[go: up one dir, main page]

CN115442064A - A vehicle controller diagnosis method, device, equipment and medium - Google Patents

A vehicle controller diagnosis method, device, equipment and medium Download PDF

Info

Publication number
CN115442064A
CN115442064A CN202210346806.0A CN202210346806A CN115442064A CN 115442064 A CN115442064 A CN 115442064A CN 202210346806 A CN202210346806 A CN 202210346806A CN 115442064 A CN115442064 A CN 115442064A
Authority
CN
China
Prior art keywords
diagnostic device
controller
authentication
vehicle
response
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210346806.0A
Other languages
Chinese (zh)
Inventor
谭龙远
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Co Wheels Technology Co Ltd
Original Assignee
Beijing Co Wheels Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Co Wheels Technology Co Ltd filed Critical Beijing Co Wheels Technology Co Ltd
Priority to CN202210346806.0A priority Critical patent/CN115442064A/en
Publication of CN115442064A publication Critical patent/CN115442064A/en
Priority to PCT/CN2023/081904 priority patent/WO2023185492A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C5/00Registering or indicating the working of vehicles
    • G07C5/08Registering or indicating performance data other than driving, working, idle, or waiting time, with or without registering driving, working, idle or waiting time
    • G07C5/0808Diagnosing performance data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The present disclosure relates to a vehicle controller diagnostic method, apparatus, device and medium, comprising: responding to an identity authentication request sent by the diagnostic equipment, and performing mutual authentication with the diagnostic equipment; after the mutual authentication is passed, the controller with the access right of the diagnostic equipment is authorized in response to the access request sent by the diagnostic equipment, so that before the diagnostic equipment diagnoses the controller, the identities of the diagnostic equipment and the vehicle are authenticated through a mutual authentication mechanism, and further the safety of the subsequent diagnostic equipment in diagnosing the controller is ensured.

Description

一种车辆控制器诊断方法、装置、设备和介质A vehicle controller diagnosis method, device, equipment and medium

技术领域technical field

本公开涉及车辆通信技术领域,尤其涉及一种车辆控制器诊断方法、装置、设备和介质。The present disclosure relates to the technical field of vehicle communication, and in particular to a vehicle controller diagnosis method, device, equipment and medium.

背景技术Background technique

随着车辆的电子化、智能化以及网络化的快速发展,车内电子系统的规模和复杂性日益增强。其中,车辆以太网技术有望成为未来智能车辆的主干网络。With the rapid development of electronic, intelligent and networked vehicles, the scale and complexity of in-vehicle electronic systems are increasing. Among them, vehicle Ethernet technology is expected to become the backbone network of future intelligent vehicles.

现有技术中,基于开放的OBD(On Board Diagnostics,车载自动诊断系统)网络接口或其他接口,可以对车辆的以太网中的各个控制器进行访问、诊断。具体的,售后诊断仪(PC、客户端程序等设备)通过连接该接口,使用特定协议(例如:DoIP协议,(Diagnostic OnIP,互联网诊断协议))可以对车辆进行指定业务的操作,如读取版本信息,修改车辆配置,读取故障码等。In the prior art, based on an open OBD (On Board Diagnostics, on-board automatic diagnosis system) network interface or other interfaces, each controller in the Ethernet of the vehicle can be accessed and diagnosed. Specifically, the after-sales diagnostic instrument (PC, client program and other equipment) can perform specified business operations on the vehicle, such as reading Version information, modify vehicle configuration, read fault codes, etc.

现有技术中,基于OBD网络接口实现对车辆以太网中的各个控制器进行访问诊断的过程中,会存在车辆信息安全风险问题,例如,OBD接口易遭黑客攻击、车载总线网络遭受黑客攻击等。In the prior art, in the process of accessing and diagnosing each controller in the vehicle Ethernet based on the OBD network interface, there will be vehicle information security risks, for example, the OBD interface is vulnerable to hacker attacks, and the vehicle bus network is subject to hacker attacks, etc. .

因此,如何在车辆以太网技术中保证诊断各个控制器的安全性成为需要解决的问题。Therefore, how to ensure the safety of diagnosing each controller in the vehicle Ethernet technology has become a problem to be solved.

发明内容Contents of the invention

为了解决上述技术问题或者至少部分地解决上述技术问题,本公开提供了一种车辆控制器诊断方法、装置、设备和介质。In order to solve the above technical problems or at least partly solve the above technical problems, the present disclosure provides a vehicle controller diagnosis method, device, equipment and medium.

第一方面,本公开实施例提供一种车辆控制器诊断方法,包括:In a first aspect, an embodiment of the present disclosure provides a method for diagnosing a vehicle controller, including:

响应于诊断设备发送的身份认证请求,与所述诊断设备进行互认证;performing mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device;

在所述互认证通过后,响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权。After the mutual authentication is passed, in response to the access request sent by the diagnostic device, authorize the controller with the access authority of the diagnostic device.

可选的,所述与所述诊断设备进行互认证,包括:Optionally, the mutual authentication with the diagnostic device includes:

响应于所述诊断设备发送的身份认证请求,生成第一认证报文并向诊断设备发送所述第一认证报文;In response to the identity authentication request sent by the diagnostic device, generate a first authentication message and send the first authentication message to the diagnostic device;

接收所述诊断设备在所述第一认证报文认证通过后发送的第二认证报文,并对所述第二认证报文进行认证;receiving a second authentication message sent by the diagnostic device after the first authentication message is authenticated, and authenticating the second authentication message;

在所述第二认证报文认证通过时,确认所述互认证通过。When the authentication of the second authentication packet is passed, confirm that the mutual authentication is passed.

可选的,所述响应于所述诊断设备发送的身份认证请求,生成第一认证报文并向诊断设备发送第一认证报文,包括:Optionally, the generating a first authentication message and sending the first authentication message to the diagnostic device in response to the identity authentication request sent by the diagnostic device includes:

响应于所述诊断设备发送的身份认证请求,获取标识信息;Obtain identification information in response to the identity authentication request sent by the diagnostic device;

基于第一私钥对所述标识信息进行签名后,生成第一认证报文并发送所述第一认证报文至诊断设备,以使得诊断设备通过第一公钥对所述第一认证报文进行认证,其中,所述第一公钥和所述第一私钥为一对钥匙对。After signing the identification information based on the first private key, generate a first authentication message and send the first authentication message to the diagnostic device, so that the diagnostic device uses the first public key to verify the first authentication message performing authentication, wherein the first public key and the first private key are a key pair.

可选的,所述对所述第二认证报文进行认证,包括:Optionally, the authenticating the second authentication message includes:

通过第二公钥对所述第二认证报文进行认证,其中,所述第二认证报文为所述诊断设备基于第二私钥对所述标识信息进行签名后生成的,所述第二公钥和所述第二私钥为一对钥匙对。The second authentication message is authenticated by using a second public key, wherein the second authentication message is generated by the diagnostic device after signing the identification information based on a second private key, and the second The public key and the second private key are a key pair.

可选的,所述访问请求包括授权控制器标识信息;Optionally, the access request includes authorization controller identification information;

所述响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权,包括:In response to the access request sent by the diagnostic device, authorizing the controller with access rights to the diagnostic device includes:

响应于所述诊断设备发送的访问请求,确定与所述授权控制器标识信息对应的控制器,并发送授权请求至授权模块,以使所述授权模块基于所述授权请求对所述控制器进行授权。In response to the access request sent by the diagnostic device, determine the controller corresponding to the authorized controller identification information, and send an authorization request to the authorization module, so that the authorization module performs the authorization on the controller based on the authorization request. authorized.

可选的,所述访问请求包括用户标识信息;Optionally, the access request includes user identification information;

所述响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权,包括:In response to the access request sent by the diagnostic device, authorizing the controller with access rights to the diagnostic device includes:

响应于所述诊断设备发送的访问请求,基于所述用户标识信息确定所述诊断设备有访问权限的目标控制器,并对所述诊断设备有访问权限的目标控制器进行授权。In response to the access request sent by the diagnostic device, determine a target controller that the diagnostic device has access rights based on the user identification information, and authorize the target controller that the diagnostic device has access rights.

可选的,所述访问请求包括授权控制器标识信息和用户标识信息;Optionally, the access request includes authorization controller identification information and user identification information;

所述响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权,包括:In response to the access request sent by the diagnostic device, authorizing the controller with access rights to the diagnostic device includes:

响应于所述诊断设备发送的访问请求,基于所述授权控制器标识信息确定目标控制器;determining a target controller based on the authorized controller identification information in response to the access request sent by the diagnostic device;

基于所述用户标识信息从所述目标控制器中确定所述诊断设备对所述目标控制器的访问权限,以使授权模块基于授权请求对所述目标控制器进行访问权限内的授权。The access authority of the diagnostic device to the target controller is determined from the target controller based on the user identification information, so that the authorization module authorizes the target controller within the access authority based on the authorization request.

可选的,所述在对所述诊断设备认证通过后,响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权之后,还包括:Optionally, after the diagnostic device is authenticated, after authorizing the controller with access authority to the diagnostic device in response to the access request sent by the diagnostic device, the method further includes:

响应于诊断设备发送的关闭请求,删除下发至控制器的访问权限;或,remove access rights issued to the controller in response to a shutdown request sent by the diagnostic device; or,

在检测所述诊断设备的状态为离线状态时,删除下发至控制器的访问权限。When it is detected that the state of the diagnostic device is offline, delete the access authority issued to the controller.

第二方面,本公开实施例提供一种车辆控制器诊断装置,包括:In a second aspect, an embodiment of the present disclosure provides a device for diagnosing a vehicle controller, including:

身份认证模块,用于响应于诊断设备发送的身份认证请求,与所述诊断设备进行互认证;An identity authentication module, configured to perform mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device;

授权模块,用于响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权。An authorization module, configured to authorize the controller with access authority of the diagnostic device in response to the access request sent by the diagnostic device.

第三方面,本公开实施例提供一种电子设备,包括:In a third aspect, an embodiment of the present disclosure provides an electronic device, including:

一个或多个处理器;one or more processors;

存储装置,用于存储一个或多个程序,storage means for storing one or more programs,

当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现如第一方面中任一所述的方法。When the one or more programs are executed by the one or more processors, the one or more processors implement the method as described in any one of the first aspects.

第四方面,本公开实施例提供一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现如第一方面中任一所述的方法。In a fourth aspect, an embodiment of the present disclosure provides a computer-readable storage medium, on which a computer program is stored, and when the program is executed by a processor, the method described in any one of the first aspects is implemented.

本公开实施例提供的技术方案与现有技术相比具有如下优点:Compared with the prior art, the technical solutions provided by the embodiments of the present disclosure have the following advantages:

本公开实施例提供的车辆控制器诊断方法、装置、设备和介质,响应于诊断设备发送的身份认证请求,与诊断设备进行互认证;在互认证通过后,响应于诊断设备发送的访问请求,对诊断设备有访问权限的控制器进行授权,其中,身份认证请求是与诊断设备进行互认证的请求,即车辆和诊断设备之间身份的互认证,实现在诊断设备对控制器进行诊断之前,通过互认证机制,对诊断设备以及车辆的身份进行认证,进而保证后续诊断设备对控制器进行诊断的安全性。The vehicle controller diagnostic method, device, device, and medium provided by the embodiments of the present disclosure perform mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device; after the mutual authentication is passed, in response to the access request sent by the diagnostic device, Authorize the controller that has access to the diagnostic equipment, where the identity authentication request is a request for mutual authentication with the diagnostic equipment, that is, the mutual authentication of identities between the vehicle and the diagnostic equipment, so that before the diagnostic equipment diagnoses the controller, Through the mutual authentication mechanism, the identities of the diagnostic equipment and the vehicle are authenticated, thereby ensuring the safety of subsequent diagnostic equipment for diagnosing the controller.

附图说明Description of drawings

此处的附图被并入说明书中并构成本说明书的一部分,示出了符合本公开的实施例,并与说明书一起用于解释本公开的原理。The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description serve to explain the principles of the disclosure.

为了更清楚地说明本公开实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,对于本领域普通技术人员而言,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present disclosure or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, for those of ordinary skill in the art, In other words, other drawings can also be obtained from these drawings without paying creative labor.

图1是本公开实施例提供的一种车辆控制器诊断方法的流程示意图;FIG. 1 is a schematic flowchart of a method for diagnosing a vehicle controller provided by an embodiment of the present disclosure;

图2是本公开实施例提供的另一种车辆控制器诊断方法的流程示意图;Fig. 2 is a schematic flowchart of another vehicle controller diagnosis method provided by an embodiment of the present disclosure;

图3是本公开实施例提供的一种车辆控制器诊断的交互示意图;Fig. 3 is an interactive schematic diagram of vehicle controller diagnosis provided by an embodiment of the present disclosure;

图4是本公开实施例提供的又一种车辆控制器诊断方法的流程示意图;Fig. 4 is a schematic flowchart of another vehicle controller diagnosis method provided by an embodiment of the present disclosure;

图5是本公开实施例提供的另一种车辆控制器诊断的交互示意图;Fig. 5 is an interactive schematic diagram of another vehicle controller diagnosis provided by an embodiment of the present disclosure;

图6是本公开实施例提供的又一种车辆控制器诊断的交互示意图;Fig. 6 is an interactive schematic diagram of another vehicle controller diagnosis provided by an embodiment of the present disclosure;

图7是本公开实施例提供的一种车辆控制器诊断装置的结构示意图;Fig. 7 is a schematic structural diagram of a diagnostic device for a vehicle controller provided by an embodiment of the present disclosure;

图8是本公开实施例提供的一种电子设备的结构示意图。Fig. 8 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.

具体实施方式detailed description

为了能够更清楚地理解本公开的上述目的、特征和优点,下面将对本公开的方案进行进一步描述。需要说明的是,在不冲突的情况下,本公开的实施例及实施例中的特征可以相互组合。In order to more clearly understand the above objects, features and advantages of the present disclosure, the solutions of the present disclosure will be further described below. It should be noted that, in the case of no conflict, the embodiments of the present disclosure and the features in the embodiments can be combined with each other.

在下面的描述中阐述了很多具体细节以便于充分理解本公开,但本公开还可以采用其他不同于在此描述的方式来实施;显然,说明书中的实施例只是本公开的一部分实施例,而不是全部的实施例。In the following description, many specific details are set forth in order to fully understand the present disclosure, but the present disclosure can also be implemented in other ways than described here; obviously, the embodiments in the description are only some of the embodiments of the present disclosure, and Not all examples.

本公开实施例提供的车辆控制器诊断方法应用于智能车辆,本公开实施例提供的方法可由智能车辆来执行。The vehicle controller diagnosis method provided by the embodiment of the present disclosure is applied to the intelligent vehicle, and the method provided by the embodiment of the present disclosure can be executed by the intelligent vehicle.

图1是本公开实施例提供的一种车辆控制器诊断方法的流程示意图,如图1所示,车辆控制器诊断方法具体包括如下:Fig. 1 is a schematic flowchart of a method for diagnosing a vehicle controller provided by an embodiment of the present disclosure. As shown in Fig. 1 , the method for diagnosing a vehicle controller specifically includes the following:

S10、响应于诊断设备发送的身份认证请求,与诊断设备进行互认证。S10. Perform mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device.

互认证指的是车辆诊断设备的身份认证,以及诊断设备对车辆的身份的认证,首先诊断设备发送身份认证请求至车辆,车辆在接收到诊断设备发送的身份认证请求后,与诊断设备进行身份的互认证。Mutual authentication refers to the identity authentication of the vehicle diagnostic equipment and the authentication of the identity of the vehicle by the diagnostic equipment. First, the diagnostic equipment sends an identity authentication request to the vehicle. mutual authentication.

本申请实施例中的诊断设备可以是智能诊断设备/个人计算机/个人手持终端/OBD设备等能够与智能车辆进行以太网通信的设备。The diagnostic device in the embodiment of the present application may be an intelligent diagnostic device/personal computer/personal handheld terminal/OBD device, etc., which can communicate with the smart vehicle via Ethernet.

S20、在互认证通过后,响应于诊断设备发送的访问请求,对诊断设备有访问权限的控制器进行授权。S20. After the mutual authentication is passed, in response to the access request sent by the diagnostic device, authorize the controller with the access authority of the diagnostic device.

在一个具体的例子中,本申请实施例中的访问请求包括:请求读操作、请求写操作、请求读写操作等。当然,本申请实施例中对控制器的请求权限还可以有更多不同的划分,为了表述的清晰简洁,本申请实施例再此不一一列举。应对了解,本申请实施例中对请求权限范围的具体表达均为举例。授权包括读权限的授权操作、写权限的授权操作、读写权限的授权操作等。In a specific example, the access request in this embodiment of the present application includes: a request for a read operation, a request for a write operation, a request for a read-write operation, and the like. Of course, in the embodiment of the present application, there may be more different divisions of the request authority of the controller, and for the sake of clarity and brevity, the embodiment of the present application does not list them one by one. It should be understood that the specific expressions of the scope of the requested authority in the embodiments of the present application are examples. Authorization includes authorization operations for read permissions, authorization operations for write permissions, and authorization operations for read and write permissions.

具体的,对诊断设备有访问权限的控制器进行授权包括:Specifically, the authorization of the controller with access rights to the diagnostic equipment includes:

车辆下发授权请求至车辆中的授权模块,以通过授权模块对诊断设备有访问权限的控制器进行授权。The vehicle sends an authorization request to the authorization module in the vehicle, so as to authorize the controller with access authority to the diagnostic equipment through the authorization module.

需要说明的是,在具体的实施方式中,车辆以太网的控制器包括域控制单元和电子控制单元,一个域控制单元与一个或多个电子控制器单元通信连接,域控制单元可以获取到与该域控制单元通信连接的一个或多个电子控制单元对应的报文信息,因此,本公开实施例中,对诊断设备有访问权限的控制器进行授权主要是对车辆以太网中的域控制单元进行授权操作,不同域控制单元对应一个标识信息,各域控制单元分别与授权模块通信连接。It should be noted that, in a specific embodiment, the controller of the vehicle Ethernet includes a domain control unit and an electronic control unit, one domain control unit communicates with one or more electronic controller units, and the domain control unit can obtain information related to The message information corresponding to one or more electronic control units connected to the domain control unit in communication. Therefore, in the embodiment of the present disclosure, the authorization of the controller with access authority to the diagnostic equipment is mainly to the domain control unit in the vehicle Ethernet To perform an authorization operation, different domain control units correspond to a piece of identification information, and each domain control unit communicates with the authorization module respectively.

可选的,作为一种可实施方式,响应于诊断设备发送的访问请求,确定与授权控制器标识信息对应的控制器,并发送授权请求至授权模块,以使授权模块基于授权请求对控制器进行授权。Optionally, as an implementable manner, in response to the access request sent by the diagnostic device, determine the controller corresponding to the authorized controller identification information, and send the authorization request to the authorization module, so that the authorization module can issue an authorization request to the controller based on the authorization request. Authorize.

具体的,诊断设备发送的访问请求包括授权控制器标识信息,例如,访问请求包括的授权控制器标识信息为控制器1、控制器3和控制器5,此时,车辆在接收到诊断设备发送的访问请求后,基于访问请求包括的授权控制器标识信息,选取与授权控制器标识信息对应的控制器,车辆在确定与授权标识信息对应的控制器后,通过下发授权请求至车辆的授权模块,使得授权模块对与授权标识信息对应的控制器进行授权。Specifically, the access request sent by the diagnostic device includes authorized controller identification information. For example, the authorized controller identification information included in the access request is controller 1, controller 3, and controller 5. At this time, the vehicle receives the information sent by the diagnostic device. After the access request, based on the authorized controller identification information included in the access request, select the controller corresponding to the authorized controller identification information. After the vehicle determines the controller corresponding to the authorization identification information, it sends an authorization request to the vehicle's authorization module, so that the authorization module authorizes the controller corresponding to the authorization identification information.

可选的,作为另一种可实施方式,响应于诊断设备发送的访问请求,基于用户标识信息确定诊断设备有访问权限的目标控制器,并对诊断设备有访问权限的目标控制器进行授权。Optionally, as another implementable manner, in response to the access request sent by the diagnostic device, determine the target controller with the access right for the diagnostic device based on the user identification information, and authorize the target controller with the access right for the diagnostic device.

具体的,诊断设备发送的访问请求包括用户标识信息,车辆在接收到诊断设备发送的访问请求后,基于访问请求包括的用户标识信息,选取诊断设备有访问权限的目标控制器,车辆在确定目标控制器后,通过下发访问请求至车辆的授权模块,使得授权模块对与目标控制器进行授权。Specifically, the access request sent by the diagnostic device includes user identification information. After receiving the access request sent by the diagnostic device, the vehicle selects the target controller that the diagnostic device has access rights based on the user identification information included in the access request. After the controller, an access request is sent to the authorization module of the vehicle, so that the authorization module authorizes the target controller.

示例性的,对目标控制器进行授权的过程包括:开通指定业务的规则等操作,允许对指定的控制器进行读或是写相关功能操作。Exemplarily, the process of authorizing the target controller includes: opening a specified service rule and other operations, allowing the specified controller to perform read or write related functional operations.

可选的,作为又一种可实施方式,响应于诊断设备发送的访问请求,基于授权控制器标识信息确定目标控制器;基于用户标识信息从目标控制器中确定诊断设备对目标控制器的访问权限,以使授权模块基于授权请求对目标控制器进行访问权限内的授权。Optionally, as yet another implementable manner, in response to the access request sent by the diagnostic device, the target controller is determined based on the authorized controller identification information; and the access of the diagnostic device to the target controller is determined from the target controller based on the user identification information Authorization, so that the authorization module authorizes the target controller within the access authorization based on the authorization request.

具体的,诊断设备发送的访问请求包括授权控制器标识信息和用户标识信息,例如,访问请求包括的授权控制器标识信息为控制器1、控制器3和控制器5,此时,车辆在接收到诊断设备发送的访问请求后,基于访问请求包括的授权控制器标识信息,选取与授权控制器标识信息对应的目标控制器,然后基于访问请求包括的用户标识信息,从确定的目标控制器中确定诊断设备对目标控制器的访问权限,例如,确定控制器5对应该用户标识信息有访问权限,则通过下发授权请求至车辆的授权模块,使得授权模块对目标控制器即控制器5进行授权。Specifically, the access request sent by the diagnostic device includes authorized controller identification information and user identification information. For example, the authorized controller identification information included in the access request is controller 1, controller 3, and controller 5. At this time, the vehicle is receiving After receiving the access request sent by the diagnostic device, select the target controller corresponding to the authorized controller identification information based on the authorized controller identification information included in the access request, and then select the target controller from the determined target controller based on the user identification information included in the access request. Determine the access authority of the diagnostic equipment to the target controller, for example, determine that the controller 5 has access authority to the user identification information, then send an authorization request to the authorization module of the vehicle, so that the authorization module performs a check on the target controller, that is, the controller 5 authorized.

本公开实施例提供的车辆控制器诊断方法,响应于诊断设备发送的身份认证请求,与诊断设备进行互认证;在互认证通过后,响应于诊断设备发送的访问请求,对诊断设备有访问权限的控制器进行授权,其中,身份认证请求是与诊断设备进行互认证的请求,即车辆和诊断设备之间身份的互认证,实现在诊断设备对控制器进行诊断之前,通过互认证机制,对诊断设备以及车辆的身份进行认证,进而保证后续诊断设备对控制器进行诊断的安全性。The vehicle controller diagnosis method provided by the embodiment of the present disclosure performs mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device; after the mutual authentication is passed, the diagnostic device has access authority in response to the access request sent by the diagnostic device The identity authentication request is a request for mutual authentication with the diagnostic equipment, that is, the mutual authentication of identities between the vehicle and the diagnostic equipment, so that before the diagnostic equipment diagnoses the controller, through the mutual authentication mechanism, the The identities of the diagnostic equipment and the vehicle are authenticated, thereby ensuring the safety of subsequent diagnostic equipment for diagnosing the controller.

图2是本公开实施例提供的另一种车辆控制器诊断方法的流程示意图,图3是本公开实施例提供的一种车辆控制器诊断的交互示意图,本公开实施例是在上述实施例的基础上,结合图2和图3,步骤S10的一种可实施方式包括:Fig. 2 is a schematic flowchart of another vehicle controller diagnosis method provided by an embodiment of the present disclosure, and Fig. 3 is an interactive schematic diagram of a vehicle controller diagnosis provided by an embodiment of the present disclosure. The embodiment of the present disclosure is based on the above-mentioned embodiment On the basis, with reference to FIG. 2 and FIG. 3, a possible implementation of step S10 includes:

S11、响应于诊断设备发送的身份认证请求,生成第一认证报文并向诊断设备发送第一认证报文。S11. In response to the identity authentication request sent by the diagnostic device, generate a first authentication message and send the first authentication message to the diagnostic device.

结合图3,首先诊断设备发送身份认证请求至车辆,车辆在接收到诊断设备发送的身份认证请求后,基于身份认证请求生成第一认证报文并发送至诊断设备,以使得诊断设备对第一认证报文进行认证。Referring to Fig. 3, the diagnostic device first sends an identity authentication request to the vehicle, and after the vehicle receives the identity authentication request sent by the diagnostic device, it generates a first authentication message based on the identity authentication request and sends it to the diagnostic device, so that the diagnostic device can recognize the first The authentication message is authenticated.

即车辆发送包括车辆信息的第一认证报文至诊断设备,使得诊断设备基于车辆发送的第一认证报文对车辆的身份进行认证。That is, the vehicle sends a first authentication message including vehicle information to the diagnostic device, so that the diagnostic device authenticates the identity of the vehicle based on the first authentication message sent by the vehicle.

S12、接收诊断设备在第一认证报文认证通过后发送的第二认证报文,并对第二认证报文进行认证。S12. Receive a second authentication packet sent by the diagnostic device after the first authentication packet is authenticated, and authenticate the second authentication packet.

继续参见图3,在车辆发送第一认证报文至诊断设备后,诊断设备对车辆发送的第一认证报文进行认证,当诊断设备对第一认证报文认证通过后,诊断设备发送第二认证报文至车辆,使得车辆基于诊断设备发送的第二认证报文对诊断设备的身份进行认证。Continue referring to FIG. 3 , after the vehicle sends the first authentication message to the diagnostic device, the diagnostic device authenticates the first authentication message sent by the vehicle, and when the diagnostic device passes the authentication of the first authentication message, the diagnostic device sends the second authentication message. The authentication message is sent to the vehicle, so that the vehicle authenticates the identity of the diagnostic device based on the second authentication message sent by the diagnostic device.

S13、在第二认证报文认证通过时,确认对互认证通过。S13. When the authentication of the second authentication packet is passed, confirm that the mutual authentication is passed.

当车辆对第二认证报文认证通过后,此时可以确定,诊断设备和车辆两端认证均通过,当接收到诊断设备发送的访问请求后,车辆对诊断设备有访问权限的控制器进行授权。When the vehicle passes the authentication of the second authentication message, it can be confirmed that both the diagnostic equipment and the vehicle have passed the authentication. After receiving the access request sent by the diagnostic equipment, the vehicle authorizes the controller with access authority to the diagnostic equipment. .

图4是本公开实施例提供的又一种车辆控制器诊断方法的流程示意图,图5是本公开实施例提供的另一种车辆控制器诊断的交互示意图,本公开实施例是在上述实施例的基础上,如图4所示,步骤S11的一种具体可实施方式包括:Fig. 4 is a schematic flowchart of another vehicle controller diagnosis method provided by an embodiment of the present disclosure, and Fig. 5 is an interactive schematic diagram of another vehicle controller diagnosis method provided by an embodiment of the present disclosure. The embodiment of the present disclosure is based on the above-mentioned embodiment On the basis of, as shown in Figure 4, a specific implementable manner of step S11 includes:

S110、响应于诊断设备发送的身份认证请求,获取标识信息。S110. Obtain identification information in response to the identity authentication request sent by the diagnostic device.

其中,标识信息用于标识车辆身份,具体的,标识信息用于标识车辆的ID。Wherein, the identification information is used to identify the identity of the vehicle, specifically, the identification information is used to identify the ID of the vehicle.

诊断设备发送身份认证请求至车辆,车辆在接收到诊断设备发送的身份认证请求后,基于身份认证请求,首先生成该车辆的标识信息。The diagnostic device sends an identity authentication request to the vehicle, and after receiving the identity authentication request sent by the diagnostic device, the vehicle first generates identification information of the vehicle based on the identity authentication request.

S111、基于第一私钥对标识信息进行签名后,生成第一认证报文并发送第一认证报文至诊断设备,以使得诊断设备通过第一公钥对第一认证报文进行认证。S111. After signing the identification information based on the first private key, generate a first authentication message and send the first authentication message to the diagnostic device, so that the diagnostic device uses the first public key to authenticate the first authentication message.

其中,第一公钥和第一私钥为一对钥匙对。Wherein, the first public key and the first private key are a key pair.

车辆在获取到身份认证请求,并生成标识信息后,通过第一私钥对车辆生成的标识信息进行签名后生成第一认证报文并发送第一认证报文至诊断设备,此时诊断设备接收第一认证报文并对第一认证报文进行验证。After the vehicle obtains the identity authentication request and generates identification information, it signs the identification information generated by the vehicle through the first private key, generates a first authentication message and sends the first authentication message to the diagnostic device, and the diagnostic device receives the first authentication message and verify the first authentication message.

具体的,车辆响应于诊断设备发送的身份认证请求,随机生成标识信息,车辆对生成的标识信息采用第一私钥进行签名后生成第一认证报文并发送第一认证报文至诊断设备。由于第一私钥为私密的,第一公钥为公开的,当诊断设备可以采用第一公钥对第一认证报文进行认证,此时,表明诊断设备对车辆的认证通过。Specifically, the vehicle randomly generates identification information in response to the identity authentication request sent by the diagnostic device, and the vehicle signs the generated identification information with a first private key to generate a first authentication message and send the first authentication message to the diagnostic device. Since the first private key is private and the first public key is public, when the diagnostic device can use the first public key to authenticate the first authentication message, it means that the diagnostic device has passed the authentication of the vehicle.

当车辆控制器诊断方法步骤S11的实现方式包括步骤S110和步骤S111时,步骤S12的一种可实现方式包括:When the implementation of step S11 of the vehicle controller diagnosis method includes step S110 and step S111, a possible implementation of step S12 includes:

S120、通过第二公钥对诊断设备发送的第二认证报文进行认证。S120. Authenticate the second authentication message sent by the diagnostic device by using the second public key.

其中,第二认证报文为诊断设备基于第二私钥对标识信息进行签名后生成的,第二公钥和第二私钥为一对钥匙对。Wherein, the second authentication message is generated by the diagnostic device after signing the identification information based on the second private key, and the second public key and the second private key are a key pair.

当诊断设备对第一认证报文认证通过后,诊断设备会发送第二认证报文至车辆,且第二认证报文是诊断设备通过第二私钥对标识信息进行签名生成的,若车辆中包括与第二私钥对应的第二公钥,则车辆在接收到第二认证报文后,可通过第二公钥对第二认证报文进行解密,进而实现车辆对诊断设备的认证。After the diagnostic device passes the authentication of the first authentication message, the diagnostic device will send the second authentication message to the vehicle, and the second authentication message is generated by the diagnostic device by signing the identification information with the second private key. If the second public key corresponding to the second private key is included, after the vehicle receives the second authentication message, it can decrypt the second authentication message through the second public key, thereby realizing the vehicle's authentication of the diagnostic device.

需要说明的是,上述实施例提供的车辆控制器诊断方法中,基于第一私钥对标识信息进行签名以及通过第二公钥对诊断设备发送的第二认证报文进行认证的过程中,执行对标识信息进行签名的动作或执行对第二认证报文进行认证的动作可以基于车辆执行,具体的,可以为车辆中的身份认证模块。It should be noted that, in the method for diagnosing the vehicle controller provided in the above embodiment, in the process of signing the identification information based on the first private key and authenticating the second authentication message sent by the diagnostic device through the second public key, execute The action of signing the identification information or performing the action of authenticating the second authentication message may be performed based on the vehicle, specifically, it may be an identity authentication module in the vehicle.

本公开实施例提供的车辆控制器诊断方法,车辆在接收到身份认证请求后,生成标识信息,在基于第一私钥对标识信息进行签名后,生成第一认证报文并发送第一认证报文至诊断设备,以使得诊断设备通过第一公钥对第一认证报文进行认证,即诊断设备通过第一公钥对第一认证报文进行解密,进而实现诊断设备对车辆的认证,而在诊断设备对第一认证报文认证通过后,诊断设备通过第二私钥对标识信息进行签名生成第二认证报文后,发送第二认证报文至车辆,使得车辆基于第二公钥对第二认证报文进行认证,即车辆通过第二公钥对第二认证报文进行解密,进而完成车辆对诊断设备的认证,实现双向认证机制,保证诊断设备对控制器进行诊断的安全性。In the vehicle controller diagnosis method provided by the embodiments of the present disclosure, the vehicle generates identification information after receiving an identity authentication request, and generates a first authentication message and sends the first authentication message after signing the identification information based on the first private key. to the diagnostic device, so that the diagnostic device authenticates the first authentication message through the first public key, that is, the diagnostic device decrypts the first authentication message through the first public key, thereby realizing the authentication of the vehicle by the diagnostic device, and After the diagnostic device passes the authentication of the first authentication message, the diagnostic device signs the identification information with the second private key to generate the second authentication message, and then sends the second authentication message to the vehicle, so that the vehicle uses the second public key pair The second authentication message is authenticated, that is, the vehicle decrypts the second authentication message through the second public key, and then completes the vehicle's authentication of the diagnostic device, realizes a two-way authentication mechanism, and ensures the safety of the diagnostic device's diagnosis of the controller.

作为一种可实施方式,本公开实施例提供的车辆控制器诊断方法还包括:As an implementable manner, the vehicle controller diagnosis method provided in the embodiment of the present disclosure further includes:

响应于诊断设备发送的关闭请求,删除下发至控制器的访问权限。In response to the shutdown request sent by the diagnostic device, the access rights issued to the controller are deleted.

如图6所示,当车辆接收到诊断设备发送的关闭请求后,车辆删除下发至控制器的访问权限,使得关闭诊断设备对车辆访问的权限。As shown in FIG. 6 , when the vehicle receives the shutdown request sent by the diagnostic device, the vehicle deletes the access permission issued to the controller, so that the diagnostic device's access permission to the vehicle is closed.

作为另一种可实施方式,继续参见图6,在检测到诊断设备的状态为离线状态时,删除下发至控制器的访问权限。As another possible implementation manner, continue referring to FIG. 6 , when it is detected that the status of the diagnostic device is offline, the access permission issued to the controller is deleted.

此外,若诊断设备在完成对控制器的诊断后,诊断设备未发送关闭请求,而是直接关闭诊断设备,此时对应诊断设备未离线状态,当车辆检测到诊断设备为离线状态时,车辆关闭下发至控制器的访问权限。In addition, if the diagnostic device does not send a shutdown request after completing the diagnosis of the controller, but directly shuts down the diagnostic device, and the corresponding diagnostic device is not offline at this time, when the vehicle detects that the diagnostic device is offline, the vehicle shuts down The access permissions issued to the controller.

上述实施例中,示例性以车辆端为执行主体进行举例说明,以下将通过具体的实施例介绍以诊断设备侧为执行主体进行具体说明。In the above-mentioned embodiments, the vehicle end is used as an example for illustration. In the following, specific embodiments will be introduced and the diagnosis equipment side will be used as the execution body for specific description.

具体的:车辆控制器诊断方法包括:Specifically: the diagnostic methods of the vehicle controller include:

发送身份认证请求至车辆,以使车辆基于访问请求与诊断设备进行互认证。Send an identity authentication request to the vehicle, so that the vehicle can perform mutual authentication with the diagnostic device based on the access request.

首先诊断设备发送身份认证请求至车辆,车辆在接收到诊断设备发送的身份认证请求后,基于身份认证请求与诊断设备进行身份认证。First, the diagnostic device sends an identity authentication request to the vehicle, and the vehicle performs identity authentication with the diagnostic device based on the identity authentication request after receiving the identity authentication request sent by the diagnostic device.

在对车辆认证通过后,发送访问请求至车辆,以使得车辆基于访问请求对诊断设备有访问权限的控制器进行授权。After the vehicle is authenticated, an access request is sent to the vehicle, so that the vehicle authorizes the controller with access authority to the diagnostic device based on the access request.

当诊断设备与车辆身份互认证通过后,此时车辆与诊断设备之间的双向认证完成,此时,诊断设备发送访问请求至车辆,以使的车辆基于访问请求对诊断设备有访问权限的控制器进行授权。After the identity mutual authentication between the diagnostic equipment and the vehicle is passed, the two-way authentication between the vehicle and the diagnostic equipment is completed. At this time, the diagnostic equipment sends an access request to the vehicle, so that the vehicle can control the access authority of the diagnostic equipment based on the access request. device for authorization.

作为一种可实施方式,发送身份认证请求至车辆后,接收车辆发送的第一认证报文,对第一认证报文进行认证。As a possible implementation manner, after the identity authentication request is sent to the vehicle, the first authentication message sent by the vehicle is received, and the first authentication message is authenticated.

首先诊断设备发送身份认证请求至车辆,车辆在接收到诊断设备发送的身份认证请求后,基于身份认证请求生成第一认证报文并发送至诊断设备,以使得诊断设备对第一认证报文进行认证。即车辆发送包括车辆信息的第一认证报文至诊断设备,使得诊断设备基于车辆发送的第一认证报文对车辆的身份进行认证。First, the diagnostic device sends an identity authentication request to the vehicle. After receiving the identity authentication request sent by the diagnostic device, the vehicle generates a first authentication message based on the identity authentication request and sends it to the diagnostic device, so that the diagnostic device performs the first authentication message. certified. That is, the vehicle sends a first authentication message including vehicle information to the diagnostic device, so that the diagnostic device authenticates the identity of the vehicle based on the first authentication message sent by the vehicle.

可选的,接收车辆发送的第一认证报文,通过第一公钥对第一认证报文进行认证。Optionally, the first authentication message sent by the vehicle is received, and the first authentication message is authenticated by using the first public key.

其中,第一认证报文为车辆基于第一私钥对标识信息进行签名后生成的,第一公钥和第一私钥为一对钥匙对,标识信息为车辆在接收到身份认证请求生成的。Wherein, the first authentication message is generated by the vehicle after signing the identification information based on the first private key, the first public key and the first private key are a pair of keys, and the identification information is generated by the vehicle after receiving the identity authentication request. .

诊断设备发送身份认证请求至车辆,车辆在接收到诊断设备发送的身份认证请求后,基于身份认证请求,首先生成该车辆的标识信息。车辆在获取到身份认证请求,并生成标识信息后,通过第一私钥对车辆生成的标识信息进行签名后生成第一认证报文并发送第一认证报文至诊断设备,此时诊断设备通过第一公钥对第一认证报文进行验证。The diagnostic device sends an identity authentication request to the vehicle, and after receiving the identity authentication request sent by the diagnostic device, the vehicle first generates identification information of the vehicle based on the identity authentication request. After the vehicle obtains the identity authentication request and generates identification information, it signs the identification information generated by the vehicle through the first private key, generates a first authentication message and sends the first authentication message to the diagnostic device, and the diagnostic device passes The first public key verifies the first authentication message.

作为一种可实施方式,在第一认证报文认证通过后,确认对车辆认证通过。As an implementable manner, after the first authentication message is authenticated, it is confirmed that the vehicle is authenticated.

在车辆发送第一认证报文至诊断设备后,诊断设备对车辆发送的第一认证报文进行认证,当诊断设备对第一认证报文认证通过后,此时确认对车辆认证通过,诊断设备发送第二认证报文至车辆,以使得车辆基于诊断设备发送的第二认证报文对诊断设备的身份进行验证。After the vehicle sends the first authentication message to the diagnostic device, the diagnostic device authenticates the first authentication message sent by the vehicle, and when the diagnostic device passes the authentication of the first authentication message, it confirms that the vehicle is authenticated, and the diagnostic device Sending the second authentication message to the vehicle, so that the vehicle verifies the identity of the diagnostic device based on the second authentication message sent by the diagnostic device.

在对车辆认证通过后,发送第二认证报文至车辆,以使车辆对第二认证报文进行认证。After the vehicle is authenticated, a second authentication message is sent to the vehicle, so that the vehicle authenticates the second authentication message.

具体的,在对车辆认证通过后,基于第二私钥对标识信息进行签名后,发送第二认证报文至车辆,以使车辆对第二认证报文进行认证,其中,第二公钥和第二私钥为一对钥匙对。Specifically, after the vehicle is authenticated, the identification information is signed based on the second private key, and the second authentication message is sent to the vehicle, so that the vehicle can authenticate the second authentication message, wherein the second public key and The second private key is a key pair.

当诊断设备对第一认证报文认证通过后,诊断设备会发送第二认证报文至车辆,且第二认证报文是诊断设备通过第二私钥对标识信息进行签名生成的,若车辆中包括与第二私钥对应的第二公钥,则车辆在接收到第二认证报文后,可通过第二公钥对第二认证报文进行解密,进而实现车辆对诊断设备的认证。After the diagnostic device passes the authentication of the first authentication message, the diagnostic device will send the second authentication message to the vehicle, and the second authentication message is generated by the diagnostic device by signing the identification information with the second private key. If the second public key corresponding to the second private key is included, after the vehicle receives the second authentication message, it can decrypt the second authentication message through the second public key, thereby realizing the vehicle's authentication of the diagnostic device.

本公开实施例提供的车辆以太网诊断方法,诊断设备通过第一公钥对第一认证报文进行认证,即诊断设备通过第一公钥对第一认证报文进行解密,进而实现诊断设备对车辆的认证,而在诊断设备对第一认证报文认证通过后,诊断设备通过第二私钥对标识信息进行签名生成第二认证报文后,发送第二认证报文至车辆,使得车辆基于第二公钥对第二认证报文进行认证,即车辆通过第二公钥对第二认证报文进行解密,进而完成车辆对诊断设备的认证,第一两个钥匙对,实现双向认证机制,保证诊断设备对控制器进行诊断的安全性。In the vehicle Ethernet diagnostic method provided by the embodiments of the present disclosure, the diagnostic device authenticates the first authentication message through the first public key, that is, the diagnostic device decrypts the first authentication message through the first public key, and then realizes the diagnosis of the diagnostic device. The authentication of the vehicle, and after the diagnostic device passes the authentication of the first authentication message, the diagnostic device signs the identification information through the second private key to generate the second authentication message, and then sends the second authentication message to the vehicle, so that the vehicle is based on The second public key authenticates the second authentication message, that is, the vehicle decrypts the second authentication message through the second public key, and then completes the vehicle's authentication of the diagnostic device. The first two key pairs implement a two-way authentication mechanism. Ensure the safety of diagnosis equipment for controller diagnosis.

作为一种可实施方式,车辆以太网诊断方法还包括:As an implementable manner, the vehicle Ethernet diagnostic method also includes:

发送关闭请求至车辆,以使得车辆基于关闭请求删除下发至控制器的访问权限。A shutdown request is sent to the vehicle, so that the vehicle deletes the access rights sent to the controller based on the shutdown request.

当车辆对第二认证报文认证通过后,此时可以确定,诊断设备和车辆两端认证请求均通过,当接收到诊断设备发送的访问请求后,车辆对诊断设备有访问权限的控制器进行授权,进而使得诊断设备能够对控制器进行诊断。When the vehicle passes the authentication of the second authentication message, it can be determined that the authentication requests of both the diagnostic equipment and the vehicle both pass. After receiving the access request sent by the diagnostic equipment, the vehicle performs a Authorization, which in turn enables the diagnostic device to diagnose the controller.

图7是本公开实施例提供的一种车辆控制器诊断装置的结构示意图,如图7所示,车辆控制器诊断装置包括:Fig. 7 is a schematic structural diagram of a vehicle controller diagnostic device provided by an embodiment of the present disclosure. As shown in Fig. 7, the vehicle controller diagnostic device includes:

身份认证模块710,用于响应于诊断设备发送的身份认证请求,与诊断设备进行互认证;An identity authentication module 710, configured to perform mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device;

授权模块720,用于响应于诊断设备发送的访问请求,对诊断设备有访问权限的控制器进行授权。The authorization module 720 is configured to, in response to the access request sent by the diagnostic device, authorize the controller with the access authority of the diagnostic device.

本公开实施例提供的车辆控制器装置,响应于诊断设备发送的身份认证请求,与诊断设备进行互认证;在互认证通过后,响应于诊断设备发送的访问请求,对诊断设备有访问权限的控制器进行授权,其中,身份认证请求是与诊断设备进行互认证的请求,即车辆和诊断设备之间身份的互认证,实现在诊断设备对控制器进行诊断之前,通过互认证机制,对诊断设备以及车辆的身份进行认证,进而保证后续诊断设备对控制器进行诊断的安全性。The vehicle controller device provided by the embodiment of the present disclosure performs mutual authentication with the diagnostic equipment in response to the identity authentication request sent by the diagnostic equipment; The controller authorizes, wherein, the identity authentication request is a request for mutual authentication with the diagnostic equipment, that is, the mutual authentication of identities between the vehicle and the diagnostic equipment, so that before the diagnostic equipment diagnoses the controller, through the mutual authentication mechanism, the diagnosis The identity of the device and the vehicle is authenticated, thereby ensuring the safety of the subsequent diagnostic equipment for diagnosing the controller.

可选的,身份认证模块包括:Optionally, the identity authentication module includes:

第一认证报文发送模块,用于响应于诊断设备发送的身份认证请求,生成第一认证报文并向诊断设备发送第一认证报文;A first authentication message sending module, configured to generate a first authentication message and send the first authentication message to the diagnostic device in response to the identity authentication request sent by the diagnostic device;

报文认证模块,用于接收诊断设备在第一认证报文认证通过后发送的第二认证报文,并对第二认证报文进行认证;A message authentication module, configured to receive a second authentication message sent by the diagnostic device after the first authentication message is authenticated, and authenticate the second authentication message;

第一判断模块,用于在第二认证报文认证通过时,确认互认证通过。The first judging module is configured to confirm that the mutual authentication passes when the second authentication message passes the authentication.

可选的,第一认证报文发送模块具体用于:Optionally, the first authentication message sending module is specifically used for:

响应于诊断设备发送的身份认证请求,获取标识信息;Obtain identification information in response to the identity authentication request sent by the diagnostic device;

基于第一私钥对标识信息进行签名后,生成第一认证报文并发送第一认证报文至诊断设备,以使得诊断设备通过第一公钥对第一认证报文进行认证,其中,第一公钥和第一私钥为一对钥匙对。After signing the identification information based on the first private key, generate a first authentication message and send the first authentication message to the diagnostic device, so that the diagnostic device uses the first public key to authenticate the first authentication message, wherein the first A public key and the first private key are a key pair.

可选的,报文认证模块具体用于:Optionally, the message authentication module is specifically used for:

通过第二公钥对诊断设备发送的第二认证报文进行认证,其中,第二认证报文为诊断设备基于第二私钥对标识信息进行签名后生成的,第二公钥和第二私钥为一对钥匙对。Use the second public key to authenticate the second authentication message sent by the diagnostic device, where the second authentication message is generated by the diagnostic device after signing the identification information based on the second private key, the second public key and the second private key The key is a pair of key pairs.

可选的,授权模块的一种具体实现方式包括:Optionally, a specific implementation manner of the authorization module includes:

访问请求包括授权控制器标识信息;The access request includes authorization controller identification information;

响应于诊断设备发送的访问请求,确定与授权控制器标识信息对应的控制器,并发送授权请求至授权模块,以使授权模块基于授权请求对控制器进行授权。In response to the access request sent by the diagnostic device, determine the controller corresponding to the authorized controller identification information, and send the authorization request to the authorization module, so that the authorization module authorizes the controller based on the authorization request.

可选的,授权模块的另一种具体实现方式包括:Optionally, another specific implementation manner of the authorization module includes:

访问请求包括用户标识信息;The access request includes user identification information;

响应于诊断设备发送的访问请求,基于用户标识信息确定诊断设备有访问权限的目标控制器,并对诊断设备有访问权限的目标控制器进行授权。In response to the access request sent by the diagnostic device, determine the target controller with the access right for the diagnostic device based on the user identification information, and authorize the target controller with the access right for the diagnostic device.

可选的,授权模块的又一种具体实现方式包括:Optionally, another specific implementation manner of the authorization module includes:

访问请求包括授权控制器标识信息和用户标识信息;The access request includes authorization controller identification information and user identification information;

响应于诊断设备发送的访问请求,基于授权控制器标识信息确定目标控制器;In response to the access request sent by the diagnostic device, determine the target controller based on the authorized controller identification information;

基于用户标识信息从目标控制器中确定诊断设备对目标控制器的访问权限,以使授权模块基于授权请求对目标控制器进行访问权限内的授权。The access authority of the diagnostic device to the target controller is determined from the target controller based on the user identification information, so that the authorization module authorizes the target controller within the access authority based on the authorization request.

可选的,还包括:Optionally, also include:

第一访问权限删除模块,用于响应于诊断设备发送的关闭请求,删除下发至控制器的访问权限。The first access right deletion module is configured to delete the access right issued to the controller in response to the shutdown request sent by the diagnostic device.

第二访问权限删除模块,用于在检测所述诊断设备的状态为离线状态时,删除下发至控制器的访问权限。The second access authority deletion module is configured to delete the access authority issued to the controller when detecting that the diagnosis device is in an offline state.

本发明实施例所提供的装置可执行本发明任意实施例所提供的方法,具备执行方法相应的功能模块和有益效果。The device provided by the embodiment of the present invention can execute the method provided by any embodiment of the present invention, and has corresponding functional modules and beneficial effects for executing the method.

值得注意的是,上述装置的实施例中,所包括的各个单元和模块只是按照功能逻辑进行划分的,但并不局限于上述的划分,只要能够实现相应的功能即可;另外,各功能单元的具体名称也只是为了便于相互区分,并不用于限制本发明的保护范围。It is worth noting that in the above-mentioned embodiment of the device, the included units and modules are only divided according to functional logic, but are not limited to the above-mentioned division, as long as the corresponding functions can be realized; in addition, each functional unit The specific names are only for the convenience of distinguishing each other, and are not used to limit the protection scope of the present invention.

图8是本公开实施例提供的一种电子设备的结构示意图,如图8所示,该电子设备包括处理器810、存储器820、输入装置830和输出装置840;计算机设备中处理器810的数量可以是一个或多个,图8中以一个处理器810为例;电子设备中的处理器810、存储器820、输入装置830和输出装置840可以通过总线或其他方式连接,图8中以通过总线连接为例。FIG. 8 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure. As shown in FIG. 8 , the electronic device includes a processor 810, a memory 820, an input device 830, and an output device 840; the number of processors 810 in the computer device There may be one or more, and a processor 810 is taken as an example in FIG. connection as an example.

存储器820作为一种计算机可读存储介质,可用于存储软件程序、计算机可执行程序以及模块,如本发明实施例中方法对应的程序指令/模块。处理器810通过运行存储在存储器820中的软件程序、指令以及模块,从而执行计算机设备的各种功能应用以及数据处理,即实现本发明实施例所提供的方法。The memory 820, as a computer-readable storage medium, can be used to store software programs, computer-executable programs and modules, such as program instructions/modules corresponding to the methods in the embodiments of the present invention. The processor 810 executes various functional applications and data processing of the computer device by running software programs, instructions and modules stored in the memory 820 , that is, implements the methods provided by the embodiments of the present invention.

存储器820可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端的使用所创建的数据等。此外,存储器820可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他非易失性固态存储器件。在一些实例中,存储器820可进一步包括相对于处理器810远程设置的存储器,这些远程存储器可以通过网络连接至计算机设备。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The memory 820 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system and an application program required by at least one function; the data storage area may store data created according to the use of the terminal, and the like. In addition, the memory 820 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage devices. In some examples, the memory 820 may further include memory located remotely from the processor 810, and these remote memories may be connected to the computer device through a network. Examples of the aforementioned networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.

输入装置830可用于接收输入的数字或字符信息,以及产生与电子设备的用户设置以及功能控制有关的键信号输入,可以包括键盘、鼠标等。输出装置840可包括显示屏等显示设备。The input device 830 can be used to receive input numbers or character information, and generate key signal input related to user settings and function control of electronic equipment, and can include a keyboard, a mouse, and the like. The output device 840 may include a display device such as a display screen.

本公开实施例还提供了一种车辆,所述车辆包括上述实施例提供的电子设备。An embodiment of the present disclosure also provides a vehicle, where the vehicle includes the electronic device provided in the above embodiment.

本公开实施例还提供了一种包含计算机可执行指令的存储介质,所述计算机可执行指令在由计算机处理器执行时用于实现本发明实施例所提供的方法。Embodiments of the present disclosure also provide a storage medium containing computer-executable instructions, and the computer-executable instructions are used to implement the method provided by the embodiments of the present invention when executed by a computer processor.

当然,本发明实施例所提供的一种包含计算机可执行指令的存储介质,其计算机可执行指令不限于如上所述的方法操作,还可以执行本发明任意实施例所提供的方法中的相关操作。Of course, a storage medium containing computer-executable instructions provided by an embodiment of the present invention, the computer-executable instructions are not limited to the above-mentioned method operations, and can also perform related operations in the methods provided by any embodiment of the present invention .

通过以上关于实施方式的描述,所属领域的技术人员可以清楚地了解到,本发明可借助软件及必需的通用硬件来实现,当然也可以通过硬件实现,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如计算机的软盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(RandomAccess Memory,RAM)、闪存(FLASH)、硬盘或光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。Through the above description about the implementation mode, those skilled in the art can clearly understand that the present invention can be realized by means of software and necessary general-purpose hardware, and of course it can also be realized by hardware, but in many cases the former is a better implementation mode . Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art can be embodied in the form of a software product, and the computer software product can be stored in a computer-readable storage medium, such as a floppy disk of a computer , read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), flash memory (FLASH), hard disk or optical disc, etc., including several instructions to make a computer device (which can be a personal computer, A server, or a network device, etc.) executes the methods described in various embodiments of the present invention.

需要说明的是,在本文中,诸如“第一”和“第二”等之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。It should be noted that in this article, relative terms such as "first" and "second" are only used to distinguish one entity or operation from another entity or operation, and do not necessarily require or imply these No such actual relationship or order exists between entities or operations. Furthermore, the term "comprises", "comprises" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article, or apparatus comprising a set of elements includes not only those elements, but also includes elements not expressly listed. other elements of or also include elements inherent in such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising a ..." does not exclude the presence of additional identical elements in the process, method, article or apparatus comprising said element.

以上所述仅是本公开的具体实施方式,使本领域技术人员能够理解或实现本公开。对这些实施例的多种修改对本领域的技术人员来说将是显而易见的,本文中所定义的一般原理可以在不脱离本公开的精神或范围的情况下,在其它实施例中实现。因此,本公开将不会被限制于本文所述的这些实施例,而是要符合与本文所公开的原理和新颖特点相一致的最宽的范围。The above descriptions are only specific implementation manners of the present disclosure, so that those skilled in the art can understand or implement the present disclosure. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the present disclosure. Therefore, the present disclosure will not be limited to the embodiments described herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (11)

1.一种车辆控制器诊断方法,其特征在于,包括:1. A method for diagnosing a vehicle controller, comprising: 响应于诊断设备发送的身份认证请求,与所述诊断设备进行互认证;performing mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device; 在所述互认证通过后,响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权。After the mutual authentication is passed, in response to the access request sent by the diagnostic device, authorize the controller with the access authority of the diagnostic device. 2.根据权利要求1所述的方法,其特征在于,所述与所述诊断设备进行互认证,包括:2. The method according to claim 1, wherein the mutual authentication with the diagnostic device comprises: 响应于所述诊断设备发送的身份认证请求,生成第一认证报文并向诊断设备发送所述第一认证报文;In response to the identity authentication request sent by the diagnostic device, generate a first authentication message and send the first authentication message to the diagnostic device; 接收所述诊断设备在所述第一认证报文认证通过后发送的第二认证报文,并对所述第二认证报文进行认证;receiving a second authentication message sent by the diagnostic device after the first authentication message is authenticated, and authenticating the second authentication message; 在所述第二认证报文认证通过时,确认所述互认证通过。When the authentication of the second authentication packet is passed, confirm that the mutual authentication is passed. 3.根据权利要求2所述的方法,其特征在于,所述响应于所述诊断设备发送的身份认证请求,生成第一认证报文并向诊断设备发送第一认证报文,包括:3. The method according to claim 2, wherein the generating a first authentication message and sending the first authentication message to the diagnostic device in response to the identity authentication request sent by the diagnostic device comprises: 响应于所述诊断设备发送的身份认证请求,获取标识信息;Obtain identification information in response to the identity authentication request sent by the diagnostic device; 基于第一私钥对所述标识信息进行签名后,生成第一认证报文并发送所述第一认证报文至诊断设备,以使得诊断设备通过第一公钥对所述第一认证报文进行认证,其中,所述第一公钥和所述第一私钥为一对钥匙对。After signing the identification information based on the first private key, generate a first authentication message and send the first authentication message to the diagnostic device, so that the diagnostic device uses the first public key to verify the first authentication message performing authentication, wherein the first public key and the first private key are a key pair. 4.根据权利要求3所述的方法,其特征在于,所述对所述第二认证报文进行认证,包括:4. The method according to claim 3, wherein the authenticating the second authentication message comprises: 通过第二公钥对所述第二认证报文进行认证,其中,所述第二认证报文为所述诊断设备基于第二私钥对所述标识信息进行签名后生成的,所述第二公钥和所述第二私钥为一对钥匙对。The second authentication message is authenticated by using a second public key, where the second authentication message is generated by the diagnostic device after signing the identification information based on a second private key, and the second The public key and the second private key are a key pair. 5.根据权利要求1所述的方法,其特征在于,所述访问请求包括授权控制器标识信息;5. The method according to claim 1, wherein the access request includes authorization controller identification information; 所述响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权,包括:In response to the access request sent by the diagnostic device, authorizing the controller with access rights to the diagnostic device includes: 响应于所述诊断设备发送的访问请求,确定与所述授权控制器标识信息对应的控制器,并发送授权请求至授权模块,以使所述授权模块基于所述授权请求对所述控制器进行授权。In response to the access request sent by the diagnostic device, determine the controller corresponding to the authorized controller identification information, and send an authorization request to the authorization module, so that the authorization module performs the authorization on the controller based on the authorization request. authorized. 6.根据权利要求1所述的方法,其特征在于,所述访问请求包括用户标识信息;6. The method according to claim 1, wherein the access request includes user identification information; 所述响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权,包括:In response to the access request sent by the diagnostic device, authorizing the controller with access rights to the diagnostic device includes: 响应于所述诊断设备发送的访问请求,基于所述用户标识信息确定所述诊断设备有访问权限的目标控制器,并对所述诊断设备有访问权限的目标控制器进行授权。In response to the access request sent by the diagnostic device, determine a target controller that the diagnostic device has access rights based on the user identification information, and authorize the target controller that the diagnostic device has access rights. 7.根据权利要求1所述的方法,其特征在于,所述访问请求包括授权控制器标识信息和用户标识信息;7. The method according to claim 1, wherein the access request includes authorization controller identification information and user identification information; 所述响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权,包括:In response to the access request sent by the diagnostic device, authorizing the controller with access rights to the diagnostic device includes: 响应于所述诊断设备发送的访问请求,基于所述授权控制器标识信息确定目标控制器;determining a target controller based on the authorized controller identification information in response to the access request sent by the diagnostic device; 基于所述用户标识信息从所述目标控制器中确定所述诊断设备对所述目标控制器的访问权限,以使授权模块基于授权请求对所述目标控制器进行访问权限内的授权。The access authority of the diagnostic device to the target controller is determined from the target controller based on the user identification information, so that the authorization module authorizes the target controller within the access authority based on the authorization request. 8.根据权利要求5-7任一项所述的方法,其特征在于,所述在对所述诊断设备认证通过后,响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权之后,还包括:8. The method according to any one of claims 5-7, characterized in that, after the diagnostic device is authenticated, in response to the access request sent by the diagnostic device, there is access to the diagnostic device After the permission controller authorizes, it also includes: 响应于诊断设备发送的关闭请求,删除下发至控制器的访问权限;或,remove access rights issued to the controller in response to a shutdown request sent by the diagnostic device; or, 在检测所述诊断设备的状态为离线状态时,删除下发至控制器的访问权限。When it is detected that the state of the diagnostic device is offline, delete the access authority issued to the controller. 9.一种车辆控制器诊断装置,其特征在于,包括:9. A vehicle controller diagnostic device, characterized in that it comprises: 身份认证模块,用于响应于诊断设备发送的身份认证请求,与所述诊断设备进行互认证;An identity authentication module, configured to perform mutual authentication with the diagnostic device in response to the identity authentication request sent by the diagnostic device; 授权模块,用于响应于所述诊断设备发送的访问请求,对所述诊断设备有访问权限的控制器进行授权。An authorization module, configured to authorize the controller with access authority of the diagnostic device in response to the access request sent by the diagnostic device. 10.一种电子设备,其特征在于,包括:10. An electronic device, characterized in that it comprises: 一个或多个处理器;one or more processors; 存储装置,用于存储一个或多个程序,storage means for storing one or more programs, 当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现如权利要求1~8中任一所述的方法。When the one or more programs are executed by the one or more processors, the one or more processors are made to implement the method according to any one of claims 1-8. 11.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现如权利要求1~8中任一所述的方法。11. A computer-readable storage medium, on which a computer program is stored, wherein, when the program is executed by a processor, the method according to any one of claims 1-8 is realized.
CN202210346806.0A 2022-03-31 2022-03-31 A vehicle controller diagnosis method, device, equipment and medium Pending CN115442064A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202210346806.0A CN115442064A (en) 2022-03-31 2022-03-31 A vehicle controller diagnosis method, device, equipment and medium
PCT/CN2023/081904 WO2023185492A1 (en) 2022-03-31 2023-03-16 Diagnostic method and apparatus for a vehicle controller, device, and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210346806.0A CN115442064A (en) 2022-03-31 2022-03-31 A vehicle controller diagnosis method, device, equipment and medium

Publications (1)

Publication Number Publication Date
CN115442064A true CN115442064A (en) 2022-12-06

Family

ID=84240763

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210346806.0A Pending CN115442064A (en) 2022-03-31 2022-03-31 A vehicle controller diagnosis method, device, equipment and medium

Country Status (2)

Country Link
CN (1) CN115442064A (en)
WO (1) WO2023185492A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116049807A (en) * 2023-02-28 2023-05-02 重庆长安汽车股份有限公司 A service access system and method, electronic equipment, and storage medium
WO2023174217A1 (en) * 2022-03-18 2023-09-21 北京罗克维尔斯科技有限公司 Vehicle ethernet diagnosis method and apparatus, and device and medium
WO2023185492A1 (en) * 2022-03-31 2023-10-05 北京罗克维尔斯科技有限公司 Diagnostic method and apparatus for a vehicle controller, device, and medium
WO2025045019A1 (en) * 2023-08-28 2025-03-06 深圳引望智能技术有限公司 Control method and apparatus

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117688548A (en) * 2023-11-08 2024-03-12 阿尔特汽车技术股份有限公司 Safety access method and device based on vehicle maintenance request

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111031074A (en) * 2020-01-09 2020-04-17 中国信息通信研究院 An authentication method, server and client
CN111142500A (en) * 2019-12-26 2020-05-12 国汽(北京)智能网联汽车研究院有限公司 Permission setting method and device for vehicle diagnosis data and vehicle-mounted gateway controller
US20210075783A1 (en) * 2019-09-10 2021-03-11 William Mazzara, JR. Authenticated vehicle diagnostic access techniques
CN112585549A (en) * 2020-02-29 2021-03-30 华为技术有限公司 Fault diagnosis method and device and vehicle
CN113759883A (en) * 2021-10-26 2021-12-07 深圳市元征科技股份有限公司 Vehicle diagnosis method, vehicle gateway device, server, and storage medium

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102013202064B4 (en) * 2013-02-08 2025-03-27 Bayerische Motoren Werke Aktiengesellschaft Method and device for connecting a diagnostic device to a control unit in a motor vehicle
CN112327796B (en) * 2020-10-21 2022-05-06 诚迈科技(南京)股份有限公司 Control method and electronic control unit for automobile diagnosis service
CN113960978A (en) * 2021-09-29 2022-01-21 岚图汽车科技有限公司 Vehicle diagnosis method, device and storage medium
CN115437341A (en) * 2022-03-18 2022-12-06 北京罗克维尔斯科技有限公司 Vehicle Ethernet diagnosis method, device, equipment and medium
CN115442064A (en) * 2022-03-31 2022-12-06 北京罗克维尔斯科技有限公司 A vehicle controller diagnosis method, device, equipment and medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210075783A1 (en) * 2019-09-10 2021-03-11 William Mazzara, JR. Authenticated vehicle diagnostic access techniques
CN111142500A (en) * 2019-12-26 2020-05-12 国汽(北京)智能网联汽车研究院有限公司 Permission setting method and device for vehicle diagnosis data and vehicle-mounted gateway controller
CN111031074A (en) * 2020-01-09 2020-04-17 中国信息通信研究院 An authentication method, server and client
CN112585549A (en) * 2020-02-29 2021-03-30 华为技术有限公司 Fault diagnosis method and device and vehicle
CN113759883A (en) * 2021-10-26 2021-12-07 深圳市元征科技股份有限公司 Vehicle diagnosis method, vehicle gateway device, server, and storage medium

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023174217A1 (en) * 2022-03-18 2023-09-21 北京罗克维尔斯科技有限公司 Vehicle ethernet diagnosis method and apparatus, and device and medium
WO2023185492A1 (en) * 2022-03-31 2023-10-05 北京罗克维尔斯科技有限公司 Diagnostic method and apparatus for a vehicle controller, device, and medium
CN116049807A (en) * 2023-02-28 2023-05-02 重庆长安汽车股份有限公司 A service access system and method, electronic equipment, and storage medium
WO2025045019A1 (en) * 2023-08-28 2025-03-06 深圳引望智能技术有限公司 Control method and apparatus

Also Published As

Publication number Publication date
WO2023185492A1 (en) 2023-10-05

Similar Documents

Publication Publication Date Title
CN115442064A (en) A vehicle controller diagnosis method, device, equipment and medium
CN110121873B (en) An access token management method, terminal and server
US11218478B1 (en) Security platform
US7979899B2 (en) Trusted device-specific authentication
CN103095659B (en) Account logon method and system in a kind of the Internet
CN108898389A (en) Based on the content verification method and device of block chain, electronic equipment
US20070220009A1 (en) Methods, systems, and computer program products for controlling access to application data
US11481509B1 (en) Device management and security through a distributed ledger system
CN113132404B (en) Identity authentication method, terminal and storage medium
JP2020077353A (en) Authentication and approval method and authentication server
CN111813078B (en) Safety diagnosis method, device, equipment and medium for vehicle
CN111508110B (en) Method and device for realizing remote locking of vehicle
CN111881441B (en) Method for online activation of device, electronic device and storage medium
CN112513844A (en) Secure element for processing and authenticating digital keys and method of operation thereof
US20220231861A1 (en) System and method for secure authentication and authorization
CN111669351B (en) Authentication method, service server, client and computer readable storage medium
CN112506267B (en) RTC calibration method, vehicle-mounted terminal, user and storage medium
CN114861158A (en) Security authentication method, device, system, electronic device and storage medium
US8261328B2 (en) Trusted electronic communication through shared vulnerability
CN110752917A (en) Vehicle access control method, device and system
WO2024027301A1 (en) Encryption method for automobile diagnosis software
CN116049807A (en) A service access system and method, electronic equipment, and storage medium
CN113591053A (en) Method and system for identifying general mobile equipment based on biological information
EP3757922A1 (en) Electronic payment system and method and program using biometric authentication
CN115514567B (en) Access method, access system, computer equipment and medium for IoT terminal device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination