[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN116094812A - Communication method, equipment and medium of Ethernet component in vehicle - Google Patents

Communication method, equipment and medium of Ethernet component in vehicle Download PDF

Info

Publication number
CN116094812A
CN116094812A CN202310076288.XA CN202310076288A CN116094812A CN 116094812 A CN116094812 A CN 116094812A CN 202310076288 A CN202310076288 A CN 202310076288A CN 116094812 A CN116094812 A CN 116094812A
Authority
CN
China
Prior art keywords
component
vehicle
upper computer
communication list
preset communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202310076288.XA
Other languages
Chinese (zh)
Inventor
张安驰
程中阳
李甜
赵珑瑜
曹国华
黄强
林伟
魏寿燊
罗豪
张波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Seres New Energy Automobile Design Institute Co Ltd
Original Assignee
Chongqing Seres New Energy Automobile Design Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Seres New Energy Automobile Design Institute Co Ltd filed Critical Chongqing Seres New Energy Automobile Design Institute Co Ltd
Priority to CN202310076288.XA priority Critical patent/CN116094812A/en
Publication of CN116094812A publication Critical patent/CN116094812A/en
Priority to PCT/CN2023/138425 priority patent/WO2024152804A1/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

The method comprises the steps of determining a current component identifier corresponding to a current component to be communicated according to a current digital certificate of the current component to be communicated by acquiring a preset communication list of a target vehicle, judging whether the current component identifier exists in the preset communication list or not, if so, determining that the current component to be communicated is a trusted component, realizing communication trust of the current component to be communicated, further realizing in-vehicle trusted communication, enhancing in-vehicle communication safety, solving the problem that in the prior art, the communication safety of the vehicle is low due to non-compliant installation, preventing the non-compliant installation of the components of the non-host vehicle, and preventing the influence of the non-compliant installation on a host factory and a sales site of each component.

Description

Communication method, equipment and medium of Ethernet component in vehicle
Technical Field
The application relates to the technical field of automobiles, in particular to a communication method, equipment and medium of an in-automobile Ethernet component.
Background
At present, the communication between the ethernet components in the vehicle is based on TLS (Transport Layer Security, transport layer security protocol) to ensure the security of the communication link.
However, the components that can secure communication are legal components from manufacturers, but the components that cannot secure communication are a reliable component, for example, the components that are detached from the vehicle are used to repair the vehicle, or the components that are highly equipped are mounted on the vehicle model that is low equipped, so that communication between the components is still possible, which results in the safety of the vehicle being affected.
Disclosure of Invention
In view of the above-mentioned drawbacks or shortcomings in the prior art, the present application aims to provide a communication method, device and medium for an ethernet component in a vehicle, which solve the problem of low communication security of the vehicle caused by improper installation in the prior art.
The embodiment of the application provides a communication method of an in-vehicle Ethernet component, which comprises the following steps:
acquiring a preset communication list of a target vehicle, wherein the preset communication list comprises component identifiers corresponding to all Ethernet components;
acquiring a current digital certificate of a current component to be communicated, and determining a current component identifier corresponding to the current component to be communicated based on the current digital certificate;
and detecting whether the current component identifier exists in the preset communication list, and if so, determining that the current component to be communicated is a trusted component.
Optionally, the obtaining the preset communication list of the target vehicle includes:
receiving a first diagnosis instruction sent by an upper computer;
and writing a preset communication list in the first diagnosis instruction into a local storage space.
Optionally, after the writing of the preset communication list in the first diagnostic instruction to the local storage space, the method further includes:
receiving a second diagnosis instruction sent by the upper computer;
and restarting the system according to the second diagnosis instruction so as to load the preset communication list after restarting, and enable the preset communication list to be effective.
Optionally, before the receiving the first diagnostic instruction sent by the upper computer, the method further includes:
receiving a third diagnosis instruction sent by the upper computer;
and responding to the third diagnosis instruction, feeding back a part identifier to the upper computer, so that the upper computer generates the preset communication list based on each part identifier, and sends the preset communication list to preset signing equipment for signing. .
Optionally, before the receiving the third diagnostic instruction sent by the upper computer, the method further includes:
receiving a fourth diagnosis instruction sent by the upper computer;
and determining a part identifier carried in the fourth diagnosis instruction, and writing the part identifier into the local storage space.
Optionally, after the writing of the part identifier to the local storage space, the method further includes:
receiving a fifth diagnosis instruction sent by the upper computer;
and responding to the fifth diagnosis instruction, generating a signature application file based on the component identifier, and feeding the signature application file back to the upper computer so that the upper computer signs the signature application file to obtain a digital certificate.
Optionally, after the feeding back the signature application file to the host computer, the method further includes:
receiving a digital certificate sent by the upper computer;
and storing the digital certificate into the local storage space.
Optionally, while the feedback component is identified to the upper computer in response to the third diagnostic instruction, the method further includes:
and responding to the third diagnosis instruction, feeding back the vehicle identification of the target vehicle to the upper computer, so that the upper computer generates the preset communication list based on the component identifications and the vehicle identifications, and sends the preset communication list to a preset signing device for signing.
The embodiment of the application also provides electronic equipment, which comprises:
a processor and a memory;
the processor is used for executing the steps of the communication method of the in-vehicle Ethernet component provided by any embodiment of the application by calling the program or the instructions stored in the memory.
The embodiments of the present application also provide a computer-readable storage medium storing a program or instructions that cause a computer to execute the steps of the communication method of the in-vehicle ethernet component provided in any embodiment of the present application.
In summary, the application provides a communication method of an in-vehicle ethernet component, by acquiring a preset communication list of a target vehicle, determining a current component identifier corresponding to a current component to be communicated according to a current digital certificate of the current component to be communicated, further judging whether the current component identifier exists in the preset communication list, if so, determining that the current component to be communicated is a trusted component, realizing communication trust of the current component to be communicated, further realizing in-vehicle trusted communication, enhancing in-vehicle communication safety, solving the problem of low communication safety of the vehicle caused by non-compliant installation in the prior art, preventing the non-compliant installation of the components of the non-host vehicle, and preventing the influence of the non-compliant installation on host factories and sales sites of the components.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a communication method of an in-vehicle ethernet component provided in an embodiment of the present application;
fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The present application is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be noted that, for convenience of description, only the portions related to the invention are shown in the drawings.
It should be noted that, in the case of no conflict, the embodiments and features in the embodiments may be combined with each other. The present application will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
As mentioned in the background art, in view of the problems in the prior art, the present application proposes a communication method of an in-vehicle ethernet component, which can be performed by the in-vehicle ethernet component. Fig. 1 is a flowchart of a communication method of an in-vehicle ethernet component according to an embodiment of the present application. Referring to fig. 1, the communication method of the in-vehicle ethernet component specifically includes:
s110, acquiring a preset communication list of the target vehicle, wherein the preset communication list comprises component identifiers corresponding to all Ethernet components.
In this embodiment, the preset communication list may be a list of each in-vehicle ethernet component for communication verification. Specifically, the preset communication list may be generated in advance by the upper computer, and the upper computer may write the component identifier corresponding to each ethernet component into the preset communication list.
The ethernet component may be a component in the vehicle that relies on ethernet communications, such as an ethernet interface, among others. The component identification corresponding to the ethernet component may be unique identification information, such as a code or an identifier, etc., describing the ethernet component.
Specifically, the in-vehicle ethernet component of the target vehicle may actively acquire a preset communication list of the target vehicle, or the host computer may actively issue the preset communication list to each in-vehicle ethernet component of the target vehicle.
In a specific embodiment, acquiring a preset communication list of a target vehicle includes: receiving a first diagnosis instruction sent by an upper computer; and writing a preset communication list in the first diagnosis instruction into the local storage space.
The upper computer can be a remote device for diagnosing vehicle faults. The host computer may be, for example, a cloud server, an automotive diagnostic device (e.g., a diagnostic instrument), or a remote diagnostic system. Specifically, the upper computer can establish connection with the target vehicle in a wired connection or wireless connection mode, and then sends a first diagnosis instruction to the target vehicle. The first diagnostic instruction may be an instruction for performing a vehicle fault diagnosis. The local storage space may be an internal storage space of the in-vehicle ethernet component or may be a storage space provided independently of the in-vehicle ethernet component.
Specifically, the upper computer can actively issue a first diagnosis instruction to the in-vehicle ethernet component, and after receiving the first diagnosis instruction, the in-vehicle ethernet component can write a preset communication list carried in the first diagnosis instruction into the local storage space.
By means of the mode that the upper computer actively issues the first diagnosis instruction, the in-vehicle Ethernet component obtains the preset communication list through the first diagnosis instruction, and the preset communication list is obtained rapidly, namely mutual authentication of the in-vehicle Ethernet component can be achieved by adopting the existing upper computer for diagnosing vehicle faults.
In this embodiment, the in-vehicle ethernet component may also restart to validate the preset communication list after writing the preset communication list into the local storage space.
Optionally, after writing the preset communication list in the first diagnosis instruction to the local storage space, the method further includes: receiving a second diagnosis instruction sent by the upper computer; and responding to the second diagnosis instruction, restarting to load the preset communication list after restarting, and enabling the preset communication list to be effective.
The second diagnostic instruction may be an instruction for performing a vehicle failure diagnosis. Specifically, after the upper computer issues the first diagnosis instruction to the in-vehicle ethernet component, the upper computer may continue to send the second diagnosis instruction to the in-vehicle ethernet component, and after the in-vehicle ethernet component stores the preset communication list through the first diagnosis instruction, the in-vehicle ethernet component may trigger to execute restarting through the second diagnosis instruction, so that the preset communication list is loaded after restarting, so that the preset communication list is in effect.
By means of the mode that the upper computer actively issues the second diagnosis instruction, the in-vehicle Ethernet component is quickly restarted through the second diagnosis instruction, and then the preset communication list is enabled to take effect, so that follow-up communication verification is facilitated.
It should be noted that, in this embodiment, the preset communication list may be generated in advance by the upper computer, and specifically, the preset communication list may be generated after the upper computer acquires the identifiers of the components.
For example, optionally, before receiving the first diagnostic instruction sent by the upper computer, the method further includes: receiving a third diagnosis instruction sent by an upper computer; and responding to the third diagnosis instruction, feeding back the component identification to the upper computer so that the upper computer generates a preset communication list based on the component identifications, and sending the preset communication list to preset signature equipment for signature.
The third diagnostic instruction may be an instruction for performing a vehicle failure diagnosis. The pre-signing device may be a PKI (Public Key Infrastructure ).
Specifically, the upper computer may send a third diagnostic instruction to each in-vehicle ethernet component, and after receiving the third diagnostic instruction, each in-vehicle ethernet component may send its own component identifier to the upper computer. Further, the upper computer generates a preset communication list according to all the obtained component identifiers. After the preset communication list is generated, the upper computer sends the preset communication list to the preset signing equipment for signing, and then the signed preset communication list is distributed to all the in-vehicle Ethernet components through the first diagnosis instruction for safe storage.
By means of the mode that the upper computer actively issues the third diagnosis instruction, the upper computer can rapidly acquire the component identifications of the Ethernet components in each vehicle, and further the rapid generation of the preset communication list is achieved, the user does not need to manually acquire the component identifications and generate the preset communication list, and the generation efficiency and the issuing efficiency of the preset communication list are guaranteed.
It should be noted that, when the upper computer generates the preset communication list according to the obtained component identifications, the upper computer may also generate the preset communication list according to the vehicle identifications of the target vehicles, so as to ensure that the preset communication list only takes effect on the target vehicles.
Optionally, in response to the third diagnostic instruction, the feedback component identifies to the host computer and includes: and responding to the third diagnosis instruction, feeding back the vehicle identification of the target vehicle to the upper computer, so that the upper computer generates a preset communication list based on the component identifications and the vehicle identification, and sending the preset communication list to the preset signing equipment for signing.
The vehicle identification may be unique identification information describing the target vehicle, such as a vehicle identification code. Specifically, after receiving the third diagnosis instruction, the ethernet component in each vehicle may read its own component identifier and the vehicle identifier from the local storage space, and send the own component identifier and the vehicle identifier of the target vehicle to the host computer, and further, the host computer generates a preset communication list according to the vehicle identifier and each component identifier.
Through the mode of feeding back the vehicle identification to the upper computer, the generated preset communication list further comprises the vehicle identification of the target vehicle, so that the upper computer can conveniently distinguish the preset communication lists of different vehicles, and when the upper computer issues the preset communication list, the corresponding preset communication list can be matched through the vehicle identification for issuing, and the accuracy of the issued preset communication list is guaranteed.
In this embodiment, before the upper computer obtains the component identifiers through the third diagnostic instruction, the upper computer may also write the component identifiers into the ethernet components in each vehicle respectively by issuing the diagnostic instruction.
For example, in a specific embodiment, before receiving the third diagnostic instruction sent by the upper computer, the method further includes: receiving a fourth diagnosis instruction sent by the upper computer; and determining a part identifier carried in the fourth diagnosis instruction, and writing the part identifier into the local storage space.
The fourth diagnostic instruction may be an instruction for performing a vehicle failure diagnosis. In this embodiment, before the upper computer sends the third diagnostic instruction to generate the preset communication list, the upper computer may also write the corresponding component identifier into the ethernet components in each vehicle through the fourth diagnostic instruction.
Specifically, the upper computer sends a fourth diagnosis instruction to each in-vehicle Ethernet component, and after receiving the fourth diagnosis instruction, the in-vehicle Ethernet component extracts the component identifier in the fourth diagnosis instruction and writes the component identifier as the own component identifier into the local storage space.
Of course, the in-vehicle ethernet component may also obtain the vehicle identifier from the fourth diagnostic instruction, and write the vehicle identifier into the local storage space together.
By means of the mode that the upper computer actively issues the fourth diagnosis instruction, writing of the Ethernet component in each vehicle to the component identifications of the Ethernet component is achieved, and therefore the upper computer can conveniently acquire all the component identifications through the third diagnosis instruction to generate a preset communication list.
In an exemplary embodiment, when the upper computer issues the component identifiers of the ethernet components in each vehicle through the fourth diagnostic instruction, the upper computer may issue the component identifiers of the ethernet components in each corresponding vehicle to all vehicles, and further, when the upper computer obtains the component identifiers in the target vehicle through the third diagnostic instruction, the upper computer may send only the third diagnostic instruction to the target vehicle to obtain the component identifiers in the target vehicle, and not obtain the component identifiers in other vehicles except the target vehicle.
S120, acquiring a current digital certificate of the current component to be communicated, and determining a current component identifier corresponding to the current component to be communicated based on the current digital certificate.
The component to be communicated currently can be other in-vehicle Ethernet components needing to establish communication connection. The current digital certificate may be a digital certificate stored by the current component to be communicated.
Specifically, when the in-vehicle ethernet component needs to communicate with other in-vehicle ethernet components, the other in-vehicle ethernet components can be used as current components to be communicated, a current digital certificate of the other party is obtained, and a current component identifier corresponding to the current components to be communicated is obtained from the current digital certificate.
In this embodiment, the digital certificate of each in-vehicle ethernet component may be pre-generated by each in-vehicle ethernet component, and the upper computer may perform forwarding signature.
Optionally, after writing the component identifier to the local storage space, the method further includes: receiving a fifth diagnosis instruction sent by the upper computer; and responding to the fifth diagnosis instruction, generating a signature application file based on the component identifier, and feeding the signature application file back to the upper computer so that the upper computer signs the signature application file to obtain the digital certificate.
The signature application file may be a signature application file of a digital certificate, namely, a CSR (Certificate Signing Request, digital certificate signature application file). Specifically, the upper computer sends the fourth diagnosis instruction to the in-vehicle ethernet component, so that after the in-vehicle ethernet component writes the component identifier into the local storage space, the upper computer can continue to send the fifth diagnosis instruction to the in-vehicle ethernet component.
Further, the in-vehicle ethernet component may read the component identifier from the local storage space according to the fifth diagnostic instruction, generate a signature application file, and send the signature application file to the host computer. The in-vehicle ethernet component can generate a public-private key pair together while generating the signature application file according to the fifth diagnostic instruction, so that the validity and the uniqueness of the signature application file can be ensured through the public-private key pair.
Further, the upper computer can forward the signature application file to PKI for signature to obtain the digital certificate. By means of the mode that the upper computer actively issues the fifth diagnosis instruction, the establishment of the digital certificate of the Ethernet component in each vehicle is achieved, the follow-up communication verification according to the digital certificate is facilitated, other hardware is not required to be arranged, and the communication verification can be achieved on the existing vehicle.
Optionally, after feeding back the signature application file to the host computer, the method further includes: receiving a digital certificate sent by an upper computer; the digital certificate is stored to a local storage space.
Specifically, after the upper computer forwards the signature application file to the PKI for signature, the signed digital certificate can be fed back to the in-vehicle Ethernet component, and then the in-vehicle Ethernet component stores the digital certificate in the local storage space.
In this embodiment, the in-vehicle ethernet components obtain the signed digital certificate issued by the host computer, and store the digital certificate in the local storage space, so that when the communication verification is performed later, the current component to be communicated can directly read the digital certificate from the local storage space, and send the digital certificate to the in-vehicle ethernet components, so that the digital certificate does not need to be obtained from the cloud, and the communication verification efficiency is improved.
S130, detecting whether a current component identifier exists in a preset communication list, and if so, determining that the current component to be communicated is a trusted component.
Specifically, after the in-vehicle ethernet component obtains the current component identifier corresponding to the current component to be communicated, the in-vehicle ethernet component may match the current component identifier from the preset communication list, so as to determine whether the component identifier identical to the current component identifier exists in the preset communication list.
In this embodiment, if the current component identifier exists in the preset communication list, the in-vehicle ethernet component may determine that the current component to be communicated is a trusted component, and may further establish a communication connection with the trusted component.
Of course, if the current component identifier does not exist in the preset communication list, the current component to be communicated can be determined to be an unreliable component, and data transmission with the unreliable component can be refused.
By the method, when the current part to be communicated is a part which is not installed in a compliance manner, such as a part detached from other vehicles or a part which does not accord with the vehicle type of the target vehicle, the fact that the part identifier of the current part to be communicated is not in a preset communication list can be accurately identified, communication between the part which is not installed in a compliance manner and other parts is avoided, and communication safety in the vehicle is ensured; in addition, the influence of the improperly installed parts on the host factories and sales sites of the compliant parts can be avoided.
It should be noted that, when the two in-vehicle ethernet components need to establish communication connection, the two in-vehicle ethernet components may perform the operations of S110 to S130, that is, each in-vehicle ethernet component may treat the other party as a current component to be communicated, so as to determine whether the current component to be communicated is a trusted component, and if the two in-vehicle ethernet components determine that the other party is a trusted component, the two in-vehicle ethernet components may establish reliable communication connection, so as to perform data transmission.
According to the communication method of the in-vehicle Ethernet component, the preset communication list of the target vehicle is obtained, the current component identification corresponding to the current component to be communicated is determined according to the current digital certificate of the current component to be communicated, whether the current component identification exists in the preset communication list or not is judged, if so, the current component to be communicated is determined to be a trusted component, communication trust of the current component to be communicated is achieved, further, in-vehicle trusted communication is achieved, in-vehicle communication safety is enhanced, the problem that in the prior art, due to the fact that the communication safety of the vehicle is low due to the fact that the non-local vehicle is installed in an irregular mode is solved, and influences of the non-local vehicle on a host factory and a sales site of each component are prevented.
Fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 2, electronic device 500 includes one or more processors 501 and memory 502.
The processor 501 may be a Central Processing Unit (CPU) or other form of processing unit having data processing and/or instruction execution capabilities and may control other components in the electronic device 500 to perform desired functions.
Memory 502 may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, random Access Memory (RAM) and/or cache memory (cache), and the like. The non-volatile memory may include, for example, read Only Memory (ROM), hard disk, flash memory, and the like. One or more computer program instructions may be stored on the computer readable storage medium that may be executed by the processor 501 to implement the method of communication and/or other desired functions of the in-vehicle ethernet components of any of the embodiments of the present application described above. Various content such as initial arguments, thresholds, etc. may also be stored in the computer readable storage medium.
In one example, the electronic device 500 may further include: an input device 503 and an output device 504, which are interconnected by a bus system and/or other form of connection mechanism (not shown). The input device 503 may include, for example, a keyboard, a mouse, and the like. The output device 504 may output various information to the outside, including early warning prompt information, braking force, etc. The output device 504 may include, for example, a display, speakers, a printer, and a communication network and remote output apparatus connected thereto, etc.
Of course, only some of the components of the electronic device 500 that are relevant to the present application are shown in fig. 2 for simplicity, components such as buses, input/output interfaces, etc. are omitted. In addition, the electronic device 500 may include any other suitable components depending on the particular application.
In addition to the methods and apparatus described above, embodiments of the present application may also be a computer program product comprising computer program instructions which, when executed by a processor, cause the processor to perform the steps of the method of communication of an in-vehicle ethernet component provided by any of the embodiments of the present application.
The computer program product may write program code for performing the operations of embodiments of the present application in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server.
Furthermore, embodiments of the present application may also be a computer-readable storage medium, on which computer program instructions are stored, which, when being executed by a processor, cause the processor to perform the steps of the method for communication of an in-vehicle ethernet component provided by any embodiment of the present application.
The computer readable storage medium may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may include, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to limit the scope of the present application. As used in the specification and in the claims, the terms "a," "an," "the," and/or "the" are not specific to a singular, but may include a plurality, unless the context clearly dictates otherwise. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method or apparatus comprising such elements.
It should also be noted that the terms "center," "upper," "lower," "left," "right," "vertical," "horizontal," "inner," "outer," and the like indicate an orientation or a positional relationship based on that shown in the drawings, and are merely for convenience of description and simplification of the description, and do not indicate or imply that the apparatus or element in question must have a specific orientation, be configured and operated in a specific orientation, and therefore should not be construed as limiting the present application. Unless specifically stated or limited otherwise, the terms "mounted," "connected," and the like are to be construed broadly and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The specific meaning of the terms in this application will be understood by those of ordinary skill in the art in a specific context.
Specific examples are set forth herein to illustrate the principles and embodiments of the present application, and the description of the examples above is only intended to assist in understanding the methods of the present application and their core ideas. The foregoing is merely a preferred embodiment of the present application, and it should be noted that, due to the limited text expressions, there is virtually no limit to the specific structure, and that, for a person skilled in the art, modifications, alterations and combinations of the above described features may be made in an appropriate manner without departing from the principles of the present application; such modifications, variations and combinations, or the direct application of the concepts and aspects of the invention in other applications without modification, are intended to be within the scope of this application.

Claims (10)

1. A method of communicating an in-vehicle ethernet component, the method being adapted for use with an in-vehicle ethernet component, comprising:
acquiring a preset communication list of a target vehicle, wherein the preset communication list comprises component identifiers corresponding to all Ethernet components;
acquiring a current digital certificate of a current component to be communicated, and determining a current component identifier corresponding to the current component to be communicated based on the current digital certificate;
and detecting whether the current component identifier exists in the preset communication list, and if so, determining that the current component to be communicated is a trusted component.
2. The method of claim 1, wherein the obtaining the preset communication list of the target vehicle comprises:
receiving a first diagnosis instruction sent by an upper computer;
and writing a preset communication list in the first diagnosis instruction into a local storage space.
3. The method of claim 2, wherein after the writing of the pre-set communication list in the first diagnostic instruction to the local storage space, the method further comprises:
receiving a second diagnosis instruction sent by the upper computer;
and restarting the system according to the second diagnosis instruction so as to load the preset communication list after restarting, and enable the preset communication list to be effective.
4. The method of claim 2, wherein prior to said receiving the first diagnostic instruction sent by the host computer, the method further comprises:
receiving a third diagnosis instruction sent by the upper computer;
and responding to the third diagnosis instruction, feeding back a part identifier to the upper computer, so that the upper computer generates the preset communication list based on each part identifier, and sends the preset communication list to preset signing equipment for signing.
5. The method of claim 4, wherein prior to said receiving a third diagnostic instruction sent by said host computer, said method further comprises:
receiving a fourth diagnosis instruction sent by the upper computer;
and determining a part identifier carried in the fourth diagnosis instruction, and writing the part identifier into the local storage space.
6. The method of claim 5, wherein after the writing of the component identification to the local storage space, the method further comprises:
receiving a fifth diagnosis instruction sent by the upper computer;
and responding to the fifth diagnosis instruction, generating a signature application file based on the component identifier, and feeding the signature application file back to the upper computer so that the upper computer signs the signature application file to obtain a digital certificate.
7. The method of claim 6, wherein after the feeding back the signature application file to the host computer, the method further comprises:
receiving a digital certificate sent by the upper computer;
and storing the digital certificate into the local storage space.
8. The method of claim 4, wherein concurrently with said responding to said third diagnostic command, feeding back component identification to said host computer further comprises:
and responding to the third diagnosis instruction, feeding back the vehicle identification of the target vehicle to the upper computer, so that the upper computer generates the preset communication list based on the component identifications and the vehicle identifications, and sends the preset communication list to a preset signing device for signing.
9. An electronic device, the electronic device comprising:
a processor and a memory;
the processor is configured to execute the steps of the communication method of the in-vehicle ethernet component according to any one of claims 1 to 8 by calling a program or instructions stored in the memory.
10. A computer-readable storage medium storing a program or instructions that cause a computer to perform the steps of the method of communication of an in-vehicle ethernet component according to any one of claims 1 to 8.
CN202310076288.XA 2023-01-18 2023-01-18 Communication method, equipment and medium of Ethernet component in vehicle Withdrawn CN116094812A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202310076288.XA CN116094812A (en) 2023-01-18 2023-01-18 Communication method, equipment and medium of Ethernet component in vehicle
PCT/CN2023/138425 WO2024152804A1 (en) 2023-01-18 2023-12-13 Communication method for in-vehicle ethernet parts, device and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310076288.XA CN116094812A (en) 2023-01-18 2023-01-18 Communication method, equipment and medium of Ethernet component in vehicle

Publications (1)

Publication Number Publication Date
CN116094812A true CN116094812A (en) 2023-05-09

Family

ID=86204196

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310076288.XA Withdrawn CN116094812A (en) 2023-01-18 2023-01-18 Communication method, equipment and medium of Ethernet component in vehicle

Country Status (2)

Country Link
CN (1) CN116094812A (en)
WO (1) WO2024152804A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024152804A1 (en) * 2023-01-18 2024-07-25 重庆赛力斯新能源汽车设计院有限公司 Communication method for in-vehicle ethernet parts, device and medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107491319A (en) * 2016-10-17 2017-12-19 宝沃汽车(中国)有限公司 Program and the processing method of identification information, device and system
CN112019370A (en) * 2019-05-31 2020-12-01 烽火通信科技股份有限公司 Equipment fault processing method and system
CN113239338A (en) * 2021-06-10 2021-08-10 宝能(广州)汽车研究院有限公司 Certificate issuing method, system, electronic device and computer readable storage medium
CN113347133A (en) * 2020-02-18 2021-09-03 华为技术有限公司 Authentication method and device for vehicle-mounted equipment
CN113807117A (en) * 2021-09-23 2021-12-17 阿波罗智联(北京)科技有限公司 Vehicle security check method, system, device, equipment and storage medium
CN114407812A (en) * 2022-01-12 2022-04-29 中国第一汽车股份有限公司 Diagnostic database determination method, diagnostic database determination device, electronic equipment and storage medium
DE102021129420A1 (en) * 2021-01-27 2022-07-28 GM Global Technology Operations LLC A TRUSTED, CONTEXTUAL, SELF-TEACHING PROCESS FOR AN IN-VEHICLE NETWORK INTRUSION DETECTION SYSTEM DESIGNED TO LIMIT CALIBRATION SPREAD AND DEVELOPMENT COSTS

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110518548A (en) * 2018-10-29 2019-11-29 上海盛付通电子支付服务有限公司 The method, apparatus and electric vehicle of anti-electric vehicle repacking
CN116094812A (en) * 2023-01-18 2023-05-09 重庆赛力斯新能源汽车设计院有限公司 Communication method, equipment and medium of Ethernet component in vehicle

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107491319A (en) * 2016-10-17 2017-12-19 宝沃汽车(中国)有限公司 Program and the processing method of identification information, device and system
CN112019370A (en) * 2019-05-31 2020-12-01 烽火通信科技股份有限公司 Equipment fault processing method and system
CN113347133A (en) * 2020-02-18 2021-09-03 华为技术有限公司 Authentication method and device for vehicle-mounted equipment
DE102021129420A1 (en) * 2021-01-27 2022-07-28 GM Global Technology Operations LLC A TRUSTED, CONTEXTUAL, SELF-TEACHING PROCESS FOR AN IN-VEHICLE NETWORK INTRUSION DETECTION SYSTEM DESIGNED TO LIMIT CALIBRATION SPREAD AND DEVELOPMENT COSTS
CN113239338A (en) * 2021-06-10 2021-08-10 宝能(广州)汽车研究院有限公司 Certificate issuing method, system, electronic device and computer readable storage medium
CN113807117A (en) * 2021-09-23 2021-12-17 阿波罗智联(北京)科技有限公司 Vehicle security check method, system, device, equipment and storage medium
EP4086124A2 (en) * 2021-09-23 2022-11-09 Apollo Intelligent Connectivity (Beijing) Technology Co., Ltd. Vehicle security check method, system and apparatus, device and storage medium
CN114407812A (en) * 2022-01-12 2022-04-29 中国第一汽车股份有限公司 Diagnostic database determination method, diagnostic database determination device, electronic equipment and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
聂大成;陈莹;曾梦岐;: "车联网终端安全防护技术研究", 通信技术, no. 08, 10 August 2017 (2017-08-10) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024152804A1 (en) * 2023-01-18 2024-07-25 重庆赛力斯新能源汽车设计院有限公司 Communication method for in-vehicle ethernet parts, device and medium

Also Published As

Publication number Publication date
WO2024152804A1 (en) 2024-07-25

Similar Documents

Publication Publication Date Title
KR102375777B1 (en) Payment authentication method, device and system for on-board terminal
US10157050B2 (en) Method for confirming correction program and information processing apparatus
US11336449B2 (en) Information processing apparatus, computer program product, and resource providing method
US20180212955A1 (en) Method for operating a designated service, service unlocking method, and terminal
WO2011055486A1 (en) Access control system, communication terminal, server, and access control method
US9596225B2 (en) Out-of-vehicle device interface apparatus and method for protecting in-vehicle network
US10291412B2 (en) Information processing system, wireless communication chip, peripheral device, server, computer-readable non-transitory storage medium having application program stored therein, and information processing method
KR20100013207A (en) The method for authenticating device and service and the system thereof
KR20230110613A (en) Virtual key sharing system and method
CN116094812A (en) Communication method, equipment and medium of Ethernet component in vehicle
CN112883382A (en) Vehicle flashing method, vehicle networking box, vehicle and storage medium
CN115002168A (en) Safety detection method for vehicle remote control and vehicle-mounted system
CN109088853B (en) Diagnostic equipment activation method, terminal and server
JP5882833B2 (en) Authentication device, authentication system, authentication method, and program
CN115802350B (en) Certificate revocation status verification system, method and storage medium
US20170099288A1 (en) Information processing system, peripheral device, wireless communication chip, computer-readable non-transitory storage medium having application program stored therein, and information processing method
US20200403812A1 (en) Certificate issuing apparatus, verification apparatus, communication device, certificate issuing system, certificate issuing method, and non-transitory computer readable medium
WO2019042130A1 (en) Electric vehicle start-up device, electric vehicle and start-up method therefor
JP2022178229A (en) Vehicle control device, vehicle, vehicle control method and program
CN116614814B (en) X.509 certificate application method, device and medium based on V2X communication
CN113904873B (en) Authentication method, authentication device, computing equipment and storage medium
US11734972B2 (en) Systems and methods for securely managing vehicle information
CN110351090B (en) Group signature digital certificate revoking method and device, storage medium and electronic equipment
CN113922997B (en) Certificate activation method, device and equipment of network camera and storage medium
CN107770143A (en) A kind of method and apparatus for verifying client side

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20230509