JP6436608B1 - Vehicle maintenance system - Google Patents

Abstract

A vehicle maintenance system capable of performing maintenance on a plurality of vehicles while ensuring communication security. A vehicle maintenance system is configured to divide a plurality of maintenance tool devices connected to a plurality of target vehicles and a plurality of divided data obtained by dividing the maintenance data into a plurality of divisions among the plurality of maintenance tool devices. A transmission device that transmits the same number of specific maintenance tool devices as the data via the communication network, and each of the plurality of maintenance tool devices receives the divided data addressed to itself by the transmission device. Transmits the divided data addressed to the own device received by the communication unit and the first communication unit to all other maintenance tool devices, and receives the divided data addressed to other devices owned by all other specific maintenance tool devices A second communication unit, and a restoration unit that restores the maintenance data from the divided data addressed to the own device received by the first communication unit and the divided data addressed to all other devices received by the second communication unit. [Selection] Figure 1

Description

  The present disclosure relates to a vehicle maintenance system.

  In recent years, the scale of software (control program) mounted on an electronic control unit (ECU: Electronic Control Unit) that controls a vehicle is increasing as the function and performance of the vehicle increase. As the scale of software increases, the possibility of malfunctions increases, so the need for software updates and log collection for multiple vehicles also increases. For example, a dedicated device for that purpose is routinely installed for each vehicle. If installed in the vehicle, the vehicle cost increases.

  As a solution to such a problem, Patent Documents 1 and 2 disclose a handy repro tool (maintenance tool) that is small and light in weight and easy to carry and handle. Generally, a plurality of ECUs mounted on a vehicle are connected to each other via a vehicle network such as a bus type. This repro tool is connected to the dashboard with its terminal (tool connector) connected to the vehicle network. By connecting to the vehicle-side connector installed in the vehicle, it is possible to update (rewrite) the control program, collect transmission data flowing through the vehicle network (collect ECU logs), and the like. For example, the repro tool of Patent Document 1 has a script execution function for executing a script in which a desired process is described. An execution command transmitted from a transmission device (such as a PC) and transmitted wirelessly is used. Upon receipt, the control program is updated and logs are collected. Such a repro tool is not provided exclusively for each vehicle, but can be used in common regardless of the type of vehicle when necessary, so that maintenance work can be facilitated without increasing the vehicle cost. To do.

  In Patent Documents 3 to 4, the divided data obtained by dividing the communication data to be transmitted by the transmitting device is transmitted through different communication paths, and the receiving device receives the divided data from the plurality of communication paths. A technique for protecting communication data at the time of transmission (particularly in a wireless section) from eavesdropping by reconstructing communication data from data is disclosed. Thus, communication security can be improved by making it impossible to restore the original communication data unless all the divided data constituting the original communication data is intercepted.

Japanese Patent No. 6323968 Japanese Patent Laid-Open No. 2015-37899 JP 2000-115162 A Japanese Patent Laid-Open No. 10-164028

  When data is communicated between the transmission device and the repro tool as in Patent Document 1, there is a possibility of information leakage due to interception on the communication path. In particular, when the repro tool is configured to receive data transmitted by the transmitting device via a wireless interface, the possibility of information leakage is further increased when a wireless section exists on the communication path. In Patent Documents 3 to 4, the greater the number of data divisions, the better the communication security, but the receiving device that is the destination of the data transmitted by the transmitting device receives each of the divided data transmitted over a plurality of communication paths. Therefore, it is likely to increase the manufacturing cost of the receiving device, increase the size, and increase the weight.

  Therefore, the present inventors divided the data to be communicated on the transmitting device side because the repro tool is a tool for collectively maintaining a plurality of vehicles by being installed in each of the plurality of vehicles. Each of the plurality of divided data is transmitted to one of the plurality of repro tools, and each repro tool restores the data by communicating the divided data received by each of the plurality of repro tools. I thought about the method. According to this method, each repro tool only needs to have an interface for communicating with a communication network and an interface for communicating with other repro tools, so even if the number of data divisions is increased, the manufacturing cost is increased. We thought that it would be possible to suppress the increase in size, increase the size of repro tools, and increase the weight, and maintain ease of carrying and handling.

  In view of the above circumstances, an object of at least one embodiment of the present invention is to provide a vehicle maintenance system capable of performing maintenance on a plurality of vehicles while ensuring communication security.

(1) A vehicle maintenance system according to at least one embodiment of the present invention includes:
A plurality of maintenance tool devices configured to be connected to a plurality of target vehicles to be maintained;
A plurality of pieces of divided data obtained by dividing the maintenance data are configured to be transmitted to a specific number of the maintenance tool devices as many as the plurality of pieces of divided data among the plurality of maintenance tool devices via a communication network. A transmission device,
Each of the plurality of maintenance tool devices includes:
A first communication unit configured to receive the divided data addressed to the own device transmitted by the transmitting device;
The divided data received by the first communication unit is transmitted to all the other maintenance tool devices, and is also configured to receive the divided data addressed to other devices held by all the other specific maintenance tool devices. A second communication unit,
A restoration unit configured to restore the maintenance data from the divided data addressed to the own device received by the first communication unit and the divided data addressed to all the other devices received by the second communication unit; Have.

  According to the configuration of (1) above, each of the plurality of maintenance tool devices is configured to receive maintenance data from the transmission device via the communication network in a state where each of the plurality of maintenance tool devices is installed in a different target vehicle. Specifically, each of the plurality of maintenance tool devices receives a part of the plurality of divided data respectively constituting different parts of one maintenance data from the transmitting device, and receives the received divided data from the other maintenance tools. The maintenance data is restored by obtaining all the divided data constituting the maintenance data through transmission to the device. In this way, by dividing a plurality of divided data constituting maintenance data into a plurality of maintenance tool devices and communicating, each maintenance tool device can obtain maintenance data while improving communication security against interception and the like. it can.

(2) In some embodiments, in the configuration of (1) above,
Each of the plurality of maintenance tool devices includes:
A terminal part detachable from the vehicle-side connector connected to the vehicle network in the target vehicle;
Based on the maintenance data restored by the restoration unit, a maintenance execution unit configured to perform maintenance processing on the target vehicle via the terminal unit;
A handy holding case for holding the terminal unit, the first communication unit, the second communication unit, the restoration unit, and the maintenance execution unit;

  According to the configuration of (2), it is possible to provide a handy type maintenance tool device that is small and light and easy to carry and handle.

(3) In some embodiments, in the above configurations (1) to (2),
The first communication unit is configured to receive the divided data transmitted through a wireless section constituting at least a part of the communication network,
The transmission device is configured to transmit dummy data so as to be transmitted in the wireless section in which the divided data destined for each of the specific maintenance tool devices is transmitted.

  According to the configuration of (3) above, the transmitting device transmits dummy data destined for a dummy device such as a maintenance tool device that is not installed in the target vehicle, together with a plurality of pieces of divided data constituting the maintenance data. . As a result, dummy data is included even if all of the data in the wireless section is intercepted when a plurality of maintenance tool devices installed in the target vehicle receive the divided data via the same wireless master station. Thus, it is possible to make it more difficult for the eavesdropper to restore the maintenance data, and it is possible to further improve communication security.

(4) In some embodiments, in the configuration of (3) above,
The first communication unit is configured to receive divided data addressed to the own device from a base station of a mobile communication network forming the radio section.

  According to the configuration of (4) above, the plurality of maintenance tool devices are transmitted from the base station of the mobile communication network, and the transmission device is a maintenance tool serving as a destination for each of the plurality of divided data constituting the maintenance data. Encrypt according to the device. As a result, communication security can be further improved.

(5) In some embodiments, in the above configurations (2) to (4),
The maintenance tool device is configured such that the maintenance data restored by the restoration unit is deleted after a predetermined time has elapsed since the completion of the maintenance process.

  According to the configuration of (5) above, since the maintenance data restored by the maintenance tool device is deleted after use, highly confidential data is not stored in the maintenance tool device. Loss of information can reduce the possibility of information leakage and ensure information security.

(6) In some embodiments, in the above configurations (1) to (5),
The transmitting device is configured to transmit the encrypted divided data after performing encryption corresponding to each of the plurality of specific maintenance tool devices.

  According to the configuration of (6) above, the transmitting device encrypts each of the plurality of divided data constituting the maintenance data according to the destination transmitting device. As a result, communication security can be further improved.

  According to at least one embodiment of the present invention, there is provided a vehicle maintenance system capable of performing maintenance on a plurality of vehicles while ensuring communication security.

It is a figure showing roughly the maintenance system for vehicles concerning one embodiment of the present invention. It is a figure which shows the connection of the maintenance tool apparatus and vehicle which concern on one Embodiment of this invention. It is a figure which shows the state which installed the maintenance tool apparatus which concerns on one Embodiment of this invention in the tool installation part of a dashboard, (a) is a perspective view of the driver's seat vicinity of a dashboard, (b) is tool installation It is the figure which expanded the part vicinity. It is a figure showing roughly composition of maintenance tool equipment concerning one embodiment of the present invention. It is a figure for demonstrating the communication processing of the transmission apparatus which concerns on one Embodiment of this invention, and a maintenance tool apparatus, and is an illustration in the case of transmitting the maintenance data divided into 3 to three maintenance tool apparatuses.

Hereinafter, some embodiments of the present invention will be described with reference to the accompanying drawings. However, the dimensions, materials, shapes, relative arrangements, etc. of the components described in the embodiments or shown in the drawings are not intended to limit the scope of the present invention, but are merely illustrative examples. Absent.
For example, expressions expressing relative or absolute arrangements such as “in a certain direction”, “along a certain direction”, “parallel”, “orthogonal”, “center”, “concentric” or “coaxial” are strictly In addition to such an arrangement, it is also possible to represent a state of relative displacement with an angle or a distance such that tolerance or the same function can be obtained.
For example, an expression indicating that things such as “identical”, “equal”, and “homogeneous” are in an equal state not only represents an exactly equal state, but also has a tolerance or a difference that can provide the same function. It also represents the existing state.
For example, expressions representing shapes such as quadrangular shapes and cylindrical shapes represent not only geometrically strict shapes such as quadrangular shapes and cylindrical shapes, but also irregularities and chamfers as long as the same effects can be obtained. A shape including a part or the like is also expressed.
On the other hand, the expressions “comprising”, “comprising”, “comprising”, “including”, or “having” one constituent element are not exclusive expressions for excluding the existence of the other constituent elements.

  FIG. 1 is a diagram schematically showing a vehicle maintenance system 10 according to an embodiment of the present invention. FIG. 2 is a diagram illustrating a connection between the maintenance tool device and the vehicle according to the embodiment of the present invention. FIG. 3 is a diagram showing a state in which the maintenance tool device 1 according to one embodiment of the present invention is installed on the tool installation unit 72 of the dashboard 71, and (a) is a perspective view of the dashboard 71 near the driver's seat. Yes, (b) is an enlarged view of the vicinity of the tool installation portion 72. FIG. 4 is a diagram schematically showing the configuration of the maintenance tool device 1 according to one embodiment of the present invention.

  The vehicle maintenance system 10 is a system for maintaining a plurality of vehicles that are maintenance targets (hereinafter, the target vehicle 7). As shown in FIG. 1, the vehicle maintenance system 10 includes n maintenance tool devices 1 connected to n (an integer satisfying n ≧ 2) target vehicles 7 and a communication network 92 outside the target vehicle 7. And m (where m is an integer equal to or greater than 2 satisfying the relationship m ≦ n) the transmission tool 9 that communicates with the maintenance tool device 1 (repro tool). In the vehicle maintenance system 10, for example, each of the plurality of maintenance tool devices 1 is installed in any one of a plurality of target vehicles 7 collected in a maintenance factory or the like. Maintenance on the target vehicle 7 is performed while communicating with the transmission device 9 that is remotely separated.

  As shown in FIG. 1, the communication network 92 includes a LAN 93 (Local Area Network) to which the transmission device 9 is connected, a mobile communication network 95 (3G, 4G, etc.) to which the maintenance tool device 1 is connected, You may comprise WAN94 (Wide Area Network), such as the internet which connects with the mobile communication network 95. FIG. The maintenance tool device 1 may be connected to the wireless LAN instead of the mobile communication network 95 described above. Note that the transmission device 9 and each maintenance tool device 1 may be connected via a VPN (Virtual Private Network).

  Further, as shown in FIG. 2, the maintenance tool device 1 is connected to a vehicle network 7n to which a plurality of electronic control devices 8 mounted on the target vehicle 7 are connected, thereby communicating via the vehicle network 7n ( It is a device configured to enable data transmission / reception. The vehicle network 7n is a network that interconnects a plurality of electronic control devices 8 (hereinafter, referred to as ECU 8 as appropriate). The target vehicle 7 includes a CAN (Controller Area Network), a K line, a LIN (Local Interconnect Network). ), At least one vehicle network 7n such as FlexRay is mounted. Further, a vehicle side connector 7c is also connected to the vehicle network 7n, and the maintenance tool device 1 is connected to the vehicle network 7n via the vehicle side connector 7c. As shown in FIG. 2, the vehicle network 7n includes, for example, an ECU 81 for engine control, an ECU 82 for brake control, an ECU 83 for audio control, an ECU 84 for door control, an ECU 85 for collision prevention control, and a meter control ECU A plurality of types of ECUs 8 such as the ECU 86 are connected.

  As shown in FIG. 3, the maintenance tool device 1 is a handy device, is small and light, and is configured to be easily carried and handled, and is attached to the target vehicle 7 when used. Configured to use. In general, inside the target vehicle 7, a compartment 7 s in which an occupant lives is formed by being partitioned into a dashboard 71 and a floor panel 74 (see FIG. 3). Then, as shown in FIG. 3, the vehicle-side connector 7c is exposed to the vehicle compartment 7s, such as facing the vehicle compartment 7s, not the place where the ECU 8 is installed inside the target vehicle 7. Installed in a place where In the embodiment shown in FIGS. 1 to 3, as shown in FIG. 3, the vehicle-side connector 7 c described above is disposed on the right side of the handle (not shown) of the driver's seat in the dashboard 71 and faces downward. It is installed in the space of the tool installation part 72 that forms a space to be opened. The vehicle-side connector 7c is a connector defined by the SAEJ 1962 standard.

  However, the present invention is not limited to this embodiment. In some other embodiments, the connector may be defined by other standards. Further, a cover may be provided on the tool installation portion 72, and the vehicle-side connector 7c may be exposed to the vehicle compartment 7s by opening the cover. Or the tool installation part 72 may be provided in the position which can face the exterior of the target vehicle 7. FIG.

  The maintenance tool device 1 may have a script execution function for executing a script in which a desired process is described. For example, when the execution command Ie is received, the maintenance tool device 1 executes the script. The script is a simple program having at least one instruction written in a predetermined script language which is an interpreted language, and can be executed without compiling in advance. For this reason, it is relatively easy to prepare until execution of a desired process such as updating of the software (control program) of the ECU 8 is possible, it is easy to implement a process unique to each of the many ECUs 8, and the description content is checked on a text basis. It is possible to easily deal with various processes such as being able to verify scripts (execution contents).

  For example, the script captures an instruction for transmitting / receiving data to / from a desired ECU 8 in the vehicle network 7n, an instruction for reading out a fault code (DTC) from the desired ECU 8, and data flowing through the vehicle network 7n. It may be possible to describe a command (acquisition of communication data) or the like. Further, in order for the maintenance tool device 1 to be compatible with a plurality of types of vehicle networks 7n such as CAN and K-Line, a bus may be specified in these instructions. In addition, in order to be able to support a plurality of types of protocols (KWP, UDS, K-Line, etc.) operating on the vehicle network 7n, an instruction may be prepared for each protocol. In addition, it is possible to describe program control instructions such as movement (call or jump) or return (return to the next line of call), loop, conditional branch, and sleep in a script. . Further, it may be possible to describe variables such as declaration of variables and instructions such as variable logical operations and numerical operations. In addition, an instruction to turn on and off a light emitting unit 63 (see FIG. 3) such as an LED installed in the maintenance tool device 1, a display command to a display unit 62 (display device; see FIG. 3) such as an LCD, a speaker It may be possible to describe an operation command to the mounted device such as a buzzer sound ON command or an OFF command.

  In the embodiment shown in FIGS. 1 to 4, as shown in FIG. 2, the maintenance tool device 1 includes a script command interpretation unit 34 and a script command execution unit 35. The script command interpreter 34 is configured to sequentially interpret one or more commands described in the script. The script command interpreter 34 can interpret various commands written in accordance with a predetermined script language by translating them into a machine language. The script instruction interpretation unit 34 starts executing the script upon receiving the execution instruction Ie, and interprets each instruction described from the start to the end of the script while sequentially reading in accordance with control instructions such as loops and conditional branches. I will do it.

  The execution command Ie may be received from the outside by the maintenance tool device 1 or a state in which an execution start switch (not shown) provided in the maintenance tool device 1 is turned on. Or a signal output in a state where the terminal portion 4 (described later) of the maintenance tool device 1 is connected to the vehicle-side connector 7c. The script is stored in advance in a removable storage medium 61 that is a storage medium such as a micro SD, and the removable storage medium 61 is attached to a memory slot (not shown) provided in the maintenance tool device 1 or from the outside. Execution by the maintenance tool device 1 may be enabled by communicating.

  On the other hand, the script command execution unit 35 is configured to execute predetermined processing described in the script via the vehicle network 7n by sequentially executing the commands sequentially interpreted by the script command interpretation unit 34. The script command execution unit 35 executes the command (machine language) interpreted by the script command interpretation unit 34. For example, the script command execution unit 35 transmits a command to the ECU 8 via the terminal unit 4 (described later) and the vehicle network 7n in accordance with an input from the script command interpretation unit 34. In addition, the response of the transmitted command is received and delivered to the script command execution unit 35. Then, the script command interpretation unit 34 confirms the execution result (success or failure of the command) for the interpreted command, and proceeds with the script execution while selecting the next command of the script according to the execution result of this command. Go. In this way, the script command interpretation unit 34 and the script command execution unit 35 connected to each other cooperate to execute the script.

  In the vehicle maintenance system 10 having the above-described configuration, the transmission device 9 installed remotely via the communication network 92 updates the control program, collects logs, and changes settings for the plurality of maintenance tool devices 1. The maintenance tool device 1 is installed by transmitting an execution command Ie for instructing execution of maintenance, etc., and maintenance data D as various data such as script files and update programs used in maintenance, and setting information. Maintenance work such as software updates, setting changes, and log collection for a plurality of target vehicles 7 can be performed.

  As described above, when the target vehicle 7 is maintained from a remote location via the maintenance tool device 1, there is a possibility of information leakage due to interception of communication data on the communication path. In particular, as shown in FIG. 1, when the wireless section W exists on the communication path between the transmission device 9 and the maintenance tool device 1, the possibility of information leakage is further increased. Therefore, in the vehicle maintenance system 10 of the present invention, each of the plurality of divided data B obtained by dividing the maintenance data D on the transmission device 9 side is transmitted to any one of the plurality of maintenance tool devices 1 as a destination. In addition to improving communication security, each maintenance tool device 1 acquires maintenance data D by communicating the divided data B received by each of the plurality of maintenance tool devices 1 with each other.

  Hereinafter, the maintenance tool device 1 and the transmission device 9 that realize the above-described method will be described with reference to FIGS. FIG. 5 is a diagram for explaining communication processing between the transmission device 9 and the maintenance tool device 1 according to an embodiment of the present invention, and transmits the maintenance data D divided into three to the three maintenance tool devices 1. This is an example.

  The maintenance tool device 1 and the transmission device 9 in FIGS. 4 to 5 are computers, and include a storage device including a processor (such as a CPU) (not shown) and a memory such as a ROM and a RAM. The processor operates (data calculation or the like) in accordance with the instructions of the program loaded in the memory (RAM), thereby executing the script execution function and various processes described later.

  First, the transmission device 9 will be described. As shown in FIG. 5, the transmission device 9 has a plurality (m) of pieces obtained by dividing arbitrary maintenance data D to be transmitted to each of the plurality of maintenance tool devices 1. The divided data B is transmitted via the communication network 92 to the same number (m) of specific maintenance tool devices 1 as the plurality of divided data B among the plurality of maintenance tool devices 1 installed in the target vehicle 7. That is, each of the plurality (m) of divided data B constitutes a different part of one maintenance data D, and the transmission device 9 is configured such that each of the plurality (m) of maintenance tool devices 1 includes the maintenance data D. Communicate to receive different parts. The number (number of divisions) of the divided data B may be the same number (n) as the target vehicle 7, or may be two or more less than the target vehicle 7 (m ≦ n). The division of the maintenance data D may be performed by the transmission device 9 or may be performed by another device.

  More specifically, the division number (m) of the maintenance data D is shared in advance between the transmission device 9 and the plurality of maintenance tool devices 1. For example, even if the above-mentioned sharing is performed by determining in advance between maintenance personnel between a remote place and the site, and inputting the setting information in advance to the transmission device 9 and the plurality of maintenance tool devices 1, respectively. good. Alternatively, the above sharing may be performed by performing communication between the transmission device 9 and the plurality of maintenance tool devices 1. Specifically, the maintenance tool device 1 is configured to communicate with the transmission device 9 when activated by being supplied with power in the installation state of the target vehicle 7 or the like. 9, the number of maintenance tool devices 1 that have received the startup notification before dividing the maintenance data D may be the division number (m). The transmitting device 9 may notify the determined division number (m) to the plurality of maintenance tool devices 1 in advance or together with the transmission of the divided data B. The maintenance tool device 1 may acquire the communication address of the transmission device 9 from the removable storage medium 61, for example.

  The transmitting device 9 generates a plurality of communication frames (IP packets and MAC frames in the present embodiment) for individually carrying each of the m pieces of divided data B, and each of the destinations of these IP packets. The maintenance tool device 1 is changed for each divided data B (for each IP packet). As a result, each divided data B is transmitted toward different maintenance tool devices 1 indicated by the destination of the IP packet.

  The transmitting device 9 stores restoration information (for example, order) used to restore the maintenance data D from all the divided data B after the division in the communication frame together with each divided data B (for example, a data part such as an IP packet). May be sent). This restoration information may include the number of divisions (m). The restoration information may include information that can be calculated based on the maintenance data D such as a checksum of the maintenance data D before the division so that an error can be confirmed on the receiving side.

Next, the maintenance tool device 1 will be described.
As shown in FIG. 4, each of the plurality of maintenance tool devices 1 includes a first communication unit 21, a second communication unit 22, and a restoration unit 31. In the embodiment shown in FIG. 4, the control unit 3 includes the restoration unit 31 described above, the script command interpretation unit 34 and the script command execution unit 35 described above, and a maintenance execution unit 32 described later. When the CPU operates according to the command, processing corresponding to the function of the control unit 3 is performed.
The above-described configuration (functional unit) included in the maintenance tool device 1 will be described.

  In the following description, it is assumed that the transmitting device 9 transmits the divided data B separately to all the maintenance tool devices 1 installed in the target vehicle 7 unless otherwise specified. That is, the number of maintenance tool devices 1 to which the transmission device 9 transmits the divided data B is the same as the number of target vehicles 7 (m = n).

  The first communication unit 21 is a functional unit configured to receive the divided data Ba addressed to the own device transmitted by the transmission device 9 described above. Specifically, each maintenance tool device 1 receives a communication frame (such as a MAC frame or an IP packet) destined for its own machine, and takes in the divided data B stored in the data part thereof. The other divided data B is not received by not receiving the communication frame addressed to the machine. In the embodiment shown in FIGS. 1 to 5, the first communication unit 21 receives the divided data Ba addressed to itself from the base station 95 b of the mobile communication network 95 and inputs it to the control unit 3. ing. The control unit 3 saves (temporarily saves) the divided data Ba input from the first communication unit 21 addressed to the own device in the memory.

  The second communication unit 22 transmits the divided data Ba addressed to the own device received by the first communication unit 21 to all the other maintenance tool devices 1 and all other specific maintenance tool devices 1 It is a functional unit configured to receive the divided data Bb addressed to the other machine by receiving the divided data Bb addressed to the machine. In other words, each maintenance tool device 1 that has received the divided data Ba addressed to itself transmits the divided data Ba received by the first communication unit 21 to the own device via the second communication unit 22. It operates so as to be shared with all other maintenance tool devices 1. At this time, the second communication unit 22 may transmit / receive the divided data B by broadcast or multicast, or may transmit / receive by unicast. In addition, each maintenance tool device 1 may transmit the divided data Ba addressed to itself through the second communication unit 22 at an arbitrary timing after the reception, or requests from other maintenance tool devices 1. May be sent as a response to. Note that the second communication unit 22 of the maintenance tool device 1 that does not directly receive the divided data B from the transmitting device 9 instead of the specific maintenance tool device 1 does not receive the divided data Ba addressed to itself, and therefore transmits the divided data Ba. In addition, all the specific maintenance tool devices 1 serving as other devices receive all the divided data Bb addressed to the other devices received from the transmission device 9, respectively.

  In the embodiment shown in FIGS. 1 to 5, each maintenance tool device 1 communicates with other maintenance tool devices 1 wirelessly via the second communication unit 22. More specifically, the second communication unit 22 communicates wirelessly using a wireless communication technology that has a shorter radio wave reach than the first communication unit 21. Specifically, since the first communication unit 21 communicates with the base station 95b of the mobile communication network 95, the wireless communication technology used by the second communication unit 22 is Bluetooth (registered trademark), wireless LAN (for example, ad hoc mode). Etc. The wireless communication technology used by the second communication unit 22 may be a communication technology that can route received data to the second communication unit 22 included in another maintenance tool device 1.

The second communication unit 22 is connected to the control unit 3, transmits the divided data Ba addressed to the own device input from the control unit 3, and inputs the received divided data Bb addressed to the other device to the control unit. It is supposed to be. The control unit 3 stores the divided data Bb addressed to the other device input from the second communication unit 22 in a memory. In addition, each maintenance tool device 1 may send an error notification to the transmission device 9 when all the divided data are not prepared even after the appropriately set timeout time has elapsed.
However, the present invention is not limited to this embodiment, and the second communication units 22 of the maintenance tool devices 1 may be connected to each other by wire.

  The restoration unit 31 is configured to restore the maintenance data D from the divided data Ba addressed to the own device received by the first communication unit 21 and the divided data Bb addressed to all other devices received by the second communication unit 22. It is a functional part. The first communication unit 21 obtains the divided data Ba addressed to the own device, and the second communication unit 22 obtains the divided data Bb addressed to the other device, which becomes all the remaining divided data B constituting the maintenance data D. . Therefore, the restoration unit 31 can restore the maintenance data D before division from the plurality of division data B obtained in this way. In this way, each maintenance tool device 1 supplements the divided data B other than the divided data Ba addressed to itself by obtaining the maintenance data from the other maintenance tool devices 1, so that the transmission device 9 tries to communicate with the maintenance data. D can be obtained appropriately.

  For example, the restoration unit 31 may restore the maintenance data D from the plurality of divided data B using the above-described restoration information included in the data part of the IP packet. When the restoration information includes the checksum of the maintenance data D before the division, the restoration unit 31 calculates the checksum of the restored maintenance data D, and calculates the checksum of the received checksum. By confirming the match, it may be confirmed that there is no error in the restored maintenance data D. If the restoration unit 31 detects an error, the restoration unit 31 may transmit a notification indicating that the error has been detected, such as a retransmission request, to the transmission device 9.

  For example, when the maintenance data D is large-capacity data having a large amount of data such as, for example, update data (update program) of the control program, each portion of the large-capacity data is replaced with the maintenance data described above. It is good also as D. In this case, the transmission device 9 completes the entire transmission process by sending a plurality of maintenance data D, each constituting a different part of the large-capacity data, to the maintenance tool device 1, and each maintenance tool device 1 can be restored in units of maintenance data D. In this way, it is possible to send the update data to the target ECU 8 while receiving the update data, and the processing time can be shortened.

  And in embodiment shown in FIGS. 1-5, by hold | maintaining in the 1st communication part 21 mentioned above, the 2nd communication part 22, the decompression | restoration part 31, and the handy type | mold holding case 5 mentioned later, It is a handy device.

  According to the above configuration, each of the plurality of maintenance tool devices 1 is configured to receive the maintenance data D from the transmission device 9 via the communication network 92 while being installed in a different target vehicle 7. The Specifically, each of the plurality of maintenance tool devices 1 receives a part of the plurality of divided data B constituting different parts of one maintenance data D from the transmission device 9 and receives the received divided data B The maintenance data D is restored by acquiring all the divided data B constituting the maintenance data D through transmission to the other maintenance tool device 1. As described above, by dividing the plurality of divided data B constituting the maintenance data D to the plurality of maintenance tool devices 1 for communication, each maintenance tool device 1 can maintain maintenance data while improving communication security against interception and the like. D can be obtained.

  More specifically, in the embodiment shown in FIG. 4, each of the plurality of maintenance tool devices 1 having the above-described configuration includes a maintenance execution unit 32, a terminal unit 4, and a handy holding case in addition to the above configuration. 5 is further provided. Next, the configuration of each maintenance tool device 1 will be described with reference to FIG.

  The terminal unit 4 is configured to be detachable from the vehicle-side connector 7c connected to the vehicle network 7n in the target vehicle 7 (see FIG. 3). In other words, the terminal portion 4 is a connector configured to be fitted to the vehicle-side connector 7c, and the terminal portion 4 and the vehicle-side connector 7c are fitted to the vehicle-side connector 7c (connected state). Is electrically connected. Moreover, the vehicle side connector 7c is electrically connected to ECU8 via the vehicle network 7n. Therefore, by connecting the terminal part 4 to the vehicle-side connector 7c, the maintenance tool device 1 and the ECU 8 are electrically connected via the vehicle network 7n. In some embodiments, as shown in FIG. 1, the vehicle-side connector 7 c may be connected via an extension cable 75. In some other embodiments, as shown in FIG. 3, the terminal portion 4 may be directly connected to the vehicle-side connector 7c.

  Moreover, in embodiment shown in FIGS. 1-5, the maintenance tool apparatus 1 connects the terminal part 4 to the vehicle side connector 7c, and makes it a connection state, By this, the electric power from the battery 7b mounted in the object vehicle 7 is used. Is supplied via the terminal portion 4. The supplied power is transformed from 12V to a desired voltage (3.3V, 5V, etc.) by the converter 64, and then the power is supplied to the control unit 3. As described above, the power supply unit is not provided inside the maintenance tool device 1 to reduce the weight. However, in some other embodiments, a dry battery, a rechargeable battery, or the like may be incorporated.

  The maintenance execution unit 32 is a functional unit configured to execute a maintenance process for the target vehicle 7 via the terminal unit 4 based on the maintenance data D restored by the restoration unit 31. The maintenance processing includes, for example, control program update processing of the ECU 8, log collection processing, processing such as setting confirmation and setting updating. In the embodiment shown in FIGS. 1 to 5, the maintenance execution unit 32 has the script execution function described above. When a script (maintenance data D) is input from the restoration unit 31, maintenance processing is executed according to the script. When update data (maintenance data D) such as a control program is input from the restoration unit 31, the update data is transmitted to the vehicle network 7 n via the terminal unit 4, so that the update target ECU 8 can be updated. Update data is sent.

  The handy holding case 5 is a housing and is configured to hold the terminal unit 4, the first communication unit 21, the second communication unit 22, the restoration unit 31, and the maintenance execution unit 32 described above. Thereby, the maintenance tool device 1 is a handy type. More specifically, in the embodiment shown in FIGS. 1 to 5, as shown in FIG. 4, the handy holding case 5 includes the first communication unit 21, the second communication unit 22, the terminal unit 4, and the control unit 3 ( The restoration unit 31 and the maintenance execution unit 32) are housed inside, and at least a part of the terminal unit 4 is held in an exposed state. The connection to the vehicle-side connector 7c is facilitated.

  The maintenance execution unit 32 may transmit the execution result of the maintenance process to the transmission device 9. For example, when the maintenance process is an update process of the control program of the ECU 8 or a setting update process of the ECU 8, the status may be a success or failure of the update. When the setting confirmation or maintenance process is a log collection process, the setting information and log information obtained as a result are obtained. At this time, the maintenance execution unit 32 may send the transmission data from the first communication unit 21 to the transmission device 9 by encrypting the transmission data. Alternatively, each maintenance tool device 1 divides the transmission data into a plurality of pieces and sends them to another maintenance tool device 1 via the second communication unit 22 or the like, thereby dividing the plurality of maintenance tool devices 1 into the transmission device 9. The data B may be transmitted, and the transmission device 9 may restore the transmission data from the plurality of divided data B.

  According to the above configuration, the maintenance tool device 1 includes the first communication unit 21, the second communication unit 22, the control unit 3 (restoration unit 31, maintenance execution unit 32, etc.), and the terminal unit 4. Thus, the handy type maintenance tool device 1 that is small and light in weight and easy to carry and handle can be provided.

  In some embodiments, as illustrated in FIGS. 1 to 5, the first communication unit 21 described above receives the divided data B transmitted through the wireless section W constituting at least a part of the communication network 92. Is configured to do. Further, the transmission device 9 transmits the dummy data Dd so as to be transmitted in the wireless section W in which the divided data B destined for each of the specific maintenance tool devices 1 described above as the destination of the divided data B is transmitted. Configured to do.

  More specifically, for example, when all the divided data B constituting the maintenance data D transmitted through the wireless section W is intercepted, the possibility that the maintenance data D is restored increases accordingly. Therefore, even when all data transmitted through the wireless section W is intercepted by transmitting dummy data Dd, which is data that does not constitute the maintenance data D, when transmitting the divided data B from the transmission device 9, The dummy data Dd that is invalid with respect to the restoration of the maintenance data D is also intercepted, so that it becomes more difficult for the interceptor to restore the maintenance data D.

  Specifically, the transmission device 9 may transmit the dummy data Dd with the maintenance tool device 1 that is not used for maintenance, such as not installed in the vehicle or not activated, as a destination. In this way, it is possible to send dummy data Dd passing through the same wireless section W as the plurality of maintenance tool devices 1 installed in the plurality of target vehicles 7. Moreover, since the destination of the dummy data Dd is the maintenance tool device 1, it is possible to make it more difficult to distinguish the dummy data Dd from the plurality of divided data B included in the intercepted data. In some other embodiments, the destination of the dummy data Dd may be an address of another device or a non-existing device as long as it is transmitted through the wireless section W.

  According to the above configuration, the transmission device 9 includes, for example, dummy data Dd whose destination is a dummy device such as the maintenance tool device 1 that is not installed in the target vehicle 7 together with the plurality of divided data B that constitute the maintenance data D. Send. As a result, even when all of the data in the wireless section W are intercepted when the plurality of maintenance tool devices 1 installed in the target vehicle 7 receive the divided data B via the same wireless master station, the dummy By including the data Dd, it is possible to make it more difficult for the eavesdropper to restore the maintenance data D, and it is possible to further improve communication security.

  In some embodiments, the transmission device 9 performs encryption according to each of the plurality of specific maintenance tool devices 1 that are the destinations of the divided data B, and then encrypts the divided data. Configured to transmit B. In the embodiment shown in FIGS. 1 to 5, the transmission device 9 and each maintenance tool device 1 have a common random number table. Then, the transmitting device 9 transmits the data after changing the arrangement of the data (eg, 64-byte data) included in each divided data B based on the common random number table. On the other hand, each maintenance tool device 1 generates the divided data B before the array change by changing the array of the received divided data B after the array is changed based on the same common random number table. It has become.

  In addition, the common random number table which each maintenance tool apparatus 1 has may be the same, and may differ. If they are different, the transmission device 9 holds each common random number table corresponding to each maintenance tool device 1. In addition, as the encryption algorithm, another known algorithm may be adopted, or at least one of the plurality of maintenance tool devices 1 may have a different encryption algorithm from the others.

  According to the above configuration, the transmission device 9 performs encryption corresponding to the destination maintenance tool device 1 for each of the plurality of divided data B constituting the maintenance data D. As a result, communication security can be further improved.

  In some embodiments, the maintenance tool device 1 is configured such that the maintenance data D restored by the restoration unit 31 is deleted after an arbitrary predetermined time has elapsed since the completion of the maintenance process. May be.

  Specifically, for example, the restoration unit 31 described above saves maintenance data D obtained by restoration in a volatile memory such as a RAM, and a maintenance execution unit 32 (described later) performs maintenance data stored in the volatile memory. Data D may be acquired. In this way, since the information in the volatile memory is cleared when the power of the maintenance tool device 1 is turned off, the maintenance data D for the maintenance process may be stored unnecessarily in the maintenance tool device 1. Therefore, it is possible to protect highly confidential data. Further, as described above, in the case where the portions of large-capacity data such as update data are used as the maintenance data D, the maintenance data D are temporarily stored in a relatively small capacity memory. This makes it possible to protect highly confidential data.

  Further, for example, the maintenance tool device 1 has a built-in clock, and is stored in a non-volatile memory including the removable storage medium 61 after a set date and time or a predetermined period set after completion of the maintenance process. You may further have the deletion part comprised so that all the information may be deleted. The erasure target of the erasure unit may include a volatile memory included in the maintenance tool device 1. In this way, security can be ensured when the device is lost.

  The present invention is not limited to the above-described embodiments, and includes forms obtained by modifying the above-described embodiments and forms obtained by appropriately combining these forms.

DESCRIPTION OF SYMBOLS 10 Vehicle maintenance system 1 Maintenance tool apparatus 21 1st communication part 22 2nd communication part 3 Control part 31 Restoration part 32 Maintenance execution part 34 Script command interpretation part 35 Script command execution part 4 Terminal part 5 Handy holding case 61 Detachable Storage medium 62 Display unit 63 Light emitting unit 64 Converter 7 Target vehicle 7b Battery 7c Vehicle-side connector 7n Vehicle network 7s Vehicle compartment 71 Dashboard 72 Tool installation unit 74 Floor panel 75 Extension cable 8 Electronic control unit 9 Transmission device 92 Communication network 93 LAN
94 WAN
95 Mobile communication network 95b Base station D Maintenance data B Division data for maintenance Ba Division data Bb addressed to own unit Division data Dd to other unit Dd Dummy data Ie Execution command W Wireless section

Claims (6)

A plurality of maintenance tool devices configured to be connected to a plurality of target vehicles to be maintained;
A plurality of pieces of divided data obtained by dividing the maintenance data are configured to be transmitted to a specific number of the maintenance tool devices as many as the plurality of pieces of divided data among the plurality of maintenance tool devices via a communication network. A transmission device,
Each of the plurality of maintenance tool devices includes:
A first communication unit configured to receive the divided data addressed to the own device transmitted by the transmitting device;
The divided data addressed to the own device received by the first communication unit is transmitted to all the other maintenance tool devices, and the divided data addressed to other devices owned by all the specific maintenance tool devices is received. A second communication unit configured;
A restoration unit configured to restore the maintenance data from the divided data addressed to the own device received by the first communication unit and the divided data addressed to all the other devices received by the second communication unit; A vehicle maintenance system comprising: Each of the plurality of maintenance tool devices includes:
A terminal part detachable from the vehicle-side connector connected to the vehicle network in the target vehicle;
Based on the maintenance data restored by the restoration unit, a maintenance execution unit configured to perform maintenance processing on the target vehicle via the terminal unit;
2. The vehicle-use vehicle according to claim 1, further comprising a handy holding case that holds the terminal unit, the first communication unit, the second communication unit, the restoration unit, and the maintenance execution unit. Maintenance system. The first communication unit is configured to receive the divided data transmitted through a wireless section constituting at least a part of the communication network,
3. The transmission device is configured to transmit dummy data so as to be transmitted in the wireless section in which the divided data destined for each of the specific maintenance tool devices is transmitted. The vehicle maintenance system described in 1.   The vehicle maintenance system according to claim 3, wherein the first communication unit is configured to receive divided data addressed to the own device from a base station of a mobile communication network forming the radio section. .   5. The maintenance tool device is configured such that the maintenance data restored by the restoration unit is erased after a predetermined time has elapsed since the completion of the maintenance process. The vehicle maintenance system according to any one of the above.   The transmission device is configured to transmit the encrypted divided data after performing encryption according to each of the plurality of specific maintenance tool devices. The vehicle maintenance system according to claim 5.

Images