automotive industry.
隨著電動汽車的蓬勃發展,電動汽車與充電設備之間如何充電、如何通訊等技術也成為研究重點,於電動汽車之充電程序中,充電設備和電動汽車之間連結後,須先進行匹配,此過程主要為資料交換之交握(handshaking)程序,目的是讓兩邊系統透過資訊交換以確定雙方後續之訊號傳遞與操作控制。於現行技術下,充電界面和充電程序有一定的規範,業者設計充電設備之充電槍或是電動汽車之充電孔時,必須遵循特定規範,以便能與其他業者之產品進行連結,於此情況下,當充電槍插入充電孔後,在雙方之連結介面、通訊機制符合既有規範時,雙方在交握程序後即可連接,但此也衍伸出其他服務問題,舉例來說,即 便雙方完成交握,僅是表示雙方連結是符合規範,但雙方之間的通訊並無被保護,通訊過程缺乏安全性;再者,若充電設備之業者只想讓其充電設備給特定的電動汽車(已成為客戶或已付費者)充電,在既有程序下,充電槍插入充電孔且雙方符合既有規範下即可連結,並無法作身份判別,可能導致非合法(非預期)的車輛完成連結並進行充電,因而衍生服務問題;另外,若於充電程序中,想讓電動汽車與充電設備有更進一步資訊交換,也就是例如車輛狀態、電池狀態之資料交換、設定參數更新等,在缺乏安全通訊下,恐不易被實行。 With the rapid development of electric vehicles, technologies such as how electric vehicles and charging equipment are charged and how they communicate have also become research focuses. In the charging process of electric vehicles, after the charging equipment and electric vehicles are connected, they must be matched first. This process is mainly a handshaking process for data exchange. The purpose is to allow the two systems to determine the subsequent signal transmission and operation control of both parties through information exchange. Under current technology, the charging interface and charging procedure have certain specifications. When the industry designs the charging gun of the charging equipment or the charging port of the electric car, it must follow specific specifications so that it can be connected with other industry products. In this case, when the charging gun is inserted into the charging port, if the connection interface and communication mechanism of both parties meet the existing specifications, the two parties can be connected after the handshake procedure, but this also leads to other service problems. For example, even if the two parties complete the handshake, it only means that the connection between the two parties is in compliance with the specifications, but the communication between the two parties is not protected and the communication process lacks security; If the charging equipment operator only wants to allow its charging equipment to charge specific electric vehicles (who have become customers or paid), under the existing procedures, the charging gun can be connected when it is inserted into the charging port and both parties meet the existing specifications, and there is no way to identify the identity, which may lead to illegal (unexpected) vehicles completing the connection and charging, thus deriving service problems; in addition, if during the charging process, the electric vehicle and the charging equipment want to have further information exchange, that is, for example, data exchange of vehicle status, battery status, setting parameter update, etc., it may be difficult to implement without secure communication.
有鑑於此,如何提供一種電動車於充電過程中安全通訊之技術,特別是在充電之前,能確認連結者身份,讓雙方可以安全進行資訊交換,進而達到充電過程中通訊安全,甚至能衍生後續應用服務,此將成為目前本技術領域人員努力追求之目標。 In view of this, how to provide a technology for safe communication of electric vehicles during the charging process, especially before charging, to confirm the identity of the linker, so that both parties can safely exchange information, thereby achieving communication security during the charging process, and even leading to follow-up Application services will become the goal that people in this technical field strive to pursue.
為解決上述現有技術之問題,本發明提出一種電動車之安全通訊機制,特別是,在充電設備和車輛端連結後,透過憑證與詢問等過程,確認雙方是否為合法連結對象,以強化充電過程中雙方通訊安全或於通訊安全下,提供更多服務或應用。 In order to solve the above problems of the prior art, the present invention proposes a safe communication mechanism for electric vehicles. In particular, after the charging device and the vehicle are connected, the two parties are confirmed to be legally connected through the process of certification and inquiry, so as to enhance the communication security of the two parties during the charging process or provide more services or applications under the communication security.
本發明提出一種具安全通訊之充電控制系統,係設置於車輛端,用於提供該車輛端之電池管理系統與充電設備之間的通訊連結,該充電控制系統包括:憑證提供單元,係用於接收來自該電池管理系統之憑證請求,以依據該憑證請求提供憑證訊息並回傳至該電池管理系統;以及詢問處理單元,係用於接收該電池管理系統於驗證該憑證訊息為正確後所產生之詢問訊息,以利用該充 電設備端之私鑰簽署該詢問訊息後產生回應訊息並回傳至該電池管理系統,以於該電池管理系統驗證該回應訊息為正確後,確認該電池管理系統與該充電設備之間符合通訊權限,俾持續該電池管理系統與該充電設備之間的通訊連結。 The present invention proposes a charging control system with secure communication, which is installed on the vehicle side and used to provide communication links between the battery management system and charging equipment on the vehicle side. The charging control system includes: a voucher providing unit for Receive a certificate request from the battery management system to provide certificate information according to the certificate request and send it back to the battery management system; and an inquiry processing unit is used to receive the certificate information generated by the battery management system after verifying that the certificate information is correct. Inquiry message to use the recharge The private key of the electrical device signs the query message and generates a response message and sends it back to the battery management system. After the battery management system verifies that the response message is correct, it is confirmed that the communication between the battery management system and the charging device is consistent. Permission to maintain the communication link between the battery management system and the charging device.
於一實施例中,該憑證訊息係包含該充電設備端之公鑰且以該充電設備端之私鑰進行簽署所產生者。 In one embodiment, the certificate message includes the public key of the charging device and is generated by signing with the private key of the charging device.
於一實施例中,該電池管理系統係以該電池管理系統端之公鑰進行該憑證訊息之驗證。 In one embodiment, the battery management system verifies the certificate message using the public key of the battery management system.
於一實施例中,該電池管理系統係以該充電設備端之公鑰進行該回應訊息之驗證。 In one embodiment, the battery management system uses the public key of the charging device to verify the response message.
於一實施例中,於該電池管理系統與該充電設備之間符合通訊權限下,係由該電池管理系統提供該車輛端之系統狀態或電池狀態,以供該充電設備所連結之後台伺服器進行診斷或監控,或是由該後台伺服器提供新的軟體資料,以供該充電控制系統或該電池管理系統進行軟體更新。 In one embodiment, when the battery management system and the charging device meet the communication authority, the battery management system provides the system status or battery status of the vehicle end for the background server connected to the charging device to perform diagnosis or monitoring, or the background server provides new software data for the charging control system or the battery management system to perform software updates.
本發明復提出一種具安全通訊之充電控制方法,係由充電控制系統提供車輛端之電池管理系統與充電設備之間的通訊連結,該充電控制方法包括:令該電池管理系統發出憑證請求;於該充電控制系統接收該憑證請求後,依據該憑證請求提供憑證訊息並回傳至該電池管理系統;令該電池管理系統驗證該憑證訊息為正確後產生詢問訊息;於該充電控制系統接收該詢問訊息後,利用該充電設備端之私鑰簽署該詢問訊息後產生回應訊息並回傳至該電池管理系統;以及於該電池管理系統驗證該回應訊息為正確後,確認該電池管理系統與該充電設備之間符合通訊權限,俾持續該電池管理系統與該充電設備之間的通訊連結。 The present invention further proposes a charging control method with secure communication, in which a charging control system provides a communication link between a battery management system on a vehicle side and a charging device. The charging control method includes: allowing the battery management system to issue a certificate request; after the charging control system receives the certificate request, providing a certificate message according to the certificate request and returning it to the battery management system; allowing the battery management system to verify the certificate message After the charging control system receives the inquiry message, it signs the inquiry message with the private key of the charging device and generates a response message and sends it back to the battery management system; and after the battery management system verifies that the response message is correct, it confirms that the communication authority between the battery management system and the charging device is met, so as to continue the communication link between the battery management system and the charging device.
於前述方法中,該憑證訊息係包含該充電設備端之公鑰且以該充電設備端之私鑰進行簽署所產生者。 In the aforementioned method, the certificate message includes the public key of the charging device and is signed with the private key of the charging device.
於前述方法中,該電池管理系統係以該電池管理系統端之公鑰進行該憑證訊息之驗證。 In the aforementioned method, the battery management system uses the public key of the battery management system to verify the certificate message.
於前述方法中,該電池管理系統係以該充電設備端之公鑰進行該回應訊息之驗證。 In the aforementioned method, the battery management system uses the public key of the charging device to verify the response message.
於前述方法中,復包括:於該電池管理系統與該充電設備之間符合通訊權限下,由該電池管理系統提供該車輛端之系統狀態或電池狀態,以供該充電設備所連結之後台伺服器進行診斷或監控,或是由該後台伺服器提供新的軟體資料,以供該充電控制系統或該電池管理系統進行軟體更新。 In the foregoing method, it further includes: provided that the battery management system and the charging device meet the communication permissions, the battery management system provides the system status or battery status of the vehicle for backend service after the charging device is connected. The device is used for diagnosis or monitoring, or the backend server provides new software data for software updates of the charging control system or the battery management system.
綜上,本發明提出一種具安全通訊之充電控制系統及其方法,目的是在車輛端與充電設備經由充電控制系統連結時,透過檢驗憑證以及詢問之程序以確保雙方通訊安全,易言之,透過雙方的身份驗證,以確保對方為合法連接者,藉此讓電池管理系統與充電設備能保持連結及通訊,進而執行後續充電與資料交換,所謂的資料交換,是指雙方在通訊安全下作進一步的資料提供,例如車輛端將系統狀態或電池狀態提供給充電設備端,以供充電業者能進一步分析資訊,又或是,由充電業者端傳送資訊至車輛端,以進行車輛端或系統端的軟體更新或參數更新,因此,基於本發明能於充電前確認連接者身份,不僅能確保雙方通訊安全,也能執行監控、診斷或更新等更多元的服務。 In summary, the present invention proposes a charging control system and method with secure communication. The purpose is to ensure the security of communication between the two parties through the verification and inquiry procedures when the vehicle and the charging equipment are connected through the charging control system. In other words, Through the identity verification of both parties, it is ensured that the other party is a legal connector, so that the battery management system and the charging device can maintain connection and communication, and then perform subsequent charging and data exchange. The so-called data exchange refers to the two parties operating under communication security. Further data provision, for example, the vehicle side provides system status or battery status to the charging equipment side so that the charging operator can further analyze the information, or the charging operator side sends information to the vehicle side for vehicle or system side processing. Software update or parameter update, therefore, based on the present invention, the identity of the connector can be confirmed before charging, which not only ensures the security of communication between the two parties, but also can perform more diverse services such as monitoring, diagnosis or updating.
1:具安全通訊之充電控制系統 1: Charging control system with secure communication
11:憑證提供單元 11: Certificate providing unit
12:詢問處理單元 12: Inquiry processing unit
2:電池管理系統 2:Battery management system
3:充電設備 3:Charging equipment
201-209:流程 201-209: Process
-:程序 - :program
S301-S305:步驟 S301-S305: Steps
圖1為本發明之具安全通訊之充電控制系統的系統架構圖。 Figure 1 is a system architecture diagram of the charging control system with secure communication of the present invention.
圖2為本發明之具安全通訊之充電控制系統於一實施例的流程圖。 FIG. 2 is a flow chart of a charging control system with secure communication according to an embodiment of the present invention.
圖3為本發明之具安全通訊之充電控制方法的步驟圖。 Figure 3 is a step diagram of the charging control method with secure communication of the present invention.
以下藉由特定的具體實施形態說明本發明之技術內容,熟悉此技藝之人士可由本說明書所揭示之內容輕易地瞭解本發明之優點與功效。然本發明亦可藉由其他不同的具體實施形態加以施行或應用。 The following describes the technical content of the present invention through a specific concrete implementation form. People familiar with this technology can easily understand the advantages and effects of the present invention from the content disclosed in this manual. However, the present invention can also be implemented or applied through other different specific implementation forms.
現有充電設備和電動汽車雙方連結後,會進行初始化的交握程序,藉此讓雙方交換資訊後知悉彼此軟硬體規格,以便後續進行充電程序,於現行技術中,若雙方連結介面及通訊規則有符合既有規範的話,則雙方交握完成後即可執行充電程序,於此情況下,無法確保連結者是否為預期之連接者,將造成充電設備管理上的問題,因而確認對方身份變成必要,據此,本發明提出利用安全通訊的機制,透過憑證(certificate)和詢問(challenge)等流程,以確保雙方為合法連結者,藉此提供安全服務及其他應用。 After the existing charging equipment and electric vehicles are connected, they will perform an initial handshake procedure to allow the two parties to exchange information and know each other's hardware and software specifications so as to carry out the charging procedure. In the existing technology, if the connection interface and communication rules of the two parties meet the existing specifications, the charging procedure can be executed after the handshake is completed. In this case, it is impossible to ensure whether the connector is the expected connector, which will cause problems in the management of the charging equipment. Therefore, it becomes necessary to confirm the identity of the other party. Based on this, the present invention proposes to use a secure communication mechanism to ensure that the two parties are legally connected through processes such as certificates and challenges, thereby providing security services and other applications.
圖1為本發明之具安全通訊之充電控制系統的系統架構圖。如圖所示,本發明之具安全通訊之充電控制系統1可設置於車輛端,用於提供該車輛端之電池管理系統2與充電設備3之間的通訊連結,其中,該具安全通訊之充電控制系統1係包括憑證提供單元11以及詢問處理單元12。
FIG1 is a system architecture diagram of the charging control system with secure communication of the present invention. As shown in the figure, the charging control system with
憑證提供單元11用於接收來自該電池管理系統2之憑證請求,以依據該憑證請求提供憑證訊息並回傳至該電池管理系統2。簡言之,為了讓雙方確認彼此為合法連接者,車輛端之電池管理系統2會先發送憑證請求至具安全通訊
之充電控制系統1以要求憑證,而憑證提供單元11依據該憑證請求,利用充電設備3端之公鑰(public key)和私鑰(private key)以提供憑證訊息至電池管理系統2,其中,回傳至電池管理系統2之憑證訊息並未包含管理者之公鑰,於此所述之管理者即擁有電池管理系統2之車廠或車輛開發業者。
The
於一實施例中,該憑證訊息為包含該充電設備3端之公鑰且以該充電設備3端之私鑰進行簽署(sign)所產生者。具體來說,憑證提供單元11所提供之憑證訊息中是包含充電設備3端之公鑰且是利用充電設備3端之私鑰進行簽署所產生。
In one embodiment, the certificate message is generated by including the public key of the charging device 3 and signed with the private key of the charging device 3. Specifically, the certificate message provided by the
詢問處理單元12接收該電池管理系統2於驗證該憑證訊息為正確後所產生之詢問訊息,以利用該充電設備3端之私鑰簽署該詢問訊息後產生回應訊息並回傳至該電池管理系統2,以於該電池管理系統2驗證該回應訊息為正確後,確認該電池管理系統2與該充電設備3之間符合通訊權限,俾持續該電池管理系統2與該充電設備3之間的通訊連結。簡言之,電池管理系統2收到具安全通訊之充電控制系統1所回傳之憑證訊息後,會先進行驗證,若驗證成功時會產生詢問訊息,詢問處理單元12收到詢問訊息後,會利用充電設備3端之私鑰簽署該詢問訊息以產生回應訊息,該回應訊息將被回傳至電池管理系統2,於此情況下,雙方確認彼此為合法連接著,也就是雙方具備通訊權限,如此可進行後續充電或其他資訊的交換。
The
於一實施例中,該電池管理系統2係以管理者之公鑰進行該憑證訊息之驗證,其中,管理者係指擁有電池管理系統2之車廠或車輛開發業者。簡言之,電池管理系統2收到憑證訊息後,以管理者之公鑰進行驗證,若驗證成功,則進一步產生詢問訊息,若驗證失敗,則停止雙方的連結。 In one embodiment, the battery management system 2 verifies the certificate message using the public key of the administrator, where the administrator refers to the car manufacturer or vehicle developer that owns the battery management system 2 . In short, after receiving the certificate message, the battery management system 2 verifies it with the administrator's public key. If the verification is successful, it will further generate a query message. If the verification fails, the connection between the two parties will be stopped.
於一實施例中,該電池管理系統2係以該充電設備3端之公鑰進行該回應訊息之驗證。舉體來說,當電池管理系統2收到來自具安全通訊之充電控制系統1之回應訊息時,會使用充電設備3端之公鑰進行驗證,而該充電設備3端之公鑰是先前隨著憑證訊息傳送至電池管理系統2端,若驗證成功,也就是充電設備3端具有正確的私鑰,則完成雙方驗證並保持雙方的連結,亦即可以執行後續充電程序或資料交換,若驗證失敗,則停止雙方的連結。
In one embodiment, the battery management system 2 uses the public key of the charging device 3 to verify the response message. Generally speaking, when the battery management system 2 receives the response message from the charging
於另一實施例中,於該電池管理系統2與該充電設備3之間符合通訊權限下,可由該電池管理系統2提供該車輛端之系統狀態或電池狀態,以供該充電設備3所連結之後台伺服器進行診斷或監控,或是由該後台伺服器提供新的軟體資料,以供該具安全通訊之充電控制系統1或該電池管理系統2進行軟體更新。簡言之,在雙方為正確連接者下,可透過公鑰和私鑰進行加密,如此可確保雙方通訊處於安全狀態,更甚者,基於通訊已安全情況下,雙方可交換更詳細資訊。
In another embodiment, when the battery management system 2 and the charging device 3 meet the communication authority, the battery management system 2 can provide the system status or battery status of the vehicle end for the background server connected to the charging device 3 to perform diagnosis or monitoring, or the background server can provide new software data for the charging
舉例來說,車輛端可提供車輛內部系統之狀態,以由充電設備3所連結之後台伺服器(亦即為充電設備提供及管理者)進行狀態分析,透過收集大數據而推廣更多服務,例如,來充電的車輛其內部系統處於某些狀態,後台伺服器可協助判斷此狀態是否需要被告警,藉此以提供更多服務;其次,車輛端可提供其電池狀態,如此也可協助駕駛儘早知悉是否需更換電池或是電池是否安全使用;另外,若在雙方確認彼此為合法使用者,更可由後台伺服器傳送一些資訊給予車輛端或是具安全通訊之充電控制系統1,亦即,若車輛端之電池管理系統2或具安全通訊之充電控制系統1內部有參數被調整或系統程式有所更新時,可由後
台伺服器這端傳送相關參數或更新程式,以供車輛端進行參數更新、軟體更新或修正。
For example, the vehicle side can provide the status of the vehicle's internal system, so that the background server connected to the charging device 3 (that is, the charging device provider and manager) can perform status analysis, and promote more services by collecting big data. For example, if the internal system of the vehicle coming to charge is in a certain state, the background server can help determine whether this state needs to be reported, so as to provide more services; secondly, the vehicle side can provide its battery status, which can also help the driver know as soon as possible whether it needs to be replaced. In addition, if both parties confirm that each other is a legitimate user, the background server can send some information to the vehicle or the charging control system with
由上可知,本發明係於車輛端與充電設備3連結後,透過檢驗憑證以及詢問之程序以確保雙方通訊安全,以於確認彼此為合法連接者下,可進行後續充電程序。具體來說,具安全通訊之充電控制系統1除了可完成車輛端及充電設備介面端之通訊相容性及時序匹配之任務外,亦可對車輛端系統狀態進行診斷、電池包監控及利用公私鑰作加密通訊,進一步地,若充電設備3可配合進行相關的資訊整合應用,則可提供相關系統之線上診斷(例如電池管理系統2、具安全通訊之充電控制系統1(例如電動車充電用通信設備(EVCC))及充電設備3之線上診斷),並可整合線上更新等功能應用(Bootloader for OTAupdate),以藉由充電設備3對應具安全通訊之充電控制系統1進行軟體功能更新,甚至可對應車輛端之電池管理系統2等車輛系統部件進行更新。
From the above, it can be seen that the present invention ensures the security of communication between the two parties through the verification and inquiry procedures after the vehicle is connected to the charging device 3, so that subsequent charging procedures can be carried out after confirming that each other is a legal connector. Specifically, in addition to completing the tasks of communication compatibility and timing matching between the vehicle side and the charging equipment interface side, the charging
圖2為本發明之具安全通訊之充電控制系統於一實施例的流程圖。本實施例以控制器區域網路(Controller Area Network,CAN)傳輸層(Transport Layer,TP)為例,說明車輛端(例如電池)與充電設備端(例如充電樁)訊息傳遞之流程,更具體來說,左半邊是表示車輛端之電池管理系統(BMS)或電池,右半邊表示充電控制系統和充電設備,為此區分僅是功能性劃分,而非位置劃分,其中充電控制系統(例如電動車充電用通信設備(EVCC))仍是架設在車輛端。 FIG. 2 is a flow chart of a charging control system with secure communication according to an embodiment of the present invention. This embodiment uses the Transport Layer (TP) of the Controller Area Network (CAN) as an example to illustrate the message transmission process between the vehicle side (such as the battery) and the charging equipment side (such as the charging pile). More specifically, Generally speaking, the left half represents the battery management system (BMS) or battery on the vehicle side, and the right half represents the charging control system and charging equipment. This distinction is only a functional division, not a location division. The charging control system (such as electric Vehicle charging communication equipment (EVCC) is still installed on the vehicle side.
於流程201,產生憑證請求。本流程係說明車輛端之電池管理系統在充電設備連結上後,發出憑證請求,目的是要確保雙方是否為合法連結通訊者,而該憑證請求會被傳送至充電控制系統,也就是圖程序。
In
於流程202,傳送憑證訊息。本流程係說明充電控制系統收到憑證要求後,會發送憑證訊息,其中,憑證訊息會包含充電設備端之公鑰且使用
充電設備端之私鑰進行簽署,且該憑證訊息不包含管理者之公鑰,而該憑證訊息會被傳送至電池管理系統,也就是圖中程序。
In
於流程203,驗證數位憑證認證機構(Certificate Authority,CA)憑證訊息。本流程係說明充電控制系統所傳送之憑證訊息,係由驗證數位憑證認證機構依據充電設備提供之公鑰和私鑰所產生,電池管理系統收到憑證訊息後,會先進行驗證,這裡是以管理者之公鑰進行驗證,也就是擁有電池管理系統之車廠或車輛開發業者端的公鑰,若驗證成功,則進入流程204,若驗證失敗,則進入流程209,即停止雙方通訊和連結。
In
於流程204,傳送詢問訊息。本流程係於前一流程確認憑證訊息驗證成功,則產生並發出詢問訊息至充電控制系統,也就是圖中程序。
In
於流程205,簽署詢問訊息。本流程係說明充電控制系統對電池管理系統所傳送之詢問訊息進行簽署,具體地,以充電設備端之私鑰進行簽署,其中,這裡的私鑰可以與產生憑證訊息之私鑰相同,又或是在不同應用下,亦可採用與簽署憑證訊息不同的私鑰。
In
於流程206,傳送回應訊息。本流程係說明充電控制系統依據詢問訊息進行簽署而產生回應訊息後,將該回應訊息傳送至電池管理系統,也就是圖中程序。
In
於流程207,驗證回應訊息。本流程為電池管理系統收到回應訊息後,進行回應訊息之驗證,具體地,係以充電設備端之公鑰進行驗證,若驗證成功,則進入流程208,若驗證失敗,則進入流程209,即停止雙方通訊和連結。
In
於流程208,持續服務。本流程為流程207之驗證結果為成功的接續流程,亦即,若驗證到充電設備具有正確的私鑰時,即表示回應訊息之驗證成功,於此情況下,則電池管理系統與充電設備端可保持連結以便執行後續服務。
In
圖3為本發明之具安全通訊之充電控制方法的步驟圖。請同時配合參閱圖1,本實施例說明車輛端上之具安全通訊之充電控制系統1,可提供車輛端之電池管理系統2與充電設備3之間的通訊連結,並透過憑證驗證與詢問以確認對方為合法連接者。
Figure 3 is a step diagram of the charging control method with secure communication of the present invention. Please also refer to Figure 1. This embodiment illustrates a charging
於步驟S301,令電池管理系統2發出憑證請求。具體來說,當充電設備3與電池管理系統2連接時,由具安全通訊之充電控制系統1負責雙方的連結交握,但為了確保對方身份,故由電池管理系統2發出憑證請求。
In step S301, the battery management system 2 is caused to issue a certificate request. Specifically, when the charging device 3 is connected to the battery management system 2, the charging
於步驟S302,於具安全通訊之充電控制系統1接收該憑證請求後,依據該憑證請求提供憑證訊息並回傳至該電池管理系統2。於本步驟中,具安全通訊之充電控制系統1收到憑證請求後,將利用充電設備3之公鑰和私鑰產出對應之憑證訊息,並回傳至電池管理系統2,其中,該憑證訊息是包含充電設備3端之公鑰且利用充電設備3端之私鑰進行簽署。
In step S302, after the charging
於步驟S303,令該電池管理系統2驗證該憑證訊息為正確後產生詢問訊息。本步驟係說明當電池管理系統2收到憑證訊息後將對憑證訊息進行驗證,若驗證成功,則進一步產生詢問訊息。 In step S303, the battery management system 2 verifies that the certificate message is correct and then generates a query message. This step is to explain that when the battery management system 2 receives the certificate message, it will verify the certificate message. If the verification is successful, it will further generate a query message.
於步驟S304,於該具安全通訊之充電控制系統1接收該詢問訊息後,利用該充電設備3端之私鑰簽署該詢問訊息後產生回應訊息並回傳至該電池管理系統2。具體來說,具安全通訊之充電控制系統1接收來自電池管理系統2之
詢問訊息後,可使用充電設備3端之私鑰對該詢問訊息進行簽署,進而產生回應訊息並回傳至電池管理系統2。
In step S304, after the charging
於步驟S305,於該電池管理系統2驗證該回應訊息為正確後,確認該電池管理系統2與該充電設備3之間符合通訊權限,俾持續該電池管理系統2與該充電設備3之間的通訊連結。本步驟係說明,電池管理系統2收到回應訊息後並驗證該回應訊息為正確,即表示對方為合法連接者,故保持雙方之連結,以便後續可執行充電程序或是資料交換。 In step S305, after the battery management system 2 verifies that the response message is correct, it confirms that the battery management system 2 and the charging device 3 meet the communication permissions, so as to continue the communication between the battery management system 2 and the charging device 3. Communication links. This step explains that after the battery management system 2 receives the response message and verifies that the response message is correct, it means that the other party is a legal connecter, so the connection between the two parties is maintained so that the charging process or data exchange can be performed later.
於步驟S305後,表示電池管理系統2與充電設備3之間具有彼此通訊之權限,於此情況下,因為雙方通訊處於安全狀態,雙方可交換更多的資訊。舉例來說,車輛端可提供車輛內部系統狀態或電池狀態給予充電設備3所連結之後台伺服器,以由後台伺服器進行狀態分析,除了進行大數據之收集外,也可協助判斷車輛端之系統狀態或電池狀態是否正常,如此可提供除了充電以外的更多服務;另外,若雙方確認彼此為合法使用者,則後台伺服器可傳送一些資訊給予車輛端或是具安全通訊之充電控制系統1以進行參數或軟體之更新,亦即,後台伺服器若判斷車輛段系統軟體或設定參數須要更新但未更新,則可在雙方通訊安全下,由後台伺服器這端傳送相關參數或更新程式,以供車輛端進行參數、軟體之更新或修正。
After step S305, it indicates that the battery management system 2 and the charging device 3 have the authority to communicate with each other. In this case, because the communication between the two parties is in a safe state, the two parties can exchange more information. For example, the vehicle side can provide the vehicle internal system status or battery status to the background server connected to the charging device 3, so that the background server can perform status analysis. In addition to collecting big data, it can also help determine whether the vehicle side system status or battery status is normal, so that more services can be provided in addition to charging. In addition, if both parties confirm that each other is a legitimate user, the background server can send some information to the vehicle side or the charging
須說明者,本發明所述之系統、模組、單元等能由軟體、韌體或硬體組件組成,亦可透過實體電路架構來完成,例如電池管理系統與充電設備雙方連結介面為實體組件,相關電路則為實體電路架構,而憑證提供單元、詢問處理單元等單元可由軟硬體組合來完成,但不以此為限,相關電路或機構組件,於此不予贅述。 It should be noted that the system, module, unit, etc. described in the present invention can be composed of software, firmware or hardware components, and can also be implemented through a physical circuit structure. For example, the connection interface between the battery management system and the charging device is a physical component. , the relevant circuits are physical circuit structures, and the voucher providing unit, query processing unit and other units can be completed by a combination of software and hardware, but are not limited to this, and the relevant circuits or institutional components will not be described in detail here.
綜上所述,本發明之具安全通訊之充電控制系統及其方法,係於車輛端與充電設備透過充電控制系統連結時,利用檢驗憑證及詢問之程序以確保雙方通訊安全,且於雙方身份驗證後並確認對方為合法連接者下,能讓電池管理系統與充電設備能保持通訊連結,並且能執行後續充電與進一步之資料交換,而資料交換部分,可例如前述之將車輛端之系統狀態或電池狀態提供給充電設備端,藉以供充電業者能進一步分析資訊,又或是由充電設備端傳送更新資訊至車輛端,以進行車輛或系統的軟體更新或參數更新,據此,本發明不僅能確保雙方通訊安全,也執行系統狀態診斷、電池監控或軟體更新等多元服務。 To sum up, the charging control system and method with secure communication of the present invention uses the verification certificate and inquiry procedures to ensure the security of communication between the two parties when the vehicle and the charging equipment are connected through the charging control system, and the identity of both parties is guaranteed. After verification and confirmation that the other party is a legal connector, the battery management system and the charging device can maintain a communication link, and can perform subsequent charging and further data exchange. The data exchange part can, for example, transfer the vehicle system status as mentioned above. Or the battery status is provided to the charging equipment end so that the charging operator can further analyze the information, or the charging equipment end transmits update information to the vehicle end for software or parameter update of the vehicle or system. Accordingly, the present invention not only It can ensure the security of communication between both parties, and also perform multiple services such as system status diagnosis, battery monitoring or software updates.
上述實施例僅為例示性說明,而非用於限制本發明。任何熟習此項技藝之人士均可在不違背本發明之精神及範疇下,對上述實施例進行修飾與改變。因此,本發明之權利保護範圍係由本發明所附之申請專利範圍所定義,只要不影響本發明之效果及實施目的,應涵蓋於此公開技術內容中。 The above embodiments are only illustrative and not intended to limit the present invention. Anyone familiar with this technology may modify and change the above embodiments without violating the spirit and scope of the present invention. Therefore, the scope of protection of the present invention is defined by the scope of the patent application attached to the present invention. As long as it does not affect the effect and implementation purpose of the present invention, it should be covered by this public technical content.
1:具安全通訊之充電控制系統 1: Charging control system with secure communication
11:憑證提供單元 11: Voucher providing unit
12:詢問處理單元 12: Inquiry processing unit
2:電池管理系統 2:Battery management system
3:充電設備 3: Charging equipment
Claims (10)
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW111134751A TWI836601B (en) | 2022-09-14 | 2022-09-14 | Charging control system with secure communication and method thereof |
JP2022147061A JP7509444B2 (en) | 2022-09-14 | 2022-09-15 | CHARGING CONTROL SYSTEM WITH SAFE COMMUNICATION AND METHOD THEREOF |
CN202211184950.5A CN117734513A (en) | 2022-09-14 | 2022-09-27 | Charging control system with safety communication and method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW111134751A TWI836601B (en) | 2022-09-14 | 2022-09-14 | Charging control system with secure communication and method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
TW202411091A TW202411091A (en) | 2024-03-16 |
TWI836601B true TWI836601B (en) | 2024-03-21 |
Family
ID=90276331
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW111134751A TWI836601B (en) | 2022-09-14 | 2022-09-14 | Charging control system with secure communication and method thereof |
Country Status (3)
Country | Link |
---|---|
JP (1) | JP7509444B2 (en) |
CN (1) | CN117734513A (en) |
TW (1) | TWI836601B (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109484236A (en) * | 2018-11-30 | 2019-03-19 | 深圳市元征科技股份有限公司 | A kind of method, system, terminal device and the mobile unit of vehicle safety charging |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5788636B2 (en) | 2009-12-16 | 2015-10-07 | ソニー株式会社 | Electric vehicle, management device, drive management method, and charging device |
WO2013108318A1 (en) | 2012-01-17 | 2013-07-25 | パナソニック株式会社 | Unauthorized connection detection device, unauthorized connection detection system and method for detecting unauthorized connection |
JP7527131B2 (en) | 2020-02-04 | 2024-08-02 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ | Management device, management system, management method, and program |
-
2022
- 2022-09-14 TW TW111134751A patent/TWI836601B/en active
- 2022-09-15 JP JP2022147061A patent/JP7509444B2/en active Active
- 2022-09-27 CN CN202211184950.5A patent/CN117734513A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109484236A (en) * | 2018-11-30 | 2019-03-19 | 深圳市元征科技股份有限公司 | A kind of method, system, terminal device and the mobile unit of vehicle safety charging |
Also Published As
Publication number | Publication date |
---|---|
JP7509444B2 (en) | 2024-07-02 |
TW202411091A (en) | 2024-03-16 |
JP2024041680A (en) | 2024-03-27 |
CN117734513A (en) | 2024-03-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103201996B (en) | The method that radio machine motor-car is accessed is provided | |
US10355868B2 (en) | Method of providing security for controller using encryption and apparatus therefor | |
CN110324335B (en) | Automobile software upgrading method and system based on electronic mobile certificate | |
CN110891257B (en) | Internet-connected vehicle remote upgrading system and method with anti-attack bidirectional authentication | |
CN109862040A (en) | A kind of safety certifying method and Verification System | |
CN103269271B (en) | A kind of back up the method and system of private key in electronic signature token | |
CN110572418A (en) | Vehicle identity authentication method and device, computer equipment and storage medium | |
US20180270052A1 (en) | Cryptographic key distribution | |
CN111131313A (en) | Safety guarantee method and system for replacing ECU (electronic control Unit) of intelligent networked automobile | |
CN113347133B (en) | Authentication method and device of vehicle-mounted equipment | |
CN114301596A (en) | OTA (over the air) secure communication method and device for vehicle intranet, vehicle-mounted system and storage medium | |
CN113766450B (en) | Vehicle virtual key sharing method, mobile terminal, server and vehicle | |
EP4113896A1 (en) | Method and apparatus for updating certificate list | |
CN114125771A (en) | Information security control method and control system based on vehicle OTA (over the air) updating | |
CN117220895A (en) | Method and system for public key infrastructure of serviceable electronic components in a vehicle | |
CN110562197A (en) | Vehicle authorization method and vehicle authorization system | |
CN113572795A (en) | Vehicle safety communication method and system and vehicle-mounted terminal | |
TWI836601B (en) | Charging control system with secure communication and method thereof | |
CN116193436B (en) | OTA upgrade package issuing method and system for vehicle-mounted equipment | |
CN117040724A (en) | Digital key authorization method and device, electronic equipment and readable storage medium | |
JP2018006782A (en) | Data providing system, data providing apparatus, on-vehicle computer, data providing method, and computer program | |
CN113761596B (en) | Electronic signature method based on block chain and CA certificate dual authentication | |
US11595213B2 (en) | Methods and apparatus for performing attestation | |
WO2024000402A1 (en) | Diagnostic method and apparatus | |
CN116094734B (en) | Vehicle identity information processing method and system based on block chain |