Optoelectronic sensing data-driven internet of things terminal authentication method

By dividing the IoT terminal into light-shielding and light-sensing areas, extracting the dark-state discharge rate and light response attenuation characteristics, and combining them with the heating topological coordinates to generate a compensation matrix, the instability problem of IoT terminal authentication under wide temperature range and variable lighting conditions is solved, and more stable identity authentication is achieved.

CN122348859APending Publication Date: 2026-07-07HUAIYIN TEACHERS COLLEGE

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
HUAIYIN TEACHERS COLLEGE
Filing Date
2026-05-25
Publication Date
2026-07-07

Smart Images

  • Figure CN122348859A_ABST
    Figure CN122348859A_ABST
Patent Text Reader

Abstract

The application discloses a kind of photoelectric sensing data-driven internet of things terminal authentication method, specifically relates to internet of things terminal authentication field, for solving the problem of photoelectric physical fingerprint authentication failure under wide temperature range and variable light conditions;The original photoelectric response array matrix is read by responding to optical challenge excitation signal, and the first light shielding area and the second photosensitive area are divided in the unified coordinate system, the dark state discharge rate matrix is extracted in the first light shielding area, the light response decay characteristic is extracted in the second photosensitive area combined with exposure readout time difference, then the dark state discharge rate matrix is unfolded into heat distribution compensation matrix according to the heating topology layout coordinate, and the second photosensitive area is executed differential offset to form pure light response non-uniformity characteristic matrix, then light response decay characteristic and pure light response non-uniformity characteristic matrix are input into feature mapping model as same authentication input, and the terminal identity authentication state is determined according to the distribution distance measure of output.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of IoT terminal authentication, and more specifically, to an IoT terminal authentication method driven by photoelectric sensing data. Background Technology

[0002] With the continuous deployment of IoT edge terminals in industrial sites, security data collection, and distributed sensing scenarios, extracting physical layer identity features using existing optoelectronic sensing components on these terminals has become an authentication path that can replace external security chips. Existing solutions typically use the inherent non-uniformity of the photoresponse of image sensors as the source of device fingerprints, extracting and comparing microscopic response differences in the original image to achieve terminal identification. Existing invention patent publication number CN109376719A discloses a method for extracting and comparing camera photoresponse non-uniformity fingerprints based on combined feature representation, and its technical approach belongs to this type of processing method.

[0003] However, under wide temperature range and varying lighting conditions, the thermal diffusion dark current inside the image sensor and the dynamic aliasing noise caused by external strong light excitation are simultaneously superimposed on the original response. This makes it difficult to stably separate real hardware differences when relying solely on the non-uniformity of the static light response for comparison. Especially under line-by-line exposure readout conditions, the light response is coupled with temporal and thermal distribution differences, easily causing recognition shifts in legitimate devices under environmental fluctuations. Therefore, how to simultaneously handle thermal drift noise and light timing differences without changing the existing photoelectric sensing hardware structure, and form a stable input that can be used for terminal authentication, has become a problem that this type of technology needs to solve.

[0004] To address the aforementioned problems, a technical solution is provided. Summary of the Invention

[0005] To overcome the instability problem in existing technologies that rely solely on static light response non-uniformity for terminal authentication under wide temperature range and varying illumination conditions, this invention provides an IoT terminal authentication method driven by photoelectric sensing data. This method triggers authentication acquisition with an optical challenge excitation signal, reads the raw photoelectric response array matrix (before image signal processor processing) via a physical interface, and divides the area into a first shading region and a second photosensitive region within a unified coordinate system. A dark-state discharge rate matrix is ​​extracted from the first shading region, and a light response attenuation feature is extracted from the second photosensitive region based on the exposure readout time difference. The dark-state discharge rate matrix is ​​then expanded into a thermal distribution compensation matrix according to the thermal topology coordinates, and differential cancellation is performed on the second photosensitive region using the thermal distribution compensation matrix to obtain a pure light response non-uniformity feature matrix. Finally, the light response attenuation feature and the pure light response non-uniformity feature matrix are used as inputs to a feature mapping model for the same authentication, and the terminal authentication status is determined based on the distribution distance measure output by the feature mapping model.

[0006] To achieve the above objectives, the present invention provides the following technical solution: Step S1: In response to the received optical challenge excitation signal, the original photoelectric response array matrix that has not been processed by the image signal processor is read through the physical interface, and the original photoelectric response array matrix is ​​divided into a first light-blocking area and a second light-sensitive area. Step S2: Extract dark state readout information from the original photoelectric response array matrix based on the first light-blocking area and generate a dark state discharge rate matrix; extract light response attenuation features based on the second photosensitive area and in combination with the exposure readout time difference. Step S3: Expand the dark state discharge rate matrix into a thermal distribution compensation matrix covering the pixel array domain according to the thermal topology layout coordinates, and perform differential cancellation on the second photosensitive area through the thermal distribution compensation matrix to obtain the pure light response non-uniformity feature matrix. Step S4: The light response attenuation feature and the pure light response non-uniformity feature matrix are used as inputs to the feature mapping model for mapping and comparison. The terminal identity authentication status is determined based on the distribution distance measure output by the feature mapping model.

[0007] Furthermore, in step S1, the top left pixel of the image sensor is used as the unified coordinate origin. The hardware coordinate mask and the original photoelectric response array matrix corresponding to the current image sensor are aligned point by point. The coordinates of pixels that are physically covered and cannot receive external photon injection are merged to form the first light-blocking area. The coordinates of the remaining effective pixels are merged to form the second photosensitive area. The index results of the first light-blocking area and the second photosensitive area are generated respectively, which maintain the coordinate correspondence with the original photoelectric response array matrix.

[0008] Furthermore, in step S2, the pixel values ​​corresponding to the first shading area are extracted from the original photoelectric response array matrix based on the index result of the first shading area, and a shading readout sequence is constructed by combining the row time series table read out row by row by the image sensor. Local time slope calculation is performed on adjacent pixels in the same continuous shading strip according to the readout direction, and the local time slope corresponding to each pixel is backfilled according to the original coordinate position to generate a dark state discharge rate matrix consistent with the coordinates of the first shading area.

[0009] Furthermore, in step S2, the light-receiving pixels corresponding to the second photosensitive area are extracted based on the index result of the second photosensitive area. The pixel values ​​belonging to the second photosensitive area in the same row are aggregated to form a row response sequence. Then, the length of the stripe period segment is determined according to the modulation frequency and exposure readout time difference in the optical challenge excitation signal. The difference between light and dark response is extracted from each complete stripe period segment and arranged in the order of appearance to obtain the light response attenuation feature. The light response attenuation feature and the dark state discharge rate matrix are written together into the authentication task cache.

[0010] Furthermore, in step S3, the coordinates of the heating topology layout corresponding to the current image sensor are retrieved, the position of the high-heating element in the heating topology layout coordinates is registered as the center of the heat source, and the effective pixel coordinates in the first shading area are used as boundary sampling points. The values ​​of the dark state discharge rate matrix at each boundary sampling point are used as the boundary sampling amount of the thermal field expansion. The geometric distance relationship between the boundary sampling points and each heat source center is established, providing the coordinate basis and boundary input for generating the thermal distribution compensation matrix.

[0011] Furthermore, in step S3, the dark-state discharge rate of each boundary sampling point and the thermal response relationship from each boundary sampling point to each heat source center are used as inputs to solve the thermal field expansion coefficient sequence corresponding to each heat source center. Based on the thermal field expansion coefficient sequence and the heating topology layout coordinates, the thermal field is expanded on all effective pixel coordinates of the original photoelectric response array matrix to generate a thermal distribution compensation matrix that covers the pixel array domain and maintains the coordinate correspondence with the original photoelectric response array matrix.

[0012] Furthermore, in step S3, the effective compensation value of the thermal distribution compensation matrix in the second photosensitive area is extracted based on the index result of the second photosensitive area. The thermal differential compensation weight is determined according to the pixel coordinates, and the thermal distribution compensation matrix is ​​used to perform differential cancellation on the second photosensitive area in the original photoelectric response array matrix. After obtaining the differential cancellation result, the row light-receiving baseline of the same row in the second photosensitive area is constructed, and the baseline removal residual is backfilled according to the original coordinates to generate a pure light response non-uniformity feature matrix.

[0013] Furthermore, in step S4, all valid coordinate values ​​in the pure light response non-uniformity feature matrix are read according to the second photosensitive area index result, and expanded into a pure light response non-uniformity feature sequence in row priority order. Then, the light response attenuation features are arranged in stripe period order to form a light response attenuation feature sequence. The pure light response non-uniformity feature sequence and the light response attenuation feature sequence are concatenated end to end and normalized to generate the current joint feature vector as the input for the same authentication.

[0014] Furthermore, in step S4, the feature mapping model is a pre-constructed network. The current joint feature vector is input into the first mapping branch of the feature mapping model, and the factory-preset baseline feature vector is input into the second mapping branch of the feature mapping model. The factory-preset baseline feature vector is formed by averaging the elements of the calibrated joint feature vector obtained by repeatedly executing steps S1 to S3 under controlled optical interrogation conditions on the same terminal.

[0015] Furthermore, in step S4, the current embedding vector and the baseline embedding vector are output according to the feature mapping model, and the distribution distance measure is generated based on the geometric divergence of the two in the same topological space. The terminal authentication status is determined by comparing the distribution distance measure with the intrinsic tolerance boundary. The intrinsic tolerance boundary is determined by the distribution distance measure sequence formed by repeatedly executing the current joint feature vector construction, feature mapping and distribution distance measure calculation during the factory calibration stage of the same terminal.

[0016] The technical effects and advantages of the photoelectric sensing data-driven IoT terminal authentication method of the present invention are as follows: This invention first extracts the dark-state discharge rate matrix from the first light-shielding region, then generates a thermal distribution compensation matrix by combining the thermal topology layout coordinates, and performs differential cancellation on the second photosensitive region. This can remove the thermal drift-related components superimposed on the light-receiving response in advance, so that the subsequently obtained pure light response non-uniformity feature matrix can more centrally reflect the inherent response differences between pixels and reduce the interference of thermal noise on the extraction of authentication features.

[0017] This invention utilizes the exposure readout time difference to extract the light response in the second photosensitive area through spatiotemporal transformation, forming a light response attenuation feature. This transforms the originally difficult-to-characterize dynamic hysteresis process of light reception into a feature object that can participate in authentication. Without the need for additional dedicated high-speed sampling hardware, it can add a type of input information that can be used for authentication and discrimination to the existing image sensor.

[0018] This invention uses the light response attenuation feature and the pure light response non-uniformity feature matrix as inputs to the feature mapping model for the same authentication, instead of relying solely on a single spatial feature for identity determination. When one type of feature is affected by fluctuations in the acquisition conditions, the other type of feature can still participate in the calculation of the distribution distance measurement. Therefore, the determination of the terminal's identity authentication status has a more complete basis for judgment, and the authentication results are more likely to remain consistent. Attached Figure Description

[0019] Figure 1 This is an overall flowchart of an IoT terminal authentication method driven by photoelectric sensing data according to the present invention. Figure 2 This is a schematic diagram of the region division of the original photoelectric response array matrix in this invention; Figure 3 This is a schematic diagram illustrating the extraction of optical response attenuation features under the coordination of optical challenge excitation signal and exposure readout time difference in this invention. Figure 4 This is a schematic diagram illustrating the generation of a heat distribution compensation matrix by combining the dark state discharge rate matrix with the heating topology layout coordinates in this invention. Figure 5 This is a flowchart illustrating the joint feature input and terminal identity authentication determination in this invention. Detailed Implementation

[0020] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0021] Please see Figure 1 This invention provides an IoT terminal authentication method driven by photoelectric sensing data, comprising: Step S1: In response to the received optical challenge excitation signal, the original photoelectric response array matrix that has not been processed by the image signal processor is read through the physical interface, and the original photoelectric response array matrix is ​​divided into a first light-blocking area and a second light-sensitive area. Step S2: Extract dark state readout information from the original photoelectric response array matrix based on the first light-blocking area and generate a dark state discharge rate matrix; extract light response attenuation features based on the second photosensitive area and in combination with the exposure readout time difference. Step S3: Expand the dark state discharge rate matrix into a thermal distribution compensation matrix covering the pixel array domain according to the thermal topology layout coordinates, and perform differential cancellation on the second photosensitive area through the thermal distribution compensation matrix to obtain the pure light response non-uniformity feature matrix. Step S4: The light response attenuation feature and the pure light response non-uniformity feature matrix are used as inputs to the feature mapping model for mapping and comparison. The terminal identity authentication status is determined based on the distribution distance measure output by the feature mapping model.

[0022] The processing approach of this invention is to treat the image sensor already present in a typical IoT terminal as a "hardware fingerprint source." First, it reads the thermal noise distribution from the light-shielded blind area, then extracts two types of features from the photosensitive area: light response attenuation and light response non-uniformity. Finally, a pre-trained discrimination model is used to compare the current device features with the factory registration features to determine whether it is the same device. The pain point it addresses is that in existing methods, under high temperature, strong light, and complex industrial environments, sensor thermal drift can overwhelm the real hardware fingerprint, causing even legitimate devices to frequently fail authentication. Compared to common solutions that only consider single spatial noise features, the key improvement of this solution is that it first uses the light-shielded area and the heating topology to subtract the thermal drift, and then converts the line-by-line exposure time difference into an extractable light response attenuation feature. Finally, it judges the two complementary features together, making it more suitable for stable device authentication in complex environments. Specifically, this invention focuses on processing the original photoelectric response array matrix triggered by an optical challenge excitation signal. First, a hardware coordinate mask is used to divide the same pixel coordinate domain into a first light-blocking region and a second light-sensitive region, allowing dark-state information and light-receiving information to enter their respective processing chains. Subsequently, a dark-state discharge rate matrix is ​​formed from the first light-blocking region, and a light response attenuation feature is formed from the second light-sensitive region in conjunction with the exposure readout time difference. Then, the dark-state discharge rate matrix is ​​associated with the coordinates of the heating topology layout to generate a thermal distribution compensation matrix covering the pixel array domain. Based on this, differential cancellation and baseline removal processing are performed on the second light-sensitive region to obtain a pure light response non-uniformity feature matrix. On this basis, the two types of features are organized as the same authentication input and sent to the feature mapping model for mapping comparison. The terminal identity authentication status is output by the distribution distance measure, completing the continuous processing chain from the underlying original response to the authentication result.

[0023] Step S1 includes the following: In an IoT terminal authentication method driven by photoelectric sensing data, when the terminal enters the authentication process, it has received an optical challenge excitation signal used to excite surface pixels to generate distinguishable electrical responses, and the terminal has already embedded the hardware coordinate mask and physical interface readout channel corresponding to the image sensor. However, external excitation alone cannot directly support the subsequent step S2 to extract the dark state discharge rate matrix and light response attenuation characteristics. It is also necessary to first form the original photoelectric response array matrix without the intervention of the image signal processor, and complete the boundary division of the first light-shielding area and the second photosensitive area in the same coordinate system, so that the subsequent steps are processed with a unified pixel domain object.

[0024] S101: Receives optical challenge excitation signals and forms the original acquisition sequence.

[0025] When authentication is triggered, the IoT terminal uses its sensor acquisition and control module as the execution entity to receive the optical challenge stimulus signal and initiate a sensor exposure readout cycle corresponding to the optical challenge stimulus signal. The starting point here is not the image frame processed by the application layer, but rather the underlying readout timing of the image sensor's physical interface. Therefore, the readout object is directly limited to the sequence of charge response values ​​output by the pixel array within the current exposure cycle. The optical challenge stimulus signal refers to a preset timing light signal emitted by an external light-emitting device during authentication. This signal is used to excite the second photosensitive area to generate a corresponding photoelectric response during the image sensor's exposure, and, in conjunction with the exposure readout time difference, forms the basis for the light-receiving response required for subsequent extraction of light response attenuation features.

[0026] In practice, the sensor acquisition and control module first locks the starting exposure row and the ending readout row corresponding to this authentication based on the arrival time of the optical challenge excitation signal. Then, following the inherent row-by-row readout order of the image sensor, it continuously extracts the original values ​​of each row of pixels from the physical interface and backfills them according to the two-dimensional coordinate positions of the pixels in the array. Backfilling involves writing the values ​​read from each pixel on the physical interface into the same two-dimensional matrix position according to its factory-fixed row and column coordinates, thereby restoring the serial output sequence to a two-dimensional array structure that corresponds one-to-one with the actual pixel arrangement. After completing the backfilling of all rows, the original photoelectric response array matrix is ​​obtained.

[0027] The original photoresponse array matrix maintains the direct output state of the image sensor without introducing white balance, spatial filtering, or brightness reshaping processing. Therefore, the pixel values ​​within the matrix still retain the original distribution relationship formed by the non-uniformity of light response, dark current disturbance, and line-by-line exposure timing differences. In one embodiment, the following steps are all executed by the IoT terminal. When the gateway at the factory site sends a high-frequency modulated optical challenge excitation signal to a camera-type edge terminal, the terminal directly calls the original readout mode in the sensor register, retrieves the pixel values ​​of the current frame line by line, and assembles the original photoresponse array matrix locally. This matrix is ​​then sent directly to the authentication processing module without going through the image display link.

[0028] S102: Establish the region division boundary based on the hardware coordinate mask.

[0029] After obtaining the original photoresponse array matrix, the authentication processing module does not immediately perform statistical analysis on the matrix values. Instead, it first retrieves the hardware coordinate mask that uniquely corresponds to the current image sensor model. The hardware coordinate mask is a coordinate boundary table burned into the device at the factory. It is used to mark the location of dead zone pixels that are physically covered by the metal layer and cannot receive external photon injection. Therefore, this hardware coordinate mask becomes the direct input basis for this sub-step.

[0030] Specifically, the authentication processing module coaxially aligns the two-dimensional coordinate system of the original photoresponse array matrix with the two-dimensional coordinate system of the hardware coordinate mask. The alignment process uses the top-left pixel of the image sensor as the unified origin and establishes a point-by-point indexing relationship based on the same row and column numbers. When a coordinate in the hardware coordinate mask is identified as a physical occlusion coordinate, the authentication processing module registers the corresponding position in the original photoresponse array matrix as a candidate occlusion pixel; when a coordinate is not identified as a physical occlusion coordinate, the corresponding position is registered as a candidate photosensitive pixel. Through this point-by-point indexing, all pixels in the original photoresponse array matrix are processed within the same partitioning process, rather than relying on empirical partitioning based on image brightness thresholds, thus maintaining the consistency between the region boundaries and the physical structure of the device.

[0031] In one embodiment, the image sensor used in an IoT terminal has its edge pixels sealed by a metal layer during manufacturing. The row and column coordinates of this edge blind zone are written into a hardware coordinate mask at the time of terminal shipment. After reading the original photoresponse array matrix, the authentication processing module searches point by point according to the coordinates. Pixels falling within the coordinate set of this edge blind zone are registered as candidate light-shielding pixels; pixels located in the central normal imaging area are registered as candidate photosensitive pixels. Therefore, in subsequent step S2, the coordinate boundaries corresponding to the candidate light-shielding pixel set can be directly called when extracting the dark-state discharge rate matrix, while the coordinate boundaries corresponding to the candidate photosensitive pixel set are called when extracting the light response attenuation features.

[0032] S103: Generate the first light-blocking area and the second light-sensitive area and output the subsequent calling object.

[0033] After candidate pixel registration is completed, the authentication processing module performs region shaping on candidate light-blocking pixels and candidate photosensitive pixels according to the connected coordinate organization rule. The connected coordinate organization rule is to group the coordinates of pixels that appear consecutively in adjacent rows and columns and belong to the same physical attribute category into the same region boundary, and use the region boundary to inversely index the actual pixel value in the original photoelectric response array matrix, so that the region object contains a stable spatial location range and retains the corresponding original response value.

[0034] In the specific processing, the authentication module first sorts all candidate light-blocking pixel coordinates in row-major order, then merges coordinates that are consecutive and belong to the same physical occlusion boundary in the hardware coordinate mask to form the first light-blocking region. Subsequently, the remaining candidate photosensitive pixels are merged using the same coordinate merging method to form the second photosensitive region. After forming the regions, two types of region index results are established that can be directly called by subsequent steps: one is the first light-blocking region index result, which contains the coordinate range of the first light-blocking region in the original photoresponse array matrix and the corresponding matrix slice position; the other is the second photosensitive region index result, which contains the coordinate range of the second photosensitive region in the original photoresponse array matrix and the corresponding matrix slice position. At this time, a fixed reference relationship is formed between the original photoresponse array matrix, the first light-blocking region index result, and the second photosensitive region index result. The subsequent step S2 does not need to re-partition; it can directly extract the dark-state discharge rate matrix according to the first light-blocking region index result and extract the light response attenuation feature according to the second photosensitive region index result combined with the exposure readout time difference.

[0035] At the end of this sub-step, the authentication processing module performs a boundary integrity check on the region division result. The check is limited to whether the first light-blocking region and the second photosensitive region do not overlap in coordinates and whether their union covers all valid pixel positions of the original photoresponse array matrix. If this relationship is satisfied, the original photoresponse array matrix, along with the first light-blocking region and the second photosensitive region, is written into the authentication task cache as the output result of step S1 for sequential use in subsequent step S2. In one embodiment, after the edge terminal completes the region division, the authentication processing module registers the edge-blocked pixel block as the first light-blocking region and the central light-receiving pixel block as the second photosensitive region. Then, it directly passes the coordinate indices of these two regions to the subsequent extraction module. The subsequent extraction module no longer reads the hardware coordinate mask repeatedly, but only performs calculations based on the region boundaries formed in step S1.

[0036] Through step S1, the IoT terminal has completed the bottom-level acquisition of the original photoelectric response array matrix under the trigger of the optical challenge excitation signal, and formed two types of regional objects, namely the first light-blocking region and the second light-sensitive region, within a unified pixel coordinate system. The original photoelectric response array matrix retains all the original electrical distributions required for subsequent extraction. The first light-blocking region provides a fixed boundary for the extraction of the dark state discharge rate matrix in step S2, and the second light-sensitive region provides the range of light-receiving pixels for the extraction of light response attenuation features using the exposure readout time difference in step S2. Thus, the closed-loop construction from challenge excitation to regionalized original data objects is completed.

[0037] Step S2 includes the following: Step S1 has formed the original photoelectric response array matrix under the action of the optical challenge excitation signal and given the index results of the first shading area and the second photosensitive area, so that the pixel reading and the area boundary are in the same coordinate system. However, the data obtained at this time is still the original array data mixed with dark state discharge, light response and line-by-line time difference, which cannot directly support the subsequent thermal distribution compensation and identity recognition. Therefore, step S2 continues to develop based on the results. On the one hand, the dark state discharge rate matrix is ​​extracted from the first shading area, and on the other hand, the light response attenuation characteristics are extracted from the second photosensitive area using the exposure readout time difference.

[0038] S201: Construct a dark state readout sequence and calculate the dark state discharge rate matrix based on the index results of the first shading region.

[0039] Step S1 has already written the original photoresponse array matrix and the first shading region index result into the cache of this authentication task. The authentication processing module in the IoT terminal first starts the shading branch processing based on this. The following steps are all executed by the IoT terminal. The authentication processing module does not re-divide the region, but directly extracts the corresponding pixel value from the original photoresponse array matrix based on the first shading region index result.

[0040] Specifically, the authentication processing module sorts the pixel coordinates row by row within the first shading area according to the readout direction of the image sensor, and registers the original pixel value corresponding to each coordinate along with the readout time of that row in the current exposure readout cycle, forming a shading readout sequence. The readout time is derived from the row timing table of the image sensor's physical interface. This row timing table is consistent with the readout order used in step S1 when forming the original photoelectric response array matrix. Therefore, each pixel value in the shading readout sequence has both a fixed coordinate position and a fixed time position. After completing this registration, the authentication processing module searches for adjacent pixel pairs along the readout direction within the first shading area and confines the adjacent pixel pairs to the same continuous shading strip for calculation, thereby keeping the dark state change consistent with the actual readout time progression direction.

[0041] After obtaining the light-shielding readout sequence, the authentication processing module calculates the local temporal slope for each valid pixel located in the first light-shielding region and writes this slope back to the original pixel coordinates to form a dark-state discharge rate matrix. For pixels located within continuous light-shielding strips, the local temporal slope is calculated using center difference: in, To write the first [value] into the dark state discharge rate matrix Line 1 The dark-state discharge rate at the column position is derived from the local time variation of the coordinates corresponding to the first shading region; These are the original pixel values ​​of the original photoelectric response array matrix at the same coordinates; For the first The readout time of a row pixel in the current exposure readout cycle is given by the row timing table of the image sensor. Pixels located at the beginning or end of a continuous shading strip are calculated using a one-sided difference with their adjacent pixels, and the results are written back to the corresponding coordinates. Through this process, each valid coordinate in the first shading region obtains a dark-state discharge rate value corresponding to the readout timing. All values ​​are then filled back to their original coordinates to form the dark-state discharge rate matrix.

[0042] In one embodiment, after receiving the optical challenge excitation signal emitted by the modulator, the camera-type IoT terminal in the industrial field first extracts the light-shielding readout sequence from the blind pixels at the sensor edge that are covered by a metal layer. Then, it calculates the local temporal slope of each blind pixel based on the readout time difference between adjacent rows. Since this region does not receive external photon injection, the obtained slope directly characterizes the dark-state discharge intensity distribution of the current device at this authentication time. This result is then used as the basic boundary condition for unfolding the thermal distribution compensation matrix in step S3.

[0043] S202: Extract the light response attenuation characteristics based on the second photosensitive area index result and the exposure readout time difference.

[0044] After completing the dark-state discharge rate matrix, the authentication processing module continues to call the second photosensitive area index result written to the cache in step S1, and starts the photosensitive branch processing on the same original photoresponse array matrix. At this time, the processing starting point is not the new image frame obtained by resampling, but the original pixel set of the second photosensitive area whose coordinate relationship has been fixed in step S1. Therefore, the light-receiving stripes in the second photosensitive area can be directly correlated with the row time sequence.

[0045] Specifically, the authentication processing module first extracts the illuminated pixels row by row according to the second photosensitive area index result, and constructs a row response sequence for each row in the second photosensitive area. The construction method involves performing median aggregation on all original pixel values ​​belonging to the same row and located within the second photosensitive area, compressing each row into a single row response value, and arranging these values ​​sequentially to obtain a row response sequence organized in readout order. in, For the second photosensitive area The row response value; For the second photosensitive area in the first The set of valid column coordinates within a row; For the original photoresponse array matrix in the th Line 1 The original pixel values ​​at the column positions. After this aggregation, the alternating bright and dark stripes formed by external high-frequency AC modulated light under progressive exposure conditions are compressed into an oscillating sequence that varies along the row direction. The degree of blurring of the transition between bright and dark stripes is directly characterized by the row response sequence.

[0046] After obtaining the row response sequence, the authentication processing module determines the number of rows corresponding to a single modulation period based on the modulation frequency recorded in the optical challenge excitation signal and the exposure readout time difference of the image sensor, and then segments the row response sequence into periods according to this number of rows. Let the modulation frequency of the optical challenge excitation signal be... The exposure readout time difference between two adjacent rows is Then the equivalent number of rows corresponding to one modulation period is in, This represents the equivalent number of rows spanned by a single modulation period in the line response sequence, and is actually segmented using the AND term. The corresponding nearest integer row number; Originating from the currently received optical challenge stimulus signal; This is derived from the fixed physical time difference in the line-by-line exposure mechanism of the image sensor. The authentication processing module divides the line response sequence into multiple continuous fringe period segments according to the readout order, and extracts the maximum line response value for each complete fringe period segment. and minimum row response value Then calculate the contrast blur amplitude of this segment and write it as a component of the light response attenuation feature: in, For the first The attenuation component of a complete fringe period segment. The larger the value, the weaker the contrast between light and dark within that fringe period, and the more significant the attenuation of high-frequency optical signals by the internal circuitry. and The first The maximum and minimum line response values ​​in each complete stripe period segment. The authentication processing module processes all stripe periods in the order they appear. Arranged sequentially, they form a light response attenuation characteristic.

[0047] In one embodiment, after the IoT terminal collects a light-receiving frame from the authentication emitter, alternating bright and dark fringes appear in the second photosensitive area along the row direction. The authentication processing module first compresses the light-receiving pixels of each row into a single row response value, then determines the row number corresponding to each group of stripes based on the modulation frequency and exposure readout time difference. Subsequently, it identifies the brightest and darkest rows within each group of stripes and calculates the corresponding attenuation components. The resulting light response attenuation feature does not rely on high-speed analog-to-digital conversion sampling, but is directly extracted from the spatial fringes formed by a regular image sensor during line-by-line exposure, and can be directly sent to step S4 for terminal identity determination.

[0048] S203: Solidify the results of the dark-state discharge rate matrix and photoresponse attenuation characteristics and establish subsequent call relationships.

[0049] After the dark-state discharge rate matrix and photoresponse attenuation features are extracted, the authentication processing module performs homologous solidification on the two types of results to maintain their continuous reference relationship with the output object of step S1. The starting point for this processing is the dark-state discharge rate matrix output in step S201 and the photoresponse attenuation features output in step S202. The authentication processing module does not change the numerical meaning of the two types of results, but rather rebinds them to the same authentication task number, forming the standard input object for subsequent steps.

[0050] Specifically, the authentication processing module first checks whether the coordinate support range of the dark-state discharge rate matrix is ​​consistent with the first shading region index result. If the valid coordinates in the dark-state discharge rate matrix correspond one-to-one with the valid coordinates in the first shading region index result, the matrix is ​​registered as a boundary matrix that can be called in step S3. Then, it checks whether each attenuation component in the optical response attenuation feature comes from a complete fringe period segment. Only fringe period segments that cover the complete alternation of light and dark are retained in the optical response attenuation feature. Rows and segments with less than one complete modulation cycle at the beginning and end are not written into the final result. After the filtering is completed, the authentication processing module writes the dark-state discharge rate matrix, the optical response attenuation feature, and the second photosensitive region index result from step S1 into the authentication task cache. This ensures that when step S3 calls the dark-state discharge rate matrix, the coordinates of the first shading region can still be traced, and that when step S4 calls the optical response attenuation feature, it can still correspond to the actual light-received response under the current optical challenge excitation signal.

[0051] In one embodiment, after the authentication processing module completes the extraction of the two branches, it marks the dark-state discharge rate matrix as the boundary input object of the thermal distribution compensation matrix and the light response attenuation feature as the dynamic input object of the feature mapping model, while maintaining the binding relationship between the second photosensitive area index result and the original photoresponse array matrix. Thus, step S3 can directly perform thermal distribution compensation within the entire pixel array domain based on the dark-state discharge rate matrix, and step S4 can directly receive the light response attenuation feature without having to backtrack through the stripe extraction process.

[0052] Through step S2, the IoT terminal has completed the extraction and solidification of the dark state discharge rate matrix and the light response attenuation feature based on the original photoelectric response array matrix, the first shading area index result and the second photosensitive area index result formed in step S1. Among them, the dark state discharge rate matrix is ​​kept consistent with the coordinates of the first shading area and is used as a boundary condition when expanding the thermal distribution compensation matrix in step S3. The light response attenuation feature is composed of the attenuation components of the complete stripe period segment in the order of reading and is directly input into the feature mapping model in step S4. Thus, the closed-loop transformation from the original stimulated response to the two types of authentication feature objects is completed.

[0053] Step S3 includes the following: Step S1 has completed the acquisition of the original photoelectric response array matrix and the boundary division of the first light-shielding area and the second photosensitive area. Step S2 has extracted the dark state discharge rate matrix in the same coordinate domain and solidified the light response attenuation characteristics. However, the original light-receiving pixels in the second photosensitive area are still superimposed with thermal drift noise related to the heat points inside the chip, and cannot be directly used as terminal fingerprint input. Therefore, step S3 expands the thermal field reconstruction and differential cancellation based on the dark state discharge rate matrix, the heat-generating topology layout coordinates and the index results of the second photosensitive area to generate a pure light response non-uniformity feature matrix that can be directly called in step S4.

[0054] S301: Establish the thermal field expansion relationship based on the coordinates of the heating topology layout.

[0055] Step S2 has registered the dark-state discharge rate matrix as the boundary input object of the thermal distribution compensation matrix and maintained the binding relationship between the second photosensitive area index result and the original photoresponse array matrix. Based on this result, the authentication processing module in the IoT terminal first retrieves the thermal topology layout coordinates uniquely corresponding to the current image sensor, so that the coordinate positions in the dark-state discharge rate matrix and the positions of each high-heat-generating element are in the same two-dimensional coordinate system.

[0056] Specifically, the authentication processing module registers the location of each high-heat-generating element in the heat-generating topology layout coordinates as a heat source center, aligns it point-by-point with the original photoelectric response array matrix according to the row and column coordinates, and then uses the coordinates of each effective pixel in the first shading area as a boundary sampling point. The values ​​of these boundary sampling points are directly taken from the dark-state discharge rate of the corresponding coordinates in the dark-state discharge rate matrix. Therefore, each boundary sampling point simultaneously possesses two types of information: its geometric position in the pixel array and the dark-state discharge intensity actually measured at the current authentication moment. Subsequently, the authentication processing module calculates the geometric distance from each boundary sampling point to each heat source center and constructs the heat source response matrix, where the... The boundary sampling point and the first The response term between the heat source centers is represented as follows: In the formula, The elements of the heat source response matrix are used to characterize the first... The heat source center for the first Thermal influence intensity of each boundary sampling point; For the first From the first boundary sampling point to the second The geometric distance between the centers of the heat sources is calculated from the difference in their coordinates. The thermal diffusion attenuation coefficient is derived from the conversion result of the thermal diffusion path length and pixel spacing in the current image sensor layout. It is used to convert geometric distance into thermal impact attenuation. Specifically, the thermal diffusion attenuation coefficient is obtained during the factory calibration phase: starting from each heat source center, multiple boundary sampling points located within the first shading area are selected along at least two different directions. The dark-state discharge rate and corresponding geometric distance of each boundary sampling point are recorded. The exponential decay relationship between the dark-state discharge rate and geometric distance is fitted using least-squares fitting, and the attenuation coefficient corresponding to the minimum fitting error is taken as the thermal diffusion attenuation coefficient of the image sensor. When multiple heat source centers exist, the arithmetic mean of the attenuation coefficients corresponding to each heat source center is taken and written into the terminal parameter area, which is directly called during subsequent heat source response matrix construction and thermal distribution compensation matrix expansion.

[0057] After the heat source response matrix is ​​established, the authentication processing module arranges the dark-state discharge rates of all boundary sampling points within the first shading area in the same order as the heat source response matrix to form a boundary sampling vector. Then, a non-negative least squares fitting algorithm is used to invert the contribution intensity of each heat source center to obtain a thermal field expansion coefficient sequence. The thermal field expansion coefficient sequence refers to the set of coefficients that correspond one-to-one with each heat source center, used to characterize the thermal driving strength of each heating position on the entire pixel array at the current authentication time. Subsequent steps will use this sequence to expand the boundary measurements in the first shading area to the full pixel coordinate domain. In one embodiment, the following steps are all executed by the IoT terminal. When the readout amplifier inside the industrial camera terminal is located on the right side of the sensor and the analog-to-digital converter is located at the bottom of the sensor, the authentication processing module first reads in these two types of coordinates, then establishes the distance relationship between the dark-state discharge rate at the edge metal-covered pixels and the two types of heat source centers point by point, and then inverts to obtain the corresponding thermal field expansion coefficient sequence, which serves as the direct input for the next step of generating the thermal distribution compensation matrix. The non-negative least squares fitting algorithm uses the dark-state discharge rate of all boundary sampling points within the first shading area to form a boundary sampling vector, and the heat source response terms from each boundary sampling point to each heat source center to form a heat source response matrix. The goal is to minimize the sum of squared errors between the predicted result after multiplying the heat source response matrix and the thermal field expansion coefficient sequence and the boundary sampling vector, and to ensure that each coefficient in the thermal field expansion coefficient sequence is not less than 0. After the solution is completed, the non-negative coefficients corresponding to each heat source center are written as the thermal field expansion coefficient sequence in the order of the heat source center numbers.

[0058] S302: Expand the dark state discharge rate matrix into a thermal distribution compensation matrix.

[0059] After completing the thermal field expansion coefficient sequence, the authentication processing module continues to expand the full array thermal field reconstruction using the original photoelectric response array matrix coordinate domain formed in step S1. At this time, the processing starting point is the thermal field expansion coefficient sequence output in step S301 and the aligned heating topology layout coordinates. The authentication processing module no longer returns to the first shading area for resampling, but directly extends the boundary sampling conditions to the entire pixel array.

[0060] Specifically, the authentication processing module uses all valid pixel coordinates in the original photoelectric response array matrix as the expanded grid, superimposes the thermal influence values ​​from all heat source centers onto each coordinate position, and writes the superposition result to the same coordinate position to obtain the thermal distribution compensation matrix. For any pixel located at the... Line 1 The pixel coordinates of the column, and the value of its heat distribution compensation matrix are calculated by the following formula: in, The heat distribution compensation matrix is ​​in the first... Line 1 The compensation value for the column position represents the intensity of thermal drift at that pixel position due to the influence of the internal heating topology at the current authentication time; This represents the total number of heat source centers in the heat generation topology layout coordinates. For the thermal field expansion coefficient sequence and the first The coefficients corresponding to each heat source center are obtained by inversion in step S301; For the first Line 1 Column pixel coordinates to the The geometric distance between the centers of each heat source. Since the compensation value at each location is calculated from the same set of thermal field expansion coefficient sequences and the same set of heating topology layout coordinates, the heat distribution compensation matrix maintains a continuous change relationship throughout the entire pixel array domain, and can be directly used as the basis for pixel-by-pixel compensation during subsequent differential cancellation.

[0061] After the thermal distribution compensation matrix is ​​generated, the authentication processing module extracts the effective compensation values ​​that match the coordinates of the second photosensitive area based on the second photosensitive area index result, and performs a coordinate consistency judgment. The judgment is whether the effective coordinates of the thermal distribution compensation matrix within the second photosensitive area correspond one-to-one with all the effective coordinates in the second photosensitive area index result; when the correspondence is true, the thermal distribution compensation matrix is ​​registered as one of the formal output objects in step S3 and enters the differential cancellation stage. In one embodiment, after the authentication processing module of the industrial camera terminal completes the full array deployment, a higher compensation value distribution can be seen near the bottom analog-to-digital converter and the right readout amplifier, while the compensation value located in the center of the sensor gradually weakens with increasing distance. This distribution result is then directly superimposed on the coordinates of the second photosensitive area to participate in pixel-by-pixel subtraction. The effective compensation value refers to the compensation value in the thermal distribution compensation matrix that corresponds one-to-one with the coordinates of each effective pixel within the second photosensitive area, used to generate the thermal differential compensation weight of the corresponding pixel and participate in differential cancellation.

[0062] S303: Perform differential cancellation on the second photosensitive area using the thermal distribution compensation matrix and generate a pure light response non-uniformity feature matrix.

[0063] The thermal distribution compensation matrix already contains the thermal drift estimate for each effective pixel within the second photosensitive area. The authentication processing module then calls the second photosensitive area index result and the original photoresponse array matrix written in step S1 to perform differential cancellation at the same coordinate position. The starting point for processing here is the pixel value corresponding to the second photosensitive area in the thermal distribution compensation matrix, the second photosensitive area index result, and the original photoresponse array matrix. These three are organized in the exact same coordinate order before entering the subtraction calculation.

[0064] Specifically, the authentication processing module first statistically analyzes the compensation value sequence of the thermal distribution compensation matrix within the second photosensitive area, sorts the sequence from smallest to largest, and takes the median value as the baseline compensation value for the second photosensitive area. This baseline compensation value is used to normalize the thermal drift estimates at different locations to the same nonlinear subtraction scale. Subsequently, a thermal differential compensation weight is calculated for each effective pixel coordinate within the second photosensitive area. This thermal differential compensation weight refers to a pixel-by-pixel nonlinear subtraction coefficient determined based on the pixel's thermal distribution compensation matrix value, used to control the magnitude of thermal drift noise stripped from the original light-receiving response. For any pixel located within the second photosensitive area... Line 1 For each column pixel, the thermal differential compensation weight and differential cancellation result are calculated using the following formula: in, For the first Line 1 The thermal differential compensation weight of the column pixel increases as the value of the thermal distribution compensation matrix at that position increases; The reference compensation value for the second photosensitive area is derived from the median value of the compensation value sequence of the thermal distribution compensation matrix within the second photosensitive area. This is the residual value written into the non-uniformity characteristic matrix of the pure optical response after differential cancellation; For the original photoresponse array matrix in the th Line 1 The original pixel value of the column position; This represents the effective coordinate set of the second photosensitive area. Therefore, pixels closer to high-heat-generating elements and with stronger thermal drift receive higher thermal differential compensation weights, while pixels with weaker thermal drift maintain lower deduction magnitudes, thus achieving position-adaptive nonlinear differential cancellation within the same coordinate domain.

[0065] After all valid pixels in the second photosensitive area have completed differential cancellation, the authentication processing module sets the coordinates according to the index result of the second photosensitive area. The backfill is in matrix form, forming a pure light response non-uniformity feature matrix. The effective coordinate domain of the pure light response non-uniformity feature matrix is ​​completely consistent with the second photosensitive area. The matrix retains the subtle residual distribution between pixels after thermal drift noise stripping, which corresponds to the inherent light response non-uniformity feature of the image sensor. In one embodiment, after the industrial camera terminal completes differential cancellation, the heated area near the right readout amplifier and the bottom analog-to-digital converter will have a larger thermal compensation amount deducted first, while the central photosensitive area retains more inherent differences between pixels, ultimately forming a pure light response non-uniformity feature matrix that only covers the second photosensitive area. This matrix is ​​directly written into the authentication task cache for joint input into the feature mapping model with the light response attenuation feature in step S4. The pure light response non-uniformity feature matrix is ​​the pixel residual matrix of the second photosensitive area after differential cancellation of the thermal distribution compensation matrix. Its effective coordinate domain is consistent with the second photosensitive area, and it is used to characterize the spatial response difference after the thermal drift component has been stripped.

[0066] Through step S3, the IoT terminal, based on the original photoelectric response array matrix formed in step S1, the index result of the second photosensitive area, and the dark state discharge rate matrix formed in step S2, introduces the heating topology layout coordinates to complete the solution of the thermal field expansion coefficient sequence, the generation of the thermal distribution compensation matrix, and the pixel-by-pixel differential cancellation of the second photosensitive area. Among them, the thermal distribution compensation matrix retains the coordinate relationship of the entire array as the thermal drift estimation result, and the pure light response non-uniformity feature matrix retains the effective coordinates of the second photosensitive area as the light-receiving residual matrix after differential cancellation. Together, they complete the closed-loop transformation from thermal noise boundary quantity to authenticable fingerprint matrix.

[0067] Step S4 includes the following: Step S2 has formed the light response attenuation feature, and step S3 has formed the pure light response non-uniformity feature matrix in the second photosensitive area. Both types of results correspond to the same optical challenge excitation signal. However, only these two types of physical features are still in the original representation layer and have not yet been transformed into a unified discriminant that can be used for terminal identity determination. Therefore, step S4, based on the light response attenuation feature and the pure light response non-uniformity feature matrix, calls the pre-burned feature mapping model to complete the joint mapping, distribution distance measurement calculation, and terminal identity authentication status output.

[0068] S401: Jointly organize the light response attenuation feature and the pure light response non-uniformity feature matrix to generate the model input.

[0069] Step S3 has already written the pure photoresponse non-uniformity feature matrix into the authentication task cache, and step S2 has already written the photoresponse attenuation feature into the same authentication task cache. Therefore, the authentication processing module in the IoT terminal first retrieves these two objects synchronously from the same task number. At this point, the processing starting point is not to revisit the original photoresponse array matrix, but to directly inherit the final feature object formed in steps S2 and S3, thereby maintaining the consistency between subsequent discrimination and this authentication process.

[0070] Specifically, the authentication processing module first reads the matrix values ​​corresponding to all valid coordinates in the pure light response non-uniformity feature matrix according to the index result of the second photosensitive area, and expands them into a one-dimensional sequence according to the row priority order determined in step S1, forming a pure light response non-uniformity feature sequence. The pure light response non-uniformity feature sequence refers to the sequence obtained by arranging the valid pixel residuals of the pure light response non-uniformity feature matrix within the second photosensitive area in a fixed coordinate order, and this order is not changed when entering the feature mapping model. Subsequently, the authentication processing module keeps the light response attenuation features in their original positions according to the stripe period order formed in step S2, forming a light response attenuation feature sequence, and concatenates this sequence with the pure light response non-uniformity feature sequence end-to-end to generate the current joint feature vector. The current joint feature vector refers to the model input vector formed by organizing the two types of physical features extracted in the same authentication in a fixed order, with the first part being the pure light response non-uniformity feature sequence and the second part being the light response attenuation feature sequence.

[0071] To ensure that the two types of features maintain comparable scale before entering the feature mapping model, the authentication processing module performs interval normalization on the current joint feature vector. The normalization method involves calculating the maximum absolute value within both the pure optical response non-uniformity feature sequence and the optical response attenuation feature sequence, then dividing the corresponding segment element-wise by this maximum absolute value, and finally writing it back into the current joint feature vector while maintaining the original connection order of the two segments. After this processing, the current joint feature vector retains both the spatial residual distribution in the pure optical response non-uniformity feature matrix and the dynamic attenuation pattern in the optical response attenuation feature, making it directly usable as the current input branch data for the feature mapping model.

[0072] In one embodiment, the following steps are all performed by the IoT terminal. After an industrial camera terminal completes thermal drift stripping, the authentication processing module first expands the pure light response non-uniformity feature matrix in the second photosensitive area row by row, and then appends the attenuation components of each stripe period in the light response attenuation feature to it to obtain a current joint feature vector of fixed length, and sends the vector into the feature mapping model that has been burned into the terminal.

[0073] S402: Input the current joint feature vector and the factory-preset baseline feature vector into the feature mapping model and calculate the distribution distance measure.

[0074] After completing the current joint feature vector, the authentication processing module calls the feature mapping model pre-programmed into the terminal and simultaneously reads the factory-preset baseline feature vector from the secure storage area. The factory-preset baseline feature vector refers to the reference vector collected, formed, and stored under controlled optical interrogation conditions during the terminal's factory calibration phase. Its organization is completely consistent with the current joint feature vector, consisting of sequence segments corresponding to the pure light response non-uniformity feature and sequence segments corresponding to the light response attenuation feature in the same order. Therefore, both can be processed in parallel within the same feature mapping model. The factory-preset baseline feature vector is generated during the terminal's factory calibration phase. Specifically, under controlled optical interrogation conditions, controlled temperature conditions, and a fixed installation posture, steps S1 to S3 are repeated on the same terminal to obtain multiple sets of calibration joint feature vectors with the same organization as the current joint feature vector. Element-wise averaging is then performed on each calibration joint feature vector at the same dimensional position, and the resulting average vector is written into the secure storage area as the terminal's factory-preset baseline feature vector. The calibration joint feature vector is constructed using the same feature expansion order and normalization method as the current joint feature vector, so that the factory-preset baseline feature vector and the current joint feature vector maintain the same data organization caliber before being input into the feature mapping model.

[0075] Specifically, the feature mapping model employs a lightweight nonlinear Siamese discriminant network structure, comprising two mapping branches with shared parameters. The authentication processing module feeds the current joint feature vector into the first mapping branch and the factory-preset baseline feature vector into the second mapping branch. Each mapping branch sequentially performs fully connected mapping, hyperbolic tangent activation, and compression mapping, thereby compressing the original input vector into the same topological space, yielding the current embedding vector and the baseline embedding vector, respectively. Since the two mapping branches share the same set of network parameters, the current joint feature vector and the factory-preset baseline feature vector follow the same nonlinear transformation rule during the mapping process, thus the two output embedding vectors are directly comparable.

[0076] In one embodiment, the feature mapping model can be configured as a lightweight nonlinear Siamese discriminant network, containing two parameter-shared mapping branches. Each mapping branch includes four fully connected layers in sequence: input layer, first hidden layer, second hidden layer, and embedding layer. When the current joint feature vector length is set to 800 dimensions, the network structure can be configured with 800-dimensional input, 256 neurons, 128 neurons, and a 64-dimensional embedding output. Both the first and second hidden layers use hyperbolic tangent activation functions, and the embedding layer uses linear output. The 64-dimensional vectors output by the two mapping branches are used as the current embedding vector and the baseline embedding vector, respectively. The training dataset can be obtained during the factory calibration phase or the R&D phase. For example, 200 IoT terminals are selected, and each terminal repeats steps S1 to S3 10 times under 6 temperature conditions and 5 lighting conditions, resulting in 60,000 samples of the current joint feature vector. Among them, different collection rounds of the same terminal constitute positive sample pairs, and different terminals constitute negative sample pairs, with the number of positive and negative sample pairs balanced at a 1:1 ratio. The training method can employ supervised contrastive training with a batch size of 128 and 80 training epochs. The optimizer is Adam, with an initial learning rate of 0.001, decaying to 0.0005 and 0.0001 in epochs 40 and 60, respectively. A contrastive loss function can be used, with positive sample pairs aiming to reduce the Euclidean distance between the two embedding vectors, and negative sample pairs aiming to increase the distance between the two embedding vectors to a margin of 1.0 or greater. Model pre-training parameters can be obtained using Xavier uniform initialization. For example, the weights for the first layer are initialized to -0.086 to 0.086, the second layer to -0.153 to 0.153, and the third layer to -0.177 to 0.177, with initial biases for each layer set to 0. After training, the network weights with the minimum validation set loss are saved, and this set of weights is burned into the terminal as the pre-training parameters for the feature mapping model.

[0077] After obtaining the current embedding vector and the baseline embedding vector, the authentication processing module calculates the distribution distance measure between them in the topological space. The distribution distance measure is calculated using normalized Euclidean divergence: in, As a distribution distance measure, it represents the geometric divergence between the current input and the factory-preset baseline feature vector in the topological space output by the feature mapping model; The dimension of the embedded vector; For the current embedding vector at the th The components of dimension are obtained from the current joint feature vector through the output of the first mapping branch; For the baseline embedding vector at the th The components of the dimension are obtained from the factory-preset baseline feature vector through the output of the second mapping branch. After the authentication processing module completes the calculation of all dimensional differences, it outputs a single scalar form of the distribution distance measure for direct use in subsequent identity determination.

[0078] In one embodiment, during on-site authentication, the industrial camera terminal simultaneously feeds the current joint feature vector and the factory-preset baseline feature vector into a lightweight nonlinear twin discriminant network. The network outputs two embedding vectors of the same length. The authentication processing module then calculates the difference between the two vectors dimension by dimension and accumulates them to obtain a distribution distance measure. The smaller this measure, the closer the two types of physical features currently collected are to the terminal's own features at the time of factory calibration.

[0079] S403: Determine the terminal authentication status based on the distribution distance measure and intrinsic tolerance boundary.

[0080] After the distribution distance measure is generated, the authentication processing module continues to read the intrinsic tolerance boundary corresponding to the current device from the terminal's secure storage area. The intrinsic tolerance boundary is determined during the terminal's factory calibration stage. Specifically, under the same controlled optical challenge conditions as the generated factory preset baseline feature vector, the current joint feature vector construction, feature mapping, and distribution distance measure calculation process in steps S1 to S4 are repeated for the same terminal. This ensures that each calibration sample is compared with the same factory preset baseline feature vector to obtain a distribution distance measure. Subsequently, all distribution distance measures are sorted in ascending order, and the distribution distance measure corresponding to the 90th percentile position is taken as the intrinsic tolerance boundary of the terminal and written into the terminal's secure storage area.

[0081] Specifically, the authentication processing module compares the currently obtained distribution distance measure with the intrinsic tolerance boundary. When the distribution distance measure is not greater than the intrinsic tolerance boundary, the authentication processing module outputs the terminal authentication status corresponding to the legitimate device; when the distribution distance measure is greater than the intrinsic tolerance boundary, the authentication processing module outputs the terminal authentication status corresponding to the illegitimate device. This comparison relationship can be expressed as: in, Terminal authentication status; For distribution distance measurement; This is the intrinsic tolerance boundary. This indicates that the device has been determined to be legitimate. This indicates that the device has been determined to be unauthorized. After obtaining the terminal's authentication status, the authentication processing module binds it with the current authentication task number and writes it into the authentication result register, which serves as the final output result of whether the IoT terminal has passed authentication.

[0082] In one embodiment, after a camera terminal in the factory edge network completes on-site sampling, the authentication processing module obtains a distribution distance measure based on a feature mapping model and compares it with the intrinsic tolerance boundary fixed in the terminal at the factory. If the distribution distance measure falls within the boundary, the terminal is registered as a legitimate device and allowed to continue accessing the edge authentication link; if the distribution distance measure crosses the boundary, the terminal is registered as an illegitimate device and the corresponding terminal authentication status is output. Thus, the entire determination process is always based on the light response attenuation feature formed in step S2 and the pure light response non-uniformity feature matrix formed in step S3, without the need to reconstruct other discrimination objects.

[0083] Through step S4, the IoT terminal has completed the generation of the current joint feature vector, the comparison and mapping of the factory preset baseline feature vector, the calculation of the distribution distance measure, and the output of the terminal identity authentication status, based on the light response attenuation feature formed in step S2 and the pure light response non-uniformity feature matrix formed in step S3. Among them, the distribution distance measure is used as the geometric divergence between the current input and the factory preset baseline feature vector for direct comparison, the intrinsic tolerance boundary is used as the legality discrimination boundary to participate in the final decision, and the terminal identity authentication status constitutes the final authentication result of the method in the current scenario.

[0084] The above embodiments are merely preferred embodiments of the present invention and are not intended to limit the scope of protection of the present invention. Any modifications, equivalent substitutions, or improvements made within the spirit and principles of the present invention should be included within the scope of protection of the present invention.

Claims

1. A photoelectric sensing data-driven IoT terminal authentication method, characterized in that, Including the following steps: Step S1: In response to the received optical challenge excitation signal, the original photoelectric response array matrix that has not been processed by the image signal processor is read through the physical interface, and the original photoelectric response array matrix is ​​divided into a first light-blocking area and a second photosensitive area. Step S2: Extract dark state readout information from the original photoelectric response array matrix based on the first light-blocking area and generate a dark state discharge rate matrix; extract light response attenuation features based on the second photosensitive area and in combination with the exposure readout time difference. Step S3: Based on the coordinates of the heating topology layout, the dark state discharge rate matrix is ​​expanded into a thermal distribution compensation matrix covering the pixel array domain, and differential cancellation is performed on the second photosensitive area through the thermal distribution compensation matrix to obtain the pure light response non-uniformity feature matrix. Step S4: The light response attenuation feature and the pure light response non-uniformity feature matrix are used as inputs to the feature mapping model for mapping and comparison. The terminal identity authentication status is determined based on the distribution distance measure output by the feature mapping model.

2. The IoT terminal authentication method driven by photoelectric sensing data according to claim 1, characterized in that, In step S1, the pixel at the top left corner of the image sensor is used as the unified coordinate origin. The hardware coordinate mask and the original photoelectric response array matrix corresponding to the current image sensor are aligned point by point. The coordinates of pixels that are physically covered and cannot receive external photon injection are merged to form the first light-blocking area. The coordinates of the remaining effective pixels are merged to form the second photosensitive area. The index results of the first light-blocking area and the second photosensitive area are generated respectively, which maintain the coordinate correspondence with the original photoelectric response array matrix.

3. The IoT terminal authentication method driven by photoelectric sensing data according to claim 2, characterized in that, In step S2, the pixel values ​​corresponding to the first shading area are extracted from the original photoelectric response array matrix based on the index result of the first shading area, and the shading readout sequence is constructed by combining the row time table read out row by row by the image sensor. The local time slope is calculated for adjacent pixels in the same continuous shading strip according to the readout direction, and the local time slope corresponding to each pixel is backfilled according to the original coordinate position to generate a dark state discharge rate matrix consistent with the coordinates of the first shading area.

4. The IoT terminal authentication method driven by photoelectric sensing data according to claim 3, characterized in that, In step S2, the light-receiving pixels corresponding to the second photosensitive area are extracted based on the index result of the second photosensitive area. The pixel values ​​belonging to the second photosensitive area in the same row are aggregated to form a row response sequence. Then, the length of the stripe period segment is determined according to the modulation frequency and exposure readout time difference in the optical challenge excitation signal. The difference between light and dark response is extracted from each complete stripe period segment and arranged in the order of appearance to obtain the light response attenuation feature. The light response attenuation feature and the dark state discharge rate matrix are written together into the authentication task cache.

5. The IoT terminal authentication method driven by photoelectric sensing data according to claim 4, characterized in that, In step S3, the coordinates of the heating topology layout corresponding to the current image sensor are retrieved, the position of the high-heating element in the heating topology layout coordinates is registered as the center of the heat source, and the effective pixel coordinates in the first shading area are used as the boundary sampling points. The values ​​of the dark state discharge rate matrix at each boundary sampling point are used as the boundary sampling amount of the thermal field expansion. The geometric distance relationship between the boundary sampling points and each heat source center is established, providing the coordinate basis and boundary input for generating the thermal distribution compensation matrix.

6. The IoT terminal authentication method driven by photoelectric sensing data according to claim 5, characterized in that, In step S3, the dark state discharge rate of each boundary sampling point and the thermal response relationship from each boundary sampling point to each heat source center are used as inputs to solve the thermal field expansion coefficient sequence corresponding to each heat source center. Based on the thermal field expansion coefficient sequence and the heating topology layout coordinates, the thermal field is expanded on all effective pixel coordinates of the original photoelectric response array matrix to generate a thermal distribution compensation matrix that covers the pixel array domain and maintains the coordinate correspondence with the original photoelectric response array matrix.

7. The IoT terminal authentication method driven by photoelectric sensing data according to claim 6, characterized in that, In step S3, the effective compensation value of the thermal distribution compensation matrix in the second photosensitive area is extracted based on the index result of the second photosensitive area. The thermal differential compensation weight is determined according to the pixel coordinates, and the thermal distribution compensation matrix is ​​used to perform differential cancellation on the second photosensitive area in the original photoelectric response array matrix. After obtaining the differential cancellation result, the row light-receiving baseline of the same row in the second photosensitive area is constructed, and the baseline residual is backfilled according to the original coordinates to generate a pure light response non-uniformity feature matrix.

8. The IoT terminal authentication method driven by photoelectric sensing data according to claim 7, characterized in that, In step S4, all valid coordinate values ​​in the pure light response non-uniformity feature matrix are read according to the second photosensitive area index result, and expanded into a pure light response non-uniformity feature sequence in row priority order. Then, the light response attenuation features are arranged in stripe period order to form a light response attenuation feature sequence. The pure light response non-uniformity feature sequence and the light response attenuation feature sequence are concatenated end to end and normalized to generate the current joint feature vector as the input for the same authentication.

9. The IoT terminal authentication method driven by photoelectric sensing data according to claim 8, characterized in that, In step S4, the feature mapping model is a pre-built network. The current joint feature vector is input into the first mapping branch of the feature mapping model, and the factory-preset baseline feature vector is input into the second mapping branch of the feature mapping model. The factory-preset baseline feature vector is formed by averaging the elements of the calibrated joint feature vector obtained by repeatedly executing steps S1 to S3 under controlled optical interrogation conditions on the same terminal.

10. The IoT terminal authentication method driven by photoelectric sensing data according to claim 9, characterized in that, In step S4, the current embedding vector and the baseline embedding vector are output according to the feature mapping model, and the distribution distance measure is generated based on the geometric divergence of the two in the same topological space. The terminal authentication status is determined by comparing the distribution distance measure with the intrinsic tolerance boundary. The intrinsic tolerance boundary is determined by the distribution distance measure sequence formed by repeatedly executing the current joint feature vector construction, feature mapping and distribution distance measure calculation during the factory calibration stage of the same terminal.