Authentication methods, authentication systems, computer-readable storage media, and vehicles
By working in tandem with the vehicle diagnostic equipment and the vehicle domain platform, secure authentication of the cockpit domain platform by external devices is achieved, which solves the security risks caused by direct connection of external devices and improves the security and user experience of the cockpit domain platform.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- RUILIAN XINGCHEN (BEIJING) TECH CO LTD
- Filing Date
- 2022-08-02
- Publication Date
- 2026-06-30
Smart Images

Figure CN117544330B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of authentication, and more particularly to an authentication method, authentication system, computer-readable storage medium, and vehicle. Background Technology
[0002] With the continuous development of automotive intelligence, in-vehicle intelligent systems are being given more and more functions, and the complexity of in-vehicle intelligent systems is also increasing. For example, the cockpit system in an in-vehicle intelligent system improves the user's riding comfort.
[0003] However, currently, external devices are directly connected to the vehicle's cockpit system for debugging via network, which compromises vehicle safety. If the network protocols between the two are compromised, the vehicle's cockpit system could be connected to by insecure external devices, thus affecting vehicle safety. Summary of the Invention
[0004] In view of this, the purpose of this invention is to provide an authentication method, authentication system, computer-readable storage medium, and vehicle, which can enable external devices to debug the cockpit domain platform, while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0005] In a first aspect, embodiments of the present invention provide an authentication method, the method comprising:
[0006] In response to establishing a communication connection with external devices, the on-board diagnostic equipment sends an authentication request to the vehicle domain platform.
[0007] The vehicle domain platform sends vehicle information to the external device via the on-board diagnostic equipment based on the authentication request information. The vehicle information includes a vehicle identification number and random information.
[0008] The on-board diagnostic device receives and forwards message authentication information generated by the external device based on the vehicle information to the vehicle domain platform for verification; and
[0009] In response to the successful verification of the message authentication information, the on-board diagnostic device opens the cockpit domain platform route so that the external device can establish a communication connection with the cockpit domain platform through the on-board diagnostic device.
[0010] In some embodiments, sending vehicle information to the external device via the on-board diagnostic device includes:
[0011] The random information is generated by the vehicle domain platform;
[0012] The vehicle domain platform determines the vehicle information based on the random information and the vehicle identification code; and
[0013] The vehicle domain platform sends the vehicle information to the on-board diagnostic equipment.
[0014] In some embodiments, the on-board diagnostic device opening the cockpit domain platform route includes:
[0015] The vehicle domain platform sends a verification success message to the on-board diagnostic device;
[0016] The on-board diagnostic device opens the cockpit domain platform route based on the verification success message and establishes a communication connection with the cockpit domain platform.
[0017] In some embodiments, after the external device establishes a communication connection with the cockpit domain platform through the on-board diagnostic device, the method further includes:
[0018] The on-board diagnostic equipment receives debugging information sent by external devices and sends the debugging information to the cockpit domain platform;
[0019] The cockpit domain platform performs debugging based on the debugging information.
[0020] In some embodiments, the method further includes:
[0021] In response to the failure of the message authentication information verification, the on-board diagnostic device shuts down the cockpit domain platform routing, so that external devices cannot communicate with the cockpit domain platform through the on-board diagnostic device.
[0022] In some embodiments, the on-board diagnostic device further includes disabling the cockpit domain platform routing:
[0023] The vehicle domain platform sends a verification failure message to the on-board diagnostic device;
[0024] The on-board diagnostic device shuts down the cockpit domain platform routing based on the verification failure message and simultaneously stops communicating with the cockpit domain platform.
[0025] Secondly, embodiments of the present invention provide an authentication method, the method comprising:
[0026] External devices establish a communication connection with on-board diagnostic equipment based on the user's user information;
[0027] In response to receiving vehicle information through the communication connection, the external device generates message authentication information based on the vehicle information and sends the message authentication information to the on-board diagnostic device. The vehicle information includes a vehicle identification number and random information.
[0028] Upon successful verification of the message authentication information, the external device establishes a communication connection with the cockpit domain platform through the on-board diagnostic equipment.
[0029] In some embodiments, the external device establishing a communication connection with the on-board diagnostic device based on the user's user information includes:
[0030] Send a communication request to the on-board diagnostic device, the communication request including the user's user information;
[0031] Establish a communication connection with the on-board diagnostic equipment according to the communication request; or
[0032] The external device establishes a communication connection with the on-board diagnostic equipment based on the user's user information, including:
[0033] The on-board diagnostic device obtains the user's user information through the external device;
[0034] A communication connection is established with the external device based on the user's user information.
[0035] In some embodiments, the external device generates message authentication information based on vehicle information, including:
[0036] The external device generates the message authentication information based on the vehicle identification code and the random information query key.
[0037] In some embodiments, after the external device establishes a communication connection with the cockpit domain platform through the on-board diagnostic device, the method further includes:
[0038] The external device sends debugging information to the cockpit domain platform via the on-board diagnostic equipment, so that the cockpit domain platform can perform debugging based on the debugging information.
[0039] Thirdly, embodiments of the present invention provide an authentication system, the system comprising:
[0040] An external device is configured to establish a communication connection with an on-board diagnostic device based on user information. In response to receiving vehicle information through the communication connection, it generates message authentication information based on the vehicle information and sends the message authentication information to the on-board diagnostic device. In response to successful verification of the message authentication information, it establishes a communication connection with the cockpit domain platform through the on-board diagnostic device. The vehicle information includes a vehicle identification number and random information.
[0041] The on-board diagnostic device is configured to send an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device, receive and forward the message authentication information generated by the external device based on the vehicle information to the vehicle domain platform for verification, and, in response to successful verification of the message authentication information, open the cockpit domain platform routing so that the external device can establish a communication connection with the cockpit domain platform through the on-board diagnostic device.
[0042] The vehicle domain platform is configured to send the vehicle information to the external device via the on-board diagnostic device based on the authentication request information;
[0043] A cockpit domain platform is configured to communicate with the external device via the on-board diagnostic equipment in response to the cockpit domain platform route being opened, the cockpit domain platform including the cockpit domain platform route.
[0044] In some embodiments, the vehicle domain platform is further configured to generate the random information, determine the vehicle information based on the random information and the vehicle identification code, and send the vehicle information to the on-board diagnostic device.
[0045] In some embodiments, the vehicle domain platform is further configured to send a verification success message to the on-board diagnostic device.
[0046] In some embodiments, the on-board diagnostic device is further configured to open the cockpit domain platform route based on the verification success message, and simultaneously establish a communication connection with the cockpit domain platform.
[0047] In some embodiments, the on-board diagnostic device is further configured to receive debugging information sent by the external device and send the debugging information to the cockpit domain platform.
[0048] In some embodiments, the cockpit domain platform is also configured to perform debugging based on the debugging information.
[0049] In some embodiments, the on-board diagnostic device is further configured to disable the cockpit domain platform routing in response to the failure of the message authentication information verification, so that the external device cannot communicate with the cockpit domain platform through the on-board diagnostic device.
[0050] In some embodiments, the vehicle domain platform is also configured to send a verification failure message to the on-board diagnostic device.
[0051] In some embodiments, the on-board diagnostic device is further configured to disable the cockpit domain platform routing based on the verification failure message, and simultaneously cease communication with the cockpit domain platform.
[0052] In some embodiments, the external device is further configured to send a communication request to the on-board diagnostic device, the communication request including the user's user information, and to establish a communication connection with the on-board diagnostic device according to the communication request; or
[0053] The on-board diagnostic device is configured to obtain the user's user information through the external device and establish a communication connection with the external device based on the user's user information.
[0054] In some embodiments, the external device is further configured to generate the message authentication information based on the vehicle identification code and the random information query key.
[0055] In some embodiments, the external device is further configured to send debugging information to the on-board diagnostic device via the on-board diagnostic device.
[0056] Fourthly, embodiments of the present invention provide a vehicle, the vehicle comprising:
[0057] The on-board diagnostic device is configured to send an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device, receive and forward message authentication information generated by the external device based on vehicle information to the vehicle domain platform for verification, and, in response to successful verification of the message authentication information, open the cockpit domain platform routing so that the external device can establish a communication connection with the cockpit domain platform through the on-board diagnostic device. The vehicle information includes a vehicle identification number and random information.
[0058] The vehicle domain platform is configured to send the vehicle information to the external device via the on-board diagnostic device based on the authentication request information;
[0059] A cockpit domain platform is configured to communicate with the external device via the on-board diagnostic equipment in response to the cockpit domain platform route being opened, the cockpit domain platform including the cockpit domain platform route.
[0060] In some embodiments, the vehicle domain platform is further configured to generate the random information, determine the vehicle information based on the random information and the vehicle identification code, and send the vehicle information to the on-board diagnostic device.
[0061] In some embodiments, the vehicle domain platform is further configured to send a verification success message to the on-board diagnostic device.
[0062] In some embodiments, the on-board diagnostic device is further configured to open the cockpit domain platform route based on the verification success message, and simultaneously establish a communication connection with the cockpit domain platform.
[0063] In some embodiments, the on-board diagnostic device is further configured to receive debugging information sent by the external device and send the debugging information to the cockpit domain platform.
[0064] In some embodiments, the cockpit domain platform is also configured to perform debugging based on the debugging information.
[0065] In some embodiments, the on-board diagnostic device is further configured to disable the cockpit domain platform routing in response to the failure of the message authentication information verification, so that the external device cannot communicate with the cockpit domain platform through the on-board diagnostic device.
[0066] In some embodiments, the vehicle domain platform is also configured to send a verification failure message to the on-board diagnostic device.
[0067] In some embodiments, the on-board diagnostic device is further configured to disable the cockpit domain platform routing based on the verification failure message, and simultaneously cease communication with the cockpit domain platform.
[0068] Fifthly, embodiments of the present invention provide a computer-readable storage medium having stored computer program instructions thereon, which, when executed by a processor, implement the methods described in the first and second aspects.
[0069] Sixthly, embodiments of the present invention provide a vehicle, the vehicle comprising:
[0070] The vehicle itself; and
[0071] A memory and a processor, the memory being used to store one or more computer program instructions, wherein the one or more computer program instructions are executed by the processor to implement the method as described in the first aspect.
[0072] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience. Attached Figure Description
[0073] The above and other objects, features and advantages of the present invention will become clearer from the following description of embodiments of the invention with reference to the accompanying drawings, in which:
[0074] Figure 1 This is a schematic diagram of the authentication system according to an embodiment of the present invention;
[0075] Figure 2 This is a circuit diagram of a vehicle according to an embodiment of the present invention;
[0076] Figure 3 This is a flowchart of the authentication method according to an embodiment of the present invention;
[0077] Figure 4 This is a first flowchart of the authentication method according to an embodiment of the present invention;
[0078] Figure 5 This is a flowchart of a method by which the vehicle domain platform of the invention sends vehicle information to the external device via on-board diagnostic equipment;
[0079] Figure 6 This is a flowchart of a method for opening the cockpit domain platform routing using an on-board diagnostic device according to an embodiment of the present invention;
[0080] Figure 7 This is a flowchart of a method for disabling cockpit domain platform routing using an on-board diagnostic device according to an embodiment of the present invention;
[0081] Figure 8 This is a second flowchart of the authentication method according to an embodiment of the present invention;
[0082] Figure 9 This is a flowchart of a method for establishing a communication connection between an external device and an on-board diagnostic device based on user information, according to an embodiment of the present invention.
[0083] Figure 10 This is a flowchart of a method for an external device to generate message authentication information based on vehicle information, according to an embodiment of the present invention.
[0084] Figure 11 This is a flowchart of the specific authentication method according to an embodiment of the present invention;
[0085] Figure 12 This is a flowchart of the first authentication device according to an embodiment of the present invention;
[0086] Figure 13 This is a flowchart of the second authentication device according to an embodiment of the present invention;
[0087] Figure 14 This is a schematic diagram of an electronic device according to an embodiment of the present invention. Detailed Implementation
[0088] The present invention is described below based on embodiments, but the invention is not limited to these embodiments. In the detailed description of the invention below, certain specific details are described in detail. Those skilled in the art will fully understand the invention even without these details. To avoid obscuring the essence of the invention, well-known methods, processes, flows, elements, and circuits are not described in detail.
[0089] Furthermore, those skilled in the art should understand that the accompanying drawings provided herein are for illustrative purposes only and are not necessarily drawn to scale.
[0090] Unless the context explicitly requires it, words such as "including" or "contains" in the instruction manual should be interpreted as including rather than exclusive or exhaustive; that is, meaning "including but not limited to".
[0091] In the description of this invention, it should be understood that the terms "first," "second," etc., are configured for descriptive purposes only and should not be construed as indicating or implying relative importance. Furthermore, in the description of this invention, unless otherwise stated, "a plurality of" means two or more.
[0092] In the following description, the scenario of authentication interaction between external devices and vehicle on-board diagnostic equipment, vehicle domain platform, and cockpit domain platform is used as an example. It should be understood that the authentication method of this embodiment can also be applied to other types of spaces that require authentication, such as airplanes, trains, ships, and other types of transportation or buildings.
[0093] Figure 1 This is a schematic diagram of the authentication system according to the first embodiment of the present invention. Figure 1 As shown, the authentication system of this embodiment includes an external device 1 and a vehicle 2, wherein the vehicle 2 includes an on-board diagnostic device, a vehicle domain platform and a cockpit domain platform.
[0094] In this embodiment, external device 1 is an electronic device with data transmission, data processing, information storage and network interaction functions, such as a cloud server, detection equipment, etc.
[0095] Furthermore, the communication connection between external device 1 and vehicle 2 can be achieved through technologies such as GSM (Global System for Mobile Communications), GPRS (General Packet Radio Service), eMTC (LTE enhanced MTO), and NB-IoT (Narrow Band Internet of Things).
[0096] In this embodiment, the authentication of one external device 1 and one vehicle 2 is used as an example for illustration. However, this embodiment of the invention does not limit the number of external devices and vehicles that perform authentication. It can be multiple external devices authenticating one vehicle, one external device authenticating multiple vehicles, or multiple external devices authenticating multiple vehicles, etc.
[0097] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0098] Furthermore, Figure 2 This is a circuit diagram of a vehicle according to an embodiment of the present invention. (For example...) Figure 2 As shown, vehicle 2 includes on-board diagnostic equipment 21, vehicle domain platform 22 and cockpit domain platform 23.
[0099] The on-board diagnostic device 21 is used to respond to the communication request of the external device 1, send authentication request information to the vehicle domain platform 22, receive and forward message authentication information generated by the external device 1 based on vehicle information to the vehicle domain platform 22, and open the cockpit domain platform routing in response to the successful verification of the message authentication information, so that the external device 1 can establish a communication connection with the cockpit domain platform 23 through the on-board diagnostic device 21.
[0100] The vehicle domain platform 22 is used to send the vehicle information to the external device 1 via the on-board diagnostic device 21 according to the authentication request information.
[0101] The cockpit domain platform 23 is used to communicate with the external device 1 via the on-board diagnostic device 21 in response to the cockpit domain platform routing being opened. The cockpit domain platform 23 includes the cockpit domain platform routing.
[0102] In this embodiment, the on-board diagnostic device 21, the vehicle domain platform 22, and the cockpit domain platform 23 are electronic devices with data transmission, data processing, information storage, and network interaction functions. This embodiment uses an OBD device (On-Board Diagnostic) for the on-board diagnostic device 21, a VDP (Vehicle Domain Platform) for the vehicle domain platform 22, and a CDP (Cockpit Domain Platform) for the cockpit domain platform 23 as examples for illustration.
[0103] In this embodiment, the communication connection between the on-board diagnostic device 21, the vehicle domain platform 22, and the cockpit domain platform 23 can be achieved through wired, wireless, or a combination of wired and wireless methods, and this embodiment of the invention does not impose any restrictions on this.
[0104] In an optional embodiment, the communication connection between the on-board diagnostic device 21, the vehicle domain platform 22, and the cockpit domain platform 23 is a wired connection. This wired connection can be implemented through bus interfaces such as CAN (Controller Area Network), LIN (Local Interconnect Network), RS-485, and UART (Universal Asynchronous Receiver / Transmitter). CAN is a serial communication protocol from the ISO international standardization organization. LIN is a low-cost serial communication protocol based on UART / SCI (Universal Asynchronous Receiver / Transmitter), primarily used for serial communication between sensors and controllers. The RS-485 bus standard is a widely used bidirectional, balanced transmission standard interface in industry (attendance, monitoring, data acquisition systems), supporting multi-point connections. UART is a universal serial data bus used for asynchronous communication; this bus allows bidirectional communication and can achieve full-duplex transmission and reception.
[0105] In another optional embodiment, the communication connection between the on-board diagnostic device 21, the vehicle domain platform 22, and the cockpit domain platform 23 is a wireless connection, which can be achieved through wireless networks such as Bluetooth, Wi-Fi, NB-IoT, LoRa, or ZigBee. Bluetooth is a radio technology that supports short-range device communication, offering advantages such as wide transmission range, strong penetration, strong anti-interference, low power consumption, and low cost. Wi-Fi is a wireless communication technology widely used in daily life, thus requiring no additional hardware to achieve a communication connection. NB-IoT (Narrow Band Internet of Things) features wide coverage, low power consumption, and lower module costs. LoRa, a type of LPWAN (Low Power Wide Area Network), is an ultra-long-range wireless transmission solution based on spread spectrum technology adopted and promoted by Semtech, featuring long range, low power consumption, multiple nodes, and low cost. ZigBee technology is a short-range, low-complexity, low-power, low-data-rate, and low-cost bidirectional wireless communication technology.
[0106] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0107] Furthermore, Figure 3 This is a flowchart of the authentication method according to an embodiment of the present invention. Figure 3 As shown, the authentication method of this invention includes the following steps:
[0108] Step S100: In response to establishing a communication connection with an external device, the on-board diagnostic device sends an authentication request to the vehicle domain platform.
[0109] Step S200: The vehicle domain platform sends the vehicle information to the external device via the on-board diagnostic equipment based on the authentication request information. The vehicle information includes the vehicle identification code and random information.
[0110] Step S300: The on-board diagnostic device receives and forwards the message authentication information generated by the external device based on the vehicle information to the whole vehicle domain platform for verification.
[0111] In step S400, in response to successful verification of the message authentication information, the on-board diagnostic device opens the cockpit domain platform route so that external devices can establish a communication connection with the cockpit domain platform through the on-board diagnostic device.
[0112] In some embodiments, sending vehicle information to the external device via the on-board diagnostic device includes:
[0113] The random information is generated by the vehicle domain platform;
[0114] The vehicle domain platform determines the vehicle information based on the random information and the vehicle identification code; and
[0115] The vehicle domain platform sends the vehicle information to the on-board diagnostic equipment.
[0116] In some embodiments, the on-board diagnostic device opening the cockpit domain platform route includes:
[0117] The vehicle domain platform sends a verification success message to the on-board diagnostic device;
[0118] The on-board diagnostic device opens the cockpit domain platform route based on the verification success message and establishes a communication connection with the cockpit domain platform.
[0119] In some embodiments, after the external device establishes a communication connection with the cockpit domain platform through the on-board diagnostic device, the method further includes:
[0120] The on-board diagnostic equipment receives debugging information sent by external devices and sends the debugging information to the cockpit domain platform;
[0121] The cockpit domain platform performs debugging based on the debugging information.
[0122] In some embodiments, the method further includes:
[0123] In response to the failure of the message authentication information verification, the on-board diagnostic device shuts down the cockpit domain platform routing, so that external devices cannot communicate with the cockpit domain platform through the on-board diagnostic device.
[0124] In some embodiments, the on-board diagnostic device further includes disabling the cockpit domain platform routing:
[0125] The vehicle domain platform sends a verification failure message to the on-board diagnostic device;
[0126] The on-board diagnostic device shuts down the cockpit domain platform routing based on the verification failure message and simultaneously stops communicating with the cockpit domain platform.
[0127] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0128] Furthermore, Figure 4 This is a first flowchart of the authentication method according to an embodiment of the present invention. Figure 4 As shown, the authentication method of this invention includes the following steps:
[0129] Step S110: In response to establishing a communication connection with an external device, send authentication request information.
[0130] In this embodiment, in response to establishing a communication connection with external device 1, the on-board diagnostic device 21 sends an authentication request to the vehicle domain platform 22.
[0131] In an optional embodiment, in response to establishing a communication connection with external device 1, the on-board diagnostic device 21 obtains the identity information of external device 1, which includes the external device model and identifier. Further, the on-board diagnostic device 21 sends authentication request information to the vehicle domain platform 22, which includes the identity information of the on-board diagnostic device 21 and the identity information of external device 1, wherein the identity information of the on-board diagnostic device 21 includes an identifier for the on-board diagnostic device 21.
[0132] It should be understood that this embodiment of the invention uses the identification information of external device 1, including the external device model and identifier, as an example for illustration. This embodiment of the invention does not limit the content of the identification information of external device 1, and the identification information may also include user information of the external device, etc. Furthermore, this embodiment of the invention also does not limit the content of the authentication request information and the identification information of the on-board diagnostic device 21.
[0133] Step S120: Based on the authentication request information, send the vehicle information to the external device via the on-board diagnostic equipment.
[0134] In this embodiment, the vehicle domain platform 22 sends vehicle information to the external device 1 via the on-board diagnostic device 21 based on the authentication request information. The vehicle information includes a vehicle identification number and random information.
[0135] In one optional embodiment, the vehicle domain platform 22 determines the number of external devices to be authenticated and the identity information of the external devices based on the identity information of the on-board diagnostic device 21 and the external device 1 in the authentication request information.
[0136] In this embodiment, step S120 further includes steps S121, S122, and S123. Specifically, Figure 5 This is a flowchart illustrating a method by which the vehicle domain platform, as described in the embodiment of the invention, sends vehicle information to external devices via the on-board diagnostic equipment. For example... Figure 5 As shown, the method for a vehicle domain platform to send vehicle information to an external device via the on-board diagnostic device, according to an embodiment of the present invention, includes the following steps:
[0137] Step S121: The vehicle domain platform generates random information.
[0138] In one alternative embodiment, the vehicle domain platform 22 generates random information based on the identity information of the on-board diagnostic device 21 and the identity information of the external device 1 in the authentication request information.
[0139] In another alternative implementation, in response to receiving authentication request information, the vehicle domain platform 22 generates random information.
[0140] In this embodiment, the random information includes at least one random number and a timestamp. The random number is used for authentication by external device 1, and the timestamp is used by external device 1 to verify the validity of the random information.
[0141] It should be understood that the embodiments of the present invention are illustrated using the example of random information including at least one random number and a timestamp, but the embodiments of the present invention do not limit the content of the random information. For example, the random information may also include one or more random letters, one or more random symbols, a combination of random letters and random numbers, random strings, etc.
[0142] Step S122: The vehicle domain platform determines the vehicle information based on random information and vehicle identification code.
[0143] In this embodiment, the vehicle domain platform 22 determines vehicle information based on random information and vehicle identification number (VIN), which includes VIN (Vehicle Identification Number).
[0144] It should be understood that the embodiments of the present invention are illustrated using the Vehicle Identification Number (VIN) as an example, but the embodiments of the present invention do not limit the content included in the Vehicle Identification Number. The Vehicle Identification Number may also include numbers, text, etc., and the numbers and text are used to represent information such as vehicle manufacturer, vehicle category, vehicle model, detailed model, body shape, safety device style, engine displacement, driver's seat position, manufacturing year, production plant, etc.
[0145] Step S123: The vehicle domain platform sends the vehicle information to the on-board diagnostic device.
[0146] In this embodiment, the vehicle domain platform 22 sends random information and vehicle identification code to the on-board diagnostic device 21, and then the on-board diagnostic device 21 sends the random information and vehicle identification code to the external device 1.
[0147] Step S130: Receive and forward the message authentication information generated by the external device based on the vehicle information for verification.
[0148] In this embodiment, the on-board diagnostic device 21 receives message authentication information generated by the external device 1 based on vehicle information, forwards the message authentication information to the vehicle domain platform 22, and then the vehicle domain platform 22 performs verification based on the message authentication information.
[0149] In this embodiment, the message authentication information includes a message authentication code, and the vehicle domain platform 22 verifies the information using MAC verification (Message Authentication Code).
[0150] It should be understood that this embodiment of the invention uses MAC verification as an example for illustration, but the embodiment of the invention does not limit the verification method. For example, the verification method can also be digital signature verification, in which case the message authentication information includes digital signature information. The verification method can also be MD verification (Message-Digest), in which case the message authentication information includes message digest information.
[0151] Step S140: In response to successful verification of the message authentication information, open the cockpit domain platform routing.
[0152] In this embodiment, in response to successful verification of message authentication information, the on-board diagnostic device 21 opens the cockpit domain platform route so that the external device 1 can establish a communication connection with the cockpit domain platform 23 through the on-board diagnostic device 21.
[0153] In this embodiment, step S140 further includes steps S141 and S142, specifically, Figure 6 This is a flowchart illustrating a method for opening the cockpit domain platform routing using an on-board diagnostic device according to an embodiment of the present invention. Figure 6 As shown, the steps of the method for opening the cockpit domain platform routing in the vehicle diagnostic equipment according to an embodiment of the present invention include:
[0154] Step S141: The vehicle domain platform sends a verification success message to the on-board diagnostic equipment.
[0155] In this embodiment, the vehicle domain platform 22 sends a verification success message to the on-board diagnostic device 21. The verification success message includes the identity information of the external device 1 and the verification result of the external device 1, and the verification result is successful.
[0156] It should be understood that the embodiments of the present invention are illustrated by taking the verification success message including the identity information of external device 1 and the verification result of external device 1 as an example. However, the embodiments of the present invention do not limit the content of the verification success message. The verification success message may also include the user information of external device 1, the identity information of the vehicle domain platform 22, etc.
[0157] Step S142: The on-board diagnostic device opens the cockpit domain platform route based on the successful verification message and establishes a communication connection with the cockpit domain platform.
[0158] In this embodiment, the on-board diagnostic device 21 opens the cockpit domain platform route based on the identity information of the external device 1 and the verification result of the external device 1 in the verification success message, and at the same time establishes a communication connection with the cockpit domain platform 23. Then, the external device 1 establishes a communication connection with the cockpit domain platform 23 through the on-board diagnostic device 21.
[0159] In an optional implementation, the on-board diagnostic device 21 opens the cockpit domain platform route via a gateway. This gateway can be located within the cockpit domain platform 23, within the vehicle, or anywhere outside the cockpit domain platform 23, for example, within the vehicle domain platform 22. Specifically, the on-board diagnostic device 21 sends a control signal to the gateway based on a successful verification message. The gateway then establishes a communication connection with the cockpit domain platform route based on the control signal, thereby enabling the on-board diagnostic device 21 to open the cockpit domain platform route upon receiving the successful verification message.
[0160] Step S150: Receive debugging information sent by external devices and send the debugging information to the cockpit domain platform.
[0161] In this embodiment, the on-board diagnostic device 21 receives debugging information sent by the external device 1 and sends the debugging information to the cockpit domain platform 23.
[0162] In this embodiment, the debugging information includes debugging instructions and target device identifier. The cockpit domain platform 23 includes the target device, and the debugging instructions are used to instruct the cockpit domain platform 23 to debug the target device.
[0163] It should be understood that the embodiments of the present invention are described using debugging information including debugging instructions and target device identifier as an example, but the embodiments of the present invention do not limit the content of debugging information. Debugging information may also include external device information, target device location information, interaction information of various devices in the cockpit domain platform 23, etc.
[0164] Step S160: Debug according to the debugging information.
[0165] In this embodiment, the cockpit domain platform 23 responds to receiving debugging information and performs debugging according to the debugging information.
[0166] In an optional embodiment, the debugging information includes debugging instructions and seat identification. The cockpit domain platform 23 includes the seat. In response to receiving the debugging information, the cockpit domain platform 23 adjusts the angle of the seat back and the temperature of the seat heating device according to the debugging instructions.
[0167] In another alternative embodiment, the debugging information includes debugging instructions and a display device identifier. The cockpit domain platform 23 includes the display device. In response to receiving the debugging information, the cockpit domain platform 23 debugs the display device to display predetermined content according to the debugging instructions.
[0168] It should be understood that this embodiment of the invention uses the example of the cockpit domain platform 23 debugging the seats and display devices according to debugging information to illustrate the invention. However, this embodiment of the invention does not limit the device used to debug the cockpit domain platform 23 according to debugging information, and the device may also include a voice device, an information collection device, etc. Furthermore, this embodiment of the invention does not limit the platform or system used for debugging according to debugging information, and it can be any platform or system in the vehicle, such as ADP (ADAS Domain Platform), EPS (Electric Power Steering), etc.
[0169] Step S170: In response to the failure of message authentication information verification, the cockpit domain platform routing is closed.
[0170] In this embodiment, in response to the failure of message authentication information verification, the on-board diagnostic device 21 shuts down the cockpit domain platform routing so that the external device 1 cannot communicate with the cockpit domain platform 22 through the on-board diagnostic device 21.
[0171] In this embodiment, step S170 further includes steps S171 and S172, specifically, Figure 7 This is a flowchart illustrating a method for disabling cockpit domain platform routing using an on-board diagnostic device according to an embodiment of the present invention. Figure 7 As shown, the steps of the method for disabling cockpit domain platform routing in an on-board diagnostic device according to an embodiment of the present invention include:
[0172] Step S171: The vehicle domain platform sends a verification failure message to the on-board diagnostic equipment.
[0173] In this embodiment, the vehicle domain platform 22 sends a verification failure message to the on-board diagnostic device 21. The verification failure message includes the identity information of the external device 1 and the verification result of the external device 1, and the verification result is verification failure.
[0174] It should be understood that the embodiments of the present invention are illustrated by taking the verification failure message including the identity information of external device 1 and the verification result of external device 1 as an example. However, the embodiments of the present invention do not limit the content of the verification failure message. The verification failure message may also include the user information of external device 1, the identity information of the vehicle domain platform 22, etc.
[0175] Step S172: The on-board diagnostic device shuts down the cockpit domain platform routing based on the verification failure message and stops communicating with the cockpit domain platform.
[0176] In this embodiment, the on-board diagnostic device 21 shuts down the cockpit domain platform routing based on the verification failure message and stops communicating with the cockpit domain platform 23, so that the external device 1 cannot communicate with the cockpit domain platform 23 through the on-board diagnostic device 21.
[0177] In an optional implementation, the on-board diagnostic device 21 disables the cockpit domain platform routing via a gateway. This gateway can be located within the cockpit domain platform 23, within the vehicle, or anywhere outside the cockpit domain platform 23, for example, within the vehicle domain platform 22. Specifically, the on-board diagnostic device 21 sends a control signal to the gateway based on a verification failure message. The gateway then terminates its communication connection with the cockpit domain platform routing based on the control signal. This allows the on-board diagnostic device 21 to disable the cockpit domain platform routing based on the verification failure message.
[0178] In an optional embodiment, the on-board diagnostic device 21 establishes communication connections with multiple external devices. In response to at least one external device's message authentication information being successfully verified and at least one external device's message authentication information being verified failing, the on-board diagnostic device 21 opens the cockpit domain platform route based on the external device's identity information and external device verification result in at least one successful verification message, so that at least one external device with successfully verified message authentication information establishes a communication connection with the cockpit domain platform 23 through the on-board diagnostic device 21. Furthermore, the on-board diagnostic device 21 stops communicating with at least one external device with failed message authentication information based on the external device's identity information and external device verification result in at least one failed verification message, so that the external device with failed message authentication information cannot communicate with the cockpit domain platform 23 through the on-board diagnostic device 21.
[0179] In another optional embodiment, the on-board diagnostic device 21 establishes communication connections with multiple external devices. In response to at least one external device's message authentication information being successfully verified and at least one external device's message authentication information being verified failing, the on-board diagnostic device 21 opens the cockpit domain platform route based on the external device's identity information and external device verification result in at least one successful verification message, so that at least one external device with successfully verified message authentication information establishes a communication connection with the cockpit domain platform 23 through the on-board diagnostic device 21. Furthermore, the on-board diagnostic device 21 sends at least one control signal to the cockpit domain platform route based on the external device's identity information and external device verification result in at least one failed verification message, so that the cockpit domain platform route stops communicating with the external device whose message authentication information verification failed based on the control signal.
[0180] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0181] Figure 8 This is a second flowchart of the authentication method according to an embodiment of the present invention. Figure 8 As shown, the authentication method of this invention includes the following steps:
[0182] Step S210: Establish a communication connection with the on-board diagnostic equipment based on the user's user information.
[0183] In this embodiment, the external device 1 establishes a communication connection with the on-board diagnostic device 21 based on the user's user information.
[0184] In this embodiment, step S210 includes steps S211 and S212, or step S210 includes steps S213 and S214. Specifically, Figure 9 This is a flowchart illustrating a method for establishing a communication connection between an external device and an on-board diagnostic device based on user information, according to an embodiment of the present invention. Figure 9 As shown, the method for establishing a communication connection between an external device and an on-board diagnostic device based on the user's user information according to an embodiment of the present invention includes the following steps:
[0185] Step S211: The external device sends a communication request to the on-board diagnostic device, the communication request including the user's user information.
[0186] In this embodiment, in response to the user successfully logging in with user information, the external device 1 sends a communication request to the on-board diagnostic device 21 based on the user information. The communication request includes the user's user information, which includes the username and password.
[0187] In an optional embodiment, the external device 1 is further configured with a storage device, which includes a hard disk, ROM (Read-Only Memory), RAM (Random Access Memory), etc., for storing user information. The external device 1 sends a communication request to the on-board diagnostic device 21 based on the user information in the storage device. The communication request includes the user information.
[0188] It should be understood that the embodiments of the present invention are illustrated using user information including username and password as an example, but the embodiments of the present invention do not limit the content of user information, which may also include user terminal information, user personal information, etc. Furthermore, the information (including but not limited to user information, identity information of external devices, etc.) and data (including but not limited to analysis data, stored data, display data, etc.) involved in this application are all information and data authorized by the user or fully authorized by all parties.
[0189] Step S212: The external device establishes a communication connection with the on-board diagnostic equipment according to the communication request.
[0190] In this embodiment, external device 1 establishes a communication connection with on-board diagnostic device 21 based on user information in the communication request.
[0191] Step S213: The on-board diagnostic equipment obtains the user's user information through external devices.
[0192] In this embodiment, the on-board diagnostic device 21 obtains the user's user information through the external device 1.
[0193] Step S214: The on-board diagnostic equipment establishes a communication connection with external devices based on the user's user information.
[0194] In an optional embodiment, in response to the successful verification of the on-board diagnostic device 21 logging into the external device 1 based on the user's user information, the on-board diagnostic device 21 establishes a communication connection with the external device 1.
[0195] Step S220: In response to receiving vehicle information through the communication connection, generate message authentication information based on the vehicle information.
[0196] In this embodiment, in response to receiving vehicle information sent by the vehicle domain platform 22 via the on-board diagnostic device 21 through the communication connection, the external device 1 generates message authentication information based on the vehicle information.
[0197] In this embodiment, step S220 further includes step 221. Specifically, Figure 10 This is a flowchart of a method for an external device to generate message authentication information based on vehicle information, according to an embodiment of the present invention. Figure 10 As shown, the method for generating message authentication information based on vehicle information by an external device according to an embodiment of the present invention includes the following steps:
[0198] Step 221: The external device queries the key based on the vehicle identification code and random information to generate message authentication information.
[0199] In this embodiment, external device 1 generates message authentication information, including a message authentication code, by querying a public key based on the vehicle identification code and random information. Specifically, external device 1 determines message digest information by querying a public key based on the vehicle identification code and random information, and then external device 1 generates a message authentication code by performing symmetric encryption based on the message digest information.
[0200] It should be understood that this embodiment of the invention uses a message authentication code as an example for illustration, but this embodiment of the invention does not limit the content of the message authentication information. For example, the message authentication information may also include digital signature information. Specifically, external device 1 encrypts the message digest information using a public key to generate digital signature information. The message authentication information may also include the message digest information.
[0201] Step S230: Send the message authentication information.
[0202] In this embodiment, external device 1 sends message authentication information to on-board diagnostic device 21.
[0203] Step S240: In response to successful verification of message authentication information, establish a communication connection between the vehicle diagnostic equipment and the cockpit domain platform.
[0204] In this embodiment, in response to successful verification of message authentication information, external device 1 establishes a communication connection with cockpit domain platform 23 through vehicle diagnostic device 21.
[0205] Step S260: Send debugging information to the cockpit domain platform via the on-board diagnostic equipment.
[0206] In this embodiment, external device 1 sends debugging information to the cockpit domain platform 23 via on-board diagnostic equipment 21. The debugging information includes debugging instructions and a target device identifier. The specific implementation method is similar to... Figure 4 The embodiments shown are similar, and the present invention will not be described in detail here.
[0207] In an optional embodiment, the debugging information is set by the user.
[0208] In another alternative embodiment, the debugging information is automatically set by external device 1.
[0209] Step S270: Debug according to the debugging information.
[0210] In this embodiment, the cockpit domain platform 23 responds to receiving debugging information and performs debugging according to the debugging information. The specific implementation method is the same as... Figure 4 The embodiments shown are similar, and the present invention will not be described in detail here.
[0211] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0212] Figure 11 This is a flowchart of a specific authentication method according to an embodiment of the present invention. For example... Figure 11 As shown, the authentication method of this invention includes the following steps:
[0213] Step S301: The external device establishes a communication connection with the on-board diagnostic equipment based on the user's user information.
[0214] In this embodiment, external device 1 sends a communication request to on-board diagnostic device 21. The communication request includes the user's user information. External device 1 establishes a communication connection with on-board diagnostic device 21 based on the communication request. Alternatively, on-board diagnostic device 21 obtains the user's user information through external device 1 and establishes a communication connection with external device 1 based on the user's user information. Specific implementation methods are as follows... Figure 4 The embodiments shown are similar, and the present invention will not be described in detail here.
[0215] Step S302: In response to establishing a communication connection with an external device, the on-board diagnostic device sends an authentication request to the vehicle domain platform.
[0216] In this embodiment, in response to establishing a communication connection with external device 1, the on-board diagnostic device 21 obtains the identity information of external device 1, and then sends authentication request information to the vehicle domain platform 22. The authentication request information includes the identity information of the on-board diagnostic device 21 and the identity information of external device 1.
[0217] Step S303: The vehicle domain platform generates random information.
[0218] In this embodiment, the vehicle domain platform 22 generates random information, which includes at least one random number and a timestamp.
[0219] Step S304: The vehicle domain platform determines the vehicle information based on the random information and the vehicle identification code.
[0220] Step S305: The vehicle domain platform sends vehicle information to external devices via on-board diagnostic equipment.
[0221] Step S306: In response to receiving vehicle information through the communication connection, the external device generates message authentication information based on the vehicle information and sends the message authentication information to the on-board diagnostic device.
[0222] In this embodiment, in response to receiving vehicle information through a communication connection, external device 1 generates message authentication information based on random information and vehicle identification code in the vehicle information, and sends the message authentication information to on-board diagnostic device 21.
[0223] Step S307: The on-board diagnostic device receives and forwards the message authentication information generated by the external device based on the vehicle information to the vehicle domain platform for verification.
[0224] In this embodiment,
[0225] Step S308: Message authentication information verification successful.
[0226] In this embodiment, if the message authentication information is successfully verified, step S309 is executed. If the message authentication information fails to be verified, step S313 is executed.
[0227] Step S309: The vehicle domain platform sends a verification success message to the on-board diagnostic equipment.
[0228] In this embodiment, the vehicle domain platform 22 sends a verification success message to the on-board diagnostic device 21. The verification success message includes the identity information of the external device 1 and the verification result of the external device 1, and the verification result is successful.
[0229] Step S310: The on-board diagnostic device opens the cockpit domain platform route based on the successful verification message and establishes a communication connection with the cockpit domain platform.
[0230] In an optional embodiment, the on-board diagnostic device 21 routes the cockpit domain platform accessed via a gateway, with specific implementation details similar to... Figure 4 The embodiments shown are similar, and the invention will not be described again here.
[0231] Step S311: In response to successful verification of the message authentication information, the external device establishes a communication connection with the cockpit domain platform through the on-board diagnostic equipment.
[0232] Step S312: External devices send debugging information to the cockpit domain platform via on-board diagnostic equipment, so that the cockpit domain platform can perform debugging based on the debugging information.
[0233] Step S313: The vehicle domain platform sends a verification failure message to the on-board diagnostic equipment.
[0234] In this embodiment, the vehicle domain platform 22 sends a verification failure message to the on-board diagnostic device 21. The verification failure message includes the identity information of the external device 1 and the verification result of the external device 1, and the verification result is verification failure.
[0235] Step S314: The on-board diagnostic device shuts down the cockpit domain platform routing based on the verification failure message and stops communication with the cockpit domain platform.
[0236] In one optional implementation, the on-board diagnostic device 21 disables the cockpit domain platform routing via a gateway, with the specific implementation details being the same as... Figure 4 The embodiments shown are similar, and the invention will not be described again here.
[0237] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0238] Figure 12 This is a flowchart of the first authentication device according to an embodiment of the present invention. Figure 12In the illustrated embodiment, the first authentication device is applicable to vehicles and includes a first communication module 411, an authentication request module 412, a vehicle information sending module 413, a first receiving and sending module 414, and a verification success module 415. The first communication module 411 is used for communication connection between the on-board diagnostic device and external devices. The authentication request module 412 is used to send authentication request information to the vehicle domain platform in response to establishing a communication connection with the external device. The vehicle information sending module 413 is used by the vehicle domain platform to send vehicle information, including a vehicle identification number and random information, to the external device via the on-board diagnostic device based on the authentication request information. The first receiving and sending module 414 is used by the on-board diagnostic device to receive and forward message authentication information generated by the external device based on the vehicle information to the vehicle domain platform for verification. The verification success module 415 is used to open the cockpit domain platform routing in response to successful verification of the message authentication information, so that the external device can establish a communication connection with the cockpit domain platform through the on-board diagnostic device.
[0239] In some embodiments, the first communication module 411 is further configured to:
[0240] External devices establish a communication connection with the cockpit domain platform through the on-board diagnostic equipment.
[0241] In some embodiments, the first communication device further includes:
[0242] A random information generation module is used by the vehicle domain platform to generate the random information.
[0243] The vehicle information determination module is used by the vehicle domain platform to determine the vehicle information based on the random information and the vehicle identification code.
[0244] The vehicle information sending module is used by the vehicle domain platform to send the vehicle information to the on-board diagnostic equipment.
[0245] In some embodiments, the success verification module 415 is further configured to:
[0246] The vehicle domain platform sends a verification success message to the on-board diagnostic device. The on-board diagnostic device opens the cockpit domain platform route based on the verification success message and establishes a communication connection with the cockpit domain platform.
[0247] In some embodiments, the first communication module 411 is further configured to:
[0248] The on-board diagnostic equipment establishes a communication connection with the cockpit domain platform.
[0249] In some embodiments, the first communication device further includes:
[0250] The second receiving and transmitting module is used for the on-board diagnostic equipment to receive debugging information sent by external devices and to send the debugging information to the cockpit domain platform.
[0251] The debugging module is used for the cockpit domain platform to perform debugging based on the debugging information.
[0252] In some embodiments, the first communication device further includes:
[0253] The verification failure module is used to respond to the message authentication information verification failure by shutting down the cockpit domain platform routing so that external devices cannot communicate with the cockpit domain platform through the vehicle diagnostic device.
[0254] In some embodiments, the first communication module 411 is further configured to:
[0255] External devices cannot communicate with the cockpit domain platform through the on-board diagnostic equipment.
[0256] In some embodiments, the verification failure module is further configured to send a verification failure message from the vehicle domain platform to the on-board diagnostic device, and the on-board diagnostic device closes the cockpit domain platform routing according to the verification failure message.
[0257] In some embodiments, the first communication module 411 is further configured to:
[0258] The on-board diagnostic equipment ceases communication with the cockpit domain platform.
[0259] The technical solution of this invention involves an on-board diagnostic device (OBD device) sending an authentication request to the vehicle domain platform in response to establishing a communication connection with an external device. The vehicle domain platform then sends vehicle information to the external device via the OBD device based on the authentication request. This allows the external device to generate message authentication information based on the vehicle information and send it to the OBD device. The OBD device receives and forwards the message authentication information to the vehicle domain platform for verification. Upon successful verification, the OBD device opens the cockpit domain platform routing, enabling the external device to establish a communication connection with the cockpit domain platform through the OBD device. This allows for external device debugging of the cockpit domain platform while improving the security of cockpit domain platform authentication, optimizing the authentication process, and enhancing the user experience.
[0260] Figure 13 This is a flowchart of the second authentication device according to an embodiment of the present invention. Figure 13In the illustrated embodiment, the second authentication device is applicable to external devices and includes a second communication module 416, a message authentication information generation and sending module 417, and a message authentication information verification success module 418. The second communication module 416 is used by the external device to establish a communication connection with the on-board diagnostic device based on the user's user information and to receive vehicle information, including a vehicle identification number and random information, through the communication connection. The message authentication information generation and sending module 417 is used by the external device to generate message authentication information based on the vehicle information and send the message authentication information to the on-board diagnostic device. The message authentication information verification success module 418 is used to, in response to successful message authentication information verification, allow the external device to establish a communication connection with the cockpit domain platform through the on-board diagnostic device.
[0261] In some embodiments, the second communication module 416 is further configured to:
[0262] External devices establish a communication connection with the cockpit domain platform through the on-board diagnostic equipment.
[0263] In some embodiments, the second communication module 416 is further configured to:
[0264] Send a communication request to the on-board diagnostic device, the communication request including the user's user information, and establish a communication connection with the on-board diagnostic device according to the communication request. Alternatively, the first communication module 411 is further configured for the on-board diagnostic device to obtain the user's user information through the external device and establish a communication connection with the external device according to the user's user information.
[0265] In some embodiments, the second authentication device further includes:
[0266] The key query module is used by the external device to query the key based on the vehicle identification code and random information, and generate the message authentication information.
[0267] In some embodiments, the second authentication device further includes:
[0268] The debugging information sending module is used for the external device to send debugging information to the cockpit domain platform via the on-board diagnostic equipment, so that the cockpit domain platform can perform debugging based on the debugging information.
[0269] Figure 14 This is a schematic diagram of an electronic device according to an embodiment of the present invention. Figure 14The illustrated electronic device is a general-purpose data processing device, which includes a general-purpose computer hardware architecture, comprising at least a processor 421 and a memory 422. The processor 421 and memory 422 are connected via a bus 423. The memory 422 is adapted to store instructions or programs executable by the processor 421. The processor 421 can be a standalone microprocessor or a collection of one or more microprocessors. Thus, the processor 421 executes the instructions stored in the memory 422, thereby performing the method flow described in the embodiments of the present invention to process data and control other devices. The bus 423 connects the aforementioned components together, and also connects these components to a display controller 424, a display device, and an input / output (I / O) device 425. The input / output (I / O) device 425 can be a mouse, keyboard, modem, network interface, touch input device, motion-sensing input device, printer, and other devices known in the art. Typically, the input / output device 425 is connected to the system via an input / output (I / O) controller 426.
[0270] Those skilled in the art will understand that embodiments of the present invention can be provided as methods, electronic devices, or computer program products. Therefore, the present invention can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention can be implemented as a computer program product on one or more computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) that include computer-usable program code.
[0271] This invention is described with reference to flowchart illustrations of methods, electronic devices, and computer program products according to embodiments of this application. It should be understood that each step in the flowchart can be implemented by computer program instructions.
[0272] These computer program instructions may be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including an instruction means, the implementation process of which is described in the instruction means. Figure 1 The function specified in one or more processes.
[0273] These computer program instructions may also be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing device to produce a machine, such that the instructions, which are executed by the processor of the computer or other programmable data processing device, are configured to implement in a process Figure 1 A device for a function specified in one or more processes.
[0274] The above description is merely a preferred embodiment of the present invention and is not intended to limit the invention. Various modifications and variations can be made to the invention by those skilled in the art. Any modifications, equivalent substitutions, or improvements made within the spirit and principle of the invention should be included within the scope of protection of the invention.
Claims
1. An authentication method, characterized in that, The method includes: In response to establishing a communication connection with external devices, the on-board diagnostic equipment sends an authentication request to the vehicle domain platform. The vehicle domain platform generates random information based on the authentication request information, determines vehicle information based on the random information and the vehicle identification code, and sends the vehicle information to the external device via the on-board diagnostic device. The vehicle information includes the vehicle identification code and random information. The random information includes at least one random number and a timestamp. The random number is used for external device authentication, and the timestamp is used for external device verification of the validity of the random information. The on-board diagnostic device receives and forwards to the vehicle domain platform the message authentication information generated by the external device based on the vehicle information; and The vehicle domain platform sends a verification success message to the on-board diagnostic device. The on-board diagnostic device responds to the message by verifying the authentication information successfully, opens the cockpit domain platform route according to the verification success message, and establishes a communication connection with the cockpit domain platform, so that the external device can establish a communication connection with the cockpit domain platform through the on-board diagnostic device.
2. The method according to claim 1, characterized in that, After the external device establishes a communication connection with the cockpit domain platform through the on-board diagnostic equipment, the method further includes: The on-board diagnostic equipment receives debugging information sent by external devices and sends the debugging information to the cockpit domain platform; The cockpit domain platform performs debugging based on the debugging information.
3. The method according to claim 1, characterized in that, The method further includes: In response to the failure of the message authentication information verification, the on-board diagnostic device shuts down the cockpit domain platform routing, so that external devices cannot communicate with the cockpit domain platform through the on-board diagnostic device.
4. The method according to claim 3, characterized in that, The on-board diagnostic equipment also includes disabling the cockpit domain platform routing: The vehicle domain platform sends a verification failure message to the on-board diagnostic device; The on-board diagnostic device shuts down the cockpit domain platform routing based on the verification failure message and simultaneously stops communicating with the cockpit domain platform.
5. An authentication method, characterized in that, The method includes: External devices establish a communication connection with the on-board diagnostic equipment based on the user's user information, and the on-board diagnostic equipment sends authentication request information to the vehicle domain platform. The vehicle domain platform generates random information based on the authentication request information, determines vehicle information based on the random information and the vehicle identification code, and sends the vehicle information to the external device via the on-board diagnostic device. The vehicle information includes the vehicle identification code and random information. The random information includes at least one random number and a timestamp. The random number is used for external device authentication, and the timestamp is used for external device verification of the validity of the random information. In response to receiving vehicle information through the communication connection, the external device generates message authentication information based on the vehicle information and sends the message authentication information to the on-board diagnostic device. The external device, in response to the successful verification of the message authentication information, establishes a communication connection with the cockpit domain platform through the on-board diagnostic device.
6. The method according to claim 5, characterized in that, The external device establishes a communication connection with the on-board diagnostic equipment based on the user's user information, including: Send a communication request to the on-board diagnostic device, the communication request including the user's user information; Establish a communication connection with the on-board diagnostic equipment according to the communication request; or The external device establishes a communication connection with the on-board diagnostic equipment based on the user's user information, including: The on-board diagnostic device obtains the user's user information through the external device; A communication connection is established with the external device based on the user's user information.
7. The method according to claim 5, characterized in that, The external device generates message authentication information based on vehicle information, including: The external device generates the message authentication information based on the vehicle identification code and the random information query key.
8. The method according to claim 5, characterized in that, After the external device establishes a communication connection with the cockpit domain platform through the on-board diagnostic equipment, the method further includes: The external device sends debugging information to the cockpit domain platform via the on-board diagnostic equipment, so that the cockpit domain platform can perform debugging based on the debugging information.
9. An authentication system, characterized in that, The system includes: An external device is configured to establish a communication connection with an on-board diagnostic device based on user information. In response to receiving vehicle information through the communication connection, it generates message authentication information based on the vehicle information and sends the message authentication information to the on-board diagnostic device. In response to successful verification of the message authentication information, it establishes a communication connection with a cockpit domain platform through the on-board diagnostic device. The vehicle information includes a vehicle identification number and random information; the random information includes at least one random number and a timestamp, where the random number is used for external device authentication, and the timestamp is used by the external device to verify the validity of the random information. The on-board diagnostic device is configured to, in response to establishing a communication connection with an external device, send an authentication request to the vehicle domain platform, receive and forward the message authentication information generated by the external device based on the vehicle information to the vehicle domain platform for verification, and in response to successful verification of the message authentication information, the vehicle domain platform sends a verification success message to the on-board diagnostic device, opens the cockpit domain platform route according to the verification success message, and establishes a communication connection with the cockpit domain platform, so that the external device can establish a communication connection with the cockpit domain platform through the on-board diagnostic device; The vehicle domain platform is configured to generate random information based on the authentication request information, determine vehicle information based on the random information and the vehicle identification code, and send the vehicle information to the external device via the on-board diagnostic equipment. A cockpit domain platform is configured to communicate with the external device via the on-board diagnostic equipment in response to the cockpit domain platform route being opened, the cockpit domain platform including the cockpit domain platform route.
10. The system according to claim 9, characterized in that, The vehicle domain platform is also configured to generate the random information, determine the vehicle information based on the random information and the vehicle identification code, and send the vehicle information to the on-board diagnostic device.
11. The system according to claim 9, characterized in that, The vehicle domain platform is also configured to send a verification success message to the on-board diagnostic device.
12. The system according to claim 11, characterized in that, The on-board diagnostic device is also configured to open the cockpit domain platform route based on the verification success message, and at the same time establish a communication connection with the cockpit domain platform.
13. The system according to claim 9, characterized in that, The on-board diagnostic device is also configured to receive debugging information sent by the external device and send the debugging information to the cockpit domain platform.
14. The system according to claim 13, characterized in that, The cockpit domain platform is also configured to perform debugging based on the debugging information.
15. The system according to claim 9, characterized in that, The on-board diagnostic device is also configured to disable the cockpit domain platform routing in response to the failure of the message authentication information verification, so that the external device cannot communicate with the cockpit domain platform through the on-board diagnostic device.
16. The system according to claim 15, characterized in that, The vehicle domain platform is also configured to send a verification failure message to the on-board diagnostic device.
17. The system according to claim 16, characterized in that, The on-board diagnostic device is also configured to shut down the cockpit domain platform routing based on the verification failure message, and simultaneously stop communication with the cockpit domain platform.
18. The system according to claim 9, characterized in that, The external device is also configured to send a communication request to the on-board diagnostic device, the communication request including the user's user information, and establish a communication connection with the on-board diagnostic device according to the communication request; or, the on-board diagnostic device is configured to obtain the user's user information through the external device and establish a communication connection with the external device according to the user's user information.
19. The system according to claim 9, characterized in that, The external device is also configured to generate the message authentication information based on the vehicle identification code and the random information query key.
20. The system according to claim 9, characterized in that, The external device is also configured to send debugging information to the on-board diagnostic device via the vehicle domain platform.
21. A vehicle, characterized in that, The vehicles include: The on-board diagnostic device is configured to, in response to establishing a communication connection with an external device, send an authentication request to the vehicle domain platform, receive and forward message authentication information generated by the external device based on vehicle information to the vehicle domain platform, and, in response to successful verification of the message authentication information, open the cockpit domain platform routing so that the external device can establish a communication connection with the cockpit domain platform through the on-board diagnostic device. The vehicle information includes a vehicle identification number and random information, wherein the random information includes at least one random number and a timestamp. The vehicle domain platform is configured to generate random information based on the authentication request information, determine vehicle information based on the random information and the vehicle identification code, and send the vehicle information to the external device via the on-board diagnostic device. The vehicle information includes the vehicle identification code and the random information. The random information includes at least one random number and a timestamp. The random number is used for external device authentication, and the timestamp is used for external device verification of the validity of the random information. A cockpit domain platform is configured to communicate with the external device via the on-board diagnostic equipment in response to the cockpit domain platform route being opened, the cockpit domain platform including the cockpit domain platform route.
22. The vehicle according to claim 21, characterized in that, The vehicle domain platform is also configured to generate the random information, determine the vehicle information based on the random information and the vehicle identification code, and send the vehicle information to the on-board diagnostic device.
23. The vehicle according to claim 21, characterized in that, The vehicle domain platform is also configured to send a verification success message to the on-board diagnostic device.
24. The vehicle according to claim 22, characterized in that, The on-board diagnostic device is also configured to open the cockpit domain platform route based on the verification success message, and at the same time establish a communication connection with the cockpit domain platform.
25. The vehicle according to claim 21, characterized in that, The on-board diagnostic device is also configured to receive debugging information sent by the external device and send the debugging information to the cockpit domain platform.
26. The vehicle according to claim 25, characterized in that, The cockpit domain platform is also configured to perform debugging based on the debugging information.
27. The vehicle according to claim 21, characterized in that, The on-board diagnostic device is also configured to disable the cockpit domain platform routing in response to the failure of the message authentication information verification, so that the external device cannot communicate with the cockpit domain platform through the on-board diagnostic device.
28. The vehicle according to claim 27, characterized in that, The vehicle domain platform is also configured to send a verification failure message to the on-board diagnostic device.
29. The vehicle according to claim 28, characterized in that, The on-board diagnostic device is also configured to shut down the cockpit domain platform routing based on the verification failure message, and simultaneously stop communication with the cockpit domain platform.
30. A computer-readable storage medium storing computer program instructions thereon, characterized in that, The computer program instructions, when executed by a processor, implement the method as described in any one of claims 1-8.
31. A vehicle, characterized in that, The vehicles include: The vehicle itself; and A memory and a processor, the memory being used to store one or more computer program instructions, wherein the one or more computer program instructions are executed by the processor to implement the method as described in any one of claims 1-4.