A remote encrypted information test verification system and method

Abstract

The present application relates to a kind of remote encrypted information test verification system and method, system includes simulation T-BOX device, it is connected with vehicle end by real car diagnosis CAN, and by vehicle battery power supply, equipment is realized data transmission with GW & BCM by CAN bus, including message generation module, message authentication module and message transceiver module.Remote encrypted information test verification method includes remote encrypted information transmission, message authentication module authentication and remote encryption module message generation.This system can be authenticated, decryption function, the function performance after decryption between the encrypted communication of T-BOX and gateway and T-BOX and BCM to single controller offline verification;Using this system, the encrypted communication authentication of remote control system, decryption function, the function performance of vehicle after decryption can be verified offline in early controller development;Problem can be quickly found and solved in early research and development, shorten controller test cycle and development cycle, improve research and development efficiency.

Description

Technical Field

[0001] This invention belongs to the field of vehicle testing technology, specifically relating to a remote encrypted information testing and verification system and method. Background Technology

[0002] As the adoption rate of vehicle remote control systems gradually increases, more and more automakers are investing in the research and development of remote systems and related controllers, such as mobile apps, vehicle remote control units (T-BOX), body control modules (BCM), and gateways (GW). Due to the different development cycles of controllers such as apps, T-BOXs, BCMs, and GWs, the functional implementation time of apps and T-BOXs is usually later than that of other controllers, making it impossible to achieve system integration verification of remote functions in the early stages of vehicle projects.

[0003] For high-security functions such as remote locking / unlocking and remote start / stop, T-BOX request messages are sent in encrypted form. Because information about the encrypted bytes is unavailable, the commonly used IG module simulation method cannot be executed, making offline verification of the remote encrypted message functionality impossible. Existing technologies typically use CANoe testing equipment to simulate T-BOX remote commands. However, this method cannot verify the encryption authentication process between the T-BOX and the gateway, nor can it simulate the encrypted messages sent by the T-BOX, resulting in the inability to test and verify functions such as remote start / unlocking. Therefore, there is an urgent need to develop a remote encrypted information testing and verification system and method to effectively solve the above problems. Summary of the Invention

[0004] The purpose of this invention is to provide a remote encrypted information testing and verification system and a remote encrypted information testing and verification method to solve the problem of completing the system integration testing and verification of the remote functions of the whole vehicle by simulating the T-BOX device in the early stage of vehicle development when the remote functions of T-BOX have not yet been developed.

[0005] The objective of this invention is achieved through the following technical solution:

[0006] A remote encrypted information testing and verification system includes a simulated T-BOX device; the simulated T-BOX device is connected to the vehicle terminal via the vehicle diagnostic CAN bus and is powered by the vehicle battery; the simulated T-BOX device transmits data with the GW&BCM via the CAN bus.

[0007] The simulated T-BOX device includes a message generation module, a message authentication module, and a message transceiver module. The message generation module generates a specific authentication message 0xT2 after inputting a remote command and sequence number, and sends it to the message transceiver module. The message transceiver module sends the 0xT2 message to the vehicle diagnostic CAN bus to achieve vehicle network wake-up. After the message transceiver module obtains the random number sent by the GW, it performs the first authentication between the T-BOX and the GW. The message authentication module performs two authentications with the GW. After determining that the authentication process with the GW has passed, it begins generating encrypted messages. The message generation module generates a specific encrypted message 0xT1 and transmits 0xT1 to the diagnostic CAN bus through the message transceiver module.

[0008] Furthermore, the simulated T-BOX device is connected to the vehicle's battery leads and is powered by the vehicle's battery.

[0009] Furthermore, the CAN_L and CAN_H wiring harnesses for diagnostic CAN are led out from between the T-BOX end and the GW end of the vehicle wiring harness, and the CAN communication line of the simulated T-BOX test equipment is connected to them.

[0010] A method for testing and verifying remote encrypted information includes the following steps:

[0011] A. Remote encrypted information transmission;

[0012] B. Message authentication module authentication;

[0013] C. Remote encryption module message generation.

[0014] Furthermore, step A, the remote encrypted information transmission process, specifically includes the following steps:

[0015] Step A1: The simulated T-BOX device connects to the vehicle via the real vehicle diagnostic CAN and is powered by the vehicle battery. The simulated T-BOX device transmits data with the GW&BCM via the CAN bus. After writing a specific SK and sequence number to the BCM&GW through diagnostic commands, the authentication and matching of the vehicle controller is completed.

[0016] Step A2: After inputting the remote command and sequence number into the simulated T-BOX device, the message generation module of the simulated T-BOX device will generate a specific authentication message 0xT2.

[0017] Step A3: The simulated T-BOX device sends the 0xT2 message to the vehicle diagnostic CAN via the message transceiver module to achieve vehicle network wake-up. After the message transceiver module obtains the random number sent by the GW, the first authentication process between the T-BOX and the GW is completed.

[0018] Step A4: The simulated T-BOX device performs two authentications with the GW through the message authentication module. After determining that the authentication process with the GW has been completed, it begins to generate encrypted messages.

[0019] Step A5: The simulated T-BOX device generates a specific encrypted message 0xT1 through the message generation module, and transmits 0xT1 to the diagnostic CAN through the message transceiver module.

[0020] In step A6, after receiving the 0xT1 message, the vehicle-side GW forwards the 0xT1 message to the comfort CAN. After receiving the encrypted message 0xT1, the BCM will parse the encrypted message and provide feedback on the parsing result.

[0021] Furthermore, in step A6, after the BCM successfully decrypts the encrypted message, it executes the parsed simulated T-BOX control instructions and forwards the relevant instructions to the CAN bus, thereby realizing remote control of the T-BOX encrypted message flow.

[0022] Furthermore, step B, the message authentication module authentication process, specifically includes the following steps:

[0023] In step B1, when BOX initiates an authentication request, the message generation module generates an authentication request message 0xT2 based on SK2, and transmits one 0xT2 message to GW through the transceiver module.

[0024] Step B2: If the simulated T-BOX does not receive the 0xG1 message within 100ms, the message transceiver module sends another 0xT2 message to the GW.

[0025] Step B3: When the simulated T-BOX sends 5 frames of 0xT2 messages and still does not receive a reply, the message transceiver module of the simulated T-BOX stops sending 0xT2 messages and records the GW no response fault.

[0026] Step B4: When the GW responds successfully to the T-BOX, it will send a random number to the diagnostic CAN bus via a 0xG1 message.

[0027] Step B5: After the message transceiver module of the simulated T-BOX collects the 0xG1 message, it sends the random number to the message authentication module.

[0028] Step B6: The message authentication module performs calculations on the random number using the encryption function F(X), generates an authentication message 0xT3, and sends it to the diagnostic CAN via the message transceiver module.

[0029] Step B7: When the 0xT3 message fails the GW's verification, the GW sends a 0xG2 message to the diagnostic CAN to report the verification failure. After receiving the verification failure information, the message authentication module records a random number error fault.

[0030] In step B8, when the 0xT3 message passes the GW's verification, the GW sends the 0xG2 message to the diagnostic CAN to report successful verification. After receiving the verification failure information, the message authentication module records a random number error fault.

[0031] Furthermore, step C, the remote encryption module message generation process, specifically includes the following steps:

[0032] Step C1: After writing the operation instruction & random number & SK to the corresponding bytes, the remote message generation module generates the primary encrypted message 1.

[0033] Step C2: After performing calculations on the byte containing the random number in encrypted message 1, a primary encrypted message 2 is generated;

[0034] Step C3: After the encrypted message 2 is processed with the encryption function F(X) and SK, the primary encrypted message 3 is generated;

[0035] Step C4: Take the high four bytes of the primary encrypted message 3 and perform a calculation with the low four bytes of the primary encrypted message 1 to generate the primary encrypted message 4.

[0036] Step C5: Take all eight bytes of data from the primary encrypted message 4, perform a calculation with the eight bytes SK, and obtain the final encrypted message 0xT1.

[0037] In step C6, the 0xT1 message is finally sent to the vehicle diagnostic CAN bus via the message transceiver module.

[0038] In step C7, after the encrypted message is forwarded to the comfort CAN by the GW, the BCM receives the encrypted message and parses it. After the BCM successfully parses the message, it responds to the T-BOX command and sends the corresponding control signal to the CAN bus. Other controllers in the vehicle, such as the engine control system (EMS), trigger the anti-theft authentication between the EMS and BCM after receiving the remote start request from the BCM. After successful authentication, the vehicle can be remotely started, thus completing the system integration test and verification of the entire remote system function.

[0039] Compared with the prior art, the beneficial effects of the present invention are:

[0040] This invention provides a remote encrypted information testing and verification system capable of performing offline verification of the encrypted communication authentication, decryption functions, and post-decryption functional performance between the T-BOX and the gateway, as well as between the T-BOX and the BCM, using a single controller. Using this invention, the encrypted communication authentication, decryption functions, and post-decryption vehicle functional performance of the remote control system can be verified offline in the early stages of controller development. This allows for rapid identification and resolution of problems in the early stages of R&D, shortening the controller testing and development cycles and improving R&D efficiency. Attached Figure Description

[0041] To more clearly illustrate the technical solutions of the embodiments of the present invention, the accompanying drawings used in the embodiments will be briefly introduced below. It should be understood that the following drawings only show some embodiments of the present invention and should not be regarded as a limitation on the scope. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0042] Figure 1 Diagram of remote encrypted information transmission;

[0043] Figure 2 Message interaction authentication flowchart;

[0044] Figure 3 Flowchart for remote encrypted message generation. Detailed Implementation

[0045] The present invention will be further described below with reference to embodiments:

[0046] The present invention will now be described in further detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and not intended to limit it. Furthermore, it should be noted that, for ease of description, the accompanying drawings show only the parts relevant to the present invention, and not all of the structures.

[0047] It should be noted that similar reference numerals and letters in the following figures indicate similar items; therefore, once an item is defined in one figure, it does not need to be further defined and explained in subsequent figures. Furthermore, in the description of this invention, terms such as "first," "second," etc., are used only to distinguish descriptions and should not be construed as indicating or implying relative importance.

[0048] The present invention provides a remote encrypted information testing and verification system, including a simulated T-BOX device; the simulated T-BOX device is connected to the vehicle battery leads and is powered by the vehicle battery.

[0049] The simulated T-BOX device is connected to the vehicle's diagnostic CAN bus. The simulated T-BOX device transmits data with the GW & BCM via the CAN bus. Specifically, the CAN_L and CAN_H wiring harnesses for diagnostic CAN are led out from between the T-BOX and GW terminals of the vehicle wiring harness, and the CAN communication line of the simulated T-BOX test device is connected to them.

[0050] The simulated T-BOX device includes a message generation module, a message authentication module, and a message transceiver module. The message generation module generates a specific authentication message 0xT2 after inputting a remote command and sequence number, and sends it to the message transceiver module. The message transceiver module sends the 0xT2 message to the vehicle diagnostic CAN bus to achieve vehicle network wake-up. After the message transceiver module receives the random number sent by the GW, the T-BOX performs its first authentication with the GW. The message authentication module performs two authentications with the GW. After determining that the authentication process with the GW has passed, it begins generating encrypted messages. The message generation module generates a specific encrypted message 0xT1 and transmits 0xT1 to the diagnostic CAN bus through the message transceiver module.

[0051] The steps for using the remote encrypted information testing and verification system of this invention are as follows:

[0052] 1. Equipment Connection: The simulated T-BOX device is powered by the vehicle's battery, with power supplied via wiring from the battery. The simulated T-BOX communicates with the vehicle via the CAN bus. The CAN_L and CAN_H wiring harnesses for diagnostic CAN are routed from between the T-BOX and GW terminals of the vehicle's wiring harness, and the CAN communication line of the simulated T-BOX test device is connected to them.

[0053] 2. Equipment debugging: After the connection is completed, run the equipment. The simulated T-BOX can receive diagnostic CAN messages through the CAN transceiver and can send simulated messages to the diagnostic CAN. The equipment debugging is successful.

[0054] 3. Real Controller EOL Matching: At the vehicle end, after secure access via BCM and GW, the key value SK1 between TBOX and GW system, the 8-byte key value SK2 between T-BOX and BCM system, and the sequence number of T-BOX and BCM are written through Diagnostic Service 31. This completes the matching between the real BCM and simulated TBOX, and between the real GW and simulated TBOX.

[0055] 4. Remote Encrypted Message Generation: Run the project, input the corresponding remote command into the device's message generation module, and write SK1, SK2, and sequence number. The compilation software performs logical operations on the input command and the encryption function defined by the car manufacturer to generate the encrypted message 0xT1 corresponding to the remote encryption command.

[0056] 5. Remote Authentication Process: Activate the device's message authentication module, simulate the T-BOX device to send an authentication message 0xT2 to the diagnostic CAN, and after receiving the random number fed back by the GW authentication message, the first authentication between T-BOX and GW is achieved; then, the simulated T-BOX project uses an encryption function to calculate encrypted authentication data from the random number, and sends the data to the diagnostic CAN again. After the GW judges that the encrypted authentication data is correct, it sends a message feedback that the authentication is successful, thus achieving the second authentication between T-BOX and GW.

[0057] 6. Remote Encrypted Command Transmission: The device's message sending module is activated, sending a remote start encrypted message to the diagnostic CAN at 100ms intervals. The GW then forwards the encrypted message to the comfort CAN. Upon receiving the encrypted message, the BCM decrypts it. After successful decryption, the BCM initiates authentication with the EMS and issues an ignition command, enabling subsequent testing and verification of the vehicle's functional performance after the BCM decrypts the remote encrypted message.

[0058] The remote encrypted information testing and verification method of the present invention includes the following steps:

[0059] Step 1: Remote encrypted information transmission;

[0060] Step 2, message authentication module authentication;

[0061] Step 3: Remote encryption module message generation.

[0062] like Figure 1 As shown, step 1, the remote encrypted information transmission process, specifically includes the following steps:

[0063] Step 11: The device of this invention connects to the vehicle via the vehicle diagnostic CAN bus and is powered by the vehicle's battery. The simulated T-BOX device transmits data with the GW & BCM via the CAN bus. After writing a specific SK and sequence number to the BCM & GW via diagnostic commands, the authentication and matching of the vehicle-side controller is completed.

[0064] Step 12: After inputting the remote command and sequence number into the simulated T-BOX device, the message generation module of the simulated T-BOX device will generate a specific authentication message 0xT2.

[0065] Step 13: The simulated T-BOX device sends the 0xT2 message to the vehicle diagnostic CAN via the message transceiver module to achieve vehicle network wake-up. After the message transceiver module obtains the random number sent by the GW, the first authentication process between the T-BOX and the GW is completed.

[0066] Step 14: The simulated T-BOX device performs two authentications with the GW through the message authentication module. After determining that the authentication process with the GW has been completed, it begins to generate encrypted messages.

[0067] Step 15: The simulated T-BOX device generates a specific encrypted message 0xT1 through the message generation module, and transmits 0xT1 to the diagnostic CAN through the message transceiver module.

[0068] Step 16: After receiving the 0xT1 message, the vehicle-side GW forwards it to the comfort CAN bus. Upon receiving the encrypted 0xT1 message, the BCM parses it and provides feedback on the parsing result. After successfully decrypting the encrypted message, the BCM executes the parsed simulated T-BOX control commands and forwards the relevant commands to the CAN bus, thus enabling remote control of the T-BOX encrypted message flow.

[0069] like Figure 2 As shown, step 2, the message authentication module authentication process specifically includes the following steps:

[0070] Step 21: When BOX initiates an authentication request, the message generation module generates an authentication request message 0xT2 based on SK2, and transmits one 0xT2 message to GW through the transceiver module.

[0071] Step 22: If the simulated T-BOX does not receive the 0xG1 message within 100ms, the message transceiver module sends another 0xT2 message to the GW.

[0072] Step 23: When the simulated T-BOX sends 5 frames of 0xT2 messages but still does not receive a reply, the message transceiver module of the simulated T-BOX stops sending 0xT2 messages and records the GW no response fault.

[0073] Step 24: When the GW responds successfully to the T-BOX, it will send a random number to the diagnostic CAN bus via a 0xG1 message.

[0074] Step 25: After the message transceiver module of the simulated T-BOX collects the 0xG1 message, it sends the random number to the message authentication module.

[0075] Step 26: The message authentication module generates an authentication message 0xT3 by performing a calculation on the random number using the encryption function F(X), and sends it to the diagnostic CAN through the message transceiver module.

[0076] Step 27: When the 0xT3 message fails the GW's verification, the GW sends a 0xG2 message to the diagnostic CAN, indicating verification failure. Upon receiving the verification failure information, the message authentication module records a random number error fault.

[0077] Step 28: When the 0xT3 message passes the GW's verification, the GW sends a 0xG2 message to the diagnostic CAN, indicating successful verification. Upon receiving the verification failure message, the message authentication module records a random number error.

[0078] like Figure 3 As shown, step 3, the remote encryption module message generation process, specifically includes the following steps:

[0079] Step 31: After writing the operation instruction & random number & SK to the corresponding bytes, the remote message generation module generates the primary encrypted message 1.

[0080] Step 32: After performing calculations on the byte containing the random number in encrypted message 1, a primary encrypted message 2 is generated;

[0081] Step 33: After the encrypted message 2 is processed with the encryption function F(X) and SK, the primary encrypted message 3 is generated;

[0082] Step 34: Take the high four bytes of the primary encrypted message 3 and perform a calculation with the low four bytes of the primary encrypted message 1 to generate the primary encrypted message 4.

[0083] Step 35: Take all eight bytes of data from the primary encrypted message 4, perform a calculation with the eight bytes SK, and obtain the final encrypted message 0xT1.

[0084] Step 36: Finally, the 0xT1 message is sent to the vehicle diagnostic CAN bus via the message transceiver module.

[0085] Step 37, combined Figure 1 After the encrypted message is forwarded to the comfort CAN by the GW, the BCM receives the encrypted message and parses it. After the BCM successfully parses the message, it responds to the T-BOX command and sends the corresponding control signal to the CAN bus. Other controllers in the vehicle, such as the engine control system (EMS), trigger the anti-theft authentication between the EMS and BCM after receiving the remote start request from the BCM. After successful authentication, the vehicle can be remotely started, thus completing the system integration test and verification of the entire remote system function.

[0086] Note that the above description is merely a preferred embodiment of the present invention and the technical principles employed. Those skilled in the art will understand that the present invention is not limited to the specific embodiments described herein, and various obvious changes, readjustments, and substitutions can be made without departing from the scope of protection of the present invention. Therefore, although the present invention has been described in detail through the above embodiments, the present invention is not limited to the above embodiments, and may include many other equivalent embodiments without departing from the concept of the present invention, the scope of which is determined by the scope of the appended claims.

Claims

1. A remote encrypted information testing and verification system, characterized in that: This includes a simulated T-BOX device; the simulated T-BOX device is connected to the vehicle via the vehicle diagnostic CAN bus and is powered by the vehicle's battery; the simulated T-BOX device transmits data with the gateway GW and the body control module BCM via the CAN bus. The simulated T-BOX device includes a message generation module, a message authentication module, and a message transceiver module. The message generation module generates a specific authentication message 0xT2 after inputting a remote command and sequence number, and sends it to the message transceiver module. The message transceiver module sends the 0xT2 message to the vehicle diagnostic CAN bus to achieve vehicle network wake-up. After the message transceiver module obtains the random number sent by the GW, it performs the first authentication between the T-BOX and the GW. The message authentication module performs two authentications with the GW. After determining that the authentication process with the GW has passed, it begins generating encrypted messages. The message generation module generates a specific encrypted message 0xT1 and transmits 0xT1 to the diagnostic CAN bus through the message transceiver module. The simulated T-BOX device is connected to the vehicle battery leads and is powered by the vehicle battery. The CAN_L and CAN_H wiring harnesses for CAN diagnosis are led out from between the T-BOX end and the GW end of the vehicle wiring harness, and the CAN communication line of the simulated T-BOX test device is connected to them. The remote encrypted information testing and verification system is also used for: A. Remote encrypted information transmission; B. Message authentication module authentication; C. Remote encryption module message generation; Step A, the remote encrypted information transmission process specifically includes the following steps: Step A1: The simulated T-BOX device is connected to the vehicle via the vehicle diagnostic CAN and powered by the vehicle battery. The simulated T-BOX device transmits data with the GW&BCM via the CAN bus. After writing a specific key value SK and the sequence number of T-BOX and BCM to the BCM&GW through diagnostic commands, the authentication and matching of the vehicle controller is completed. Step A2: After inputting the remote command and sequence number into the simulated T-BOX device, the message generation module of the simulated T-BOX device will generate a specific authentication message 0xT2. Step A3: The simulated T-BOX device sends the 0xT2 message to the vehicle diagnostic CAN via the message transceiver module to achieve vehicle network wake-up. After the message transceiver module obtains the random number sent by the GW, the first authentication process between the T-BOX and the GW is completed. Step A4: The simulated T-BOX device performs two authentications with the GW through the message authentication module. After determining that the authentication process with the GW has been completed, it begins to generate encrypted messages. Step A5: The simulated T-BOX device generates a specific encrypted message 0xT1 through the message generation module, and transmits 0xT1 to the diagnostic CAN through the message transceiver module. Step A6: After receiving the 0xT1 message, the vehicle-side GW forwards the 0xT1 message to the comfort CAN. After receiving the encrypted message 0xT1, the BCM will parse the encrypted message and provide feedback on the parsing result. Step A6: After the BCM successfully decrypts the encrypted message, it executes the parsed simulated T-BOX control command and forwards the relevant command to the CAN bus to realize remote control of the T-BOX encrypted message flow. Step B, the message authentication module authentication process specifically includes the following steps: In step B1, when the BOX initiates an authentication request, the message generation module generates an authentication message 0xT2 based on the 8-byte key value SK2 of the T-BOX and the BCM system, and sends one frame of 0xT2 message to the GW through the transceiver module. Step B2: If the simulated T-BOX does not receive the 0xG1 message within 100ms, the message transceiver module sends another 0xT2 message to the GW. Step B3: When the simulated T-BOX sends 5 frames of 0xT2 messages and still does not receive a reply, the message transceiver module of the simulated T-BOX stops sending 0xT2 messages and records the GW no response fault. Step B4: When the GW responds successfully to the T-BOX, it will send a random number to the diagnostic CAN bus via a 0xG1 message. Step B5: After the message transceiver module of the simulated T-BOX collects the 0xG1 message, it sends the random number to the message authentication module. Step B6: The message authentication module performs calculations on the random number using the encryption function F(X), generates an authentication message 0xT3, and sends it to the diagnostic CAN via the message transceiver module. Step B7: When the 0xT3 message fails the GW's verification, the GW sends a 0xG2 message to the diagnostic CAN to report the verification failure. After receiving the verification failure information, the message authentication module records a random number error fault. Step B8: When the 0xT3 message passes the GW's verification, the GW sends the 0xG2 message to the diagnostic CAN to indicate successful verification. Step C, the remote encryption module message generation process specifically includes the following steps: Step C1: After writing the operation instruction & random number & SK to the corresponding bytes, the remote message generation module generates the primary encrypted message 1. Step C2: After performing calculations on the byte containing the random number in encrypted message 1, a primary encrypted message 2 is generated; Step C3: After the encrypted message 2 is processed with the encryption function F(X) and SK, the primary encrypted message 3 is generated; Step C4: Take the high four bytes of the primary encrypted message 3 and perform a calculation with the low four bytes of the primary encrypted message 1 to generate the primary encrypted message 4. Step C5: Take all eight bytes of data from the primary encrypted message 4, perform a calculation with the eight bytes SK, and obtain the final encrypted message 0xT1. In step C6, the 0xT1 message is finally sent to the vehicle diagnostic CAN bus via the message transceiver module. In step C7, after the encrypted message is forwarded to the comfort CAN by the GW, the BCM receives the encrypted message and parses it. After the BCM successfully parses the message, it responds to the T-BOX command and sends the corresponding control signal to the CAN bus. Other controllers in the vehicle, such as the engine control system (EMS), trigger the anti-theft authentication between the EMS and BCM after receiving the remote start request from the BCM. After successful authentication, the vehicle can be remotely started, thus completing the system integration test and verification of the entire remote system function.

Images