[go: up one dir, main page]

CN119254548B - On-board safety diagnostic system and method based on authority control - Google Patents

On-board safety diagnostic system and method based on authority control Download PDF

Info

Publication number
CN119254548B
CN119254548B CN202411787006.8A CN202411787006A CN119254548B CN 119254548 B CN119254548 B CN 119254548B CN 202411787006 A CN202411787006 A CN 202411787006A CN 119254548 B CN119254548 B CN 119254548B
Authority
CN
China
Prior art keywords
diagnosis
doip
client
diagnostic
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411787006.8A
Other languages
Chinese (zh)
Other versions
CN119254548A (en
Inventor
翟国权
陈诚
张旸
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
AutoCore Intelligence Technology Nanjing Co Ltd
Original Assignee
AutoCore Intelligence Technology Nanjing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by AutoCore Intelligence Technology Nanjing Co Ltd filed Critical AutoCore Intelligence Technology Nanjing Co Ltd
Priority to CN202411787006.8A priority Critical patent/CN119254548B/en
Publication of CN119254548A publication Critical patent/CN119254548A/en
Application granted granted Critical
Publication of CN119254548B publication Critical patent/CN119254548B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a vehicle-mounted safety diagnosis method and system based on authority control, which comprises DoIP diagnosis service ends, doIP diagnosis client ends, doIP diagnosis service ends and DoIP diagnosis client ends, wherein the two-way authentication is carried out, meanwhile, authority signature files are defined to control diagnosis behaviors of the authenticated DoIP diagnosis client ends and DoIP diagnosis service ends, session key exchange is carried out after the two-way authentication is carried out, encryption diagnosis is carried out through the exchanged session keys, and diagnosis operation in the process is controlled by the diagnosis authority files. The invention solves the problem that all diagnosis operations are encryption authentication operations under the condition of accessing an illegal DoIP client by a bidirectional authentication mode, prevents data from being tampered maliciously, ensures that the diagnosis client is authorized by an OEM manufacturer by a permission signature file mode, and the vehicle cannot accept the connection of the unauthorized diagnosis client and cannot process the unauthorized diagnosis behavior.

Description

Vehicle-mounted safety diagnosis system and method based on authority management and control
Technical Field
The invention relates to a vehicle-mounted network diagnosis technology, in particular to a vehicle-mounted safety diagnosis system and method based on authority management and control.
Background
DoIP (Diagnostic communication over Internet Protocol) is a protocol for transmitting data of a UDS protocol based on an ethernet communication protocol, which is itself a protocol, and the protocol specification is defined by ISO 13400. Since DoIP CAN transmit a large amount of data and has high response speed, and CAN perform remote diagnosis, OTA and the like through Ethernet, doIP gradually becomes a necessary trend of vehicle-mounted network diagnosis by replacing the traditional bus mode such as CAN, and the information security of the diagnosis process is required to be ensured while the diagnosis efficiency is ensured.
The security diagnostic mode is defined in the ISO13400 specification and the DATA is encrypted by enabling TLS tcp_data socket for the DoIP Server node.
However, any malicious person receives the diagnostic apparatus and then connects to the vehicle OBD or connects to the TCP service port DoIP through OTA, and an unauthorized access problem occurs, so as to further acquire vehicle information for vehicle diagnosis or perform diagnosis attack on the vehicle. For a vehicle of the generic DoIP protocol, it is extremely simple to diagnose the attack in the manner described above, for example, in some auto repair shops or on-line diagnostics.
Disclosure of Invention
In order to solve the defects in the prior art, the invention aims to provide a vehicle-mounted safety diagnosis system and method based on authority management and control.
In order to achieve the purpose of the invention, the technical scheme adopted by the invention is as follows:
The vehicle-mounted safety diagnosis system based on authority control comprises DoIP diagnosis service terminals, doIP diagnosis client terminals, doIP diagnosis service terminals, a vehicle, and a DoIP diagnosis instrument, wherein DoIP diagnosis client terminals are connected into the vehicle;
the DoIP diagnosis server and the DoIP diagnosis client perform bidirectional authentication, and define a permission signature file to manage and control the diagnosis behaviors of the authenticated DoIP diagnosis client and DoIP diagnosis server;
After the two-way authentication, the vehicle selects a proper encryption algorithm through DoIP diagnostic service terminals and sends the encrypted algorithm after the encrypted algorithm is encrypted by using client public keys, a DoIP diagnostic instrument diagnoses client private keys through DoIP to obtain the encryption algorithm, generates a session key and sends the encrypted key after the encrypted key is encrypted by using the service terminal public keys, the vehicle diagnoses the server private keys to obtain the session key through DoIP, and performs encryption diagnosis through the exchanged session keys, wherein diagnosis operation in the process is controlled by a diagnosis authority file.
Further, the vehicle is shipped with a diagnostic certificate, a private key, and an OEM vendor defined rights signature file.
Further, the rights signature file is signed and authorized by the OEM vendor and distributed to the DoIP diagnostic instruments authorized by the OEM vendor.
Further, the bidirectional authentication process is that,
The DoIP diagnostic unit verifies the legitimacy of the DoIP diagnostic server certificate received by the DoIP diagnostic client and analyzes and obtains the public key of the server, and verifies DoIP whether the private key of the signature file of the diagnostic server authority is the same as the signature file of the DoIP diagnostic client;
DoIP the diagnostic client sends DoIP a diagnostic client certificate, doIP a diagnostic client authority signature file and an encryption algorithm supported by the client;
DoIP the diagnosis server verifies DoIP the validity of the certificate of the diagnosis client and analyzes and obtains the public key of the client, and verifies DoIP whether the private key of the authority signature file of the diagnosis client is the same as the authority signature file of the DoIP.
A vehicle-mounted safety diagnosis method based on authority management and control comprises the following steps:
(1) If the DoIP diagnosis client side authority signature file is not available on the DoIP diagnostic unit, the authority signature file is edited to apply for the corresponding authority signature file to the OEM manufacturer corresponding to the vehicle;
(2) OEM manufacturer examines DoIP the diagnostic instrument information and the authority file content, if both are legal, signs, generates corresponding authority signature file and sends to DoIP diagnostic instrument for use;
(3) DoIP the diagnosis client is started, a TLS socket is created, and whether the SN, the MAC information and the definition in the authority signature file are consistent or not is verified;
(4) DoIP the diagnosis server starts, creates a TLS socket, and verifies whether the SN, the MAC information and the definition in the authority signature file are consistent;
(5) DoIP the diagnostic client and DoIP the diagnostic server request to establish a TLS socket connection;
(6) DoIP the diagnosis server returns DoIP diagnosis server certificate and DoIP diagnosis server authority signature file;
(7) The DoIP diagnostic unit verifies the legitimacy of the DoIP diagnostic server certificate received by the DoIP diagnostic client and analyzes and obtains the public key of the server, and verifies DoIP whether the private key of the signature file of the diagnostic server authority is the same as the signature file of the DoIP diagnostic client;
(8) DoIP the diagnostic client sends DoIP a diagnostic client certificate, doIP a diagnostic client authority signature file and an encryption algorithm supported by the client;
(9) The DoIP diagnosis server verifies DoIP the validity of the certificate of the diagnosis client and analyzes and obtains the public key of the client, and verifies DoIP whether the private key of the authority signature file of the diagnosis client is the same as the authority signature file of the DoIP;
(10) The vehicle selects a proper encryption algorithm through DoIP diagnosis service terminals, encrypts by using a client public key and sends the encrypted encryption algorithm;
(11) DoIP the diagnostic instrument obtains an encryption algorithm through DoIP diagnostic client private key, generates a session key at the same time, encrypts the session key by using a server public key and sends the encrypted session key;
(12) The vehicle obtains the session key through DoIP diagnostic server private keys to complete session key exchange;
(13) The encryption diagnosis is carried out through the exchanged session keys, and the diagnosis operation in the process is controlled by the diagnosis authority file.
Further, in the step (2), signature authorization is completed through OEM verification after the diagnosis operation authority file is completed, the diagnosis operation is verified to be legal operation, and the authority signature file is uniquely bound with the client.
Further, in step (13), during the encrypted diagnosis, none of the undefined diagnosis actions in the rights signature file should be allowed to operate.
Compared with the prior art, the invention overcomes the defect that only the vehicle is authenticated in the ISO13400 standard by a bidirectional authentication mode, increases the authentication of DoIP clients, and solves the problem of illegal DoIP client access. All the diagnosis operations are encryption authentication operations, so that confidentiality of diagnosis data and malicious tampering of the data are guaranteed.
The invention ensures that the diagnosis client is authorized by the OEM through the authority signature file, the diagnosis operation is also authorized by the OEM, the vehicle cannot accept the connection of the unauthorized diagnosis client, and the unauthorized diagnosis behavior cannot be processed. The authority signature file of the invention can be dynamically defined and updated, and OEM can reasonably define the diagnostic behaviors of different DoIP diagnostic instruments/OTA clients according to the diagnostic types.
Drawings
FIG. 1 is a flow chart of a vehicle-mounted security diagnosis method based on authority management and control.
Detailed Description
The technical scheme of the application is further described below with reference to the accompanying drawings and examples. The following examples are only for more clearly illustrating the technical aspects of the present application, and are not intended to limit the scope of the present application.
The vehicle-mounted safety diagnosis system based on authority management and control comprises DoIP diagnosis service terminals, doIP diagnosis client terminals, wherein DoIP diagnosis service terminals are connected into a vehicle, doIP diagnosis client terminals are connected into DoIP diagnosis instruments/OTA client terminals, and the system authenticates the DoIP diagnosis service terminals and also authenticates the DoIP diagnosis client terminals.
And meanwhile, defining a right management and control signature file to manage and control diagnosis behaviors of the DoIP diagnosis client and the DoIP diagnosis server which pass through the authentication, so as to ensure the legitimacy of the DoIP diagnosis client accessed into the vehicle and the legitimacy of diagnosis operation of the DoIP diagnosis client.
After the two-way authentication, the vehicle selects a proper encryption algorithm through DoIP diagnostic service terminals and sends the encrypted algorithm after the encrypted algorithm is encrypted by using client public keys, a DoIP diagnostic instrument diagnoses client private keys through DoIP to obtain the encryption algorithm, generates a session key and sends the encrypted key after the encrypted key is encrypted by using the service terminal public keys, the vehicle diagnoses the server private keys to obtain the session key through DoIP, and performs encryption diagnosis through the exchanged session keys, wherein diagnosis operation in the process is controlled by a diagnosis authority file.
When the vehicle leaves the factory, a certificate, a private key and a diagnosis authority signature file defined by an OEM manufacturer are required to be built in for safety certification of the vehicle and behavior authority management and control in the diagnosis process. The diagnostic rights signature file is signed and authorized by the private key of the OEM manufacturer, and the DoIP diagnostic instruments authorized by the OEM manufacturer are distributed with reasonable diagnostic rights signature files for bidirectional rights verification and diagnostic rights management of vehicles and DoIP diagnostic instruments.
As shown in fig. 1, the vehicle-mounted security diagnosis method based on authority management and control of the present invention, taking DoIP diagnostic apparatus as an example, includes the steps of:
(1) DoIP the diagnostic device selects DoIP diagnostic clients to be connected, if DoIP diagnostic clients authority signature files client_perm.p7s are not available on the DoIP diagnostic device, the authority files need to be edited to apply corresponding authority signature files to OEM manufacturers corresponding to vehicles;
(2) OEM manufacturer examines DoIP diagnostic instrument information and authority file content, if both are legal, signature is carried out, corresponding authority signature file client_perm.p7s is generated and sent to DoIP diagnostic instrument for use;
After the diagnosis operation authority file is finished, signature authorization is finished through OEM auditing, diagnosis operations are all audited to legal operations, the authority signature file is uniquely bound with a client, and meanwhile, the file is prevented from being tampered maliciously in a signature mode. The diagnosis client and the whole diagnosis flow can be managed and controlled by the definition of the complete diagnosis authority signature file.
The example file defines the allowable diagnostic operation as 0x19 (ReadDTCInformation) subFunction (0 x01-0x0 a), the rest of the read DTC information operation should not be sent by the client and parsed by the server, and defines the 0x35 (RequestUpload) operation, and the md5 of the uploaded file is a9b18b46ae58486270c16e67c950fb57 and the uploaded address and memory information.
(3) DoIP the diagnosis client is started, a TLS socket is created, and whether the information such as SN, MAC and the like is consistent with the definition in the authority signature file client_perm.p7s or not is verified;
(4) DoIP the diagnosis server starts, creates a TLS socket, verifies whether the information such as SN, MAC and the like is consistent with the definition in the authority signature file server_pem7 s;
(5) DoIP the diagnostic client and DoIP the diagnostic server request to establish a TLS socket connection;
(6) DoIP the diagnostic server returns DoIP a diagnostic server certificate server, crt and DoIP a diagnostic server authority signature file server_pem7 s;
(7) The DoIP diagnostic apparatus verifies the legitimacy of the DoIP diagnostic server certificate server. Crt received by the DoIP diagnostic client and analyzes and obtains the public key of the server, and verifies whether the private signature key of the server_pem.p7s is the same as the private_pem.p7s, after the step is finished, the diagnostic apparatus can confirm that both the DoIP diagnostic client and the DoIP diagnostic server obtain the authorization of the OEM;
(8) DoIP the diagnostic client sends DoIP a diagnostic client certificate client crt, doIP a diagnostic client rights signature file client _ pem7 s, and an encryption algorithm supported by the client;
(9) The DoIP diagnosis server verifies DoIP the validity of the client certificate client, crt and analyzes to obtain the client public key, and verifies whether the private signature key of client_pem7s is the same as that of server_pem7s, after the step is completed, the vehicle can confirm DoIP that the client and DoIP server both obtain the authorization of OEM;
(10) The vehicle selects a proper encryption algorithm through DoIP diagnosis service terminals, encrypts by using a client public key and sends the encrypted encryption algorithm;
(11) DoIP the diagnostic instrument obtains an encryption algorithm through DoIP diagnostic client private key client key, generates a session key at the same time, encrypts the session key by using a server public key and sends the encrypted session key;
(12) The vehicle obtains the session key through DoIP diagnosis server private key server, after this step is finished, the session key exchange is finished;
(13) The encryption diagnosis is carried out through the exchanged session keys, and the diagnosis operation in the process is controlled by the diagnosis authority file.
In the 13 th step of the above-mentioned process, the undefined diagnostic actions in the rights signature file should not be allowed to be operated, such as the sending of the diagnostic instrument and the receiving analysis of the vehicle.
Compared with the prior art, the invention overcomes the defect that only the vehicle is authenticated in the ISO13400 standard by a bidirectional authentication mode, increases the authentication of DoIP clients, and solves the problem of illegal DoIP client access. All the diagnosis operations are encryption authentication operations, so that confidentiality of diagnosis data and malicious tampering of the data are guaranteed.
The invention ensures that the diagnosis client is authorized by the OEM through the authority signature file, the diagnosis operation is also authorized by the OEM, the vehicle cannot accept the connection of the unauthorized diagnosis client, and the unauthorized diagnosis behavior cannot be processed. The authority signature file can be dynamically defined and updated, and the OEM can reasonably define the diagnosis behaviors of different diagnostic instruments according to the diagnosis types.
While the applicant has described and illustrated the embodiments of the present invention in detail with reference to the drawings, it should be understood by those skilled in the art that the above embodiments are only preferred embodiments of the present invention, and the detailed description is only for the purpose of helping the reader to better understand the spirit of the present invention, and not to limit the scope of the present invention, but any improvements or modifications based on the spirit of the present invention should fall within the scope of the present invention.

Claims (4)

1. The vehicle-mounted safety diagnosis system based on authority control is characterized by comprising a DoIP diagnosis service end, a DoIP diagnosis client end, wherein the DoIP diagnosis service end is connected with a vehicle, and the DoIP diagnosis client end is connected with a DoIP diagnosis instrument;
The DoIP diagnosis server and the DoIP diagnosis client perform bidirectional authentication, and simultaneously define a diagnosis authority signature file to manage and control diagnosis behaviors of the authenticated DoIP diagnosis client and DoIP diagnosis server;
after the bidirectional authentication, the vehicle selects a proper encryption algorithm through DoIP a diagnosis server and sends the encrypted algorithm after the encrypted algorithm is encrypted by using a client public key, a DoIP diagnosis instrument obtains the encryption algorithm through DoIP a diagnosis client private key, simultaneously generates a session key and sends the encrypted algorithm after the encrypted algorithm is encrypted by using a server public key, and the vehicle obtains the session key through DoIP a diagnosis server private key;
the vehicle is provided with a built-in diagnosis certificate, a private key and a diagnosis authority signature file defined by an OEM manufacturer when leaving the factory;
the diagnosis authority signature file is signed and authorized by the OEM manufacturer, and the diagnosis authority signature file is distributed to DoIP diagnostic instruments authorized by the OEM manufacturer;
The two-way authentication process is that,
The DoIP diagnostic unit verifies the legitimacy of the DoIP diagnostic server certificate received by the DoIP diagnostic client and analyzes and obtains the public key of the server, and verifies DoIP whether the private key of the signature file of the diagnostic right of the diagnostic server is the same as the signature file of the diagnostic right of the DoIP diagnostic client;
DoIP the diagnostic client sends DoIP a diagnostic client certificate, doIP a diagnostic client diagnostic rights signature file and an encryption algorithm supported by the client;
DoIP the diagnosis server verifies DoIP the validity of the diagnosis client certificate and analyzes and obtains the client public key, and verifies DoIP whether the signature private key of the diagnosis client diagnosis authority signature file is the same as DoIP the diagnosis server diagnosis authority signature file.
2. The vehicle-mounted safety diagnosis method based on authority control is characterized by comprising the following steps of:
(1) If the DoIP diagnosis client diagnosis authority signature file is not available on the DoIP diagnosis instrument, the authority file is edited to apply for the corresponding diagnosis authority signature file to the OEM manufacturer corresponding to the vehicle;
(2) OEM manufacturer examines DoIP the diagnostic instrument information and the authority file content, if both are legal, signs, generates a corresponding diagnostic authority signature file and sends the file to DoIP diagnostic instrument for use;
(3) DoIP the diagnosis client is started, a TLS socket is created, and whether the SN, the MAC information and the definition in the diagnosis authority signature file are consistent or not is verified;
(4) DoIP the diagnosis server starts, creates a TLS socket, and verifies whether the SN and the MAC information are consistent with the definition in the diagnosis authority signature file;
(5) DoIP the diagnostic client and DoIP the diagnostic server request to establish a TLS socket connection;
(6) DoIP the diagnosis server returns DoIP diagnosis server certificate and DoIP diagnosis server diagnosis authority signature file;
(7) The DoIP diagnostic unit verifies the legitimacy of the DoIP diagnostic server certificate received by the DoIP diagnostic client and analyzes and obtains the public key of the server, and verifies DoIP whether the private key of the signature file of the diagnostic right of the diagnostic server is the same as the signature file of the diagnostic right of the DoIP diagnostic client;
(8) DoIP the diagnostic client sends DoIP a diagnostic client certificate, doIP a diagnostic client diagnostic rights signature file and an encryption algorithm supported by the client;
(9) The DoIP diagnosis server verifies DoIP the validity of the diagnosis client certificate and analyzes and obtains the client public key, and verifies DoIP whether the signature private key of the diagnosis client diagnosis authority signature file is the same as the DoIP diagnosis server diagnosis authority signature file;
(10) The vehicle selects a proper encryption algorithm through DoIP diagnosis service terminals, encrypts by using a client public key and sends the encrypted encryption algorithm;
(11) DoIP the diagnostic instrument obtains an encryption algorithm through DoIP diagnostic client private key, generates a session key at the same time, encrypts the session key by using a server public key and sends the encrypted session key;
(12) The vehicle obtains the session key through DoIP diagnostic server private keys to complete session key exchange;
(13) The encryption diagnosis is carried out through the exchanged session keys, and the diagnosis operation in the process is controlled by the diagnosis authority signature file.
3. The vehicle-mounted security diagnosis method based on authority control according to claim 2, wherein in the step (2), signature authorization is completed through OEM (original equipment manufacturer) verification after the diagnosis operation authority file is completed, the diagnosis operation is verified as legal operation, and the diagnosis authority signature file is uniquely bound with the client.
4. The rights management based on-vehicle security diagnostic method of claim 2, wherein in step (13), none of the undefined diagnostic actions in the diagnostic rights signature file should be allowed to operate during the encrypted diagnostic process.
CN202411787006.8A 2024-12-06 2024-12-06 On-board safety diagnostic system and method based on authority control Active CN119254548B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411787006.8A CN119254548B (en) 2024-12-06 2024-12-06 On-board safety diagnostic system and method based on authority control

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411787006.8A CN119254548B (en) 2024-12-06 2024-12-06 On-board safety diagnostic system and method based on authority control

Publications (2)

Publication Number Publication Date
CN119254548A CN119254548A (en) 2025-01-03
CN119254548B true CN119254548B (en) 2025-03-21

Family

ID=94032195

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411787006.8A Active CN119254548B (en) 2024-12-06 2024-12-06 On-board safety diagnostic system and method based on authority control

Country Status (1)

Country Link
CN (1) CN119254548B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102455700A (en) * 2010-10-21 2012-05-16 斯必克机电产品(苏州)有限公司 Method and system for real-time interaction of automobile fault diagnosis information

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9460567B2 (en) * 2014-07-29 2016-10-04 GM Global Technology Operations LLC Establishing secure communication for vehicle diagnostic data
CN116095635A (en) * 2022-12-27 2023-05-09 上海赫千电子科技有限公司 Vehicle safety diagnosis communication method based on DoIP

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102455700A (en) * 2010-10-21 2012-05-16 斯必克机电产品(苏州)有限公司 Method and system for real-time interaction of automobile fault diagnosis information

Also Published As

Publication number Publication date
CN119254548A (en) 2025-01-03

Similar Documents

Publication Publication Date Title
US20220366032A1 (en) System and method for controlling access to an in-vehicle communication network
CN110800249B (en) Maintenance system and maintenance method
US11606213B2 (en) On-vehicle authentication system, communication device, on-vehicle authentication device, communication device authentication method and communication device manufacturing method
CN111131313B (en) Safety assurance method and system for replacing ECU in intelligent networked vehicles
CN102246455B (en) Self-authentication communication equipment and equipment authentication system
CN110708388B (en) Vehicle body safety anchor node device, method and network system for providing safety service
US20110083161A1 (en) Vehicle, maintenance device, maintenance service system, and maintenance service method
US20200177398A1 (en) System, certification authority, vehicle-mounted computer, vehicle, public key certificate issuance method, and program
US6839710B2 (en) Method and system for maintaining a configuration history of a vehicle
CN107682334B (en) OBD interface data safety protection system and data safety protection method
CN111080858A (en) Bluetooth key logout method and device
CN112883382A (en) Vehicle flashing method, vehicle networking box, vehicle and storage medium
US7549046B2 (en) Method and system for vehicle authorization of a service technician
CN111147501A (en) Bluetooth key inquiry method and device
CN116954648A (en) Whole vehicle ECU upgrading system and method based on OTA upgrading packet encryption
CN116155579A (en) Secure communication method, system, storage medium and vehicle
CN115795428A (en) Safe reading authentication method and system for automatic driving data and electronic equipment
CN118520445B (en) Identity authentication method and device, storage medium and electronic equipment
CN119254548B (en) On-board safety diagnostic system and method based on authority control
CN113346989B (en) External device access authentication method and device, gateway and electric vehicle
CN111127715A (en) Bluetooth key replacement method and device
CN116456336A (en) External equipment access security authentication method, system, automobile, equipment and storage medium
Subke et al. Improvement of the resilience of a cyber-physical remote diagnostic communication system against cyber attacks
Subke et al. Measures to prevent unauthorized access to the in-vehicle e/e system, due to the security vulnerability of a remote diagnostic tester
JP2025030545A (en) Access control system and access control method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant