[go: up one dir, main page]

CN115333785A - A safety isolation system, vehicle safety control method and related equipment - Google Patents

A safety isolation system, vehicle safety control method and related equipment Download PDF

Info

Publication number
CN115333785A
CN115333785A CN202210850515.5A CN202210850515A CN115333785A CN 115333785 A CN115333785 A CN 115333785A CN 202210850515 A CN202210850515 A CN 202210850515A CN 115333785 A CN115333785 A CN 115333785A
Authority
CN
China
Prior art keywords
vehicle
safety
service
application
party application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210850515.5A
Other languages
Chinese (zh)
Other versions
CN115333785B (en
Inventor
司华超
武亭
方伟家
李阳
戢文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Voyah Automobile Technology Co Ltd
Original Assignee
Voyah Automobile Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Voyah Automobile Technology Co Ltd filed Critical Voyah Automobile Technology Co Ltd
Priority to CN202210850515.5A priority Critical patent/CN115333785B/en
Publication of CN115333785A publication Critical patent/CN115333785A/en
Application granted granted Critical
Publication of CN115333785B publication Critical patent/CN115333785B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/08Protocols for interworking; Protocol conversion

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a safety isolation system, a vehicle safety control method and related equipment. The system comprises: the communication protocol module is used for providing an API (application programming interface) interface of a specific protocol for a third-party application, receiving a request instruction sent by the third-party application and determining whether to send the request instruction to the service interface agent module according to a safety verification result of the safety detection module; the safety detection module is used for detecting whether a request instruction sent by a third-party application is safe or not and feeding back a safety verification result to the communication protocol module; and the service interface agent module is used for converting the vehicle service interface into a specific API interface for the third-party application to call. The safety isolation system can ensure that the safety attributes of the vehicle and the privacy data of the user are not leaked, can expand the application scenes of vehicle services and interfaces to the maximum extent, and can assist the ecological sustainable development of automobile software.

Description

一种安全隔离系统、车辆安全控制方法及相关设备A safety isolation system, vehicle safety control method and related equipment

技术领域technical field

本说明书涉及车辆安全领域,更具体地说,本发明涉及一种安全隔离系统、车辆安全控制方法及相关设备。This specification relates to the field of vehicle safety, and more specifically, the present invention relates to a safety isolation system, a vehicle safety control method and related equipment.

背景技术Background technique

当前汽车行业正在发生深刻变革,随着汽车行业“四化”的发展及智能网联技术、自动驾驶技术、5G等新兴技术的盛行,越来越多的ICT(Informa-tion Co mmunicationTechnology)技术被运用到汽车领域。用户不再满足于市场上高度同质化的车型产品,特别是高端用户和年轻用户越来越渴望拥有一辆与众不同的座驾,以彰显自身的品味和个性。将软硬件功能分离,将软件面向SOA(Service-Oriented Architecture,面向服务的架构)服务的理念进行服务化重构,通过不同服务的组合应用实现复杂的软件功能和个性化功能的快速定制开发,通过OTA(Over-the-Air Technology,空中下载技术)在线升级方式对车辆软件功能进行更新,以实现用户个性化需求及常用常新,是解决产品同质化问题的关键路径和汽车行业的重要发展趋势。汽车软件生态将因此会朝向手机应用生态方向发展,会有越来越多的第三方开发者参与其中,汽车的安全性将因此受到影响。At present, the automobile industry is undergoing profound changes. With the development of the "four modernizations" of the automobile industry and the prevalence of emerging technologies such as intelligent network technology, autonomous driving technology, and 5G, more and more ICT (Information Communication Technology) technologies are being used applied to the automotive field. Users are no longer satisfied with the highly homogeneous models on the market, especially high-end users and young users are more and more eager to own a unique car to show their own taste and personality. Separation of software and hardware functions, service-oriented reconstruction of software for SOA (Service-Oriented Architecture, Service-Oriented Architecture) service concept, rapid customization and development of complex software functions and personalized functions through the combined application of different services, Updating vehicle software functions through OTA (Over-the-Air Technology, over-the-air technology) online upgrade method to meet user's individual needs and frequent new ones is the key path to solve the problem of product homogeneity and an important aspect of the automotive industry. development trend. As a result, the automotive software ecosystem will develop towards the mobile application ecosystem, and more and more third-party developers will participate in it, which will affect the safety of automobiles.

同时,智能网联汽车作为重要的物联网终端和汽车交通工具,当前的车辆服务及接口在被第三方应用调用时,如果第三方为非法侵入者,非常容易对车辆进行控制,严重影响车辆的行驶安全。At the same time, intelligent networked vehicles are important IoT terminals and vehicles. When the current vehicle services and interfaces are called by third-party applications, if the third party is an illegal intruder, it is very easy to control the vehicle, which seriously affects the safety of the vehicle. Drive safely.

发明内容Contents of the invention

在发明内容部分中引入了一系列简化形式的概念,这将在具体实施方式部分中进一步详细说明。本发明的发明内容部分并不意味着要试图限定出所要求保护的技术方案的关键特征和必要技术特征,更不意味着试图确定所要求保护的技术方案的保护范围。A series of concepts in simplified form are introduced in the Summary of the Invention, which will be further detailed in the Detailed Description. The summary of the invention in the present invention does not mean to limit the key features and essential technical features of the claimed technical solution, nor does it mean to try to determine the protection scope of the claimed technical solution.

第一方面,本发明提出一种安全隔离系统,上述系统包括:In the first aspect, the present invention proposes a safety isolation system, the above-mentioned system includes:

通信协议模块,用于为第三方应用提供特定协议的API接口,接收上述第三方应用发出的请求指令,并根据安全检测模块的安全验证结果确定是否将上述请求指令发送至服务接口代理模块;The communication protocol module is used to provide an API interface of a specific protocol for the third-party application, receive the request instruction sent by the above-mentioned third-party application, and determine whether to send the above-mentioned request instruction to the service interface proxy module according to the security verification result of the security detection module;

安全检测模块,用于检测第三方应用发出的请求指令是否安全,并将安全验证结果反馈给上述通信协议模块;The safety detection module is used to detect whether the request command issued by the third-party application is safe, and feeds back the safety verification result to the above-mentioned communication protocol module;

服务接口代理模块,用于将车辆服务接口转换为特定的API接口,供上述第三方应用进行调用。The service interface agent module is used to convert the vehicle service interface into a specific API interface for the above-mentioned third-party application to call.

可选的,上述安全检测模块还包括:Optionally, the above security detection module also includes:

安全认证组件,用于检测上述请求指令对应的第三方应用是否为可信任应用;A security authentication component, configured to detect whether the third-party application corresponding to the above request instruction is a trusted application;

访问权限管理组件,用于在上述第三方应用为可信任应用的情况下,判断该请求指令对应的发送者是否有对应的控制权限;The access rights management component is used to determine whether the sender corresponding to the request instruction has corresponding control rights when the above-mentioned third-party application is a trusted application;

上下文环境检测组件,用于在上述控制权限满足预设要求的情况下,检测请求指令是否超过预设阈值以确定上述请求指令的安全性。The context detection component is configured to detect whether the request instruction exceeds a preset threshold to determine the safety of the request instruction when the above-mentioned control authority meets the preset requirements.

可选的,上述服务接口代理模块包括:Optionally, the above-mentioned service interface proxy module includes:

版本管理组件,用于管理车辆端服务的版本;The version management component is used to manage the version of the vehicle-side service;

兼容性管理组件,用于管理不同版本的上述车端服务之间的兼容性;The compatibility management component is used to manage the compatibility between different versions of the above-mentioned car-side services;

变型管理组件,用于实现车端服务接口的变型管理,以区分不同车型配置可以提供的车端服务。The variant management component is used to realize the variant management of the vehicle-side service interface, so as to distinguish the vehicle-side services that can be provided by different vehicle configurations.

可选的,上述通信协议模块包括:Optionally, the communication protocol module above includes:

协议转换组件,用于实现第三方服务与车辆端服务的通讯协议转换;The protocol conversion component is used to realize the communication protocol conversion between the third-party service and the vehicle-side service;

API接口组件,用于为第三方应用提供特定协议的API接口。The API interface component is used to provide API interfaces of specific protocols for third-party applications.

第二方面、本申请提出一种车辆安全控制方法,用于如第一方面任一种上述的安全隔离系统,该方法包括:In the second aspect, the present application proposes a vehicle safety control method, which is used in any one of the above-mentioned safety isolation systems in the first aspect, and the method includes:

接收第三方应用发出的请求报文;Receive request messages sent by third-party applications;

将上述请求报文发送给上述安全检测模块并获取安全验证结果;Send the above-mentioned request message to the above-mentioned security detection module and obtain a security verification result;

在上述安全验证结果为安全结果的情况下,将上述请求报文发送至上述服务接口代理模块以调用相应的车辆服务。In the case that the above-mentioned security verification result is a security result, the above-mentioned request message is sent to the above-mentioned service interface proxy module to call the corresponding vehicle service.

可选的,上述方法还包括:Optionally, the above method also includes:

在上述安全验证结果为危险结果的情况下,获取上述第三方应用的类型;Obtain the type of the above-mentioned third-party application when the above-mentioned security verification result is a dangerous result;

在上述第三方应用类型为车辆行驶应用的情况下,立即将危险结果上传至云端;In the case that the above-mentioned third-party application type is a vehicle driving application, immediately upload the dangerous result to the cloud;

提醒车辆端的用户进入人工驾驶模式。Remind the user on the vehicle side to enter the manual driving mode.

可选的,上述方法还包括:Optionally, the above method also includes:

在上述第三方应用类型为辅助服务应用的情况下,获取上述第三方应用在预设时间内的危险结果次数;In the case that the above-mentioned third-party application type is an auxiliary service application, obtain the number of dangerous results of the above-mentioned third-party application within a preset time;

在上述危险结果次数超出预设阈值的情况下,切断上述第三方应用提供的服务。When the number of dangerous results exceeds a preset threshold, the service provided by the third-party application is cut off.

第二方面,本发明还提出一种车辆安全控制装置,包括:In the second aspect, the present invention also proposes a vehicle safety control device, including:

接收单元,用于接收第三方应用发出的请求报文;a receiving unit, configured to receive a request message sent by a third-party application;

获取单元,用于将上述请求报文发送给上述安全检测模块并获取安全验证结果;An acquisition unit, configured to send the above-mentioned request message to the above-mentioned security detection module and obtain a security verification result;

控制单元,用于在上述安全验证结果为安全结果的情况下,将上述请求报文发送至上述服务接口代理模块以调用相应的车辆服务。The control unit is configured to send the above-mentioned request message to the above-mentioned service interface proxy module to call the corresponding vehicle service when the above-mentioned security verification result is a security result.

第三方面,一种电子设备,包括:存储器、处理器以及存储在上述存储器中并可在上述处理器上运行的计算机程序,上述处理器用于执行存储器中存储的计算机程序时实现如上述的第一方面任一项的车辆安全控制方法的步骤。In a third aspect, an electronic device includes: a memory, a processor, and a computer program stored in the memory and operable on the processor. The processor is used to execute the computer program stored in the memory to implement the above-mentioned first In one aspect, the steps of any one of the vehicle safety control methods.

第四方面,本发明还提出一种计算机可读存储介质,其上存储有计算机程序,上述计算机程序被处理器执行时实现第一方面上述任一项的车辆安全控制方法。In a fourth aspect, the present invention also proposes a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the vehicle safety control method described in any one of the above-mentioned aspects of the first aspect is implemented.

综上,本申请实施例的安全隔离系统包括:通信协议模块,用于为第三方应用提供特定协议的API接口,接收上述第三方应用发出的请求指令,并根据安全检测模块的安全验证结果确定是否将上述请求指令发送至服务接口代理模块;安全检测模块,用于检测第三方应用发出的请求指令是否安全,并将安全验证结果反馈给上述通信协议模块;服务接口代理模块,用于将车辆服务接口转换为特定的API接口,供上述第三方应用进行调用。本申请提出的安全隔离系统,通过通信协议模块为第三方应用提供特定协议的API接口,为第三方应用与车辆端对接提供了便利,通过安全检测模块对第三方应用发出的请求信息进行多层次的安全性评判,保证了进入车辆端的第三方应用请求的合法性,通过服务接口代理模块将车辆端服务口与第三方服务口进行转换,保证了车辆端服务口的隐私性与安全性,提升了车辆端服务的安全性。本申请提出的系统,能够保障车辆安全属性及用户隐私数据不被泄露,还能最大程度拓展车辆服务及接口的应用场景,助力汽车软件生态的可持续发展,构建软件服务产品的新商业模式,最终形成类似手机应用商店的商业形态。To sum up, the security isolation system of the embodiment of the present application includes: a communication protocol module, which is used to provide a third-party application with an API interface of a specific protocol, receive the request instruction issued by the above-mentioned third-party application, and determine according to the security verification result of the security detection module Whether to send the above-mentioned request command to the service interface proxy module; the security detection module is used to detect whether the request command sent by the third-party application is safe, and feeds back the security verification result to the above-mentioned communication protocol module; the service interface proxy module is used to send the vehicle The service interface is converted into a specific API interface for the above-mentioned third-party application to call. The safety isolation system proposed in this application provides API interfaces of specific protocols for third-party applications through the communication protocol module, which facilitates the connection between third-party applications and the vehicle end, and performs multi-level monitoring of the request information sent by third-party applications through the safety detection module. The security evaluation ensures the legitimacy of the third-party application request entering the vehicle end. The service port of the vehicle end and the third-party service port are converted through the service interface proxy module, which ensures the privacy and security of the service port of the vehicle end, and improves the The security of vehicle-side services is improved. The system proposed in this application can ensure that vehicle safety attributes and user privacy data are not leaked, and can also maximize the application scenarios of vehicle services and interfaces, help the sustainable development of automotive software ecology, and build a new business model for software service products. Finally, a business form similar to a mobile phone application store is formed.

本发明的车辆安全控制方法,本发明的其它优点、目标和特征将部分通过下面的说明体现,部分还将通过对本发明的研究和实践而为本领域的技术人员所理解。The vehicle safety control method of the present invention, other advantages, objectives and features of the present invention will be partly embodied by the following description, and partly will be understood by those skilled in the art through the research and practice of the present invention.

附图说明Description of drawings

通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本说明书的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating the preferred embodiments and are not to be considered as limiting the description. Also throughout the drawings, the same reference numerals are used to designate the same parts. In the attached picture:

图1为本申请实施例提供的一种安全隔离系统结构示意图;FIG. 1 is a schematic structural diagram of a safety isolation system provided by an embodiment of the present application;

图2为本申请实施例提供的一种安全隔离系统中的安全检测模块结构示意图;FIG. 2 is a schematic structural diagram of a safety detection module in a safety isolation system provided by an embodiment of the present application;

图3为本申请实施例提供的一种安全隔离系统中的服务接口代理模块结构示意图;FIG. 3 is a schematic structural diagram of a service interface proxy module in a security isolation system provided by an embodiment of the present application;

图4为本申请实施例提供的一种安全隔离系统中的通信协议模块结构示意图;FIG. 4 is a schematic structural diagram of a communication protocol module in a security isolation system provided by an embodiment of the present application;

图5为本申请实施例提供的一种车辆安全控制方法流程示意图;FIG. 5 is a schematic flow chart of a vehicle safety control method provided in an embodiment of the present application;

图6为本申请实施例提供的另一种车辆安全控制方法流程示意图;FIG. 6 is a schematic flow chart of another vehicle safety control method provided in the embodiment of the present application;

图7为本申请实施例提供的另一种安全隔离系统结构示意图;FIG. 7 is a schematic structural diagram of another safety isolation system provided by the embodiment of the present application;

图8为本申请实施例提供的一种车辆安全控制装置结构示意图;FIG. 8 is a schematic structural diagram of a vehicle safety control device provided in an embodiment of the present application;

图9为本申请实施例提供的一种车辆安全控制电子设备结构示意图。FIG. 9 is a schematic structural diagram of a vehicle safety control electronic device provided by an embodiment of the present application.

具体实施方式Detailed ways

本申请提出的安全隔离系统,通过通信协议模块为第三方应用提供特定协议的API接口,为第三方应用与车辆端对接提供了便利,通过安全检测模块对第三方应用发出的请求信息进行多层次的安全性评判,保证了进入车辆端的第三方应用请求的合法性,通过服务接口代理模块将车辆端服务口与第三方服务口进行转换,保证了车辆端服务口的隐私性与安全性,提升了车辆端服务的安全性。本申请提出的系统,能够保障车辆安全属性及用户隐私数据不被泄露,还能最大程度拓展车辆服务及接口的应用场景,助力汽车软件生态的可持续发展,构建软件服务产品的新商业模式,最终形成类似手机应用商店的商业形态。The safety isolation system proposed in this application provides API interfaces of specific protocols for third-party applications through the communication protocol module, which facilitates the connection between third-party applications and the vehicle end, and performs multi-level monitoring of the request information sent by third-party applications through the safety detection module. The security evaluation ensures the legitimacy of the third-party application request entering the vehicle end. The service port of the vehicle end and the third-party service port are converted through the service interface proxy module, which ensures the privacy and security of the service port of the vehicle end, and improves the The security of vehicle-side services is improved. The system proposed in this application can ensure that vehicle safety attributes and user privacy data are not leaked, and can also maximize the application scenarios of vehicle services and interfaces, help the sustainable development of automotive software ecology, and build a new business model for software service products. Finally, a business form similar to a mobile phone application store is formed.

本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”、“第四”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的实施例能够以除了在这里图示或描述的内容以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。The terms "first", "second", "third", "fourth", etc. (if any) in the specification and claims of the present application and the above drawings are used to distinguish similar objects, and not necessarily Used to describe a specific sequence or sequence. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments described herein can be practiced in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having", as well as any variations thereof, are intended to cover a non-exclusive inclusion, for example, a process, method, system, product or device comprising a sequence of steps or elements is not necessarily limited to the expressly listed instead, may include other steps or elements not explicitly listed or inherent to the process, method, product or apparatus. The technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are only some of the embodiments of the present application, not all of them.

请参阅图1,为本申请实施例提供的一种安全隔离系统结构示意图,具体可以包括:Please refer to Figure 1, which is a schematic structural diagram of a safety isolation system provided by the embodiment of the present application, which may specifically include:

通信协议模块10,用于为第三方应用提供特定协议的API接口,接收上述第三方应用发出的请求指令,并根据安全检测模块的安全验证结果确定是否将上述请求指令发送至服务接口代理模块;The communication protocol module 10 is used to provide an API interface of a specific protocol for the third-party application, receive the request instruction sent by the above-mentioned third-party application, and determine whether to send the above-mentioned request instruction to the service interface proxy module according to the security verification result of the security detection module;

安全检测模块20,用于检测第三方应用发出的请求指令是否安全,并将安全验证结果反馈给上述通信协议模块;The safety detection module 20 is used to detect whether the request command sent by the third-party application is safe, and feeds back the safety verification result to the above-mentioned communication protocol module;

服务接口代理模块30,用于将车辆服务接口转换为特定的API接口,供上述第三方应用进行调用。The service interface agent module 30 is used to convert the vehicle service interface into a specific API interface for the above-mentioned third-party application to call.

示例性的,本申请提出的安全隔离系统包括通信协议模块、安全检测模块和服务接口代理模块,通信协议模块根据第三方应用需要的协议提供了特定协议,同一个车辆中包括多种服务,多种服务需要派发给不同的第三方做针对性设计,而不同的第三方设计好的服务可能是基于不同的协议生成的,通过通信协议模块为指定的第三方应用提供满足其协议要求的API(Application Programming Interface,应用程序接口)接口,同时将第三方应用的协议转换为车内可用的协议类型,从而实现车辆端与第三方应用兼容的要求。通信协议模块在接收到第三方应用请求指令后,将该请求指令发送至安全检测模块,安全检测模块对该请求指令的第三方应用的合法性进行判断,例如判断该应用是否合法、应用下发者的权限是否符合要求、请求指令对应的调节范围是否符合阈值要求等。在安全检测模块检测请求指令合格后,通知通信协议模块可以将请求指令发送至服务接口代理模块,服务接口代理模块有特定的API接口,在服务接口代理模块可以实现第三方服务接口与车辆端服务接口的按照既定的逻辑转换,只提供给第三方应用特定的API接口,而车辆端服务接口与车辆端执行服务的对应的ECU(Electronic Control Unit,电子控制单元)连接,经过服务接口代理模块进行接口转换,车辆端的服务接口并不会暴露给第三方应用的厂家,从根本上提升了车辆的安全性。Exemplarily, the safety isolation system proposed in this application includes a communication protocol module, a safety detection module and a service interface proxy module. The communication protocol module provides specific protocols according to the protocols required by third-party applications. The same vehicle includes multiple services, multiple Such services need to be distributed to different third parties for targeted design, and the services designed by different third parties may be generated based on different protocols. The communication protocol module provides specified third-party applications with APIs that meet their protocol requirements ( Application Programming Interface, application program interface) interface, and at the same time convert the protocol of the third-party application into the protocol type available in the vehicle, so as to realize the requirement that the vehicle end is compatible with the third-party application. After the communication protocol module receives the third-party application request instruction, it sends the request instruction to the security detection module, and the security detection module judges the legitimacy of the third-party application requesting the instruction, such as judging whether the application is legal, whether the application sends Whether the authority of the user meets the requirements, whether the adjustment range corresponding to the request instruction meets the threshold requirements, etc. After the safety detection module detects that the request command is qualified, it will notify the communication protocol module that the request command can be sent to the service interface proxy module. The service interface proxy module has a specific API interface, and the service interface proxy module can implement third-party service interfaces and vehicle-side services. The interface is converted according to the established logic, and only provides specific API interfaces for third-party applications, while the vehicle-side service interface is connected to the corresponding ECU (Electronic Control Unit, Electronic Control Unit) that executes the service on the vehicle side, and is implemented through the service interface agent module. Interface conversion, the service interface on the vehicle side will not be exposed to third-party application manufacturers, which fundamentally improves the safety of the vehicle.

综上,本申请提出的安全隔离系统,通过通信协议模块为第三方应用提供特定协议的API接口,为第三方应用与车辆端对接提供了便利,通过安全检测模块对第三方应用发出的请求信息进行多层次的安全性评判,保证了进入车辆端的第三方应用请求的合法性,通过服务接口代理模块将车辆端服务口与第三方服务口进行转换,保证了车辆端服务口的隐私性与安全性,提升了车辆端服务的安全性。本申请提出的系统,能够保障车辆安全属性及用户隐私数据不被泄露,还能最大程度拓展车辆服务及接口的应用场景,助力汽车软件生态的可持续发展,构建软件服务产品的新商业模式,最终形成类似手机应用商店的商业形态。To sum up, the security isolation system proposed in this application provides API interfaces of specific protocols for third-party applications through the communication protocol module, which facilitates the connection between third-party applications and vehicles. Perform multi-level security evaluation to ensure the legitimacy of third-party application requests entering the vehicle side, and convert the vehicle-side service port and third-party service port through the service interface proxy module to ensure the privacy and security of the vehicle-side service port This improves the security of vehicle-side services. The system proposed in this application can ensure that vehicle safety attributes and user privacy data are not leaked, and can also maximize the application scenarios of vehicle services and interfaces, help the sustainable development of automotive software ecology, and build a new business model for software service products. Finally, a business form similar to a mobile phone application store is formed.

在一些示例中,上述安全检测模块20还包括:In some examples, the above-mentioned safety detection module 20 also includes:

安全认证组件201,用于检测上述请求指令对应的第三方应用是否为可信任应用;A security authentication component 201, configured to detect whether the third-party application corresponding to the request instruction is a trusted application;

访问权限管理组件202,用于在上述第三方应用为可信任应用的情况下,判断该请求指令对应的发送者是否有对应的控制权限;The access rights management component 202 is configured to determine whether the sender corresponding to the request instruction has corresponding control rights when the above-mentioned third-party application is a trusted application;

上下文环境检测组件203,用于在上述控制权限满足预设要求的情况下,检测请求指令是否超过预设阈值以确定上述请求指令的安全性。The context detection component 203 is configured to detect whether the request instruction exceeds a preset threshold to determine the safety of the request instruction when the above-mentioned control authority meets the preset requirements.

示例性的,安全检测模块包括安全认证组件、访问权限管理组件和上下文环境检测组件。在进行安全检测时,具体如图6所示:Exemplarily, the security detection module includes a security authentication component, an access right management component and a context detection component. When performing security testing, the details are shown in Figure 6:

S610、通信协议模块将第三方应用服务器发送的请求指令发送给安全检测模块;S610. The communication protocol module sends the request command sent by the third-party application server to the security detection module;

S620、安全认证组件首先校验第三方应用是否为可信任应用,可以通过白名单的形式管理可信任应用,可信任应用即为已知的第三方应用。如果第三方应用为非法的应用,则跳转至步骤S670并执行S680;S620. The security authentication component first verifies whether the third-party application is a trusted application, and the trusted application can be managed through a white list, and the trusted application is a known third-party application. If the third-party application is an illegal application, jump to step S670 and execute S680;

S630、如果第三方应用为可信任应用,则对该第三方应用的请求权限进行检测,例如,如果该第三方应用为娱乐交互应用,即为车辆提供影音图像等娱乐信息,其发出的请求指令智能是中控屏幕、音响等影音设备,但检测到该应用发出了车辆变道请求指令,则该请求指令与该应用对应的权限不符,则跳转至步骤S670并执行S680;S630. If the third-party application is a trusted application, check the request permission of the third-party application. For example, if the third-party application is an entertainment interactive application, that is, to provide entertainment information such as audio-visual images for the vehicle, the request command issued by it Smart is the central control screen, audio and other audio-visual equipment, but it is detected that the application has issued a vehicle lane change request command, and the request command does not match the corresponding authority of the application, then jump to step S670 and execute S680;

S640、如果该应用的权限符合要求,则进行上下文报文环境检测,上下文环境监测是指结合业务应用场景,从场景需求、功能逻辑、关键参数变化是否合理及攻击特征等方面提炼上下文环境监测规则,当违背上下文环境规则时进行安全隔离。检测该请求指令对应的请求值是否满足预设值的要求,例如,如果用户已经设置车辆的最高时速为120km/h,而变道超车应用发出请求指令为140km/h,由于140km/h已经超出120km/h阈值的要求,此时跳转至步骤S670并执行S680;S640. If the permissions of the application meet the requirements, perform context message environment detection. Context environment monitoring refers to extracting context environment monitoring rules from aspects such as scenario requirements, function logic, whether changes in key parameters are reasonable, and attack characteristics in combination with business application scenarios. , for security isolation when the context rules are violated. Detect whether the request value corresponding to the request command meets the requirements of the preset value. For example, if the user has set the maximum speed of the vehicle to 120km/h, and the lane change and overtaking application sends a request command of 140km/h, since 140km/h has exceeded 120km/h threshold requirement, now jump to step S670 and execute S680;

S650、判断服务请求值是否合理S650, judging whether the service request value is reasonable

S660、如果服务请求合理,即请求指令对应的请求值满足阈值要求,则执行该请求指令对应的服务;S660. If the service request is reasonable, that is, the request value corresponding to the request instruction meets the threshold requirement, execute the service corresponding to the request instruction;

S670、拒绝该请求指令对应的访问服务;S670. Deny the access service corresponding to the request instruction;

S680、记录故障码,并将故障码上传至云端。S680. Record the fault code, and upload the fault code to the cloud.

综上,本申请实施例提出的安全隔离系统,通过安全检测模块中的安全认证组件、访问权限管理组件和上下文环境检测组件在应用、权限和请求阈值三个层次对第三方服务的请求指令进行安全检测,能够对第三方应用发出的请求指令进行安全筛选,保证车辆行驶安全。To sum up, the security isolation system proposed in the embodiment of this application uses the security authentication component, the access authority management component and the context detection component in the security detection module to check the third-party service request instructions at the three levels of application, authority and request threshold. Safety detection can perform safety screening on the request instructions issued by third-party applications to ensure the safety of vehicles.

在一些示例中,上述服务接口代理模块30包括:In some examples, the service interface proxy module 30 includes:

版本管理组件301,用于管理车辆端服务的版本;The version management component 301 is used to manage the version of the vehicle side service;

兼容性管理组件302,用于管理不同版本的上述车端服务之间的兼容性;Compatibility management component 302, configured to manage the compatibility between different versions of the above-mentioned car-side services;

变型管理组件303,用于实现车端服务接口的变型管理,以区分不同车型配置可以提供的车端服务。The variant management component 303 is used to realize the variant management of the vehicle-side service interface, so as to distinguish the vehicle-side services that can be provided by different vehicle configurations.

示例性的,服务接口代理模块包括版本管理组件、兼容性组件和变型管理组件,版本管理组件用于管理车辆端服务的版本,基于第三方提供升级后的服务对车辆端的服务的版本进行更新,在车辆端和服务端的服务进行升级的过程中可能会存在两种的版本信息不一致导致无法兼容服务,兼容性管理组件可以包括更新前版本的服务和更新后版本的服务,以解决兼容的问题。变型管理组件用于实现车端服务接口的变型管理,以区分不同车型配置可以提供的车端服务,避免第三方应用知道车辆端的接口服务接口后,恶意控制车辆,给车辆造成安全隐患。Exemplarily, the service interface proxy module includes a version management component, a compatibility component and a variant management component, the version management component is used to manage the version of the vehicle-side service, and update the version of the vehicle-side service based on the upgraded service provided by the third party, In the process of upgrading the services on the vehicle side and the server side, there may be inconsistencies in the version information of the two types, resulting in incompatible services. The compatibility management component can include the services of the pre-update version and the service of the post-update version to solve compatibility problems. The variant management component is used to realize the variant management of the vehicle-side service interface, so as to distinguish the vehicle-side services that can be provided by different vehicle configurations, and prevent third-party applications from maliciously controlling the vehicle after knowing the vehicle-side interface service interface, causing potential safety hazards to the vehicle.

综上,本申请实施例提供的安全隔离系统,通过服务接口代理模块可以实现车辆端与第三方应用端的服务顺利升级,同时通过将车辆端的服务与第三方应用端的服务进行接口转换,避免车辆服务及接口对第三方应用直接可见,提升了车辆的安全性。To sum up, the security isolation system provided by the embodiment of this application can realize the smooth upgrade of the service between the vehicle end and the third-party application end through the service interface proxy module, and at the same time, through the interface conversion between the service of the vehicle end and the service of the third-party application end, avoiding the problem of vehicle service And the interface is directly visible to third-party applications, which improves the safety of the vehicle.

在一些示例中,上述通信协议模块10包括:In some examples, the above communication protocol module 10 includes:

协议转换组件101,用于实现第三方服务与车辆端服务的通讯协议转换;A protocol conversion component 101, configured to implement communication protocol conversion between third-party services and vehicle-side services;

API接口组件102,用于为第三方应用提供特定协议的API接口。The API interface component 102 is configured to provide API interfaces of specific protocols for third-party applications.

示例性的,通信协议模块包括协议转换组件和API接口组件,通过协议转换模块可以实现车辆端和第三方服务端的协议转换,通过API接口组为第三方服务提供了对应协议的API接口,便于第三方应用于车辆端进行通讯与控制。Exemplarily, the communication protocol module includes a protocol conversion component and an API interface component. Through the protocol conversion module, the protocol conversion between the vehicle end and the third-party server can be realized, and the API interface group provides the API interface of the corresponding protocol for the third-party service. The three parties are applied to the vehicle side for communication and control.

综上,本申请实施例提供的安全隔离系统,通过通信协议模块可以针对不同的第三方应用提供特定协议的API接口,方便第三方与车辆端的通讯。To sum up, the security isolation system provided by the embodiment of the present application can provide API interfaces of specific protocols for different third-party applications through the communication protocol module, so as to facilitate the communication between the third party and the vehicle.

第二方面、如图5所示,本申请提出一种车辆安全控制方法,用于如第一方面任一种上述的安全隔离系统,该方法包括:In the second aspect, as shown in Figure 5, the present application proposes a vehicle safety control method for any one of the above-mentioned safety isolation systems in the first aspect, the method includes:

S510、接收第三方应用发出的请求报文;S510. Receive a request message sent by a third-party application;

示例性的,通信协议模块通过特定协议的API接口与不同的第三方应用建立连接,实现通讯,在第三方应用发出请求报文时,通信协议模块首先接收。请求报文包括车辆行驶控制请求报文、车辆环境控制请求报文等。Exemplarily, the communication protocol module establishes connections with different third-party applications through the API interface of a specific protocol to realize communication. When the third-party application sends a request message, the communication protocol module first receives it. The request message includes a vehicle travel control request message, a vehicle environment control request message, and the like.

S520、将上述请求报文发送给上述安全检测模块并获取安全验证结果;S520. Send the above request message to the above security detection module and obtain a security verification result;

示例性的,通信协议模块将接收到的请求报文发送给安全检测模块,安全检测模块,安全检测模块对该请求指令的第三方应用的合法性进行判断,例如判断该应用是否合法、应用下发者的权限是否符合要求、请求指令对应的调节范围是否符合阈值要求等。并将安全验证结果反馈给通信协议模块。Exemplarily, the communication protocol module sends the received request message to the security detection module, and the security detection module judges the legitimacy of the third-party application requesting the instruction, such as judging whether the application is legal, whether the application is under Whether the authority of the sender meets the requirements, whether the adjustment range corresponding to the request instruction meets the threshold requirements, etc. And feed back the safety verification result to the communication protocol module.

S530、在上述安全验证结果为安全结果的情况下,将上述请求报文发送至上述服务接口代理模块以调用相应的车辆服务。S530. In the case that the above-mentioned safety verification result is a safety result, send the above-mentioned request message to the above-mentioned service interface proxy module to call the corresponding vehicle service.

示例性的,在安全检测模块检测请求指令合格后,通知通信协议模块可以将请求指令发送至服务接口代理模块,服务接口代理模块有第三方服务接口和车辆端服务接口,在服务接口代理模块可以实现第三方服务接口与车辆端服务接口的按照既定的逻辑转换,只提供给第三方应用第三方服务接口,而车辆端服务接口与车辆端执行服务的对应的ECU(Electronic Control Unit,电子控制单元)连接,经过服务接口代理模块进行接口转换,车辆端的服务接口并不会暴露给第三方应用的厂家,从根本上提升了车辆的安全性。如图7所示,服务接口代理模块将车辆服务接口A转换为接口B,供第三方应用通过协议转换模块进行调用;通信协议转换模块将接口B用特定协议进行封装成特定协议的API接口,其中,接口A为车辆端接口,接口B为提供给第三方应用的接口。Exemplarily, after the safety detection module detects that the request instruction is qualified, the notification communication protocol module can send the request instruction to the service interface proxy module. The service interface proxy module has a third-party service interface and a vehicle-side service interface. The service interface proxy module can Realize the conversion between the third-party service interface and the vehicle-side service interface according to the established logic, and only provide the third-party application third-party service interface, while the vehicle-side service interface and the corresponding ECU (Electronic Control Unit, electronic control unit) that executes the service on the vehicle side ) connection, through the service interface proxy module for interface conversion, the service interface on the vehicle side will not be exposed to third-party application manufacturers, which fundamentally improves the safety of the vehicle. As shown in Figure 7, the service interface proxy module converts the vehicle service interface A into interface B for third-party applications to call through the protocol conversion module; the communication protocol conversion module encapsulates interface B into a specific protocol API interface, Among them, interface A is the vehicle-side interface, and interface B is the interface provided for third-party applications.

综上,本申请实施例提出的车辆安全控制方法,通过通信协议模块接收请求指令,并将请求指令发送至安全检测模块,通过安全检测模块对第三方应用发出的请求信息进行多层次的安全性评判,保证了进入车辆端的第三方应用请求的合法性,通过服务接口代理模块将车辆端服务口与第三方服务口进行转换,保证了车辆端服务口的隐私性与安全性,提升了车辆端服务的安全性,能够保障车辆安全属性及用户隐私数据不被泄露,还能最大程度拓展车辆服务及接口的应用场景,助力汽车软件生态的可持续发展。To sum up, the vehicle safety control method proposed in the embodiment of the present application receives the request command through the communication protocol module, and sends the request command to the safety detection module, and performs multi-level security on the request information sent by the third-party application through the safety detection module. Judgment ensures the legitimacy of third-party application requests entering the vehicle side, and converts the vehicle-side service port and the third-party service port through the service interface proxy module, ensuring the privacy and security of the vehicle-side service port and improving the vehicle-side service port. The security of the service can ensure that the vehicle's security attributes and user privacy data are not leaked, and it can also maximize the application scenarios of vehicle services and interfaces, helping the sustainable development of the automotive software ecosystem.

在一些示例中,上述方法还包括:In some examples, the above methods also include:

在上述安全验证结果为危险结果的情况下,获取上述第三方应用的类型;Obtain the type of the above-mentioned third-party application when the above-mentioned security verification result is a dangerous result;

在上述第三方应用类型为车辆行驶应用的情况下,立即将危险结果上传至云端;In the case that the above-mentioned third-party application type is a vehicle driving application, immediately upload the dangerous result to the cloud;

提醒车辆端的用户进入人工驾驶模式。Remind the user on the vehicle side to enter the manual driving mode.

示例性的,当安全验证结果为危险结果的情况下,该第三方应用发出的请求指令为危险指令,此时对第三方应用的类型进行识别,如果识别到第三方应用对应的为车辆行驶应用,则车辆的自动驾驶或辅助驾驶功能很可能遭到非法入侵,如果此时继续进行辅助驾驶则容易产生危险,应立提醒驾车的用户进入人工驾驶模式,避免驾驶者依赖辅助驾驶而产生危险。Exemplarily, when the safety verification result is a dangerous result, the request command issued by the third-party application is a dangerous command, and at this time, the type of the third-party application is identified. If it is identified that the third-party application corresponds to a vehicle driving application , the vehicle’s automatic driving or assisted driving functions are likely to be illegally invaded. If assisted driving is continued at this time, it is likely to cause danger. The driving user should be reminded to enter the manual driving mode immediately to avoid the driver’s dependence on assisted driving.

综上,本申请实施例提出的车辆安全控制方法,在请求报文的安全验证结果为危险结果的情况下,获取第三方应用的类型,在第三方应用为车辆行驶应用的情况下,立即通知用户进入人工驾驶模式,避免车辆发生安全事故。To sum up, the vehicle safety control method proposed in the embodiment of this application obtains the type of the third-party application when the safety verification result of the request message is a dangerous result, and immediately notifies The user enters the manual driving mode to avoid vehicle safety accidents.

在一些示例中,上述方法还包括:In some examples, the above methods also include:

在上述第三方应用类型为辅助服务应用的情况下,获取上述第三方应用在预设时间内的危险结果次数;In the case that the above-mentioned third-party application type is an auxiliary service application, obtain the number of dangerous results of the above-mentioned third-party application within a preset time;

在上述危险结果次数超出预设阈值的情况下,切断上述第三方应用提供的服务。When the number of dangerous results exceeds a preset threshold, the service provided by the third-party application is cut off.

示例性的,如果发生危险结果为辅助服务应用的情况下,服务服务应用例如影音娱乐服务、空调自动调温服务等服务,此类服务并不会对车辆的行驶安全造成影响,可以给予一定的容错空间,统计其在预设时间内发生危险次数的结果,例如,10分中内出现5次错误,如果设定的预设阈值是4次,则超出了预设阈值,此时切断第三方应用提供的服务,避免影响驾驶者的驾乘感受。Exemplarily, if the dangerous result is an auxiliary service application, the service service application such as audio-visual entertainment service, air-conditioning automatic temperature adjustment service and other services, such services will not affect the driving safety of the vehicle, and can be given a certain Fault tolerance space, counting the results of the number of dangerous occurrences within the preset time, for example, if there are 5 errors within 10 minutes, if the preset threshold is 4 times, the preset threshold is exceeded, and the third party will be cut off at this time The services provided by the application will not affect the driving experience of the driver.

综上,本申请实施例提出的车辆安全控制方法,在请求指令对应的应用为辅助服务应用的情况下,通过统计预设时间内发生危险的次数确定是否切断服务,为辅助服务提供一定容错空间,并且控制其不至于影响驾驶者的乘车体验。To sum up, the vehicle safety control method proposed in the embodiment of the present application, in the case that the application corresponding to the request command is an auxiliary service application, determines whether to cut off the service by counting the number of danger occurrences within a preset time, so as to provide a certain fault tolerance space for the auxiliary service , and control it so as not to affect the driving experience of the driver.

在一些示例中,第三方应用client通过通信协议模块与安全检测模块进行服务调用,安全认证通过且又具备相应的服务访问权限,则根据事先提炼好的上下文环境监测规则进行监测。若服务请求符合安全监测规则,通信协议模块通过服务接口代理模块访问车辆服务并执行;若服务请求不符合安全监测规则,则通信协议模块拒绝通过服务接口代理模块访问车辆服务,并记录相应的故障码。比如,夏季炎热天气室外温度35°,车辆在行驶过程中空调功能开启,若此时第三方应用请求将车内温度设置为20°,该情况符合业务场景降温凉爽需求,则响应并执行该服务请求;若此时第三方应用请求将车内温度设置为32°,该情况不符合业务场景降温凉爽需求,则拒绝调用车辆空调服务,并记录故障码。In some examples, the third-party application client calls the service through the communication protocol module and the security detection module, and if it passes the security authentication and has the corresponding service access authority, it will monitor according to the pre-extracted context environment monitoring rules. If the service request conforms to the safety monitoring rules, the communication protocol module accesses the vehicle service through the service interface proxy module and executes it; if the service request does not comply with the safety monitoring rules, the communication protocol module refuses to access the vehicle service through the service interface proxy module, and records the corresponding failure code. For example, in hot summer weather, the outdoor temperature is 35°, and the air-conditioning function is turned on while the vehicle is driving. If a third-party application requests to set the temperature inside the car to 20°, which meets the cooling requirements of the business scenario, then respond and execute the service Request; if the third-party application requests to set the temperature inside the car to 32° at this time, which does not meet the cooling requirements of the business scenario, then refuse to call the vehicle air conditioning service and record the fault code.

请参阅图8,本申请实施例中车辆安全控制装置的一个实施例,可以包括:Please refer to Figure 8, an embodiment of the vehicle safety control device in the embodiment of the present application may include:

接收单元71,用于接收第三方应用发出的请求报文;A receiving unit 71, configured to receive a request message sent by a third-party application;

获取单元72,用于将上述请求报文发送给上述安全检测模块并获取安全验证结果;An acquisition unit 72, configured to send the aforementioned request message to the aforementioned security detection module and acquire a security verification result;

控制单元73,用于在上述安全验证结果为安全结果的情况下,将上述请求报文发送至上述服务接口代理模块以调用相应的车辆服务。The control unit 73 is configured to send the above-mentioned request message to the above-mentioned service interface proxy module to call the corresponding vehicle service when the above-mentioned safety verification result is a safety result.

通过本实施例提供的车辆安全控制装置,通过获取车辆动力电池的工作状态信号,在工作状态信号为热失控状态信号的情况下,控制发动机散热风扇的转速为零,降低前机舱空气流动速度,能够有效阻止动力电池起火引起的火焰传播速度,保证使用者的逃生时间,提升车辆的安全性能。Through the vehicle safety control device provided in this embodiment, by obtaining the working state signal of the vehicle power battery, in the case that the working state signal is a thermal runaway state signal, the speed of the cooling fan of the engine is controlled to be zero, and the air flow speed of the front cabin is reduced. It can effectively prevent the flame propagation speed caused by the fire of the power battery, ensure the escape time of the user, and improve the safety performance of the vehicle.

如图9所示,本申请实施例还提供一种电子设备800,包括存储器810、处理器820及存储在存储器820上并可在处理器上运行的计算机程序811,处理器820执行计算机程序811时实现上述车辆安全控制的任一方法的步骤As shown in Figure 9, the embodiment of the present application also provides an electronic device 800, including a memory 810, a processor 820, and a computer program 811 stored on the memory 820 and operable on the processor, and the processor 820 executes the computer program 811 The steps of any method for realizing the above-mentioned vehicle safety control

由于本实施例所介绍的电子设备为实施本申请实施例中一种车辆安全控制装置所采用的设备,故而基于本申请实施例中所介绍的方法,本领域所属技术人员能够了解本实施例的电子设备的具体实施方式以及其各种变化形式,所以在此对于该电子设备如何实现本申请实施例中的方法不再详细介绍,只要本领域所属技术人员实施本申请实施例中的方法所采用的设备,都属于本申请所欲保护的范围。Since the electronic equipment introduced in this embodiment is the equipment used to implement a vehicle safety control device in the embodiment of the application, based on the method described in the embodiment of the application, those skilled in the art can understand the The specific implementation of the electronic device and its various variations, so how the electronic device implements the method in the embodiment of the present application will not be described in detail here, as long as those skilled in the art implement the method in the embodiment of the present application. equipment, all belong to the intended protection scope of this application.

在具体实施过程中,该计算机程序311被处理器执行时执行如图8所示的任一种方法的步骤。In a specific implementation process, when the computer program 311 is executed by the processor, the steps of any method as shown in FIG. 8 are executed.

需要说明的是,在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详细描述的部分,可以参见其它实施例的相关描述。It should be noted that, in the foregoing embodiments, descriptions of each embodiment have their own emphases, and for parts that are not described in detail in a certain embodiment, reference may be made to relevant descriptions of other embodiments.

本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present application may be provided as methods, systems, or computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式计算机或者其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowcharts and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the present application. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded computer, or other programmable data processing device to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing device produce a machine for A device for realizing the functions specified in one or more procedures of a flowchart and/or one or more blocks of a block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.

本申请实施例还提供了一种计算机程序产品,该计算机程序产品包括计算机软件指令,当计算机软件指令在处理设备上运行时,使得处理设备执行如图8对应实施例中的车辆安全控制的流程。The embodiment of the present application also provides a computer program product, the computer program product includes computer software instructions, and when the computer software instructions are run on the processing device, the processing device executes the process of vehicle safety control in the corresponding embodiment as shown in Figure 8 .

计算机程序产品包括一个或多个计算机指令。在计算机上加载和执行计算机程序指令时,全部或部分地产生按照本申请实施例的流程或功能。计算机可以是通用计算机、专用计算机、计算机网络、或者其他可编程装置。计算机指令可以存储在计算机可读存储介质中,或者从一个计算机可读存储介质向另一计算机可读存储介质传输,例如,计算机指令可以从一个网站站点、计算机、服务器或数据中心通过有线(例如同轴电缆、光纤、数字用户线(digital subscriber line,DSL))或无线(例如红外、无线、微波等)方式向另一个网站站点、计算机、服务器或数据中心进行传输。计算机可读存储介质可以是计算机能够存储的任何可用介质或者是包含一个或多个可用介质集成的服务器、数据中心等数据存储设备。可用介质可以是磁性介质,(例如,软盘、硬盘、磁带)、光介质(例如,DVD)、或者半导体介质(例如固态硬盘(solid state disk,SSD))等。A computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on the computer, the processes or functions according to the embodiments of the present application will be generated in whole or in part. A computer can be a general purpose computer, special purpose computer, computer network, or other programmable device. Computer instructions may be stored in or transmitted from one computer-readable storage medium to another computer-readable storage medium, e.g. Coaxial cable, optical fiber, digital subscriber line (digital subscriber line, DSL)) or wireless (such as infrared, wireless, microwave, etc.) transmission to another website site, computer, server or data center. The computer-readable storage medium may be any available medium that can be stored by a computer, or a data storage device such as a server, a data center, etc. integrated with one or more available media. The available media may be magnetic media (eg, floppy disk, hard disk, magnetic tape), optical media (eg, DVD), or semiconductor media (eg, solid state disk (solid state disk, SSD)) and the like.

所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the above-described system, device and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.

在本申请所提供的几个实施例中,应该理解到,所揭露的系统,装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed system, device and method can be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components can be combined or integrated. to another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.

作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。A unit described as a separate component may or may not be physically separated, and a component displayed as a unit may or may not be a physical unit, that is, it may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.

另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit. The above-mentioned integrated units can be implemented in the form of hardware or in the form of software functional units.

集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application is essentially or part of the contribution to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods in various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other various media that can store program codes. .

以上,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。Above, the above embodiments are only used to illustrate the technical solutions of the present application, rather than to limit them; although the present application has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still be applied to the foregoing embodiments The technical solutions described in the examples are modified, or some of the technical features are equivalently replaced; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the various embodiments of the application.

Claims (10)

1. A security barrier system for a vehicle end, comprising:
the communication protocol module is used for providing an API (application programming interface) interface of a specific protocol for a third-party application, receiving a request instruction sent by the third-party application and determining whether to send the request instruction to the service interface agent module according to a safety verification result of the safety detection module;
the safety detection module is used for detecting whether a request instruction sent by a third-party application is safe or not and feeding back a safety verification result to the communication protocol module;
and the service interface agent module is used for converting the vehicle service interface into a specific API (application program interface) interface for the third-party application to call.
2. The system of claim 1, wherein the security detection module further comprises:
the safety certification component is used for detecting whether the third party application corresponding to the request instruction is a trusted application;
the access authority management component is used for judging whether a sender corresponding to the request instruction has corresponding control authority or not under the condition that the third-party application is a trusted application;
and the context environment detection component is used for detecting whether the request instruction exceeds a preset threshold value or not to determine the safety of the request instruction under the condition that the control authority meets a preset requirement.
3. The system of claim 1, wherein the service interface proxy module comprises:
the version management component is used for managing the version of the vehicle-side service;
the compatibility management component is used for managing the compatibility among the vehicle-side services of different versions;
and the modification management component is used for realizing modification management of the vehicle-end service interface so as to distinguish vehicle-end services which can be provided by different vehicle type configurations.
4. The system of claim 1, wherein the communication protocol module comprises:
the protocol conversion component is used for realizing the communication protocol conversion between the third-party service and the vehicle-side service;
and the API interface component is used for providing an API interface of a specific protocol for the third-party application.
5. A vehicle safety control method for the safety isolation system as claimed in any one of claims 1 to 4, comprising:
receiving a request message sent by a third party application;
sending the request message to the security detection module and acquiring a security verification result;
and under the condition that the safety verification result is a safety result, the request message is sent to the service interface agent module to call corresponding vehicle service.
6. The method of claim 5, further comprising:
acquiring the type of the third-party application under the condition that the safety verification result is a dangerous result;
under the condition that the third-party application type is a vehicle running application, immediately uploading a dangerous result to a cloud end;
and reminding a user at the vehicle end to enter a manual driving mode.
7. The method of claim 5, further comprising:
acquiring the number of dangerous results of the third-party application within preset time under the condition that the type of the third-party application is an auxiliary service application;
and cutting off the service provided by the third-party application under the condition that the dangerous result times exceed a preset threshold value.
8. A vehicle safety control device characterized by comprising:
the receiving unit is used for receiving a request message sent by a third-party application;
the acquisition unit is used for sending the request message to the security detection module and acquiring a security verification result;
and the control unit is used for sending the request message to the service interface agent module to call corresponding vehicle service under the condition that the safety verification result is a safety result.
9. An electronic device, comprising: memory and a processor, characterized in that the processor is adapted to carry out the steps of the vehicle safety control method according to any of claims 5-7 when executing a computer program stored in the memory.
10. A computer-readable storage medium having stored thereon a computer program, characterized in that: the computer program, when executed by a processor, implements a vehicle safety control method as claimed in any one of claims 5-7.
CN202210850515.5A 2022-07-19 2022-07-19 Safety isolation system, vehicle safety control method and related equipment Active CN115333785B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210850515.5A CN115333785B (en) 2022-07-19 2022-07-19 Safety isolation system, vehicle safety control method and related equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210850515.5A CN115333785B (en) 2022-07-19 2022-07-19 Safety isolation system, vehicle safety control method and related equipment

Publications (2)

Publication Number Publication Date
CN115333785A true CN115333785A (en) 2022-11-11
CN115333785B CN115333785B (en) 2025-06-10

Family

ID=83916766

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210850515.5A Active CN115333785B (en) 2022-07-19 2022-07-19 Safety isolation system, vehicle safety control method and related equipment

Country Status (1)

Country Link
CN (1) CN115333785B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040138790A1 (en) * 2000-08-18 2004-07-15 Michael Kapolka Remote monitoring, configuring, programming and diagnostic system and method for vehicles and vehicle components
US20180276053A1 (en) * 2017-03-23 2018-09-27 Airwatch Llc Dynamically integrating a client application with third-party services
US20190238638A1 (en) * 2018-01-29 2019-08-01 Uber Technologies, Inc. Autonomous Vehicle Application Programming Interface and Communications Systems and Methods
US20190287080A1 (en) * 2011-04-22 2019-09-19 Emerging Automotive, Llc Communication APIs for Remote Monitoring and Control of Vehicle Systems
CN110389538A (en) * 2018-04-20 2019-10-29 比亚迪股份有限公司 Vehicle and vehicle safety control method and system based on open platform
US20200004605A1 (en) * 2017-08-08 2020-01-02 Jet Bridge LLC Method for providing telematics service using virtual vehicle and telematics server using the same
US20210152341A1 (en) * 2019-11-18 2021-05-20 Ciot Systems and methods for providing iot security service using hardware security module
CN113094073A (en) * 2021-04-29 2021-07-09 芜湖雄狮汽车科技有限公司 Vehicle remote upgrading method and device and server
CN113806709A (en) * 2021-09-24 2021-12-17 上汽通用五菱汽车股份有限公司 Method for activating vehicle-mounted machine service, vehicle and readable storage medium

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040138790A1 (en) * 2000-08-18 2004-07-15 Michael Kapolka Remote monitoring, configuring, programming and diagnostic system and method for vehicles and vehicle components
US20190287080A1 (en) * 2011-04-22 2019-09-19 Emerging Automotive, Llc Communication APIs for Remote Monitoring and Control of Vehicle Systems
US20180276053A1 (en) * 2017-03-23 2018-09-27 Airwatch Llc Dynamically integrating a client application with third-party services
US20200004605A1 (en) * 2017-08-08 2020-01-02 Jet Bridge LLC Method for providing telematics service using virtual vehicle and telematics server using the same
US20190238638A1 (en) * 2018-01-29 2019-08-01 Uber Technologies, Inc. Autonomous Vehicle Application Programming Interface and Communications Systems and Methods
CN110389538A (en) * 2018-04-20 2019-10-29 比亚迪股份有限公司 Vehicle and vehicle safety control method and system based on open platform
US20210152341A1 (en) * 2019-11-18 2021-05-20 Ciot Systems and methods for providing iot security service using hardware security module
CN113094073A (en) * 2021-04-29 2021-07-09 芜湖雄狮汽车科技有限公司 Vehicle remote upgrading method and device and server
CN113806709A (en) * 2021-09-24 2021-12-17 上汽通用五菱汽车股份有限公司 Method for activating vehicle-mounted machine service, vehicle and readable storage medium

Also Published As

Publication number Publication date
CN115333785B (en) 2025-06-10

Similar Documents

Publication Publication Date Title
WO2020211714A1 (en) Bluetooth scanning method and electronic device
EP4064039A1 (en) Ota system software upgrade control method and terminal device
EP2950484B1 (en) Device control method, network device, and network system
KR101832535B1 (en) Trustworthy device claims as a service
WO2014070942A1 (en) Automobile data abstraction and communication
CN115136625B (en) Vehicle-mounted system login method and related device
US20240319983A1 (en) Upgrade method and apparatus, and electronic device
CN114116028B (en) Method and device for waking up driving computer ECU, vehicle and storage medium
CN113297595A (en) Method and device for processing right-offering, storage medium and electronic equipment
CN115344026A (en) A vehicle health assessment method and related equipment
CN115333785A (en) A safety isolation system, vehicle safety control method and related equipment
CN118819590A (en) Vehicle OTA upgrade method, device, electronic device and storage medium
CN109699030B (en) UAV authentication method, apparatus, device and computer readable storage medium
CN116820072A (en) Vehicle-mounted diagnosis arbitration method and device, vehicle and storage medium
CN115906134A (en) Data security protection method, device, equipment and storage medium
CN111147256A (en) Authentication method and device
JP7662095B2 (en) System, method, and computer program for generating vehicle identification information
KR20160035465A (en) Method for limiting linkage between devices using comparing service identifier
CN111143832A (en) Mobile terminal SDK (software development kit) suitable for multiple scenes and hybrid authorization method thereof
CN112257976B (en) A rail transit operating system management method and device based on the Internet of Things
CN114610402B (en) Operation authority control method and operation authority configuration method
CN107493206A (en) A kind of network detecting method, network detection means and intelligent terminal
WO2023108618A1 (en) Upgrading method based on over-the-air (ota) technology, and communication apparatus
CN118368622A (en) Vehicle-mounted hotspot sharing method and device, storage medium and vehicle
CN115396850A (en) A method and device for interacting with T-BOX products

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant