WO2020240984A1 - 設定装置、通信システムおよび車両通信管理方法 - Google Patents

設定装置、通信システムおよび車両通信管理方法 Download PDF

Info

Publication number
WO2020240984A1
WO2020240984A1 PCT/JP2020/010264 JP2020010264W WO2020240984A1 WO 2020240984 A1 WO2020240984 A1 WO 2020240984A1 JP 2020010264 W JP2020010264 W JP 2020010264W WO 2020240984 A1 WO2020240984 A1 WO 2020240984A1
Authority
WO
WIPO (PCT)
Prior art keywords
unit
vehicle
new
setting
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2020/010264
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
山本祐輔
萩原剛志
呉ダルマワン
清水洋祐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sumitomo Wiring Systems Ltd
AutoNetworks Technologies Ltd
Sumitomo Electric Industries Ltd
Original Assignee
Sumitomo Wiring Systems Ltd
AutoNetworks Technologies Ltd
Sumitomo Electric Industries Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sumitomo Wiring Systems Ltd, AutoNetworks Technologies Ltd, Sumitomo Electric Industries Ltd filed Critical Sumitomo Wiring Systems Ltd
Priority to US17/612,136 priority Critical patent/US12381864B2/en
Priority to JP2021522644A priority patent/JP7396356B2/ja
Priority to CN202080038012.7A priority patent/CN113853769B/zh
Publication of WO2020240984A1 publication Critical patent/WO2020240984A1/ja
Anticipated expiration legal-status Critical
Priority to JP2023200741A priority patent/JP7747034B2/ja
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Definitions

  • the present disclosure relates to setting devices, communication systems and vehicle communication management methods.
  • This application claims priority on the basis of Japanese Application Japanese Patent Application No. 2019-101427 filed on May 30, 2019, and incorporates all of its disclosures herein.
  • Patent Document 1 Japanese Unexamined Patent Publication No. 2008-59450 discloses the following vehicle information rewriting system. That is, the vehicle information rewriting system has a main control unit including a CPU, and controls for a vehicle that performs control processing of electronic devices mounted on the vehicle based on execution of predetermined software by the main control unit. A rewriting tool that functions as a data transmission source is detachably connected to the unit via a communication means, and is provided as a non-volatile memory on the vehicle control unit side to store vehicle information including the software.
  • the rewriting tool In a vehicle information rewriting system that rewrites the stored contents of the unit based on the rewriting data transferred from the rewriting tool via the communication means, the rewriting tool is subjected to a rewriting operation of the stored contents of the vehicle information storage unit.
  • An operation mode switching means for switching between an allowable rewriting permission mode and a rewriting restriction mode in which the rewriting operation is restricted more than the rewriting permission mode, and a rewriting operation using the rewriting tool, the rewriting tool
  • the wireless polling means for wirelessly polling the wireless authentication medium and the operation mode switching means on the precondition of successful detection of the wireless authentication medium by the wireless polling. It is characterized in that a mode switching command means for commanding switching to the rewriting permission mode is provided.
  • Patent Document 2 Japanese Unexamined Patent Publication No. 2003-465366 discloses the following vehicle relay device. That is, the vehicle relay device is arranged between the vehicle-mounted LAN constructed in the vehicle and the communication device that performs data communication between the vehicle-mounted device, and the vehicle-mounted device and the vehicle-mounted LAN connected via the communication device. It is a vehicle relay device that relays communication with various in-vehicle electronic devices connected to the vehicle, and when there is an access request from the external device to the in-vehicle electronic device in the in-vehicle LAN, the access destination is identified.
  • the first identification means for determining whether or not the access request is an access request to the in-vehicle electronic device that requires authentication of the external device, and the first identification means.
  • the external device sends the external device to the in-vehicle electronic device in advance based on the first authentication information transmitted from the external device.
  • the first authentication means for determining whether or not the device is an out-of-vehicle device for which access is permitted, and the out-of-vehicle device for which the first authentication means is previously permitted to access the in-vehicle electronic device If it is determined that the device is a device, or if the first identification means determines that the access request does not require authentication of the external device, the communication transmitted from the external device via the communication device. It is provided with a first distribution means for distributing data to the in-vehicle electronic device of the access destination.
  • the setting device of the present disclosure includes an acquisition unit that acquires an authentication result of a new functional unit that is a functional unit newly added to an in-vehicle network including one or a plurality of functional units, and the authentication result acquired by the acquisition unit. If is affirmative, the existing functional unit, which is a functional unit included in the in-vehicle network before the new functional unit is added, and the new functional unit can relay information between the functional units. It includes a setting unit capable of performing setting processing for at least one of the relay device, the existing function unit, and the new function unit for communicating via the relay device.
  • the communication system of the present disclosure includes a setting device and a new functional unit which is a functional unit newly added to an in-vehicle network including one or a plurality of functional units, and the setting device is transmitted from the new functional unit. Further, the information that can identify the functional unit that is the communication target of the new functional unit is acquired, the setting device acquires the authentication result of the new functional unit, and the setting device obtains the acquired authentication result. If affirmative, a plurality of relays in which the existing functional unit, which is a functional unit included in the in-vehicle network before the new functional unit is added, and the new functional unit can relay information between the functional units.
  • the setting information for communicating via the device is transmitted to the new function unit, and the new function unit sets itself based on the setting information received from the setting device.
  • the vehicle communication management method of the present disclosure is a vehicle communication management method in a setting device, and is a step of acquiring an authentication result of a new functional unit which is a functional unit newly added to an in-vehicle network including one or a plurality of functional units. If the acquired authentication result is affirmative, the existing functional unit, which is a functional unit included in the in-vehicle network before the new functional unit is added, and the new functional unit are between the functional units.
  • the step includes setting processing for at least one of the relay device, the existing function unit, and the new function unit for communicating via a plurality of relay devices capable of relaying information.
  • the vehicle communication management method of the present disclosure is a vehicle communication management method in a communication system including a setting device and a new functional unit which is a functional unit newly added to an in-vehicle network including one or a plurality of functional units.
  • the setting device acquires the information transmitted from the new function unit that can identify the function unit that is the communication target of the new function unit, and the setting device obtains the authentication result of the new function unit.
  • the step to be acquired and the authentication result acquired by the setting device are affirmative, the existing functional unit which is the functional unit included in the in-vehicle network before the new functional unit is added, and the new function.
  • One aspect of the present disclosure can be realized as a semiconductor integrated circuit that realizes a part or all of the setting device. Further, one aspect of the present disclosure can be realized as a program for causing a computer to execute a processing step in the setting device.
  • one aspect of the present disclosure can be realized as a semiconductor integrated circuit that realizes a part or all of a communication system. Further, one aspect of the present disclosure can be realized as a program for causing a computer to execute a processing step in a communication system.
  • FIG. 1 is a diagram showing a configuration of a communication system according to an embodiment of the present disclosure.
  • FIG. 2 is a diagram showing setting information in the vehicle-mounted network according to the embodiment of the present disclosure.
  • FIG. 3 is a diagram showing a configuration of a relay device according to an embodiment of the present disclosure.
  • FIG. 4 is a diagram showing a configuration of a communication system according to an embodiment of the present disclosure.
  • FIG. 5 is a diagram showing an example of a configuration in a new network of the communication system according to the embodiment of the present disclosure.
  • FIG. 6 is a diagram showing an example of setting information in the new network according to the embodiment of the present disclosure.
  • FIG. 7 is a diagram showing another example of the configuration in the new network of the communication system according to the embodiment of the present disclosure.
  • FIG. 1 is a diagram showing a configuration of a communication system according to an embodiment of the present disclosure.
  • FIG. 2 is a diagram showing setting information in the vehicle-mounted network according to the embodiment of the present disclosure.
  • FIG. 8 is a diagram showing another example of setting information in the new network according to the embodiment of the present disclosure.
  • FIG. 9 is a flowchart defining an operation procedure when the relay device constructs a new network in the communication system according to the embodiment of the present disclosure.
  • FIG. 10 is a diagram showing an example of a sequence of new network construction processing in the communication system according to the embodiment of the present disclosure.
  • FIG. 11 is a diagram showing another example of a sequence of new network construction processing in the communication system according to the embodiment of the present disclosure.
  • the present disclosure has been made to solve the above-mentioned problems, and the purpose of the present disclosure is to provide a setting device capable of flexibly constructing a network having a new configuration by simple processing while ensuring security in the network. It is to provide a communication system and a vehicle communication management method.
  • the setting device includes an acquisition unit that acquires an authentication result of a new functional unit that is a functional unit newly added to an in-vehicle network including one or a plurality of functional units, and the acquisition unit. If the authentication result acquired by the unit is affirmative, the existing functional unit, which is a functional unit included in the in-vehicle network before the new functional unit is added, and the new functional unit are between the functional units.
  • Setting that can perform setting processing for at least one of the relay device, the existing function unit, and the new function unit for communicating via a plurality of relay devices capable of relaying the information of It has a part.
  • the setting device is a relay device for the existing function unit and the new function unit to communicate with each other via a plurality of relay devices.
  • the setting process for at least one of the unit and the new function unit for example, when constructing a network for the existing function unit and the new function unit to communicate with each other via a plurality of relay devices. It is possible to omit the authentication process of the new function unit by some relay devices in the in-vehicle network. Therefore, it is possible to flexibly construct a network with a new configuration by simple processing while ensuring security in the network.
  • the setting device further includes a storage unit for storing setting information for each of the functional units in the vehicle-mounted network to perform communication, and the setting unit stores the setting information in the storage unit. Based on this, the setting process is performed.
  • the storage unit holds the setting information of the vehicle-mounted network whose network configuration is basically fixed, and the existing vehicle-mounted network acquired from the storage unit when constructing a new vehicle-mounted network including a new function unit.
  • the process of constructing a new in-vehicle network can be simplified by the configuration in which the setting information of the new in-vehicle network is generated by using the setting information of.
  • the setting unit performs the setting process using a virtual network for transmitting setting information for each function unit in the vehicle-mounted network to communicate with each function unit.
  • setting information can be transmitted from the setting device to each function unit in the in-vehicle network using the virtual network, so that the setting process related to each function unit can be simplified.
  • the setting unit provides a new virtual network for communication between the new function unit and one or more existing function units that are the communication targets of the new function unit. Perform the process of building.
  • the setting unit is a virtual network for communicating only with one or a plurality of the existing function units that are the communication targets of the new function unit.
  • the setting process the setting process relating to the new function unit and the relay device is performed so that the new function unit and one or a plurality of the existing function units to be communicated communicate with each other using the existing virtual network. ..
  • the communication system includes a setting device and a new functional unit which is a functional unit newly added to an in-vehicle network including one or a plurality of functional units.
  • the information that can identify the function unit that is the communication target of the new function unit, which is transmitted from the new function unit, is acquired, and the setting device acquires the authentication result of the new function unit, and the setting device. Is because, when the acquired authentication result is affirmative, the functional unit and the new functional unit, which are the communication targets, communicate with each other via a plurality of relay devices capable of relaying information between the functional units.
  • the setting information of the above is transmitted to the new function unit, and the new function unit sets itself based on the setting information received from the setting device.
  • the setting device when the authentication result of the new function unit is affirmative, provides setting information for the existing function unit and the new function unit to communicate with each other via a plurality of relay devices.
  • the new function unit by some relay devices in the in-vehicle network Authentication processing etc. can be omitted. Therefore, it is possible to flexibly construct a network with a new configuration by simple processing while ensuring security in the network.
  • the vehicle communication management method is a vehicle communication management method in the setting device, and is a new function which is a functional unit newly added to the in-vehicle network including one or a plurality of functional units.
  • Setting processing for at least one of the relay device, the existing function unit, and the new function unit for communicating with the unit via a plurality of relay devices capable of relaying information between the function units. Includes steps to do.
  • the setting device is a relay device for the existing function unit and the new function unit to communicate with each other via a plurality of relay devices.
  • the vehicle communication management method is in a communication system including a setting device and a new functional unit which is a functional unit newly added to an in-vehicle network including one or a plurality of functional units.
  • a step in which the setting device acquires information transmitted from the new function unit that can identify the function unit that is the communication target of the new function unit, and the setting device When the step of acquiring the authentication result of the new functional unit and the authentication result acquired by the setting device are positive, the functional unit and the new functional unit, which are the communication targets, are between the functional units.
  • the step of transmitting the setting information for communicating via a plurality of relay devices capable of relaying the information to the new function unit, and the new function unit self-self based on the setting information received from the setting device. Includes steps to set up.
  • the setting device provides setting information for the existing function unit and the new function unit to communicate with each other via a plurality of relay devices.
  • the new function unit by some relay devices in the in-vehicle network Authentication processing etc. can be omitted. Therefore, it is possible to flexibly construct a network with a new configuration by simple processing while ensuring security in the network.
  • FIG. 1 is a diagram showing a configuration of a communication system according to an embodiment of the present disclosure.
  • the communication system 300 includes one or a plurality of in-vehicle ECUs (Electronic Control Units) 111, a plurality of relay devices 100, and a server 200.
  • ECUs Electronic Control Units
  • the communication system 300 includes the vehicle-mounted ECUs 111A to 111D as the vehicle-mounted ECU 111, and the relay device 100A and the relay device 100B as the relay device 100.
  • the relay device 100A is an example of a setting device.
  • the in-vehicle ECU 111 is, for example, a TCU (Telematics Communication Unit), an automatic driving ECU, an engine ECU, a sensor, a navigation device, a human-machine interface, a camera, and the like.
  • the TCU communicates with a device outside the vehicle, for example, a server 200 via a wireless base station (not shown).
  • the relay device 100 is, for example, a gateway device, and can relay information between a plurality of in-vehicle ECUs 111 connected to itself. More specifically, the relay device 100 can perform relay processing according to, for example, layer 2 and layer 3 higher than layer 2.
  • the in-vehicle ECU 111 is an example of a functional unit in the in-vehicle network 12.
  • the vehicle-mounted ECU 111 and the relay device 100 constitute the vehicle-mounted network 12.
  • the communication system 300 is not limited to the configuration including four in-vehicle ECUs 111, and may be configured to include one, two, three, or five or more in-vehicle ECUs 111. Further, the communication system 300 is not limited to the configuration including two relay devices 100, and may be configured to include three or more relay devices 100.
  • connection relationship of each functional unit in the vehicle-mounted network 12 of the vehicle is fixed, for example.
  • the vehicle-mounted ECU 111 is connected to the relay device 100 via, for example, an Ethernet (registered trademark) cable 11.
  • the relay device 100A includes communication ports 1A, 2A, 3A, 4A.
  • the relay device 100B includes communication ports 1B, 2B, 3B, and 4B.
  • the communication ports 1A, 2A, 3A, 4A, 1B, 2B, 3B, and 4B are terminals to which the Ethernet cable 11 can be connected, for example.
  • the in-vehicle ECU 111A is connected to the communication port 2A in the relay device 100A via the Ethernet cable 11.
  • the in-vehicle ECU 111B is connected to the communication port 3A in the relay device 100A via the Ethernet cable 11.
  • the in-vehicle ECU 111C is connected to the communication port 2B in the relay device 100B via the Ethernet cable 11.
  • the in-vehicle ECU 111D is connected to the communication port 3B in the relay device 100B via the Ethernet cable 11.
  • the communication port 4A in the relay device 100A and the communication port 1B in the relay device 100B are connected to each other via the Ethernet cable 11.
  • the relay device 100 relays the Ethernet frame according to the Ethernet communication standard. Specifically, the relay device 100 relays, for example, an Ethernet frame exchanged between the vehicle-mounted ECU 111. IP packets are stored in the Ethernet frame.
  • the communication system 300 is not limited to a configuration in which an Ethernet frame is relayed according to an Ethernet communication standard, for example, CAN (Control Area Network) (registered trademark), FlexRay (registered trademark), MOST (Media Oriented Systems Transport). Data may be relayed in accordance with communication standards such as (registered trademark) and LIN (Local Ethernet Network).
  • CAN Control Area Network
  • FlexRay registered trademark
  • MOST Media Oriented Systems Transport
  • Communication standards such as (registered trademark) and LIN (Local Ethernet Network).
  • One or more virtual networks are constructed in the in-vehicle network 12.
  • the vehicle-mounted ECU 111A and the vehicle-mounted ECU 111C belong to the VLAN (Virtual Local Area Network) 10
  • the vehicle-mounted ECU 111B and the vehicle-mounted ECU 111D belong to the VLAN 20 different from the VLAN 10.
  • FIG. 2 is a diagram showing setting information in the in-vehicle network according to the embodiment of the present disclosure.
  • the port numbers of the communication ports 1A, 2A, 3A, and 4A of the relay device 100A are set to “1", “2", “3”, and “4", respectively, and the communication ports 1B of the relay device 100B, Let the port numbers of 2B, 3B, and 4B be “1", “2", “3”, and "4", respectively. Further, each in-vehicle ECU 111 includes one communication port, and the port number of the communication port is set to "1".
  • the ID of the VLAN corresponding to the communication port 2A of the relay device 100A is "VLAN10”
  • the ID of the VLAN corresponding to the communication port 3A of the relay device 100A is "VLAN20”
  • the relay device 100A The IDs of the VLANs corresponding to the communication port 4A of the above are "VLAN10” and "VLAN20”.
  • the IDs of the VLANs corresponding to the communication port 1B of the relay device 100B are "VLAN10” and “VLAN20", and the IDs of the VLANs corresponding to the communication port 2B of the relay device 100B are “VLAN10”.
  • the ID of the VLAN corresponding to the communication port 3B is "VLAN20”.
  • the ID of the VLAN corresponding to each communication port 1 of the in-vehicle ECUs 111A and 111C is "VLAN10”
  • the ID of the VLAN corresponding to each communication port 1 of the in-vehicle ECUs 111B and 111D is "VLAN20”.
  • the relay device 100 relays, for example, an Ethernet frame between vehicle-mounted ECUs 111 belonging to the same VLAN. Specifically, the relay device 100 mounts the Ethernet frame on the vehicle of the destination belonging to the same VLAN as the source based on the source MAC (Media Access Control) address and the destination MAC address included in the received Ethernet frame. It transmits to ECU 111.
  • the relay device 100 mounts the Ethernet frame on the vehicle of the destination belonging to the same VLAN as the source based on the source MAC (Media Access Control) address and the destination MAC address included in the received Ethernet frame. It transmits to ECU 111.
  • MAC Media Access Control
  • the relay device 100 relays, for example, an IP packet between vehicle-mounted ECUs 111 belonging to different VLANs. Specifically, the relay device 100 acquires an IP packet from the received Ethernet frame, and based on the transmission destination IP address of the acquired IP packet, the relay device 100 is a destination in-vehicle ECU 111 that belongs to a VLAN different from the source. Send to.
  • FIG. 3 is a diagram showing a configuration of a relay device according to an embodiment of the present disclosure.
  • FIG. 3 shows the configuration of the relay device 100A shown in FIG.
  • the relay device 100A includes a relay processing unit 110, a detection unit 120, an authentication result acquisition unit 130, an authentication unit 140, a setting unit 150, and a storage unit 160.
  • the storage unit 160 is, for example, a flash memory.
  • the relay processing unit 110, the detection unit 120, the authentication result acquisition unit 130, the authentication unit 140, and the setting unit 150 are realized by, for example, processors such as a CPU (Central Processing Unit) and a DSP (Digital Signal Processor).
  • the relay processing unit 110 relays the Ethernet frame between the vehicle-mounted ECU 111.
  • the relay processing unit 110 when the relay processing unit 110 receives an Ethernet frame from a certain vehicle-mounted ECU 111 or relay device 100B via the corresponding Ethernet cable 11, the relay processing unit 110 transmits the received Ethernet frame to the destination vehicle-mounted ECU 111 or relay device 100B. It is transmitted via the cable 11.
  • the relay processing unit 110 receives an Ethernet frame addressed to its own relay device 100 from the new function unit newly added to the in-vehicle network 12, the relay processing unit 110 outputs the received Ethernet frame to the detection unit 120.
  • the detection unit 120 detects a new function unit newly added to the in-vehicle network 12.
  • FIG. 4 is a diagram showing a configuration of a communication system according to the embodiment of the present disclosure.
  • FIG. 4 shows the configuration of the vehicle-mounted network 12 in which the vehicle-mounted ECU 111E is newly added to the vehicle-mounted network 12 shown in FIG.
  • the vehicle-mounted ECU 111E is connected to the communication port 1A in the relay device 100A via the Ethernet cable 11.
  • the in-vehicle ECU 111E is an example of a new function unit that is a function unit newly added to the in-vehicle network 12.
  • the in-vehicle network 12 including the new functional unit is also referred to as a new network
  • the in-vehicle network 12 before the new functional unit is added is also referred to as an existing network
  • the functional unit included in the existing network is also referred to as an existing functional unit.
  • the in-vehicle ECU 111E exchanges Ethernet frames with the functional unit to be communicated.
  • the functional unit that is the communication target of the new functional unit is also referred to as a target functional unit.
  • the vehicle-mounted ECU 111E When the vehicle-mounted ECU 111E is connected to the relay device 100A via the Ethernet cable 11, the vehicle-mounted ECU 111E transmits information that can identify the vehicle-mounted ECU 111 to be communicated with the vehicle-mounted ECU 111E to the relay device 100A.
  • the vehicle-mounted ECU 111E when the vehicle-mounted ECU 111E is connected to the communication port 1A in the relay device 100A via the Ethernet cable 11, the vehicle-mounted ECU 111E generates connection request information including the ID of the vehicle-mounted ECU 111C to be communicated with, for example, the MAC address.
  • the in-vehicle ECU 111E generates an Ethernet frame including the generated connection request information, its own ID, the authentication password which is secret information, and the MAC address of the relay device 100A as the destination MAC address, and relays the generated Ethernet frame. It transmits to the device 100A.
  • the detection unit 120 in the relay device 100A receives the Ethernet frame from the vehicle-mounted ECU 111E via the relay processing unit 110, the detection unit 120 acquires the connection request information, the ID of the vehicle-mounted ECU 111E, and the authentication password from the received Ethernet frame. Detects the addition of the vehicle-mounted ECU 111E to the vehicle-mounted network 12.
  • the detection unit 120 outputs the acquired connection request information, the ID of the vehicle-mounted ECU 111E, and the authentication password to the authentication result acquisition unit 130.
  • the authentication result acquisition unit 130 is an example of an acquisition unit that acquires the authentication result of the vehicle-mounted ECU 111E, which is a new function unit newly added to the vehicle-mounted network 12.
  • the authentication result acquisition unit 130 when the authentication result acquisition unit 130 receives the connection request information, the ID of the vehicle-mounted ECU 111E and the authentication password from the detection unit 120, the authentication result acquisition unit 130 outputs the received connection request information, the ID of the new function unit and the authentication password to the authentication unit 140. To do.
  • the authentication unit 140 When the authentication unit 140 receives the connection request information, the ID of the vehicle-mounted ECU 111E and the authentication password from the authentication result acquisition unit 130, the authentication unit 140 authenticates the vehicle-mounted ECU 111E using the received connection request information, the ID of the vehicle-mounted ECU 111E and the authentication password. Perform processing.
  • the authentication unit 140 determines that the in-vehicle ECU 111E is not a legitimate communication partner with the target function unit as a result of performing the authentication process
  • the authentication result acquisition unit obtains authentication information indicating a negative authentication result as the authentication result of the in-vehicle ECU 111E. Output to 130.
  • the authentication result acquisition unit 130 receives the authentication information indicating a negative authentication result from the authentication unit 140, the connection disapproval information indicating that the connection is not permitted and the Ethernet including the MAC address of the vehicle-mounted ECU 111E as the transmission destination MAC address.
  • a frame is generated, and the generated Ethernet frame is transmitted to the vehicle-mounted ECU 111E via the relay processing unit 110.
  • the authentication unit 140 confirms that the in-vehicle ECU 111E is a legitimate communication partner with the target function unit indicated by the connection request information as a result of performing the authentication process, the authentication unit 140 gives a positive authentication result as the authentication result of the in-vehicle ECU 111E.
  • the indicated authentication information is output to the authentication result acquisition unit 130.
  • the authentication result acquisition unit 130 When the authentication result acquisition unit 130 receives the authentication information indicating a positive authentication result from the authentication unit 140, the authentication result acquisition unit 130 outputs the connection request information received from the detection unit 120 and the ID of the vehicle-mounted ECU 111E to the setting unit 150.
  • the setting unit 150 communicates between the existing function unit and the in-vehicle ECU 111E via the relay devices 100A and 100B, respectively, and the relay It is possible to perform setting processing for at least one of the devices 100A and 100B.
  • the setting unit 150 communicates between the existing function unit and the vehicle-mounted ECU 111E via its own relay device 100A and relay device 100B. Perform the setting process for each functional part.
  • the setting unit 150 when the setting unit 150 receives the connection request information and the ID of the vehicle-mounted ECU 111E from the authentication result acquisition unit 130, the setting unit 150 is a target function unit indicated by the connection request information based on the received connection request information and the ID of the vehicle-mounted ECU 111E. And the vehicle-mounted ECU 111E generate new network setting information for communicating via the relay devices 100A and 100B.
  • the storage unit 160 stores the setting information in the vehicle-mounted network 12 in which the connection relationship of each functional unit is fixed as described above.
  • the storage unit 160 stores setting information for each existing functional unit to communicate in the existing network. Specifically, the storage unit 160 stores the setting information shown in FIG. 2 as the setting information of the existing network.
  • the setting unit 150 performs the setting process based on the setting information in the storage unit 160.
  • the setting unit 150 generates new network setting information based on the connection request information received from the authentication result acquisition unit 130 and the existing network setting information in the storage unit 160.
  • the setting unit 150 updates the existing setting information in the storage unit 160 with the new generated setting information.
  • the setting unit 150 identifies the functional unit that needs to be changed in the new network based on the updated setting information in the storage unit 160, and notifies the specified functional unit and the in-vehicle ECU 111E of the setting contents.
  • the setting unit 150 performs a process of constructing a new virtual network for communication between the in-vehicle ECU 111E and one or a plurality of target function units as a setting process.
  • the in-vehicle ECU 111E a new functional unit, the in-vehicle ECU 111E, is added to the in-vehicle network 12, and the target functional unit indicated by the connection request information transmitted from the in-vehicle ECU 111E is the in-vehicle ECU 111C.
  • the setting unit 150 sets the setting information of the new network including the new virtual network for communicating only with the vehicle-mounted ECU 111E and the vehicle-mounted ECU 111C. To generate.
  • the setting unit 150 generates setting information of a new network including a new VLAN 30 for communicating only with the vehicle-mounted ECU 111E and the vehicle-mounted ECU 111C.
  • FIG. 5 is a diagram showing an example of a configuration in a new network of the communication system according to the embodiment of the present disclosure.
  • FIG. 6 is a diagram showing an example of setting information in the new network according to the embodiment of the present disclosure.
  • the setting unit 150 uses the setting information of the existing network shown in FIG. 2 as the setting information in the new network, and sets the “VLAN 30” as the ID of the VLAN corresponding to the communication ports 1A and 4A of its own relay device 100A.
  • “VLAN30” was added as the ID of the VLAN corresponding to the communication ports 1B and 2B of the relay device 100B
  • "VLAN30” was added as the ID of the VLAN corresponding to each communication port 1 of the in-vehicle ECUs 111C and 111E.
  • Generate new setting information Generate new setting information.
  • the setting unit 150 updates the existing setting information in the storage unit 160 with the new generated setting information.
  • the setting unit 150 notifies the relay device 100B, the vehicle-mounted ECU 111C, and the vehicle-mounted ECU 111E, which are functional units that need to be changed in the new network, based on the updated setting information in the storage unit 160.
  • a virtual network for example, a VLAN 50, for exchanging setting information for each functional unit to communicate with each other is constructed.
  • the setting unit 150 performs the setting process using the WLAN 50.
  • the setting unit 150 generates an Ethernet frame including the setting information of the new network, and transmits the generated Ethernet frame to the relay device 100B and the in-vehicle ECUs 111C and 111E via the relay processing unit 110 using the VINA50. ..
  • the relay devices 100A and 100B transmit an Ethernet frame including setting information by using an encryption method based on secret information shared in advance.
  • the in-vehicle ECU 111E, the in-vehicle ECU 111C, and the relay device 100B change the settings according to the setting information included in the Ethernet frame received from the setting unit 150 via the relay processing unit 110.
  • the in-vehicle ECU 111E adds "VLAN 30" as a VLAN corresponding to its own communication port 1 according to the setting information included in the received Ethernet frame.
  • the in-vehicle ECU 111C adds "VLAN 30" as a VLAN corresponding to its own communication port 1 according to the setting information included in the received Ethernet frame.
  • the setting unit 150 adds "VLAN 30" as a VLAN corresponding to the communication ports 1A and 4A of its own relay device 100A.
  • the relay device 100B adds "VLAN30" as a VLAN corresponding to its own communication ports 1B and 2B according to the setting information included in the received Ethernet frame.
  • the authentication process of the vehicle-mounted ECU 111E by the relay device 100B becomes unnecessary. That is, the relay device 100B can change the setting according to the setting information received from the setting unit 150 without performing the authentication process of the vehicle-mounted ECU 111E.
  • Example 2 of setting process For example, when an existing virtual network, which is a virtual network for communicating with only one or a plurality of target function units, is constructed, the setting unit 150 uses the existing virtual network as the setting process to the in-vehicle ECU 111E and the target. Performs setting processing related to the in-vehicle ECU 111E and its own relay device 100A for communicating with the functional unit.
  • the in-vehicle ECU 111E which is a new functional unit, is added to the in-vehicle network 12, and the target functional units indicated by the connection request information transmitted from the in-vehicle ECU 111E are the in-vehicle ECU 111A and the in-vehicle ECU 111C. To do.
  • the setting unit 150 is a new network including a virtual network for the vehicle-mounted ECU 111E and the vehicle-mounted ECUs 111A and 111C to communicate with each other. Generate setting information.
  • the setting unit 150 refers to the setting information in the storage unit 160 and confirms that the existing network includes the WLAN 10 for communicating only with the in-vehicle ECU 111A and the in-vehicle ECU 111C
  • the setting unit 150 uses the VLAN 10.
  • the in-vehicle ECU 111E and the in-vehicle ECUs 111A and 111C generate new network setting information for communication.
  • FIG. 7 is a diagram showing another example of the configuration in the new network of the communication system according to the embodiment of the present disclosure.
  • FIG. 8 is a diagram showing another example of setting information in the new network according to the embodiment of the present disclosure.
  • the setting unit 150 sets “VLAN 10” as the setting information in the new network as the ID of the VLAN corresponding to the communication port 1A of its own relay device 100A in the setting information of the existing network shown in FIG.
  • “VLAN 10” is added as the ID of the VLAN corresponding to the communication port 1 of the in-vehicle ECU 111E, which is a new function unit, to generate new setting information.
  • the setting unit 150 updates the existing setting information in the storage unit 160 with the new generated setting information.
  • the setting unit 150 notifies the in-vehicle ECU 111E, which is a functional unit that needs to change the setting in the new network, of the setting content based on the updated setting information in the storage unit 160.
  • the setting unit 150 generates an Ethernet frame including the setting information, and transmits the generated Ethernet frame to the in-vehicle ECU 111E via the relay processing unit 110 using the above-mentioned VINA50.
  • the in-vehicle ECU 111E changes the setting according to the setting information included in the Ethernet frame received from the setting unit 150 via the relay processing unit 110.
  • the in-vehicle ECU 111E adds "VLAN 10" as a VLAN corresponding to its own communication port 1 according to the setting information included in the received Ethernet frame.
  • the setting unit 150 adds "VLAN 10" as a VLAN corresponding to the communication port 1A of its own relay device 100A.
  • the authentication process of the vehicle-mounted ECU 111E by the relay device 100B becomes unnecessary.
  • each device in the communication system includes a computer including a memory, and an arithmetic processing unit such as a CPU in the computer includes a program including a part or all of each step of the following flowchart and sequence.
  • an arithmetic processing unit such as a CPU in the computer includes a program including a part or all of each step of the following flowchart and sequence.
  • the programs of these plurality of devices can be installed from the outside.
  • the programs of these plurality of devices are distributed in a state of being stored in a recording medium.
  • FIG. 9 is a flowchart defining an operation procedure when the relay device constructs a new network in the communication system according to the embodiment of the present disclosure.
  • step S104 when the relay device 100A waits for the addition of the new functional unit to the in-vehicle network 12 (NO in step S102) and detects the addition of the new functional unit to the in-vehicle network 12 (in step S102). YES), the detected new function unit is authenticated (step S104).
  • the relay device 100A transmits the connection disapproval information indicating that the connection is not permitted to the new function unit (step S108).
  • the relay device 100A waits for the addition of a new new function unit to the in-vehicle network 12 (NO in step S102).
  • the relay device 100A when the authentication result is positive (YES in step S106), the relay device 100A generates the setting information of the new network for the relay device 100B and the target function unit and the new function unit to communicate with each other (step S106). S110).
  • the relay device 100A identifies a functional unit whose setting needs to be changed in the new network based on the generated setting information, and transmits the setting information to the specified functional unit and the in-vehicle ECU 111E (step S112).
  • the relay device 100A waits for the addition of a new new function unit to the in-vehicle network 12 (NO in step S102).
  • FIG. 10 is a diagram showing an example of a sequence of new network construction processing in the communication system according to the embodiment of the present disclosure.
  • FIG. 10 shows an example of a sequence of new network construction processing as shown in FIG.
  • the in-vehicle ECU 111A and the in-vehicle ECU 111C belong to the same WLAN 10, and communicate with each other via the relay devices 100A and 100B using the VLAN 10 (1). Step S202).
  • the vehicle-mounted ECU 111E which is a new functional unit newly added to the vehicle-mounted network 12, is connected to the relay device 100A, it relays connection request information including information that can identify the vehicle-mounted ECU 111C to be communicated with itself. Transmission to device 100A (step S204).
  • the relay device 100A detects the vehicle-mounted ECU 111E and performs an authentication process for the vehicle-mounted ECU 111E (step S206).
  • the relay device 100A when the authentication result is affirmative, the relay device 100A generates new network setting information for the relay device 100B, the vehicle-mounted ECU 111C, and the vehicle-mounted ECU 111E to communicate using the VLNA30. Specifically, the setting information as shown in FIG. 6 is generated (step S208).
  • the relay device 100A transmits the generated setting information to the relay device 100B, the vehicle-mounted ECU 111C, and the vehicle-mounted ECU 111E, which are functional units whose settings need to be changed in the new network (step S210).
  • the relay device 100A changes the settings based on the generated setting information (step S212).
  • the in-vehicle ECU 111E changes the setting according to the setting information received from the relay device 100A (step S214).
  • the relay device 100B changes the settings according to the setting information received from the relay device 100A (step S216).
  • the in-vehicle ECU 111C changes the setting according to the setting information received from the relay device 100A (step S218).
  • the vehicle-mounted ECU 111A and the vehicle-mounted ECU 111C communicate with each other via the relay devices 100A and 100B using the WLAN 10 (step S220).
  • the vehicle-mounted ECU 111E and the vehicle-mounted ECU 111C communicate with each other via the relay devices 100A and 100B using the newly generated VDC 30 (step S222).
  • FIG. 11 is a diagram showing another example of a sequence of new network construction processing in the communication system according to the embodiment of the present disclosure.
  • FIG. 11 shows an example of a sequence of new network construction processing as shown in FIG. 7.
  • the in-vehicle ECU 111A and the in-vehicle ECU 111C belong to the same WLAN 10, and communicate with each other via the relay devices 100A and 100B using the VLAN 10 (1). Step S302).
  • the vehicle-mounted ECU 111E which is a new functional unit newly added to the vehicle-mounted network 12
  • the connection request information including information that can identify the vehicle-mounted ECUs 111A and 111C to be communicated with itself is included. Is transmitted to the relay device 100A (step S304).
  • the relay device 100A detects the vehicle-mounted ECU 111E and performs an authentication process for the vehicle-mounted ECU 111E (step S306).
  • the relay device 100A when the authentication result is affirmative, the relay device 100A generates new network setting information for the relay device 100B, the vehicle-mounted ECUs 111A, 111C, and the vehicle-mounted ECU 111E to communicate using the VLNA 10. Specifically, the setting information as shown in FIG. 8 is generated (step S308).
  • the relay device 100A transmits the generated setting information to the in-vehicle ECU 111E, which is a functional unit whose settings need to be changed in the new network (step S310).
  • the relay device 100A changes the settings based on the generated setting information (step S312).
  • the in-vehicle ECU 111E changes the setting according to the setting information received from the relay device 100A (step S314).
  • the vehicle-mounted ECU 111A, the vehicle-mounted ECU 111C, and the vehicle-mounted ECU 111E communicate with each other via the relay devices 100A and 100B using the WLAN 10 (step S316).
  • the relay device 100A to which the vehicle-mounted ECU 111E, which is a new function unit, is connected acquires the authentication result of the vehicle-mounted ECU 111E as a setting device.
  • the configuration is such that the setting process is performed, but the configuration is not limited to this.
  • the relay device 100B which is a relay device 100 to which the in-vehicle ECU 111E is not connected, may be configured to acquire and set the authentication result.
  • a device other than the relay device 100 in the in-vehicle network 12 may be configured to acquire the authentication result and perform the setting process as the setting device.
  • a device that is not located on the communication path between the new function unit and the target function unit in the in-vehicle network 12 may be configured to acquire the authentication result and perform the setting process as the setting device.
  • a device outside the vehicle may be configured to acquire an authentication result and perform setting processing as a setting device.
  • the server 200 acquires connection request information transmitted from the in-vehicle ECU 111E, which is information that can identify the target functional unit by communicating with the TCU in the in-vehicle network 12, acquires an authentication result, sets processing, and the like. I do.
  • the vehicle-mounted ECU 111E which is a new functional unit, relays connection request information including the MAC address of the vehicle-mounted ECU 111C as information that can identify the vehicle-mounted ECU 111C, which is the target functional unit.
  • the configuration is such that transmission is performed to the device 100A, but the present invention is not limited to this.
  • the in-vehicle ECU 111E may be configured to transmit other information such as the IP address of the in-vehicle ECU 111C to the relay device 100A as information that can identify the in-vehicle ECU 111C.
  • the authentication result acquisition unit 130 is configured to acquire the authentication result of the vehicle-mounted ECU 111E from the authentication unit 140 in its own relay device 100A, but the present invention is limited to this. It is not something to do.
  • the authentication result acquisition unit 130 may be configured to acquire the authentication result of the vehicle-mounted ECU 111E from a device other than its own relay device 100A.
  • the detection unit 120 is configured to detect the vehicle-mounted ECU 111 which is a new functional unit newly added to the vehicle-mounted network 12, but the present invention is limited to this. It's not a thing.
  • the detection unit 120 may be configured to detect an application installed in the existing vehicle-mounted ECU 111 in the vehicle-mounted network 12 as a new function unit. That is, the new functional unit may be hardware or software.
  • the setting unit 150 is configured to generate the setting information of the new network based on the setting information of the existing network in the storage unit 160. It is not limited.
  • the setting unit 150 is set to transmit an information request notification to the effect that information indicating the setting contents of each function unit in the vehicle-mounted network 12 should be transmitted, and receive the information request notification from each function unit as a response to the information request notification. It may be configured to generate setting information of a new network based on the contents.
  • the setting unit 150 has a configuration in which the setting information is transmitted to each function unit by using the WLAN 50 for exchanging the setting information between the function units in the vehicle-mounted network 12.
  • the setting unit 150 may be configured to transmit setting information to the destination functional unit by using a VLAN for communicating between some functional units in the vehicle-mounted network 12.
  • the relay devices 100A and 100B may be configured to exchange setting information and the like by using an API (Application Programming Interface) for network setting used in consumer products.
  • API Application Programming Interface
  • the setting unit 150 identifies a functional unit whose setting needs to be changed in the new network, and transmits the updated setting information to the specified functional unit and the in-vehicle ECU 111E.
  • the setting unit 150 is configured to generate setting change information indicating the content of the setting change of each function unit for each of the specified function unit and the vehicle-mounted ECU 111E, and transmit the corresponding setting change information to the specified function unit and the vehicle-mounted ECU 111E. There may be.
  • the vehicle-mounted ECU 111 is newly added to the vehicle-mounted network 12, it is possible that the vehicle-mounted ECU 111 and the target function unit communicate with each other using the existing virtual network in the new vehicle-mounted network 12 to ensure the security of the vehicle-mounted network 12. It may not be preferable from the viewpoint of.
  • the vehicle-mounted ECU 111E which is a new functional unit, is added to the vehicle-mounted network 12, and the target functional unit indicated by the connection request information transmitted from the vehicle-mounted ECU 111E is the vehicle-mounted ECU 111C.
  • the vehicle-mounted ECU 111E when the relay device 100A receives the connection request information from the vehicle-mounted ECU 111E and constructs a new network as shown in FIG. 7, the vehicle-mounted ECU 111E not only transmits the vehicle-mounted ECU 111C, which is the target function unit, but also originally communicates. It is possible to communicate with the in-vehicle ECU 111A which does not need to be performed.
  • the in-vehicle ECU 111E is an illegal ECU
  • not only the in-vehicle ECU 111C but also the in-vehicle ECU 111A may be illegally accessed.
  • a new network such that only communication with the vehicle-mounted ECU 111C, which is the target function unit, is permitted for the vehicle-mounted ECU 111E, for example, a new network as shown in FIG. It is conceivable to configure.
  • the authentication process of the vehicle-mounted ECU 111E and the network configuration are performed in each of the relay devices 100, that is, the relay devices 100A and 100B existing on the communication path between the vehicle-mounted ECU 111E and the vehicle-mounted ECU 111C. You need to make changes.
  • the authentication result acquisition unit 130 is a new functional unit which is a functional unit newly added to the in-vehicle network 12 including one or a plurality of functional units. Get the authentication result.
  • the setting unit 150 has an existing function unit, which is a function unit included in the in-vehicle network 12 before the new function unit is added, and a new function unit. Settings for at least one of the relay device, the existing function unit, and the new function unit for communicating via a plurality of relay devices 100A and 100B capable of relaying information between functional units. It is possible to perform processing.
  • the relay device 100A relays the existing function unit and the new function unit to communicate with each other via the plurality of relay devices 100A and 100B.
  • the existing function unit and the new function unit for example, the existing function unit and the new function unit communicate with each other via a plurality of relay devices 100A and 100B.
  • the relay device 100A it is possible to flexibly construct a network having a new configuration by simple processing while ensuring security in the network.
  • the storage unit 160 stores the setting information for each functional unit in the vehicle-mounted network 12 to perform communication.
  • the setting unit 150 performs the setting process based on the setting information in the storage unit 160.
  • the storage unit 160 holds the setting information of the vehicle-mounted network 12 whose network configuration is basically fixed, and is acquired from the storage unit 160 when constructing a new vehicle-mounted network 12 including a new functional unit.
  • the construction process of the new vehicle-mounted network 12 can be simplified by the configuration in which the setting information of the new vehicle-mounted network 12 is generated by using the setting information of the existing vehicle-mounted network 12.
  • the setting unit 150 is set by using a virtual network for transmitting the setting information for each functional unit in the in-vehicle network 12 to communicate with each functional unit. Perform processing.
  • setting information can be transmitted from the relay device 100A to each functional unit in the in-vehicle network 12 using the virtual network, so that the setting process for each functional unit can be simplified.
  • the setting unit 150 is for setting the new function unit and one or a plurality of existing function units to be communicated with each other as a setting process. Performs the process of constructing a new virtual network.
  • the setting unit 150 is an existing virtual network which is a virtual network for communicating only with one or a plurality of existing function units which are communication targets of the new function unit. If it is constructed, as a setting process, a setting process related to the new function unit and the relay device 100A for communicating between the new function unit and one or a plurality of existing function units to be communicated using the existing virtual network is performed. Do.
  • the communication system 300 includes a relay device 100A and a new functional unit which is a functional unit newly added to the in-vehicle network 12 including one or a plurality of functional units.
  • the relay device 100A acquires the information transmitted from the new functional unit that can identify the functional unit to be communicated with the new functional unit.
  • the relay device 100A acquires the authentication result of the new functional unit.
  • the relay device 100A communicates via a plurality of relay devices 100A and 100B in which the functional unit to be communicated and the new functional unit can relay information between the functional units.
  • the setting information for this is sent to the new function unit.
  • the new function unit sets itself based on the setting information received from the relay device 100A.
  • the relay device 100A communicates between the existing function unit and the new function unit to be communicated via the plurality of relay devices 100A and 100B.
  • the relay device 100B With the configuration of transmitting the setting information of the above to the new function unit, for example, when constructing a network for the existing function unit and the new function unit to communicate with each other via a plurality of relay devices 100A and 100B, one of the in-vehicle networks 12 It is possible to omit the authentication process of the new functional unit by the relay device 100B of the unit.
  • the communication system 300 it is possible to flexibly construct a network having a new configuration by simple processing while ensuring security in the network.
  • the vehicle communication management method is the vehicle communication management method in the relay device 100A.
  • the relay device 100A acquires the authentication result of the new functional unit, which is a functional unit newly added to the in-vehicle network 12 including one or a plurality of functional units.
  • the existing functional unit which is a functional unit included in the in-vehicle network 12 before the new functional unit is added, and the new functional unit are functional units.
  • Setting processing is performed for at least one of the relay devices 100A and 100B, the existing function unit, and the new function unit for communicating via the plurality of relay devices 100A and 100B capable of relaying the information between them.
  • the relay device 100A relays the existing function unit and the new function unit to communicate with each other via the plurality of relay devices 100A and 100B.
  • the existing function unit and the new function unit for example, the existing function unit and the new function unit communicate with each other via a plurality of relay devices 100A and 100B.
  • the vehicle communication management method is a communication system including a relay device 100A and a new functional unit which is a functional unit newly added to the in-vehicle network 12 including one or a plurality of functional units.
  • This is the vehicle communication management method in 300.
  • the relay device 100A acquires the information transmitted from the new functional unit that can identify the functional unit to be communicated with the new functional unit.
  • the relay device 100A acquires the authentication result of the new functional unit.
  • the communication target functional unit and the new functional unit can relay information between the functional units via a plurality of relay devices 100A and 100B.
  • the new function unit sets itself based on the setting information received from the relay device 100A.
  • the relay device 100A communicates between the existing function unit and the new function unit to be communicated via the plurality of relay devices 100A and 100B.
  • the in-vehicle network 12 It is possible to omit the authentication process of the new function unit by some relay devices 100B.
  • a relay device capable of relaying information between functional units in an in-vehicle network including one or more functional units.
  • a detection unit that detects a new functional unit that is newly added to the in-vehicle network
  • An acquisition unit that acquires the authentication result of the new function unit detected by the detection unit, and When the authentication result acquired by the acquisition unit is affirmative, the existing function unit, which is a function unit included in the in-vehicle network before the new function unit is added, and the new function unit perform the function.
  • the existing function unit which is a function unit included in the in-vehicle network before the new function unit is added, and the new function unit perform the function.
  • With a setting unit that performs setting processing for at least one of the relay device, the existing function unit, and the new function unit for communicating via a plurality of relay devices capable of relaying information between units.
  • a relay device that performs setting processing for at least one of the relay device, the existing function unit, and the new function unit for communicating via a plurality of relay devices
  • An acquisition unit that acquires the authentication result of a new functional unit that is a newly added functional unit in an in-vehicle network that includes one or more functional units, and an acquisition unit. If the authentication result acquired by the acquisition unit is affirmative, the existing function unit, which is a function unit included in the in-vehicle network before the new function unit is added, and the new function unit perform the function.
  • a setting unit that performs setting processing for at least one of the relay device, the existing function unit, and the new function unit for communicating via a plurality of relay devices capable of relaying information between units. With The acquisition unit and the setting unit are setting devices realized by a processor.
  • a first relay device capable of relaying information between functional units in an in-vehicle network including a plurality of functional units, and a second relay device connected to the first relay device. It is provided with a new functional unit which is the functional unit newly added to the in-vehicle network.
  • the new functional unit transmits information that can identify the functional unit, which is the communication target of the new functional unit, to the first relay device.
  • the first relay device detects the addition of the new functional unit to the in-vehicle network, and detects the addition of the new functional unit.
  • the first relay device acquires the detected authentication result of the new function unit and obtains the authentication result.
  • the functional unit and the new functional unit which are the communication targets, communicate with each other via the first relay device and the second relay device.
  • the new function unit is an in-vehicle communication system that sets itself based on the setting information received from the first relay device.
  • the setting device acquires the information transmitted from the new functional unit that can identify the functional unit that is the communication target of the new functional unit.
  • the setting device acquires the authentication result of the new function unit and obtains the authentication result.
  • the setting device communicates between the functional unit, which is the communication target, and the new functional unit via a plurality of relay devices capable of relaying information between the functional units.
  • the setting information for performing the above is transmitted to the new function unit, and The new function unit sets itself based on the setting information received from the setting device.
  • the functional unit is an in-vehicle communication system which is an ECU.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
PCT/JP2020/010264 2019-05-30 2020-03-10 設定装置、通信システムおよび車両通信管理方法 Ceased WO2020240984A1 (ja)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US17/612,136 US12381864B2 (en) 2019-05-30 2020-03-10 Setting device, communication system, and vehicle communication management method
JP2021522644A JP7396356B2 (ja) 2019-05-30 2020-03-10 設定装置、通信システムおよび車両通信管理方法
CN202080038012.7A CN113853769B (zh) 2019-05-30 2020-03-10 设定装置、通信系统以及车辆通信管理方法
JP2023200741A JP7747034B2 (ja) 2019-05-30 2023-11-28 設定装置、通信システムおよび車両通信管理方法

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2019101427 2019-05-30
JP2019-101427 2019-05-30

Publications (1)

Publication Number Publication Date
WO2020240984A1 true WO2020240984A1 (ja) 2020-12-03

Family

ID=73552307

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/010264 Ceased WO2020240984A1 (ja) 2019-05-30 2020-03-10 設定装置、通信システムおよび車両通信管理方法

Country Status (4)

Country Link
US (1) US12381864B2 (enExample)
JP (2) JP7396356B2 (enExample)
CN (1) CN113853769B (enExample)
WO (1) WO2020240984A1 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2024145008A (ja) * 2023-03-31 2024-10-15 本田技研工業株式会社 車両制御システムおよび通信処理方法

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114270893A (zh) * 2019-10-25 2022-04-01 住友电气工业株式会社 管理装置、车载系统、车辆、通信管理方法及通信管理程序
US12184436B2 (en) * 2020-05-07 2024-12-31 Nec Communication Systems, Ltd. Network control apparatus, network control method, and network control program
JP7666080B2 (ja) * 2021-03-31 2025-04-22 株式会社オートネットワーク技術研究所 車載中継装置、車載システム、情報処理方法、及びプログラム

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010183204A (ja) * 2009-02-03 2010-08-19 Panasonic Electric Works Co Ltd ネットワークシステム

Family Cites Families (51)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3784269B2 (ja) 2001-04-10 2006-06-07 アライドテレシスホールディングス株式会社 ネットワーク管理装置、ネットワーク管理プログラム、ネットワーク管理方法、及びコンピュータネットワークシステム
JP4942261B2 (ja) 2001-07-31 2012-05-30 株式会社デンソー 車両用中継装置、及び、車内通信システム
JP3522243B2 (ja) 2001-08-23 2004-04-26 アライドテレシス株式会社 中継機器、通信設定プログラム、及び通信設定方法
JP2003244185A (ja) * 2002-02-18 2003-08-29 Matsushita Electric Ind Co Ltd Vlan及びvlanフレームスイッチング装置
US20070185624A1 (en) * 2006-02-07 2007-08-09 General Motors Corporation Method for remote reprogramming of vehicle flash memory
JP2008059450A (ja) 2006-09-01 2008-03-13 Denso Corp 車両情報書換えシステム
JP4791301B2 (ja) 2006-09-13 2011-10-12 株式会社オートネットワーク技術研究所 車載lanシステム
JP5588220B2 (ja) * 2009-05-22 2014-09-10 コイト電工株式会社 交信用データ付与方法及び装置、移動体情報収集システム及び該システムの移動体上装置、並びに、車両編成ネットワークシステム及び該システムの車上装置
JP5334693B2 (ja) 2009-06-04 2013-11-06 アライドテレシスホールディングス株式会社 ネットワーク管理方法、ネットワーク管理プログラム、ネットワークシステム及び中継機器
US8824492B2 (en) * 2010-05-28 2014-09-02 Drc Computer Corporation Accelerator system for remote data storage
US8543280B2 (en) * 2011-04-29 2013-09-24 Toyota Motor Engineering & Manufacturing North America, Inc. Collaborative multi-agent vehicle fault diagnostic system and associated methodology
JP5625217B2 (ja) 2011-07-04 2014-11-19 アラクサラネットワークス株式会社 ネットワーク管理システム、及び管理計算機
EP2757742B1 (en) * 2011-09-12 2018-07-25 Toyota Jidosha Kabushiki Kaisha On-vehicle gateway apparatus and communication system for vehicle
CN102333118B (zh) * 2011-10-08 2013-06-12 常熟理工学院 一种车载网络IPv6地址自动配置的实现方法
JP5729337B2 (ja) 2012-03-21 2015-06-03 株式会社デンソー 車両用認証装置、及び車両用認証システム
JP5771741B2 (ja) 2012-04-27 2015-09-02 株式会社フジクラ 通信システム
JP5672275B2 (ja) 2012-08-28 2015-02-18 株式会社デンソー ネットワークシステム
US10263839B2 (en) * 2013-03-15 2019-04-16 Fortinet, Inc. Remote management system for configuring and/or controlling a computer network switch
US9305412B2 (en) * 2013-11-22 2016-04-05 Volkswagen Ag Apparatus, system and method for vehicle authentication management and reporting
JP6126980B2 (ja) 2013-12-12 2017-05-10 日立オートモティブシステムズ株式会社 ネットワーク装置およびネットワークシステム
EP3412514B1 (en) 2014-11-12 2019-12-04 Panasonic Intellectual Property Corporation of America Update management method, update management device, and control program
CN105794146A (zh) 2014-11-13 2016-07-20 松下电器(美国)知识产权公司 密钥管理方法、车载网络系统以及密钥管理装置
DE102014224944A1 (de) 2014-12-04 2016-06-09 Continental Automotive Gmbh Verfahren und Steuergerät zur Übertragung sicherheitsrelevanter Daten in einem Kraftfahrzeug mittels eines Ethernet-Standards
JP2016127299A (ja) 2014-12-26 2016-07-11 スタビリティ株式会社 中継装置及びネットワーク構築方法
JP6595885B2 (ja) 2015-01-20 2019-10-23 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ 不正対処方法及び電子制御ユニット
JP6531420B2 (ja) * 2015-02-16 2019-06-19 日本電気株式会社 制御装置、通信システム、仮想ネットワーク機能の管理方法及びプログラム
KR101630729B1 (ko) * 2015-04-16 2016-06-24 현대자동차주식회사 차량에 최적화된 이더넷 통신 제공 방법 및 시스템
JP2017005617A (ja) 2015-06-15 2017-01-05 株式会社デンソー 中継装置、電子装置および通信システム
JP6477281B2 (ja) 2015-06-17 2019-03-06 株式会社オートネットワーク技術研究所 車載中継装置、車載通信システム及び中継プログラム
JP6723829B2 (ja) 2015-09-14 2020-07-15 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America ゲートウェイ装置、ファームウェア更新方法及び制御プログラム
JP6783174B2 (ja) 2016-05-27 2020-11-11 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America ネットワークハブ、転送方法及び車載ネットワークシステム
JP7043736B2 (ja) 2016-06-02 2022-03-30 株式会社デンソー 車両用電子制御装置及び車両用サービス管理システム
US9865112B2 (en) * 2016-06-03 2018-01-09 Volkswagen Aktiengesellschaft Apparatus, system and method for dynamic identification for vehicle access
US20180012196A1 (en) 2016-07-07 2018-01-11 NextEv USA, Inc. Vehicle maintenance manager
JP6849528B2 (ja) 2016-07-28 2021-03-24 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America フレーム伝送阻止装置、フレーム伝送阻止方法及び車載ネットワークシステム
DE102017120505A1 (de) 2016-09-12 2018-03-15 Hyundai Motor Company System zur Verifikation einer unregistrierten Vorrichtung basierend auf Informationen eines Ethernet-Switchs und Verfahren für dasselbige
JP6406365B2 (ja) 2017-01-06 2018-10-17 住友電気工業株式会社 スイッチ装置、通信制御方法および通信制御プログラム
JP6782444B2 (ja) 2017-01-18 2020-11-11 パナソニックIpマネジメント株式会社 監視装置、監視方法およびコンピュータプログラム
DE112017006854T5 (de) 2017-01-18 2019-10-02 Panasonic Intellectual Property Management Co., Ltd. Überwachungsvorrichtung, Überwachungsverfahren und Computerprogramm
JP6693450B2 (ja) 2017-03-14 2020-05-13 株式会社デンソー 情報管理システム、車載装置、サーバ、及びルーティングテーブル変更方法
CN106961437A (zh) 2017-03-24 2017-07-18 华东师范大学 Can和以太网络的混合网络网关网管装置及其交换方法
JP6812887B2 (ja) 2017-03-31 2021-01-13 住友電気工業株式会社 スイッチ装置、通信制御方法および通信制御プログラム
JP2018192876A (ja) 2017-05-16 2018-12-06 トヨタ自動車株式会社 運転支援装置
JP6766766B2 (ja) 2017-07-10 2020-10-14 住友電気工業株式会社 認証制御装置、認証制御方法および認証制御プログラム
CN109804603B (zh) 2017-07-19 2022-04-29 松下电器(美国)知识产权公司 车载中继装置、中继方法以及介质
KR102364656B1 (ko) 2017-08-02 2022-02-21 한국전자통신연구원 Hmac 기반의 동적 can id 생성 및 운용 장치, 및 그 방법
JP7000842B2 (ja) 2017-12-21 2022-01-19 トヨタ自動車株式会社 情報処理システム、鍵情報管理装置、鍵情報管理方法、鍵情報管理プログラム
CN108881247B (zh) 2018-06-27 2021-05-18 北京东土军悦科技有限公司 报文转换方法、装置、网关设备及存储介质
US10911949B2 (en) * 2018-07-23 2021-02-02 Byton Limited Systems and methods for a vehicle authenticating and enrolling a wireless device
WO2020226214A1 (ko) 2019-05-09 2020-11-12 엘지전자 주식회사 인증 레벨에 기반한 지능형 서비스 제공 방법 및 장치
KR102789249B1 (ko) 2019-05-14 2025-04-01 현대자동차주식회사 게이트웨이 장치 및 그 제어방법

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010183204A (ja) * 2009-02-03 2010-08-19 Panasonic Electric Works Co Ltd ネットワークシステム

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2024145008A (ja) * 2023-03-31 2024-10-15 本田技研工業株式会社 車両制御システムおよび通信処理方法
JP7609914B2 (ja) 2023-03-31 2025-01-07 本田技研工業株式会社 車両制御システムおよび通信処理方法

Also Published As

Publication number Publication date
CN113853769B (zh) 2023-05-23
US20220231997A1 (en) 2022-07-21
JPWO2020240984A1 (enExample) 2020-12-03
JP7747034B2 (ja) 2025-10-01
US12381864B2 (en) 2025-08-05
JP7396356B2 (ja) 2023-12-12
JP2024020560A (ja) 2024-02-14
CN113853769A (zh) 2021-12-28

Similar Documents

Publication Publication Date Title
US12192379B2 (en) Systems and methods for enabling trusted communications between controllers
JP7747034B2 (ja) 設定装置、通信システムおよび車両通信管理方法
US20230049177A1 (en) System, Apparatus And Method For Scalable Internet Of Things (IOT) Device On-Boarding With Quarantine Capabilities
US10498718B2 (en) Device identification and authentication in a network
US9215228B1 (en) Authentication of devices having unequal capabilities
JP7658405B2 (ja) 管理装置、車両通信システム、車両通信管理方法および車両通信管理プログラム
CN110832486B (zh) 认证控制装置、认证控制方法和认证控制程序
CN111788796B (zh) 车载通信系统、交换装置、验证方法和计算机可读存储介质
WO2022160124A1 (zh) 一种服务授权管理方法及装置
JP7384198B2 (ja) 管理装置、通信システム、車両、車両通信管理方法および車両通信管理プログラム
CN102377774A (zh) 网络中继装置及帧的中继的控制方法
CN116685971A (zh) 服务中介装置、服务中介方法和程序
JP2024088803A (ja) 中継装置、車両通信方法および車両通信プログラム
CN112335215B (zh) 用于将终端设备联接到可联网的计算机基础设施中的方法
AU2015301504B2 (en) End point secured network
US11336657B2 (en) Securing communication within a communication network using multiple security functions
US20240340282A1 (en) Method and Automation System for an Automation Device
JP2025179220A (ja) 設定装置、通信システムおよび車両通信管理方法
KR102500080B1 (ko) 공동 주택 단지에서의 앱 보안 처리 방법 및 시스템
WO2024154585A1 (ja) 車載装置、情報処理方法及び、車載システム
WO2018169807A1 (en) Systems and methods for enabling trusted communications between controllers

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20811965

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2021522644

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20811965

Country of ref document: EP

Kind code of ref document: A1

WWG Wipo information: grant in national office

Ref document number: 17612136

Country of ref document: US