WO2022218205A1

WO2022218205A1 - Data transmission method and data processing apparatus

Info

Publication number: WO2022218205A1
Application number: PCT/CN2022/085552
Authority: WO
Inventors: 李添泽; 余志洋; 郑益红
Original assignee: 华为技术有限公司
Priority date: 2021-04-16
Filing date: 2022-04-07
Publication date: 2022-10-20
Also published as: CN115226060A

Abstract

The present application relates to a data transmission method and a data processing apparatus. The method comprises: in a data processing apparatus at a sending end: an arithmetic unit performs first signature processing on first V2X information of an application layer to obtain second V2X information comprising the first V2X information and a first signature; a communication unit performs second signature processing on the second V2X information to obtain third V2X information comprising the second V2X information and a second signature; after that, the communication unit sends the third V2X information; and in the data processing apparatus at a receiving end: a communication unit receives the third V2X information and verifies the second signature thereof; when the second signature is successfully verified, the arithmetic unit verifies the first signature; and when the first signature is successfully verified, the arithmetic unit performs information processing on the first V2X information. The data transmission method and data processing apparatus provided by the present application are able to improve the reliability of V2X information.

Description

Data transmission method and data processing device

This application claims the priority of the Chinese patent application with the application number 202110412576.9 and the application name "Data Transmission Method and Data Processing Device" filed with the China Patent Office on April 16, 2021, the entire contents of which are incorporated into this application by reference .

technical field

The present application relates to the field of communications, and in particular, to a data transmission method and a data processing device.

Background technique

With the development of society, people's demand for vehicles increases year by year. While vehicles provide people with convenience, they also bring about problems such as traffic congestion and frequent traffic accidents. Based on this, Vehicle to Everything (V2X) technology came into being. Vehicles can obtain road traffic information, safety warning information, etc. in time through vehicle-to-vehicle (V2V) communication or vehicle-to-vehicle (V2I) communication, thereby improving traffic flow to a certain extent. efficiency and reduce traffic safety risks.

With the development of the Internet of Vehicles technology, vehicles gradually develop from supporting low automatic driving levels to high automatic driving levels, and the application of Internet of Vehicles technology has gradually developed from basic safety early warning applications and traffic efficiency applications to collaborative control and other directions. The safety warning application and the traffic efficiency application in the vehicle do not participate in the motion decision-making and control of the vehicle. Therefore, the requirement of the required safety level is Quality Management (QM) which is not related to safety management. Since collaborative control applications involve vehicle motion decision-making and control, higher reliability and functional safety requirements are required, such as the need to reach the Automotive Safety Integration Level (ASIL) level B or above. (eg C or D).

At present, in the V2X communication system, neither the roadside equipment nor the in-vehicle equipment has reached the ASIL level B (ie ASIL-B). After the V2X information is transmitted in the above roadside equipment or in-vehicle equipment, it cannot become an effective and reliable tool for vehicle motion decision-making and control in the Auto Driving System (ADS) or Auto Driving Assistance System (ADAS). enter.

SUMMARY OF THE INVENTION

In view of this, a data transmission method and data processing device are proposed, which can improve the reliability of V2X information and improve the safety of vehicle motion decision-making and control without upgrading and upgrading existing equipment hardware as much as possible.

In a first aspect, an embodiment of the present application provides a data transmission method, the method is applied to a data processing apparatus, the data processing apparatus includes an arithmetic unit and a communication unit, and the method includes: the arithmetic unit communicates with an application layer The first V2X information of the Internet of Vehicles is processed by the first signature, and the second V2X information is obtained, and the second V2X information includes the first V2X information and the first signature; the computing unit sends the second V2X information to the communication unit; the communication unit performs a second signature process on the second V2X information to obtain third V2X information, where the third V2X information includes the second V2X information and a second signature; the communication unit The third V2X information is sent.

In the embodiment of the present application, the computing unit performs the first signature processing on the V2X information of the application layer, so that when the computing unit meets the functional safety level requirements, the functional security of the V2X information of the application layer can be guaranteed. There is no functional safety requirement, and the functional safety level requirements for the transmission channel between the computing unit and the communication unit are reduced; then, the communication unit performs the second signature processing on the V2X information that has undergone the first signature processing, thus ensuring the application Layer V2X information security during network transmission. Therefore, in the embodiments of the present application, the reliability of V2X information can be improved, and the safety of vehicle motion decision-making and control can be improved without changing and upgrading existing equipment hardware as much as possible.

According to the first aspect, in a first possible implementation manner of the data transmission method, the first signature processing includes: one or more of an information excerpt, a cyclic redundancy CRC check, and a digital signature, wherein , the digital signature includes a digital signature based on a root certificate issued by a national certification agency platform, or a digital signature based on a root certificate issued by a car company self-inspection certification agency platform, or a digital signature based on the root certificate issued by the ecological alliance certification agency platform .

In this way, it is helpful to find out in time whether there is message corruption or message insertion in the first V2X information, which provides a guarantee for functional safety.

According to the first aspect, or in the first possible implementation manner of the first aspect, in the second possible implementation manner of the data transmission method, the data processing apparatus is a vehicle-mounted device, and the arithmetic unit includes a mobile The data center MDC, the communication unit includes a telematics processor TBox.

In this way, the reliability of the V2X information provided by the vehicle to other devices in the V2X network can be improved.

According to the first aspect, or the first possible implementation manner of the first aspect, in a third possible implementation manner of the data transmission method, the data processing apparatus is a roadside device, and the arithmetic unit includes a signal The communication unit includes a roadside unit RSU.

In this way, the reliability of the V2X information provided by the roadside equipment to the vehicle can be improved, thereby helping to improve the safety of vehicle motion decision-making and control.

According to the first aspect, or any one possible implementation manner of the above first aspect, in a fourth possible implementation manner of the data transmission method, the computing unit sends the second V2X information to the The communication unit includes: the operation unit sends the second V2X information to the communication unit through Ethernet.

In this way, the transmission of V2X information between the computing unit and the communication unit is realized through the Ethernet, which can improve the transmission efficiency, simplify the information structure, and reduce the cost.

In a second aspect, an embodiment of the present application provides a data transmission method, the method is applied to a data processing apparatus, the data processing apparatus includes an arithmetic unit and a communication unit, and the method includes: the arithmetic unit communicates with an application layer The first V2X information of the Internet of Vehicles is processed by the first signature, and the second V2X information is obtained, and the second V2X information includes the first V2X information and the first signature; the computing unit communicates with the communication unit through the The secure channel sends the second V2X information to the communication unit; the communication unit sends the second V2X information.

In the embodiment of the present application, by transmitting the second V2X information in the secure channel between the computing unit and the communication unit, the signature processing process of the second V2X information by the communication unit can be omitted, thereby reducing the complexity of the first communication unit. Functional requirements, reducing the cost of the first communication unit.

According to the second aspect, in a first possible implementation manner of the data transmission method, the first signature processing includes: a digital signature based on a root certificate issued by a platform of a national certification authority, or based on a self-inspection by a car company The digital signature of the root certificate of the certification authority platform, or the digital signature based on the root certificate issued by the certification authority platform of the Ecological Alliance.

According to the second aspect, or the first possible implementation manner of the second aspect, in the second possible implementation manner of the data transmission method, the data processing apparatus is a vehicle-mounted device, and the computing unit includes mobile data The central MDC, the communication unit includes a telematics processor TBox.

According to the second aspect, or the first possible implementation manner of the second aspect, in a third possible implementation manner of the data transmission method, the data processing apparatus is a roadside device, and the arithmetic unit includes a signal The communication unit includes a roadside unit RSU.

In a third aspect, an embodiment of the present application provides a data transmission method, the method is applied to a data processing apparatus, the data processing apparatus includes an arithmetic unit and a communication unit, and the method includes: the communication unit receives a third Internet of Vehicles V2X information, the third V2X information includes second V2X information and a second signature, and the second V2X information includes the first V2X information and first signature of the application layer; the communication unit writes the second signature to the verifying; in the case that the verification of the second signature is successful, the communication unit sends the second V2X information to the computing unit; the computing unit verifies the first signature; If the verification is successful, the operation unit performs information processing on the first V2X information.

In this embodiment of the present application, the second communication unit can directly forward the received V2X information to the second computing unit through the secure channel, and the second computing unit performs signature verification. Centralized in the second computing unit, V2X information without signature verification can be prevented from adversely affecting other components in the vehicle, and on the other hand, the functional requirements of the second communication unit can be reduced, thereby reducing the cost of the second communication unit. At the same time, the second operation unit verifies the first signature in the second V2X information, which can prevent problems such as message corruption and message insertion, and provide guarantee for functional safety.

According to a third aspect, in a first possible implementation manner of the data transmission method, the verification by the communication unit of the second signature includes: the communication unit performs information extraction processing on the second V2X information , to obtain a first digest; the communication unit decrypts the second signature to obtain a second digest; in the case that the first digest and the second digest are the same, the communication unit determines that the first digest is the same as the second digest. Second signature verification succeeded.

According to the third aspect, or the first possible implementation manner of the third aspect, in a second possible implementation manner of the data transmission method, the operation unit verifying the first signature includes: the The arithmetic unit performs information extraction verification on the first signature, or performs cyclic redundancy CRC verification, or performs digital signature verification, wherein the digital signature verification includes digital signature verification based on the root certificate issued by the national certification authority platform. , or, based on the digital signature verification of the root certificate of the car company's self-inspection certification agency platform, or, based on the digital signature verification of the root certificate issued by the ecological alliance certification agency platform.

According to the third aspect, or the first possible implementation manner or the second possible implementation manner of the third aspect, in the third possible implementation manner of the data transmission method, the data processing apparatus is a vehicle-mounted device , the computing unit includes a mobile data center MDC, and the communication unit includes a telematics processor TBox.

According to the third aspect, or the first possible implementation manner or the second possible implementation manner of the third aspect, in the fourth possible implementation manner of the data transmission method, the data processing apparatus is a roadside equipment, the arithmetic unit includes a signal, and the communication unit includes a roadside unit RSU.

According to the third aspect, or any one possible implementation manner of the above third aspect, in a fifth possible implementation manner of the data transmission method, in the case that the verification of the second signature is successful, the communication The unit sending the second V2X information to the operation unit includes: in the case that the verification of the second signature is successful, the communication unit sends the second V2X information to the operation unit through the Ethernet.

In a fourth aspect, an embodiment of the present application provides a data transmission method, the method is applied to a data processing apparatus, the data processing apparatus includes an arithmetic unit and a communication unit, and the method includes: the communication unit receives a second Internet of Vehicles V2X information, the second V2X information includes the first V2X information and the first signature of the application layer; the communication unit sends the second V2X information to the The operation unit; the operation unit verifies the first signature; in the case that the first signature is successfully verified, the operation unit performs information processing on the first V2X information.

In the embodiment of the present application, the communication unit sends the second V2X information to the computing unit through the secure channel, so that the unverified V2X information can be sent to the dedicated channel, thereby reducing the impact on other components in the data processing device; The first signature in the message is verified, which can prevent problems such as message corruption and message insertion, and provide a guarantee for functional safety.

According to a fourth aspect, in a first possible implementation manner of the data transmission method, the verifying the first signature by the first signature includes: performing, by the computing unit, country-based authentication on the first signature The digital signature verification of the root certificate issued by the agency platform, or the digital signature verification based on the root certificate of the car company's self-inspection certification agency platform, or the digital signature verification based on the root certificate issued by the ecological alliance certification agency platform.

According to the fourth aspect, or the first possible implementation manner of the fourth aspect, in the second possible implementation manner of the data transmission method, the data processing apparatus is a vehicle-mounted device, and the computing unit includes mobile data The central MDC, the communication unit includes a telematics processor TBox.

According to the fourth aspect, or the first possible implementation manner of the fourth aspect, in a third possible implementation manner of the data transmission method, the data processing apparatus is a roadside device, and the arithmetic unit includes Signal, the communication unit includes a roadside unit RSU.

In a fifth aspect, an embodiment of the present application provides a data processing device, the data processing device includes an operation unit and a communication unit, the operation unit includes a first signature module and a first sending module, and the communication unit includes a first signature module and a first sending module. Two signature modules and a second sending module;

The first signature module is configured to perform first signature processing on the first V2X information of the Internet of Vehicles at the application layer to obtain second V2X information, where the second V2X information includes the first V2X information and the first signature;

the first sending module, configured to send the second V2X information obtained by the first signature module to the second signature module;

The second signature module is configured to perform second signature processing on the second V2X information sent by the first sending module to obtain third V2X information, where the third V2X information includes the second V2X information and the second V2X information. sign;

The second sending module is configured to send the third V2X information obtained by the second signature module.

According to a fifth aspect, in a first possible implementation manner of the data processing apparatus, the first signature processing includes: one or more of information extraction, cyclic redundancy CRC check and digital signature, wherein , the digital signature includes a digital signature based on a root certificate issued by a national certification agency platform, or a digital signature based on a root certificate issued by a car company self-inspection certification agency platform, or a digital signature based on the root certificate issued by the ecological alliance certification agency platform .

According to the fifth aspect, or the first possible implementation manner of the fifth aspect, in a second possible implementation manner of the data processing apparatus, the data processing apparatus is a vehicle-mounted device, and the computing unit includes mobile data The central MDC, the communication unit includes a telematics processor TBox.

According to the fifth aspect, or the first possible implementation manner of the fifth aspect, in a third possible implementation manner of the data processing apparatus, the data processing apparatus is a roadside device, and the arithmetic unit includes a signal The communication unit includes a roadside unit RSU.

According to the fifth aspect, or any one possible implementation manner of the above fifth aspect, in a fifth possible implementation manner of the data processing apparatus, the first sending module is further configured to send the The second V2X information is sent to the second signature module.

In a sixth aspect, an embodiment of the present application provides a data processing device, the data processing device includes an operation unit and a communication unit, the operation unit is connected to the communication unit through a secure channel, and the operation unit includes a first a signature module and a first sending module, the communication unit includes a second sending module;

the first sending module, configured to send the second V2X information to the second sending module through the secure channel;

The second sending module is configured to send the second V2X information.

According to a sixth aspect, in a first possible implementation manner of the data processing apparatus, the first signature processing includes: one or more of an information excerpt, a cyclic redundancy CRC check, and a digital signature, wherein , the digital signature includes a digital signature based on a root certificate issued by a national certification agency platform, or a digital signature based on a root certificate issued by a car company self-inspection certification agency platform, or a digital signature based on the root certificate issued by the ecological alliance certification agency platform .

According to the sixth aspect, or the first possible implementation manner of the sixth aspect, in a second possible implementation manner of the data processing apparatus, the data processing apparatus is a vehicle-mounted device, and the computing unit includes mobile data The central MDC, the communication unit includes a telematics processor TBox.

According to the sixth aspect, or the first possible implementation manner of the sixth aspect, in a third possible implementation manner of the data processing apparatus, the data processing apparatus is a roadside device, and the arithmetic unit includes a signal The communication unit includes a roadside unit RSU.

In a seventh aspect, an embodiment of the present application provides a data processing device, the data processing device includes an arithmetic unit and a communication unit, the communication unit includes a receiving module, a first signature verification module and a sending module, the arithmetic unit Including a second signature verification module and a processing module;

The receiving module is configured to receive the third V2X information of the Internet of Vehicles, the third V2X information of the Internet of Vehicles includes the second V2X information and the second signature, and the second V2X information includes the first V2X information and the first V2X information of the application layer. sign;

the first signature verification module, configured to verify the second signature in the third V2X information received by the receiving module;

the sending module, configured to send the second V2X information to the second signature verification module when the first signature verification module successfully verifies the second signature;

the second signature verification module, configured to verify the first signature in the second V2X information sent by the sending module;

The processing module is configured to perform information processing on the first V2X information when the second signature verification module successfully verifies the first signature.

According to the seventh aspect, in a first possible implementation manner of the data processing device, the first signature verification module is further configured to:

performing information extraction processing on the second V2X information to obtain a first abstract;

Decrypting the second signature to obtain a second digest;

In the case that the first digest and the second digest are the same, it is determined that the verification of the second signature is successful.

According to the seventh aspect, or the first possible implementation manner of the seventh aspect, in the second possible implementation manner of the data processing apparatus, the second signature verification module is further configured to:

Performing information extract verification, or performing cyclic redundancy CRC verification, or performing digital signature verification on the first signature, wherein the digital signature verification includes digital signature verification based on a root certificate issued by a national certification authority platform, or , based on the digital signature verification of the root certificate of the car company's self-inspection certification agency platform, or, based on the digital signature verification of the root certificate issued by the ecological alliance certification agency platform.

According to the seventh aspect, or the first possible implementation manner or the second possible implementation manner of the seventh aspect, in the third possible implementation manner of the data processing apparatus, the data processing apparatus is a vehicle-mounted The device, the computing unit includes a mobile data center MDC, and the communication unit includes a telematics processor TBox.

According to the seventh aspect, or the first possible implementation manner or the second possible implementation manner of the seventh aspect, in the fourth possible implementation manner of the data processing apparatus, the data processing apparatus is a side equipment, the arithmetic unit includes a signal machine, and the communication unit includes a roadside unit RSU.

According to the seventh aspect, or any one possible implementation manner of the above seventh aspect, in a fifth possible implementation manner of the data processing apparatus, the sending module is further configured to: in the first signature verification When the module successfully verifies the second signature, it sends the second V2X information to the second signature verification module through Ethernet.

In an eighth aspect, an embodiment of the present application provides a data processing device, the data processing device includes a communication unit and an operation unit, the communication unit and the operation unit are connected through a secure channel, and the communication unit includes a receiving module and a sending module, the arithmetic unit includes a signature verification module and a processing module;

The receiving module is configured to receive the second V2X information of the Internet of Vehicles, where the second V2X information includes the first V2X information and the first signature of the application layer;

the sending module, configured to send the second V2X information received by the receiving module to the signature verification module through the secure channel;

the signature verification module, configured to verify the first signature in the second V2X information sent by the sending module;

The processing module is configured to perform information processing on the first V2X information when the signature verification module successfully verifies the first signature.

According to the eighth aspect, in a first possible implementation manner of the data processing device, the signature verification module is further configured to:

Perform digital signature verification on the first signature based on the root certificate issued by the national certification authority platform, or based on the digital signature verification of the root certificate of the vehicle enterprise self-inspection certification authority platform, or based on the root certificate issued by the ecological alliance certification authority platform digital signature verification.

According to the eighth aspect, or the first possible implementation manner of the eighth aspect, in a second possible implementation manner of the data processing apparatus, the data processing apparatus is a vehicle-mounted device, and the computing unit includes mobile data The central MDC, the communication unit includes a telematics processor TBox.

According to the eighth aspect, or the first possible implementation manner of the eighth aspect, in a third possible implementation manner of the data processing apparatus, the data processing apparatus is a roadside device, and the arithmetic unit includes a signal The communication unit includes a roadside unit RSU.

In a ninth aspect, an embodiment of the present application provides a data processing apparatus, and the data processing apparatus can execute the first aspect or one or more of the data transmission methods in multiple possible implementations of the first aspect, Either execute the above second aspect or one or more of the possible implementations of the second aspect, or execute the third aspect or one of the multiple possible implementations of the third aspect or several data transmission methods, or perform one or more data transmission methods of the fourth aspect or multiple possible implementation manners of the fourth aspect.

In a tenth aspect, embodiments of the present application provide a computer program product, comprising computer-readable codes, or a computer-readable storage medium carrying computer-readable codes, which are implemented when the computer-readable codes are executed by a processor The data transmission method of the second aspect or one or more of the multiple possible implementations of the second aspect, or to execute one or more of the third aspect or the multiple possible implementations of the third aspect. A data transmission method, or a data transmission method that performs one or more of the fourth aspect or multiple possible implementation manners of the fourth aspect.

These and other aspects of the present application will be more clearly understood in the following description of the embodiment(s).

Description of drawings

The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate exemplary embodiments, features and aspects of the application and together with the description, serve to explain the principles of the application.

FIG. 1 shows a schematic diagram of the architecture of a V2X communication system provided by an embodiment of the present application;

FIG. 2 shows a schematic diagram of a transmission process of V2X information in a V2I scenario;

FIG. 3a shows a schematic diagram of the architecture of a data transmission system provided by an embodiment of the present application;

FIG. 3b shows a schematic structural diagram of an electronic device provided by an embodiment of the present application;

FIG. 3c shows an interactive schematic diagram of the data transmission method provided by the embodiment of the present application;

FIG. 3d shows an interactive schematic diagram of a data transmission method provided by an embodiment of the present application;

4a shows a schematic diagram of the architecture of a data transmission system in a V2I scenario provided by an embodiment of the present application;

FIG. 4b shows a schematic diagram of the architecture of a data transmission system in a V2I scenario provided by an embodiment of the present application;

4c shows a schematic diagram of the architecture of a data transmission system in a V2V scenario provided by an embodiment of the present application;

4d shows a schematic diagram of the architecture of a data transmission system in a V2V scenario provided by an embodiment of the present application;

FIG. 5 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application;

FIG. 6 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application;

FIG. 7 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application;

FIG. 8 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application.

Detailed ways

Various exemplary embodiments, features and aspects of the present application will be described in detail below with reference to the accompanying drawings. The same reference numbers in the figures denote elements that have the same or similar functions. While various aspects of the embodiments are shown in the drawings, the drawings are not necessarily drawn to scale unless otherwise indicated.

The word "exemplary" is used exclusively herein to mean "serving as an example, embodiment, or illustration." Any embodiment described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments.

In addition, in order to better illustrate the present application, numerous specific details are given in the following detailed description. It should be understood by those skilled in the art that the present application may be practiced without certain specific details. In some instances, methods, means, components and circuits well known to those skilled in the art have not been described in detail so as not to obscure the subject matter of the present application.

Vehicle to Everything (V2X) communication refers to the communication between vehicles and anything in the outside world. FIG. 1 shows a schematic structural diagram of a V2X communication system provided by an embodiment of the present application. As shown in Figure 1, V2X communication includes vehicle-to-vehicle communication (Vehicle to Vehicle, V2V), vehicle-to-pedestrian communication (Vehicle to Pedestrian, V2P), and vehicle-to-infrastructure (Vehicle to Infrastructure, V2I) communication. In a V2X communication system, direct communication is possible between devices. For example, as shown in FIG. 1 , there can be direct communication between vehicles and vehicles, and direct communication between vehicles and Road Side Units (RSUs). In implementation, devices in the V2X system can communicate directly based on communication protocols such as Dedicated Short Range Communication (DSRC), Long Term Evolution-Vehicle (LTE-V), etc. This application implements The example does not limit the communication protocol between devices in the V2X communication system. In the V2X communication system, the equipment involved on the roadside includes signal machines, V2X servers, and roadside units, etc., and the equipment involved on the vehicle side includes on-board communication units, gateways (GateWay, GW), on-board computing platforms, and controllers. In one example, the in-vehicle communication unit may include a telematics processor (Telematics BOX, TBox), the in-vehicle computing platform may include a mobile data center (Mobile Data Center, MDC), and the controller may include a vehicle control unit (Vehicle Control Unit, VCU).

Functional safety is to reduce the harm caused by the failure of electrical and electronic systems to an acceptable range, and its main purpose is to protect personal safety. Reliability is the ability of electronic and electrical systems to work without failure, and its main purpose is to ensure availability without failure. Therefore, reliability is the "foundation" and functional safety is the "superstructure". The data transmission method provided in the embodiment of the present application relates to the functional safety of the V2X communication system, that is, to improve the transmission of V2X information input to an automatic driving system (Auto Driving System, ADS) or an automatic driving assistance system (Auto Driving Assistance System, ADAS) reliability, thereby improving the safety of vehicle motion decision-making and control.

The data transmission method provided by the embodiment of the present application may be applied to a V2I scenario or a V2V scenario. For example, in a V2I scenario, when a vehicle is driving on an urban road, the roadside equipment sends traffic light information to the vehicle using V2X information, and the on-board computing platform in the vehicle can perceive the traffic light information provided by the roadside equipment and the in-vehicle sensors. The received information is fused to help the vehicle perform the correct operation. At this time, the data transmission method provided by the embodiments of the present application can be used to transmit traffic light information, improve the reliability of the traffic light information, and further improve the safety of vehicle motion decision-making and control. In the V2V scenario, the vehicle in front will use V2X information to send decision information such as acceleration, braking, lane change or maintaining the status quo to the following vehicle, and periodically send Blind Spot Monitoring (BSM) information and computer-aided manufacturing ( Computer Aided Drafting, CAM) information. The on-board computing platform in the following vehicle can fuse decision-making information, BSM information, CAM information, and information sensed by in-vehicle sensors to help the following vehicle perform correct operations and avoid not seeing the rear when driving in parallel with the preceding vehicle. Vehicles are scratched and collided due to oncoming vehicles. At this time, the data transmission method provided in the embodiment of the present application can be used to transmit decision information, BSM information and CAM information, so as to improve the reliability of decision information, BSM information and CAM information, thereby improving the safety of vehicle motion decision and control. The following describes the transmission process of V2X information in a V2I scenario with reference to FIG. 2 as an example. For the transmission process of V2X information in the V2V scenario, reference may be made to the transmission process of V2X information in the V2I scenario, which will not be repeated here.

FIG. 2 shows a schematic diagram of a transmission process of V2X information in a V2I scenario. As shown in Figure 2, in the V2I scenario, the traffic signal control system transmits the traffic light information to the signal through the traffic private network, and the signal can control the display of the traffic light according to the received traffic light information, and send the received traffic light information to the roadside unit. The V2X server can send some traffic control information and road condition information to the roadside unit. The traffic light information, traffic control information and road condition information here will be transmitted in the V2X communication system later, and the security of these information needs to be guaranteed. The roadside unit is responsible for broadcasting the received V2X information such as traffic light information, traffic control information and road condition information to the vehicle. The in-vehicle communication unit in the vehicle can send the received V2X information such as traffic light information, traffic control information and road condition information to the in-vehicle computing platform through the gateway. The in-vehicle computing platform fuses the received V2X information such as traffic light information, traffic control information, and road condition information based on the data obtained by sensors such as radar and cameras (such as radar signals, images, etc.) to obtain fusion information. Then, the in-vehicle computing platform can send the fusion information to the controller, so that the controller can make motion decision and control of the vehicle based on the fusion information. In an example, the traffic light information received by the in-vehicle computing platform is a red light, and the red light captured by the camera is also a red light, so the in-vehicle computing platform can obtain the fusion information as a red light. After the in-vehicle computing platform sends the fusion information to the controller, the controller generates a braking command according to the red light, and then controls the vehicle to brake automatically. In another example, the traffic control information received by the on-board computing platform is the maximum speed limit of 40km/h in the construction section, the speed limit sign captured by the camera is also the maximum speed limit of 40km/h, and the high-precision map shows that the vehicle enters after 100 meters. For the construction section, the vehicle-mounted computing platform can obtain the fusion information that the speed is lower than 40km/h. After the in-vehicle computing platform sends the fusion information to the controller, the controller determines whether it is necessary to control the deceleration according to the speed lower than 40km/h, and automatically decelerates when it is necessary to control the deceleration of the vehicle.

Referring to Figure 2, it can be seen that the equipment involved in the transmission of V2X information such as traffic light information, traffic control information, and road condition information includes roadside signals (or V2X servers) and roadside units, as well as vehicle-side on-board communication units, gateways and In-vehicle computing platform, the transmission paths involved in the transmission of V2X information such as traffic light information, traffic control information and road condition information include: signal (or V2X server) to roadside unit, roadside unit to vehicle communication unit, vehicle communication unit to gateway, and gateway to vehicle computing platform. In the related art, in order to ensure that the V2X information received by the in-vehicle computing platform is consistent with the V2X information provided by the signal (or V2X server) (that is, the V2X information received by the in-vehicle computing platform reaches the ASIL-B functional safety level), V2X information is required. The software and hardware development of all equipment involved in the transmission process is designed, developed and verified in accordance with the ISO26262 system and reaches the functional safety level of ASIL-B. However, requiring roadside equipment (such as signals, V2X servers and roadside units, etc.) to reach the functional safety level of ASIL-B will result in a substantial increase in the cost of roadside equipment, and the existing roadside equipment cannot meet the functional safety level. requirements, the feasibility is low. At the same time, it is required that the on-board communication unit and gateway on the vehicle side reach the functional safety level of ASIL-B, which will increase the vehicle cost and is not conducive to the development of ADS or ADAS.

The data transmission method provided by the embodiments of the present application improves the reliability of V2X information, and further improves the safety of vehicle motion decision-making and control, without modifying and upgrading existing equipment hardware as much as possible.

FIG. 3 a shows a schematic structural diagram of a data transmission system provided by an embodiment of the present application. As shown in FIG. 3 a , the data transmission system includes a first operation unit 11 , a first communication unit 12 , a second communication unit 13 and a second operation unit 14 . In this embodiment of the present application, the V2X information whose reliability needs to be guaranteed is referred to as the first V2X information. The first operation unit 11 shown in FIG. 3 a is used to represent a device that provides the first V2X information, and the first V2X information comes from the application layer of the first operation unit 11 . The second operation unit 14 is used to represent a device using the first V2X information. The essence of ensuring the reliability of the first V2X information is to make the first V2X information provided by the first operation unit 11 consistent with the first V2X information that reaches the second operation unit 14 and is used by the second operation unit 14 . The first communication unit 12 is used for sending the V2X information from the first operation unit 11 , and the second communication unit 13 is used for receiving the V2X information from the first communication unit 12 and sending the V2X information to the second operation unit 14 .

As shown in FIG. 3a, the first arithmetic unit 11 and the first communication unit 12 belong to the data processing apparatus of the transmitting end. The second arithmetic unit 14 and the second communication unit 13 belong to the data processing device of the receiving end.

In the embodiment of the present application, the first computing unit 11 and the second computing unit 14 shown in FIG. 3a are designed, developed, and verified in accordance with the ISO26262 system to achieve the functional safety level of ASIL-B, and the first communication unit shown in FIG. 3a 12 and the second communication unit 13 and other devices involved in the first V2X information transmission process have no functional safety requirements. In this way, the functional safety level requirements for the equipment in the V2X communication system are effectively reduced, and the existing equipment can be compatible as much as possible, thereby reducing the cost.

As described above, the data transmission method provided in the embodiment of the present application may be applied to a V2I scenario or a V2V scenario. In the V2I scenario, the roadside equipment can provide the first V2X information to the in-vehicle equipment. At this time, the data processing device at the transmitting end shown in Figure 3a is the roadside equipment, and the data output device at the receiving end is the in-vehicle equipment. The first computing unit 11 may be a signal or a V2X server, the first communication unit 12 may be a roadside unit, the second communication unit 13 may be a telematics processor, and the second computing unit 14 may be a mobile data center. Of course, in the V2I scenario, the in-vehicle device can also provide the first V2X information to the roadside device. At this time, the first computing unit 11 shown in FIG. 3a can be a mobile data center, and the first communication unit 12 can be a telematics processor , the second communication unit 13 may be a roadside unit, and the second computing unit 14 may be a signal or a V2X server. In the V2V scenario, the vehicles can provide each other with the first V2X information. At this time, the first computing unit 11 shown in FIG. 3a can be the mobile data center of the vehicle A, and the first communication unit 12 can be the telematics processing of the vehicle A. The second communication unit 13 may be the telematics processor of the vehicle B, and the second computing unit 14 may be the mobile data center of the vehicle B.

It should be noted that “first” and “second” in the first and second operation units involved in the embodiments of the present application are only used to distinguish different operation units, and the first operation unit represents the data processing of the sending end The arithmetic unit in the device, and the second arithmetic unit represents the arithmetic unit in the data processing device at the receiving end, and both are arithmetic units. It can be understood that, in one scenario, one computing unit may serve as the first computing unit in the sending end, and in another scenario, the same computing unit may serve as the second computing unit in the receiving end. The “first” and “second” in the first communication unit and the second communication unit involved in the embodiments of the present application are only used to distinguish different communication units, and the first communication unit represents the communication unit in the data processing apparatus of the sender , and the second communication unit represents a communication unit in the data processing device at the receiving end, both of which are communication units. A communication unit can be used as the first communication unit in the sending end in one scenario, and can be the second communication unit in the receiving end in another scenario. In the embodiment of the present application, there is no restriction on whether the computing unit and the communication unit are the sending end or the receiving end.

The first computing unit, the first communication unit, the second communication unit, and the second computing unit involved in the embodiments of the present application may be deployed in an electronic device having a communication function (wireless communication function and/or wired communication function). FIG. 3b shows a schematic structural diagram of an electronic device provided by an embodiment of the present application.

As shown in FIG. 3 b , the electronic device may include at least one processor 301 , a memory 302 , an input and output device 303 and a bus 304 . Below in conjunction with Fig. 3b, each constituent element of the electronic device will be introduced in detail:

The processor 301 is the control center of the electronic device, and may be a processor or a general term for multiple processing elements. For example, the processor 301 is a central processing unit (Central Processing Unit, CPU), may also be a specific integrated circuit (Application Specific Integrated Circuit, ASIC), or is configured to implement one or more integrated circuits of the embodiments of the present application , for example: one or more microprocessors (Digital Signal Processor, DSP), or, one or more Field Programmable Gate Array (Field Programmable Gate Array, FPGA).

The processor 301 can execute various functions of the electronic device by running or executing software programs stored in the memory 302 and calling data stored in the memory 302 . In this embodiment of the present application, the processor may be configured to perform first signature processing on the first V2X information, second signature processing on the second V2X information, verification of the first signature, verification of the second signature, and the like.

In a specific implementation, as an embodiment, the processor 301 may include one or more CPUs, such as CPU 0 and CPU 1 shown in the figure.

In a specific implementation, as an embodiment, the electronic device may include multiple processors, such as the processor 301 and the processor 305 shown in FIG. 3b. Each of these processors can be a single-core processor (single-CPU) or a multi-core processor (multi-CPU). A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (eg, computer program instructions).

Memory 302 may be Read-Only Memory (ROM) or other types of static storage devices that can store static information and instructions, Random Access Memory (RAM), or other types of information and instructions that can be stored It can also be an electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or capable of carrying or storing desired program code in the form of instructions or data structures and capable of being executed by a computer Access any other medium without limitation. The memory 302 may exist independently, and is connected to the processor 301 through the bus 304. The memory 302 may also be integrated with the processor 301 . In this embodiment of the present application, the memory may be used to store the first V2X information, the second V2X information, or the third V2X information, or a private key, a public key, and the like.

Input and output devices 303 for communicating with other devices or communication networks. For example, it is used to communicate with communication networks such as Ethernet, Radio access network (RAN), Wireless Local Area Networks (WLAN). The input-output device 303 may include all or part of a baseband processor, and may optionally include a radio frequency (Radio Frequency, RF) processor. The RF processor is used to transmit and receive RF signals, and the baseband processor is used to realize the processing of the baseband signal converted by the RF signal or the baseband signal to be converted into the RF signal.

In a specific implementation, as an embodiment, the input-output device 303 may include a transmitter and a receiver. The transmitter is used for sending signals to other devices or communication networks, and the receiver is used for receiving signals sent by other devices or communication networks. The transmitter and receiver can exist independently or can be integrated. In this embodiment of the present application, the input and output device may be used to send and receive: first V2X information, second V2X information, or third V2X information.

The bus 304 can be an industry standard architecture (Industry Standard Architecture, ISA) bus, a peripheral device interconnect (Peripheral Component Interconnect, PCI) bus, or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus and the like. The bus can be divided into address bus, data bus, control bus and so on. For ease of presentation, only one thick line is used in Figure 3b, but it does not mean that there is only one bus or one type of bus.

The device structure shown in FIG. 3b does not constitute a limitation to the electronic device, and may include more or less components than shown, or combine some components, or arrange different components.

The following describes the V2X information involved in the embodiments of the present application.

The first V2X information may represent V2X information whose reliability needs to be guaranteed. The first V2X information is provided by the application layer of the first operation unit for use by the second operation unit. The first V2X information starts from the first computing unit and reaches the second computing unit via the first communication unit and the second communication unit. The first V2X information includes traffic light information provided by the signal, traffic control information provided by the V2X server, road condition information provided by the V2X server, or decision information, BSM information, and CAM information provided by the in-vehicle computing platform. This embodiment of the present application does not limit the content of the first V2X information.

The second V2X information may represent V2X information obtained by performing the first signature processing on the first V2X information. The second V2X information includes the first V2X information and the first signature. When the first operation unit sends the first V2X information, the first V2X information needs to pass through the application layer, the transport layer, the network layer, the access layer and the physical layer of the first operation unit in sequence. In this embodiment of the present application, a first signature processing function is added to the application layer of the first operation unit, and the first operation unit can perform first signature processing on the first V2X information after acquiring the first V2X information from its application layer. , so as to obtain the second V2X information. The first signature process includes, but is not limited to, one or more of an information excerpt (eg, using a hash function to calculate the information excerpt), a Cyclic Redundancy Check (CRC) check, and a digital signature. These processing methods can ensure that when the protected data (ie, the first V2X information) changes, the opposite end can detect it, prevent message corruption and message insertion, etc., thereby ensuring end-to-end functional security. Among them, the digital signature includes the digital signature based on the root certificate issued by the national certification authority platform, or the digital signature based on the root certificate of the vehicle enterprise self-inspection certification authority platform, or the digital signature based on the root certificate issued by the ecological alliance certification authority platform.

The third V2X information may represent V2X information obtained by performing the second signature processing on the second V2X information. The third V2X information includes the second V2X information and the second signature. That is, the third V2X information includes the first V2X information, the first signature and the second signature, wherein the first V2X information and the first signature constitute the second V2X information. In this embodiment of the present application, the second V2X information reaches the physical layer of the first communication unit from the physical layer of the first operation unit, and then sequentially passes through the access layer, network layer and transport layer of the first communication unit to reach the first pass unit application layer. In this embodiment of the present application, a second signature processing function is added to the application layer of the first communication unit, and after the first communication unit obtains the second V2X information from its application layer, the second signature processing is performed on the second V2X information, thereby Get third V2X information. After that, the third V2X information is sent out through the application layer, the transport layer, the network layer, the access layer and the physical layer of the first communication unit. In this way, when the protected data (ie the first V2X information) is transmitted together with the second signature in the V2X network (ie between the first communication unit and the second communication unit), the protected data (ie the first V2X information) can be verified ) is denied or forged in the network transmission, so as to ensure the security of network transmission. In a possible implementation manner, the second signature processing may include digital signature, adding a token, and the like.

In this embodiment of the present application, the second V2X information obtained through the first signature processing may be transmitted between the first communication unit and the second communication unit, and the third V2X information obtained through the first signature processing and the second signature processing may also be transmitted. information. .

The following describes the process of transmitting the third V2X information between the first communication unit and the second communication unit with reference to FIG. 3c. FIG. 3c shows an interactive schematic diagram of the data transmission method provided by the embodiment of the present application. This method can be applied to the data transmission system shown in Figure 3a. As shown in Figure 3c, the method may include:

Step S401, the first operation unit acquires the first V2X information of the application layer.

Step S402, the first operation unit performs first signature processing on the first V2X information to obtain second V2X information including the first V2X information and the first signature.

Step S403, the first computing unit sends the second V2X information to the first communication unit.

Step S404, the first communication unit receives the second V2X information sent by the first operation unit.

Step S405, the first communication unit performs second signature processing on the second V2X information to obtain third V2X information including the second V2X information and the second signature.

Step S406, the first communication unit broadcasts the third V2X information.

At the sending end, the first computing unit performs the first signature processing on the first V2X information, which can prevent problems such as message corruption and message insertion and provide guarantee for functional security; the first communication unit performs the second signature processing on the second V2X information , which can prevent message denial and message forgery, and provide guarantee for network security. In the implementation, the application layer of the first operation unit obtains the first V2X information, and performs the first signature processing on the first V2X information to obtain the second V2X information. The first operation unit sends the second V2X information to the first communication unit through the Ethernet or other physical bus. After acquiring the second V2X information, the application layer of the first communication unit performs the second signature processing on the second V2X information to obtain the third V2X information, and then passes through the transport layer, network layer, access layer, and physical layer, and finally passes through the V2X network (eg DSRC or LTE-V) to other devices (eg the second communication unit).

Step S407, the second communication unit receives the third V2X information sent by the first communication unit.

Step S408, the second communication unit verifies the second signature in the third V2X information.

In a possible implementation manner, step S408 may include: the second communication unit performs information extraction processing on the second V2X information in the third V2X information to obtain the first abstract; The second signature is decrypted to obtain a second digest; if the first digest and the second digest are the same, the second communication unit determines that the verification of the second signature is successful; if the first digest and the second digest are different, the third The second communication unit determines that the verification of the second signature fails.

If the first digest and the second digest are the same, it indicates that the source of the third V2X information is reliable, and the content of the second V2X information in the third V2X information has not been tampered with, so the second communication unit can determine the second signature verification success.

It should be noted that the manner in which the second communication unit verifies the second signature may also be other manners agreed upon with the first communication unit, which is not limited in this application.

Step S409, in the case that the verification of the second signature is successful, the second communication unit sends the second V2X information in the third V2X information to the second computing unit.

Step S410, the second operation unit receives the second V2X information sent by the second communication unit.

Step S411, the second operation unit verifies the first signature in the second V2X information.

Step S412, in the case that the first signature verification is successful, the second operation unit performs information processing on the first V2X information.

In a possible implementation manner, the second computing unit may obtain fusion information by performing information processing on the first V2X information, and the second computing unit may send the fusion information to the controller, so that the controller can make motion decision and control based on the fusion information. control.

At the receiving end, the second communication unit verifies the second signature in the third V2X information, which can prevent message denial and message forgery during network transmission and provide guarantee for network security; the second computing unit verifies the second V2X information. The first signature in the message is verified, which can prevent problems such as message corruption and message insertion, and provide a guarantee for functional safety. In implementation, the third V2X information reaches the application layer of the second communication unit through the V2X network, the physical layer, the access layer, the network layer, and the transport layer. The application layer of the second communication unit verifies the second signature in the third V2X information. If the verification of the second signature in the third V2X information fails, the second communication unit does not forward the second V2X information in the third V2X information. If the verification of the second signature in the third V2X message succeeds, the second communication unit forwards the second V2X information in the third V2X message through the transport layer, the network layer, the access layer, and the physical layer. The second V2X information reaches the application layer of the second computing unit through the physical layer, the access layer, the network layer, and the transport layer. The application layer of the second operation unit verifies the first signature in the second V2X information. If the verification of the first signature in the second V2X information fails, it indicates that the first V2X information has been changed and is incomplete. In order to ensure functional safety, the second computing unit cannot use the first V2X information for subsequent processing. If the verification of the first signature that can only be performed by the second V2X information is successful, indicating that the first V2X information has not been changed and is complete, the second operation unit may perform subsequent processing based on the first V2X information.

In the embodiment of the present application, the functional safety level requirements of link ASIL-B are decomposed into: QM requirements for transmission channels and ASIL-B requirements for information processing, and the first communication unit and the second communication unit have no functional safety requirements , the first operation unit and the second operation unit can be designed, developed, and verified according to the ISO26262 system to achieve the functional safety of ASIL-B, etc., thereby reducing the functional safety level requirements of the transmission channel. In the embodiment of the present application, the first signature processing and the first signature verification are performed in the first operation unit and the second operation unit to ensure the functional security (ie integrity) of the V2X information; The second signature processing and the second signature verification performed by the two communication units ensure the network security of the V2X information. Therefore, the embodiment of the present application can improve the reliability of the V2X information without changing and upgrading the hardware of the existing equipment as much as possible. This in turn improves the safety of vehicle motion decision-making and control.

FIG. 4a shows a schematic structural diagram of a data transmission system in a V2I scenario provided by an embodiment of the present application. As shown in Figure 4a, the data transmission system includes a signal machine, a roadside unit, a vehicle-mounted communication unit, a gateway and a vehicle-mounted computing platform. The signal machine corresponds to the first computing unit 11 shown in FIG. 3a, the roadside unit corresponds to the first communication unit 12 shown in FIG. 3a, the vehicle-mounted communication unit corresponds to the second communication unit 13 shown in FIG. 3a, The computing platform corresponds to the second arithmetic unit 14 shown in Fig. 3a. The method shown in Fig. 3c can be applied to the data transmission system shown in Fig. 4a.

As shown in Figure 4a, at the sending end: the application layer of the signal device obtains information such as traffic light signals, and uses the obtained information as the first V2X information. The application layer of the signal machine performs the first signature processing on the first V2X information, and obtains the second V2X information including the first V2X information and the first signature. The second V2X information is transmitted layer by layer (including the transport layer, network layer, access layer, and physical layer) in the signal machine, and finally reaches the physical layer of the roadside unit through Ethernet or other buses. After that, the second V2X information is transmitted layer by layer (including physical layer, access layer, network layer, and transport layer) in the roadside unit to the application layer of the roadside unit. The application layer of the roadside unit performs second signature processing on the second V2X information to obtain third V2X information including the second V2X information and the second signature. The third V2X information is transmitted layer by layer in the roadside unit, and finally sent to the in-vehicle communication unit through a V2X network (eg DSEC or LTE-V).

As shown in Figure 4a, at the receiving end: the third V2X information is transmitted layer by layer in the in-vehicle communication unit to the application side of the in-vehicle communication unit. Then, the application layer verifies the second signature against the third V2X information. When the verification of the second signature in the third V2X information is successful, the in-vehicle communication unit transmits layer by layer, and finally forwards the second V2X information in the third V2X information to the in-vehicle computing platform through the gateway. The application layer of the in-vehicle computing platform receives the second V2X information through layer-by-layer transmission, and then the application layer of the in-vehicle computing platform verifies the first signature in the second V2X information. In the case that the verification of the first signature in the second V2X information is successful, the in-vehicle computing platform performs subsequent processing based on the first V2X information in the second V2X information.

FIG. 4b shows a schematic structural diagram of a data transmission system in a V2I scenario provided by an embodiment of the present application. As shown in Figure 4b, the data transmission system includes an in-vehicle computing platform, a gateway, an in-vehicle communication unit, a roadside unit and a V2X server. The in-vehicle computing platform corresponds to the first computing unit 11 shown in FIG. 3a, the in-vehicle communication unit corresponds to the first communication unit 12 shown in FIG. 3a, the roadside unit corresponds to the second communication unit 13 shown in FIG. 3a, The V2X server corresponds to the second arithmetic unit 14 shown in Fig. 3a. The method shown in Fig. 3c can be applied to the data transmission system shown in Fig. 4b.

As shown in Figure 4b, at the sending end: the application layer of the in-vehicle computing platform obtains information such as decision information, and uses the obtained information as the first V2X information. The application layer of the in-vehicle computing platform performs the first signature processing on the first V2X information to obtain the second V2X information including the first V2X information and the first signature. The second V2X information is transmitted layer by layer on the in-vehicle computing platform, and finally the second V2X information is forwarded to the physical layer of the in-vehicle communication unit through the gateway. After that, the second V2X information is transmitted layer by layer in the in-vehicle communication unit to the application layer of the in-vehicle communication unit. Then, the application layer of the in-vehicle communication unit performs a second signature process on the second V2X information to obtain third V2X information including the second V2X information and the second signature. The third V2X information is transmitted layer by layer in the in-vehicle communication unit, and finally sent to the roadside unit through a V2X network (eg, DSEC or LTE-V).

As shown in Fig. 4b, at the receiving end: the third V2X information is transmitted in the roadside unit layer by layer to receive the third V2X information and arrive at the application layer of the roadside unit. Then, the application layer of the RSU verifies the second signature in the third V2X information. In the case that the verification of the second signature in the third V2X information is successful, the roadside unit transmits layer by layer, and finally sends the second V2X information in the third V2X information to the V2X server through Ethernet or other buses. The application layer of the V2X server receives the second V2X information through layer-by-layer transmission, and then the application layer of the V2X server verifies the first signature in the second V2X information. In the case that the verification of the first signature in the second V2X information is successful, the V2X server performs subsequent processing based on the first V2X information in the second V2X information.

FIG. 4c shows a schematic structural diagram of a data transmission system in a V2V scenario provided by an embodiment of the present application. As shown in Fig. 4c, the data transmission system includes the vehicle-mounted computing platform of vehicle A, the gateway of vehicle A, the vehicle-mounted communication unit of vehicle A, the vehicle-mounted communication unit of vehicle B, the gateway of vehicle B, and the vehicle-mounted computing platform of vehicle B. The in-vehicle computing platform of vehicle A corresponds to the first computing unit 11 shown in FIG. 3a, the in-vehicle communication unit of vehicle A corresponds to the first communication unit 12 shown in FIG. 3a, and the in-vehicle communication unit of vehicle B corresponds to FIG. 3a The shown second communication unit 13, the on-board computing platform of the vehicle B corresponds to the second computing unit 14 shown in FIG. 3a. The method shown in Fig. 3c can be applied to the data transmission system shown in Fig. 4c.

As shown in Figure 4c, at the sending end: the application layer of the vehicle-mounted computing platform of vehicle A obtains information such as decision information, and uses the obtained information as the first V2X information. The application layer of the in-vehicle computing platform of vehicle A performs the first signature processing on the first V2X information to obtain the second V2X information including the first V2X information and the first signature. The in-vehicle computing platform of vehicle A goes through layers of transmission, and finally forwards the second V2X information to the in-vehicle communication unit of vehicle A through the gateway. The application layer of the in-vehicle communication unit of vehicle A receives the second V2X information through layer-by-layer transmission. Then, the application layer of the in-vehicle communication unit of vehicle A performs second signature processing on the second V2X information to obtain third V2X information including the second V2X information and the second signature. The in-vehicle communication unit of vehicle A transmits layer by layer, and finally sends the third V2X information to the in-vehicle communication unit of vehicle B through a V2X network (eg, DSEC or LTE-V).

As shown in Figure 4c, at the receiving end: the application layer of the in-vehicle communication unit of vehicle B receives the third V2X information through layer-by-layer transmission. Then, the application layer of the in-vehicle communication unit of vehicle B verifies the second signature in the third V2X information. When the verification of the second signature in the third V2X information is successful, the on-board communication unit of vehicle B transmits layer by layer, and finally forwards the second V2X information in the third V2X information to the on-board computing platform of vehicle B through the gateway. The application layer of the vehicle-mounted computing platform of vehicle B receives the second V2X information through layer-by-layer transmission, and then the application layer of the vehicle-mounted computing platform of vehicle B verifies the first signature in the second V2X information. In the case that the verification of the first signature in the second V2X information is successful, the in-vehicle computing platform of vehicle B performs subsequent processing based on the first V2X information in the second V2X information.

The following describes the process of transmitting the second V2X information obtained through the first signature processing between the first communication unit and the second communication unit with reference to FIG. 3d. FIG. 3d shows an interactive schematic diagram of the data transmission method provided by the embodiment of the present application. This method can be applied to the data transmission system shown in Figure 3a. As shown in Figure 3d, the method may include:

Step S501, the first operation unit acquires the first V2X information of the application layer.

Step S502, the first operation unit performs first signature processing on the first V2X information to obtain second V2X information including the first V2X information and the first signature.

In a possible implementation manner, the first operation unit may perform first signature processing on the first V2X information by performing digital signature processing on the first V2X information. In the implementation, the root certificate of the national certification authority (Certificate Authority, CA) platform method can be used for digital signature processing, so as to realize the interconnection between vehicles produced by different car companies; the root certificate of the car company's self-check CA platform can be used for Digital signature processing, so that the interconnection between vehicles produced by the same car company can be realized; the root certificate issued by the ecological alliance CA platform can also be used for digital signature processing, so as to realize the interconnection between vehicles produced by car companies under the same ecological alliance Intercommunication.

Step S503, the first computing unit sends the second V2X information to the first communication unit through the secure channel with the first communication unit.

In this embodiment of the present application, a secure channel may be established between the first computing unit and the first communication unit. In an example, the first computing unit and the first communication unit generate a session key through link session key negotiation, and use the session key to encrypt transmission data, thereby establishing a secure channel. In yet another example, the first computing unit and the first communication unit are respectively configured with a secure communication module, and the secure communication modules at both ends implement encryption and decryption of the transmitted data, thereby realizing the establishment of a secure channel. The embodiments of the present application do not limit the manner of establishing the secure channel, do not limit the encryption/decryption method adopted for the secure channel, and do not limit the key employed for the secure channel.

Step S504, the first communication unit receives the second V2X information through the secure channel with the first computing unit.

Step S505, the first communication unit broadcasts the second V2X information.

The V2X information received by the first communication unit through the secure channel is the V2X information processed by the first signature. At this time, the first communication unit does not need to perform the second signature processing on the received V2X information, which can also ensure the function of the application layer V2X information. safety. The first communication unit directly broadcasts the second V2X information, which can reduce the functional requirements for the first communication unit, thereby reducing the cost of the first communication unit.

Step S506, the second communication unit receives the second V2X information sent by the first communication unit.

Step S507, the second communication unit sends the second V2X information to the second operation unit through the secure channel with the second operation unit.

In this embodiment of the present application, a secure channel may be established between the second communication unit and the second computing unit. The manner of establishing the secure channel between the second communication unit and the second operation unit may refer to the manner of establishing the secure channel between the first operation unit and the first communication unit, which will not be repeated here.

When a secure channel is established between the second communication unit and the second computing unit, the second communication unit can directly forward the received V2X information to the second computing unit through the secure channel, and the second computing unit performs signature verification , on the one hand, the V2X information that has not been verified by the signature can be concentrated into the second computing unit, to prevent the V2X information that has not been verified by the signature from adversely affecting other components in the vehicle, and on the other hand, it can reduce the impact on the second communication unit. functional requirements, thereby reducing the cost of the second communication unit.

Step S508, the second computing unit receives the second V2X information through the secure channel with the second communication unit.

Step S509, the second operation unit verifies the first signature in the second V2X information.

Step S510, in the case that the verification of the first signature is successful, the second operation unit performs information processing on the first V2X information in the second V2X information.

At the receiving end, the second communication unit sends the second V2X information to the second computing unit through the secure channel, so that the unverified V2X information can be sent to the dedicated channel and the impact on other components in the data processing device is reduced; The first signature in the second V2X information is verified, which can prevent problems such as message corruption and message insertion, and provide guarantee for functional safety.

In the embodiment of the present application, the functional safety level requirements of link ASIL-B are decomposed into: QM requirements for transmission channels and ASIL-B requirements for information processing, and the first communication unit and the second communication unit have no functional safety requirements , the first operation unit and the second operation unit can be designed, developed, verified according to the ISO26262 system, and can achieve the functional safety of ASIL-B, etc., thereby reducing the functional safety level requirements of the transmission channel. Signature processing, transmitting the second V2X information in the secure channel, not only ensures the functional security (that is, the integrity) of the V2X information, but also ensures the network security of the V2X information. In the case of hardware modification and upgrading, the reliability of V2X information is improved, thereby improving the safety of vehicle motion decision-making and control. Meanwhile, the embodiment of the present application simplifies the information transmission process between the first operation unit and the first communication unit and the information transmission process between the second communication unit and the second operation unit, and reduces the need for the first communication unit and the second communication unit. functional requirements, thereby reducing the cost of the first communication unit and the second communication unit.

FIG. 4d shows a schematic structural diagram of a data transmission system in a V2V scenario provided by an embodiment of the present application. As shown in Figure 4d, the data transmission system includes the vehicle-mounted computing platform of vehicle A, the gateway of vehicle A, the vehicle-mounted communication unit of vehicle A, the vehicle-mounted communication unit of vehicle B, the gateway of vehicle B, and the vehicle-mounted computing platform of vehicle B . The in-vehicle computing platform of vehicle A corresponds to the first computing unit 11 shown in FIG. 3a, the in-vehicle communication unit of vehicle A corresponds to the first communication unit 12 shown in FIG. 3a, and the in-vehicle communication unit of vehicle B corresponds to FIG. 3a The shown second communication unit 13, the on-board computing platform of the vehicle B corresponds to the second computing unit 14 shown in FIG. 3a. The method shown in Fig. 3d can be applied to the data transmission system shown in Fig. 4d.

As shown in Figure 4d, at the sender: a secure channel is established between the vehicle-mounted computing platform of vehicle A and the vehicle-mounted communication unit of vehicle A. The application layer of the in-vehicle computing platform of vehicle A obtains the first V2X information, and performs first signature processing on the first V2X information to obtain V2X information including the first V2X information and the first signature. The in-vehicle computing platform of vehicle A transmits the second V2X information to the in-vehicle communication unit of vehicle A through a pre-established secure channel. The in-vehicle communication unit of vehicle A broadcasts the second V2X information through the V2X network.

As shown in Figure 4d, a secure channel is established between the receiving end: the on-board computing platform of vehicle B and the on-board communication unit of vehicle B. After receiving the second V2X information, the vehicle-mounted communication unit of vehicle B sends the second V2X information to the vehicle-mounted computing platform of vehicle B through the pre-established security channel. The application layer of the in-vehicle computing platform of vehicle B verifies the first signature in the second V2X information. In the case that the verification of the first signature is successful, the in-vehicle computing platform of vehicle B may perform subsequent processing based on the first V2X information in the second V2X information.

FIG. 5 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application. The apparatus can be used to perform the method shown in Figure 3c. As shown in FIG. 5 , the data processing apparatus 50 may include: an operation unit 51 and a communication unit 52, wherein the operation unit 51 includes a first signature module 511 and a first sending module 512, and the communication unit 52 includes a second signature module 521 and The second sending module 522 .

The first signature module 511 is configured to perform first signature processing on the first V2X information of the application layer to obtain second V2X information, where the second V2X information includes the first V2X information and the first signature;

The first sending module 512 is configured to send the second V2X information obtained by the first signature module 511 to the second signature module;

The second signature module 521 is configured to perform second signature processing on the second V2X information sent by the first sending module 512 to obtain third V2X information, where the third V2X information includes the second V2X information and second signature;

The second sending module 522 is configured to send the third V2X information obtained by the second signature module 521 .

In a possible implementation manner, the first signature processing includes one or more of: information extraction, cyclic redundancy CRC check and digital signature, wherein the digital signature includes issuance based on a national certification authority platform The digital signature of the root certificate, or the digital signature based on the root certificate of the car company's self-inspection certification agency platform, or the digital signature based on the root certificate issued by the ecological alliance certification agency platform.

In a possible implementation manner, the data processing apparatus is a vehicle-mounted device, the computing unit includes a mobile data center MDC, and the communication unit includes a telematics processor TBox.

In a possible implementation manner, the data processing apparatus is a roadside device, the arithmetic unit includes a signal, and the communication unit includes a roadside unit RSU.

In a possible implementation manner, the first sending module is further configured to: send the second V2X information to the second signature module through Ethernet.

FIG. 6 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application. The apparatus can be used to perform the method shown in Figure 3d. As shown in FIG. 6 , the data processing device 60 includes an operation unit 61 and a communication unit 62 , the operation unit 61 is connected with the communication unit 62 through a secure channel 63 , and the operation unit 61 includes a first signature module 611 and a first signature module 611 . A sending module 612 , the communication unit 62 includes a second sending module 621 .

The first signature module 611 is configured to perform first signature processing on the first V2X information of the application layer to obtain second V2X information, where the second V2X information includes the first V2X information and the first signature;

the first sending module 612, configured to send the second V2X information to the second sending module 621 through the secure channel 63;

The second sending module 621 is configured to send the second V2X information.

FIG. 7 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application. The apparatus can be used to perform the method shown in Figure 3c. As shown in FIG. 7 , the data processing device 70 includes a communication unit 71 and an operation unit 72 , the communication unit 71 includes a receiving module 711 , a first signature verification module 712 and a sending module 713 , and the operation unit 72 includes a second verification module 713 . Signing module 721 and processing module 722.

The receiving module 711 is configured to receive third V2X information, where the third IoV V2X information includes second V2X information and a second signature, and the second V2X information includes first V2X information and a first signature at the application layer ;

The first signature verification module 712 is configured to verify the second signature in the third V2X information received by the receiving module 711;

The sending module 713 is configured to send the second V2X information to the second signature verification module 721 when the first signature verification module 712 successfully verifies the second signature;

The second signature verification module 721 is configured to verify the first signature in the second V2X information sent by the sending module 713;

The processing module 722 is configured to perform information processing on the first V2X information when the second signature verification module 721 successfully verifies the first signature.

In a possible implementation manner, the first signature verification module is also used for:

Decrypting the second signature to obtain a second digest;

In a possible implementation manner, the second signature verification module is also used for:

In a possible implementation manner, the sending module is further configured to: send the second V2X information to the second signature through Ethernet when the first signature verification module successfully verifies the second signature Second signature verification module.

FIG. 8 shows a schematic structural diagram of a data processing apparatus provided by an embodiment of the present application. The apparatus can be used to perform the method shown in Figure 3d. As shown in FIG. 8 , the data processing device 80 includes a communication unit 81 and an operation unit 82 , the communication unit 81 and the operation unit 82 are connected through a secure channel 83 , and the communication unit 81 includes a receiving module 811 and a sending module 812, the operation unit 82 includes a signature verification module 821 and a processing module 822;

The receiving module 811 is configured to receive second V2X information, where the second V2X information includes the first V2X information and the first signature of the application layer;

The sending module 812 is configured to send the second V2X information received by the receiving module 811 to the signature verification module 821 through the secure channel 83;

The signature verification module 821 is configured to verify the first signature in the second V2X information sent by the sending module 812;

The processing module 822 is configured to perform information processing on the first V2X information when the signature verification module 821 successfully verifies the first signature.

In a possible implementation, the signature verification module is also used for:

An embodiment of the present application provides a data processing apparatus, including: a processor and a memory for storing instructions executable by the processor; wherein the processor is configured to implement the above method when executing the instructions.

Embodiments of the present application provide a non-volatile computer-readable storage medium on which computer program instructions are stored, and when the computer program instructions are executed by a processor, implement the above method.

Embodiments of the present application provide a computer program product, including computer-readable codes, or a non-volatile computer-readable storage medium carrying computer-readable codes, when the computer-readable codes are stored in a processor of an electronic device When running in the electronic device, the processor in the electronic device executes the above method.

A computer-readable storage medium may be a tangible device that can hold and store instructions for use by the instruction execution device. The computer-readable storage medium may be, for example, but not limited to, an electrical storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of computer-readable storage media include: portable computer disks, hard disks, random access memory (RAM), read only memory (ROM), erasable programmable read-only memory (Electrically Programmable Read-Only-Memory, EPROM or flash memory), static random access memory (Static Random-Access Memory, SRAM), portable compact disk read-only memory (Compact Disc Read-Only Memory, CD - ROM), Digital Video Disc (DVD), memory sticks, floppy disks, mechanically encoded devices, such as punch cards or raised structures in grooves on which instructions are stored, and any suitable combination of the foregoing .

Computer readable program instructions or code described herein may be downloaded to various computing/processing devices from a computer readable storage medium, or to an external computer or external storage device over a network such as the Internet, a local area network, a wide area network and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers. A network adapter card or network interface in each computing/processing device receives computer-readable program instructions from a network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in each computing/processing device .

The computer program instructions used to perform the operations of the present application may be assembly instructions, Instruction Set Architecture (ISA) instructions, machine instructions, machine-related instructions, microcode, firmware instructions, state setting data, or in one or more source or object code written in any combination of programming languages, including object-oriented programming languages such as Smalltalk, C++, etc., and conventional procedural programming languages such as the "C" language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server implement. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network—including a Local Area Network (LAN) or a Wide Area Network (WAN)—or, may be connected to an external computer (eg, use an internet service provider to connect via the internet). In some embodiments, electronic circuits, such as programmable logic circuits, Field-Programmable Gate Arrays (FPGA), or Programmable Logic Arrays (Programmable Logic Arrays), are personalized by utilizing state information of computer-readable program instructions. Logic Array, PLA), the electronic circuit can execute computer readable program instructions to implement various aspects of the present application.

Aspects of the present application are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the present application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.

These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer or other programmable data processing apparatus to produce a machine that causes the instructions when executed by the processor of the computer or other programmable data processing apparatus , resulting in means for implementing the functions/acts specified in one or more blocks of the flowchart and/or block diagrams. These computer readable program instructions can also be stored in a computer readable storage medium, these instructions cause the computer, programmable data processing apparatus and/or other equipment to operate in a specific manner, so that the computer readable medium storing the instructions includes An article of manufacture comprising instructions for implementing various aspects of the functions/acts specified in one or more blocks of the flowchart and/or block diagrams.

Computer readable program instructions can also be loaded onto a computer, other programmable data processing apparatus, or other equipment to cause a series of operational steps to be performed on the computer, other programmable data processing apparatus, or other equipment to produce a computer-implemented process , thereby causing instructions executing on a computer, other programmable data processing apparatus, or other device to implement the functions/acts specified in one or more blocks of the flowcharts and/or block diagrams.

The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of apparatuses, systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more functions for implementing the specified logical function(s) executable instructions. In some alternative implementations, the functions noted in the blocks may occur out of the order noted in the figures. For example, two blocks in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.

It is also noted that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented in hardware (eg, circuits or ASICs (Application) that perform the corresponding functions or actions. Specific Integrated Circuit, application-specific integrated circuit)), or can be implemented by a combination of hardware and software, such as firmware.

While the invention has been described herein in connection with various embodiments, those skilled in the art will understand and understand from a review of the drawings, the disclosure, and the appended claims in practicing the claimed invention. Other variations of the disclosed embodiments are implemented. In the claims, the word "comprising" does not exclude other components or steps, and "a" or "an" does not exclude a plurality. A single processor or other unit may fulfill the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that these measures cannot be combined to advantage.

Various embodiments of the present application have been described above, and the foregoing descriptions are exemplary, not exhaustive, and not limiting of the disclosed embodiments. Numerous modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein was chosen to best explain the principles of the various embodiments, the practical application or improvement over the technology in the marketplace, or to enable others of ordinary skill in the art to understand the various embodiments disclosed herein.

Claims

A data transmission method, characterized in that the method is applied to a data processing device, the data processing device includes an arithmetic unit and a communication unit, and the method includes:

The computing unit performs first signature processing on the first IoV V2X information at the application layer to obtain second V2X information, where the second V2X information includes the first V2X information and the first signature;

the computing unit sends the second V2X information to the communication unit;

The communication unit performs second signature processing on the second V2X information to obtain third V2X information, where the third V2X information includes the second V2X information and a second signature;

The communication unit sends the third V2X information.
The method of claim 1, wherein the first signature processing comprises one or more of: information excerpt, cyclic redundancy CRC check, and digital signature, wherein the digital signature comprises country-based The digital signature of the root certificate issued by the certification authority platform, or the digital signature based on the root certificate of the vehicle enterprise self-inspection certification authority platform, or the digital signature based on the root certificate issued by the ecological alliance certification authority platform.
The method according to claim 1 or 2, wherein the data processing device is an in-vehicle device, the computing unit includes a mobile data center MDC, and the communication unit includes a telematics processor TBox.
The method according to claim 1 or 2, wherein the data processing device is a roadside device, the arithmetic unit comprises a signal machine, and the communication unit comprises a roadside unit RSU.
A data transmission method, characterized in that the method is applied to a data processing device, the data processing device includes an arithmetic unit and a communication unit, and the method includes:

The computing unit performs first signature processing on the first IoV V2X information at the application layer to obtain second V2X information, where the second V2X information includes the first V2X information and the first signature;

The computing unit sends the second V2X information to the communication unit through a secure channel with the communication unit;

The communication unit sends the second V2X information.
A data transmission method, characterized in that the method is applied to a data processing device, the data processing device includes an arithmetic unit and a communication unit, and the method includes:

The communication unit receives third V2X information of the Internet of Vehicles, the third V2X information includes second V2X information and a second signature, and the second V2X information includes the first V2X information and the first signature of the application layer;

the communication unit verifies the second signature;

In the case that the verification of the second signature is successful, the communication unit sends the second V2X information to the operation unit;

The computing unit verifies the first signature;

In the case that the verification of the first signature is successful, the operation unit performs information processing on the first V2X information.
The method according to claim 6, wherein the verification of the second signature by the communication unit comprises:

The communication unit performs information extraction processing on the second V2X information to obtain a first abstract;

The communication unit decrypts the second signature to obtain a second digest;

In the case where the first digest and the second digest are the same, the communication unit determines that the verification of the second signature is successful.
The method according to claim 6 or 7, wherein the verification of the first signature by the computing unit comprises:

The computing unit performs information extraction verification on the first signature, or performs cyclic redundancy CRC verification, or performs digital signature verification, wherein the digital signature verification includes a digital signature based on a root certificate issued by a national certification authority platform. Signature verification, or digital signature verification based on the root certificate of the car company's self-inspection certification agency platform, or digital signature verification based on the root certificate issued by the ecological alliance certification agency platform.
The method according to any one of claims 6 to 8, wherein the data processing device is a vehicle-mounted device, the computing unit includes a mobile data center MDC, and the communication unit includes a telematics processor TBox.
The method according to any one of claims 6 to 8, wherein the data processing device is a roadside device, the arithmetic unit includes a signal machine, and the communication unit includes a roadside unit RSU.
A data transmission method, characterized in that the method is applied to a data processing device, the data processing device includes an arithmetic unit and a communication unit, and the method includes:

The communication unit receives the second V2X information of the Internet of Vehicles, where the second V2X information includes the first V2X information and the first signature of the application layer;

The communication unit sends the second V2X information to the computing unit through a secure channel with the computing unit;

The computing unit verifies the first signature;

In the case that the verification of the first signature is successful, the operation unit performs information processing on the first V2X information.
A data processing device, characterized in that the data processing device includes an operation unit and a communication unit, the operation unit includes a first signature module and a first sending module, and the communication unit includes a second signature module and a second sending module module;

The first signature module is configured to perform first signature processing on the first V2X information of the Internet of Vehicles at the application layer to obtain second V2X information, where the second V2X information includes the first V2X information and the first signature;

the first sending module, configured to send the second V2X information obtained by the first signature module to the second signature module;

The second signature module is configured to perform second signature processing on the second V2X information sent by the first sending module to obtain third V2X information, where the third V2X information includes the second V2X information and the second V2X information. sign;

The second sending module is configured to send the third V2X information obtained by the second signature module.
The apparatus of claim 12, wherein the first signature processing comprises one or more of an information excerpt, a cyclic redundancy CRC check, and a digital signature, wherein the digital signature comprises a country-based The digital signature of the root certificate issued by the certification authority platform, or the digital signature based on the root certificate of the vehicle enterprise self-inspection certification authority platform, or the digital signature based on the root certificate issued by the ecological alliance certification authority platform.
The device according to claim 12 or 13, wherein the data processing device is a vehicle-mounted device, the computing unit includes a mobile data center MDC, and the communication unit includes a telematics processor TBox.
The apparatus according to claim 12 or 13, wherein the data processing apparatus is a roadside device, the arithmetic unit comprises a signal machine, and the communication unit comprises a roadside unit RSU.
A data processing device, characterized in that the data processing device includes an arithmetic unit and a communication unit, the arithmetic unit is connected to the communication unit through a secure channel, and the arithmetic unit includes a first signature module and a first sending module , the communication unit includes a second sending module;

The first signature module is configured to perform first signature processing on the first V2X information of the Internet of Vehicles at the application layer to obtain second V2X information, where the second V2X information includes the first V2X information and the first signature;

the first sending module, configured to send the second V2X information to the second sending module through the secure channel;

The second sending module is configured to send the second V2X information.
A data processing device, characterized in that the data processing device includes an arithmetic unit and a communication unit, the communication unit includes a receiving module, a first signature verification module and a sending module, and the operational unit includes a second signature verification module and processing module;

The receiving module is configured to receive the third V2X information of the Internet of Vehicles, the third V2X information of the Internet of Vehicles includes the second V2X information and the second signature, and the second V2X information includes the first V2X information and the first V2X information of the application layer. sign;

the first signature verification module, configured to verify the second signature in the third V2X information received by the receiving module;

the sending module, configured to send the second V2X information to the second signature verification module when the first signature verification module successfully verifies the second signature;

the second signature verification module, configured to verify the first signature in the second V2X information sent by the sending module;

The processing module is configured to perform information processing on the first V2X information when the second signature verification module successfully verifies the first signature.
The device according to claim 17, wherein the first signature verification module is further used for:

performing information extraction processing on the second V2X information to obtain a first abstract;

Decrypting the second signature to obtain a second digest;

In the case that the first digest and the second digest are the same, it is determined that the verification of the second signature is successful.
The device according to claim 17 or 18, wherein the second signature verification module is further used for:

Performing information extract verification, or performing cyclic redundancy CRC verification, or performing digital signature verification on the first signature, wherein the digital signature verification includes digital signature verification based on a root certificate issued by a national certification authority platform, or , based on the digital signature verification of the root certificate of the car company's self-inspection certification agency platform, or, based on the digital signature verification of the root certificate issued by the ecological alliance certification agency platform.
The device according to any one of claims 17 to 19, wherein the data processing device is a vehicle-mounted device, the computing unit includes a mobile data center MDC, and the communication unit includes a telematics processor TBox.
The device according to any one of claims 17 to 19, wherein the data processing device is a roadside device, the arithmetic unit includes a signal, and the communication unit includes a roadside unit RSU.
A data processing device, characterized in that the data processing device includes a communication unit and an operation unit, the communication unit and the operation unit are connected through a secure channel, the communication unit includes a receiving module and a sending module, the operation unit The unit includes a signature verification module and a processing module;

The receiving module is configured to receive the second V2X information of the Internet of Vehicles, where the second V2X information includes the first V2X information and the first signature of the application layer;

the sending module, configured to send the second V2X information received by the receiving module to the signature verification module through the secure channel;

the signature verification module, configured to verify the first signature in the second V2X information sent by the sending module;

The processing module is configured to perform information processing on the first V2X information when the signature verification module successfully verifies the first signature.
A data processing device, comprising:

processor;

memory for storing processor-executable instructions;

wherein the processor is configured to implement the method of any one of claims 1 to 4, or to implement the method of claim 5, or to implement any one of claims 6 to 10 when executing the instructions the method, or implement the method of claim 11 .
A computer-readable storage medium on which computer program instructions are stored, characterized in that, when the computer program instructions are executed by a processor, the method described in any one of claims 1 to 4 is implemented, or the method in claim 5 is implemented. The method, or implement the method of any one of claims 6 to 10, or implement the method of claim 11.
A computer program product, comprising computer-readable codes, or a computer-readable storage medium carrying computer-readable codes, when the computer-readable codes are executed by a processor, the implementation of any one of claims 1 to 4 is realized , or implement the method of claim 5 , or implement the method of any one of claims 6 to 10 , or implement the method of claim 11 .