[go: up one dir, main page]

CN116865948A - Vehicle battery management system communication method, device, storage medium and equipment - Google Patents

Vehicle battery management system communication method, device, storage medium and equipment Download PDF

Info

Publication number
CN116865948A
CN116865948A CN202310855980.2A CN202310855980A CN116865948A CN 116865948 A CN116865948 A CN 116865948A CN 202310855980 A CN202310855980 A CN 202310855980A CN 116865948 A CN116865948 A CN 116865948A
Authority
CN
China
Prior art keywords
verified
hash value
data
target
determining
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310855980.2A
Other languages
Chinese (zh)
Inventor
尤严俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Xuanyi New Energy Development Co ltd
Original Assignee
Shanghai Xuanyi New Energy Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Xuanyi New Energy Development Co ltd filed Critical Shanghai Xuanyi New Energy Development Co ltd
Priority to CN202310855980.2A priority Critical patent/CN116865948A/en
Publication of CN116865948A publication Critical patent/CN116865948A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application discloses a vehicle battery management system communication method, a device, a storage medium and equipment. Wherein the method comprises the following steps: generating data to be verified in response to a communication request, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system; carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device; receiving a hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target device; and establishing communication connection between the target device and the vehicle battery management system based on the comparison result. The application solves the technical problem that the existing communication method of the vehicle battery management system can not ensure the data security.

Description

Vehicle battery management system communication method, device, storage medium and equipment
Technical Field
The present application relates to the field of data communication technologies, and in particular, to a vehicle battery management system communication method, device, storage medium, and apparatus.
Background
With the development of automobile intellectualization, more and more automobiles are subjected to more frequent external network attacks, and meanwhile, some losses are caused, so that the automobile information safety protection is also increasingly important. The information security protection refers to the protection of data interaction and data storage of the whole BMS system, and is free from malicious data tampering and attack during interaction with external information. The power battery management system, namely the BMS, is an essential part of the new energy automobile and is also an important ring for the information security of the automobile, so the BMS needs to protect the information security.
At present, any controller node can establish communication with the BMS after the automobile system is electrified, and no authentication process exists; BMS hardware debugging JTAG interface is exposed, and can download software to the board through the debugging interface at will; when the software is updated, the software integrity is only checked by a simple algorithm, and the software updating process has weaker integrity checking function, but the authenticity of the updated software cannot be ensured. Because the BMS product lacks information security protection, lead to BMS product to exist very big information security hidden danger, and the security of data can not obtain guaranteeing.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the application provides a vehicle battery management system communication method, a device, a storage medium and equipment, which at least solve the technical problem that the existing vehicle battery management system communication method cannot guarantee data security.
According to an aspect of an embodiment of the present application, there is provided a vehicle battery management system communication method including: generating data to be verified in response to a communication request, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system; carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device; receiving a hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target device; and establishing communication connection between the target device and the vehicle battery management system based on the comparison result.
Optionally, the generating the data to be verified in response to the communication request includes: receiving a communication request sent by the target device, wherein the communication request comprises: message communication request, software update request and system off-line request; generating a random number string with the data length of a first byte length and taking the random number string as first data to be verified under the condition that the communication request is the message communication request; and under the condition that the communication request is the software updating request, carrying out hash calculation on a software updating package, determining a first initial hash value, carrying out signature processing on the first initial hash value by adopting a first private key to obtain a signature value, and determining second data to be verified based on the first initial hash value and the signature value, wherein a public-private key pair is generated by adopting a signature algorithm, and the public-private key pair comprises: the first private key and the first public key; and generating hash data with a data length of a second byte length under the condition that the communication request is the system offline request, and determining third data to be verified based on the hash data, wherein the second byte length is larger than the first byte length.
Optionally, the hash calculation is performed on the data to be verified, and the determining the target hash value includes at least one of the following: when the communication request is the message communication request, performing hash calculation on the random number string in the first data to be verified, determining a first target hash value, and taking the first target hash value as the target hash value; when the communication request is the software update request, determining the software update package from the second data to be verified, performing hash calculation on the software update package, determining a second target hash value, and taking the second target hash value as the target hash value; and under the condition that the communication request is the system offline request, carrying out hash calculation on data with a third byte length in the third data to be verified, determining a third target hash value, and taking the third target hash value as the target hash value, wherein the third byte length is smaller than the second byte length.
Optionally, the receiving the hash value to be verified returned by the target device, and comparing the target hash value with the hash value to be verified, to determine a comparison result, including: receiving a first hash value to be verified returned by the target device when the communication request is the message communication request, and determining that the comparison result is passing if the first hash value to be verified is consistent with the first target hash value, wherein the first hash value to be verified is obtained by performing hash calculation on the random number string by the target device; receiving a second hash value to be verified returned by the target device when the communication request is the software update request, and determining that the comparison result is passing if the second hash value to be verified is consistent with the second target hash value, wherein the second hash value to be verified is obtained by signing the first initial hash value by the target device by using the first public key; and receiving a third hash value to be verified returned by the target device when the communication request is the system offline request, and determining that the comparison result is passing if the third hash value to be verified is consistent with the third target hash value, wherein the third hash value to be verified is obtained by performing hash calculation on the data with the third byte length in the third data to be verified by the target device.
Optionally, based on the comparison result, establishing a communication connection between the target device and the vehicle battery management system, including: and establishing communication connection between the target device and the vehicle battery management system under the condition that the comparison result of the target hash value and the hash value to be verified is that the comparison result is passed.
According to another aspect of the embodiment of the present application, there is also provided a vehicle battery management system communication device including: the generation module is used for responding to a communication request and generating data to be verified, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system; the determining module is used for carrying out hash calculation on the data to be verified, determining a target hash value and sending the data to be verified to the target device; the receiving module is used for receiving a hash value to be verified returned by the target equipment, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified by the target equipment; and the communication module is used for establishing communication connection between the target equipment and the vehicle battery management system based on the comparison result.
According to another aspect of an embodiment of the present application, there is also provided a nonvolatile storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform any one of the above-described vehicle battery management system communication methods.
According to another aspect of the embodiments of the present application, there is also provided a processor for running a program, wherein the program is configured to execute any one of the above-described vehicle battery management system communication methods when run.
According to another aspect of an embodiment of the present application, there is also provided an electronic device including a memory in which a computer program is stored, and a processor configured to run the computer program to perform any one of the above-described vehicle battery management system communication methods.
In the embodiment of the application, the data to be verified is generated by responding to a communication request, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system; carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device; receiving a hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target device; based on the comparison result, the communication connection between the target device and the vehicle battery management system is established, the purposes that the vehicle battery management system is used for generating a real random number and a secret key and an encryption algorithm are placed in a hardware encryption unit of the vehicle battery management system are achieved, so that the safety of key codes is guaranteed, the technical effect of theft prevention is achieved, and the technical problem that the data safety cannot be guaranteed in the existing vehicle battery management system communication method is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
FIG. 1 is a flow chart of a vehicle battery management system communication method according to an embodiment of the application;
FIG. 2 is an alternative battery management system information security protection schematic diagram in accordance with an embodiment of the application;
FIG. 3 is a schematic diagram of an alternative CAN message communication encryption and authentication process in accordance with an embodiment of the application;
FIG. 4 is a schematic diagram of an alternative software update flow in accordance with an embodiment of the present application;
FIG. 5 is a schematic diagram of an alternate JTAG interface encryption flow according to an embodiment of the present application;
fig. 6 is a schematic structural view of a vehicle battery management system communication device according to an embodiment of the present application.
Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Term interpretation:
BMS: a battery management system;
MCU: a micro control unit (single chip microcomputer);
HSM: a hardware encryption unit;
and (3) ECU: a vehicle-mounted computer;
ECDSA: elliptic curve digital signature algorithm;
EOL device: the whole car off-line detection equipment;
FLASH/RAM: and a memory inside the singlechip.
In accordance with an embodiment of the present application, there is provided a method embodiment of vehicle battery management system communication, it being noted that the steps shown in the flowchart of the figures may be performed in a computer system, such as a set of computer executable instructions, and, although a logical sequence is shown in the flowchart, in some cases, the steps shown or described may be performed in a different order than what is shown or described herein.
Fig. 1 is a flowchart of a vehicle battery management system communication method according to an embodiment of the present application, as shown in fig. 1, including the steps of:
step S102, generating data to be verified in response to a communication request, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system;
step S104, carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device;
step S106, receiving a hash value to be verified returned by the target device, and comparing the target hash value with the hash value to be verified to determine a comparison result, wherein the hash value to be verified is determined by hash calculation of the target device on the data to be verified;
and step S108, establishing communication connection between the target equipment and the vehicle battery management system based on the comparison result.
In the embodiment of the present application, the execution subject of the vehicle battery management system communication method provided in steps S102 to S108 is a vehicle battery management system communication system, and the system is adopted to respond to a communication request to generate data to be verified, where the communication request is sent by a target device, and the data to be verified is generated by the vehicle battery management system; carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device; receiving a hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target device; and establishing communication connection between the target device and the vehicle battery management system based on the comparison result.
As an alternative embodiment, as shown in the battery management system information security protection schematic diagram in FIG. 2, the JTAG interfaces for CAN message communication, software update and software debugging are respectively encrypted, and the secret key and the encryption algorithm are placed in a hardware encryption unit HSM in the MCU, so that the HSM module CAN generate a real random number through a hardware circuit, and an encryption and decryption system with a hardware mode CAN realize real-time and efficient operation.
According to the embodiment of the application, the problem of information security protection of the BMS system during data interaction is solved, a hardware encryption unit of the microcontroller is used for generating a real random number, and a secret key and an encryption algorithm are both placed in the HSM; in addition, identity verification of the ECU node is carried out before CAN communication interaction; and signing and verification of the software is performed at the time of software update. An asymmetric encryption algorithm ECDSA is used in the BMS system; encrypting the JTAG interface to ensure that each singlechip corresponds to a unique secret key; the problem that any third party CAN establish CAN communication with the BMS is solved, the data integrity and the authenticity during software updating are guaranteed, and the problem that the hardware debugging interface is exposed and software CAN be downloaded at will is solved. The BMS product can be safer when carrying out data interaction with the outside, the data can be prevented from being tampered, the information safety is guaranteed, and the risk of information safety problems is reduced.
In an alternative embodiment, the generating the data to be verified in response to the communication request includes: receiving a communication request sent by the target device, wherein the communication request comprises: message communication request, software update request and system off-line request; generating a random number string with the data length of a first byte length and taking the random number string as first data to be verified under the condition that the communication request is the message communication request; and under the condition that the communication request is the software updating request, carrying out hash calculation on a software updating package, determining a first initial hash value, carrying out signature processing on the first initial hash value by adopting a first private key to obtain a signature value, and determining second data to be verified based on the first initial hash value and the signature value, wherein a public-private key pair is generated by adopting a signature algorithm, and the public-private key pair comprises: the first private key and the first public key; and generating hash data with a data length of a second byte length under the condition that the communication request is the system offline request, and determining third data to be verified based on the hash data, wherein the second byte length is larger than the first byte length.
As an optional embodiment, first, a communication request sent by the target device is received, and corresponding data to be verified is generated according to a category of the communication request.
Note that the above-mentioned communication request includes: message communication requests, software update requests, and system offline requests.
Optionally, when the communication request is the message communication request, a random number string with a data length of a first byte length is generated, and the random number string is used as the first data to be verified.
Optionally, when the communication request is the software update request, performing hash calculation on a software update packet, determining a first initial hash value, performing signature processing on the first initial hash value by using a first private key to obtain a signature value, and determining second data to be verified based on the first initial hash value and the signature value.
Optionally, in the case that the communication request is the system offline request, hash data with a data length of a second byte length is generated, and third data to be verified is determined based on the hash data.
It should be noted that, a signature algorithm is adopted to generate a public-private key pair, and the public-private key pair includes: the first private key and the first public key; the second byte length is greater than the first byte length.
In an optional embodiment, the performing hash calculation on the data to be verified to determine a target hash value includes at least one of: when the communication request is the message communication request, performing hash calculation on the random number string in the first data to be verified, determining a first target hash value, and taking the first target hash value as the target hash value; when the communication request is the software update request, determining the software update package from the second data to be verified, performing hash calculation on the software update package, determining a second target hash value, and taking the second target hash value as the target hash value; and under the condition that the communication request is the system offline request, carrying out hash calculation on data with a third byte length in the third data to be verified, determining a third target hash value, and taking the third target hash value as the target hash value, wherein the third byte length is smaller than the second byte length.
Optionally, when the communication request is the message communication request, hash calculation is performed on the random number string in the first to-be-verified data, a first target hash value is determined, and the first target hash value is used as the target hash value.
Optionally, when the communication request is the software update request, the software update package is determined from the second data to be verified, hash calculation is performed on the software update package, a second target hash value is determined, and the second target hash value is used as the target hash value.
Optionally, when the communication request is the system offline request, performing hash calculation on data with a third byte length in the third data to be verified, determining a third target hash value, and taking the third target hash value as the target hash value, where the third byte length is smaller than the second byte length.
In an optional embodiment, the receiving the hash value to be verified returned by the target device, and comparing the target hash value with the hash value to be verified, to determine a comparison result, includes: receiving a first hash value to be verified returned by the target device when the communication request is the message communication request, and determining that the comparison result is passing if the first hash value to be verified is consistent with the first target hash value, wherein the first hash value to be verified is obtained by performing hash calculation on the random number string by the target device; receiving a second hash value to be verified returned by the target device when the communication request is the software update request, and determining that the comparison result is passing if the second hash value to be verified is consistent with the second target hash value, wherein the second hash value to be verified is obtained by signing the first initial hash value by the target device by using the first public key; and receiving a third hash value to be verified returned by the target device when the communication request is the system offline request, and determining that the comparison result is passing if the third hash value to be verified is consistent with the third target hash value, wherein the third hash value to be verified is obtained by performing hash calculation on the data with the third byte length in the third data to be verified by the target device.
Optionally, as shown in the schematic diagram of the communication encryption and verification flow of the CAN message shown in fig. 3, when other controllers need to establish communication connection with the BMS after the entire vehicle system is powered on, a series of instruction requests are sent to establish communication with the BMS (shown as 1 in the figure); the BMS receives the request in 1 and then calls a chip hardware encryption module HSM to generate a series of 8-byte random numbers, the random numbers can be guaranteed not to be repeated, and the BMS can calculate a hash value by using an SHA256 algorithm and the random numbers to serve as a secret key; the random number is then sent out (denoted 2 in the figure); after receiving the random number, the other controllers calculate the key value according to the random number by using the same SHA256 algorithm and then send the key value to the BMS (3 in the figure); after the BMS receives the key transmitted in the previous step, it compares whether the key is identical to the key value calculated in the first step, and if so, it transmits a positive response to the corresponding ECU, and if not, it transmits a negative response to the corresponding ECU (denoted as 4 in the figure). If the ECU receives the positive response, the communication between the two parties can be started, and if the ECU receives the negative response, the communication between the two parties cannot be started, so that the two-way verification of the two parties of the communication is completed, and the validity of the ECU communicating with the BMS is ensured.
Optionally, as shown in the software update flow chart shown in fig. 4, before the software update, HASH value HASH is calculated on the software package by using SHA256 algorithm; and generating a public and private key pair corresponding to the ECDSA algorithm by using a tool, wherein the public and private key pair is required to be reasonably stored, held by a private key host factory, held by a public key component manufacturer, used for signing, and used for verifying signing. Taking out the private key to sign the HASH value HASH to obtain a signature value; combining the software package and the signature value to form a new software package; downloading a new software package into a BMS, extracting a software package A after the BMS obtains the software, and obtaining hash_1 by using a SHA256 algorithm to obtain a HASH value of the software package; and extracting a signature value, checking the signature value by using the public key, and if the signature checking fails, considering that the public and private key pairs are not matched. The software update fails; if the signature verification is successful, the public and private keys are matched, and a HASH value is obtained, wherein the HASH value is a HASH value obtained by using an SHA256 algorithm on the software package; then comparing whether HASH_1 and HASH are equal, if so, indicating that the integrity of the software is not problematic, and updating successfully; if not, the software is tampered, and the updating fails.
Optionally, as shown in the JTAG interface encryption flow diagram of fig. 5, JTAG encryption is implemented when the BMS detects offline; firstly, the offline detection equipment sends an 8-byte BMS identity unique identifier to the BMS through the CAN communication equipment, and the micro control MCU calls an SHA256 algorithm of the HSM module to obtain a 32-byte hash value after receiving the instruction, takes 16 bytes high and encrypts a JTAG port; the 16 byte password of the previous step is then sent to the EOL device, which then saves this password and the corresponding identity identifier. In this way, encryption of the DEBUG port is achieved, and the encryption passwords of each device are different, unique and correspond to their own identity identifiers.
In an alternative embodiment, establishing a communication connection between the target device and the vehicle battery management system based on the comparison result includes: and establishing communication connection between the target device and the vehicle battery management system under the condition that the comparison result of the target hash value and the hash value to be verified is that the comparison result is passed.
Through the steps, the hardware encryption unit HSM using the microcontroller can be innovatively used for generating real random numbers, and the secret key and the encryption algorithm are placed in the HSM instead of the traditional PFLASH so as to ensure the safety of key codes and prevent theft; identity verification of the ECU node is carried out before CAN communication interaction so as to avoid access of unauthorized ECU nodes and play a role in preventing fraud; signing and verifying the software during the software updating so as to ensure the integrity and the authenticity of the updated software; by using the asymmetric encryption algorithm ECDSA and matching with the use of a hardware encryption module, the encryption and decryption tasks can be rapidly completed on the premise of ensuring higher security; encryption processing of JTAG interfaces is carried out on each BMS product delivered from the factory, and passwords are different, so that even if the password of one BMS product is cracked, the other BMS products are safe; the method can prevent reverse software and random download of the software through the interface, and is convenient for debugging and searching the BMS product after the BMS product goes wrong in a password mode.
According to an embodiment of the present application, there is further provided an apparatus embodiment for implementing the above-mentioned vehicle battery management system communication method, and fig. 6 is a schematic structural diagram of a vehicle battery management system communication apparatus according to an embodiment of the present application, as shown in fig. 6, where the above-mentioned apparatus includes: a generation module 60, a determination module 62, a reception module 64, and a communication module 66, wherein:
a generating module 60 for generating data to be verified in response to a communication request issued by a target device, the data to be verified being generated by a vehicle battery management system;
a determining module 62, configured to perform hash calculation on the data to be verified, determine a target hash value, and send the data to be verified to the target device;
the receiving module 64 is configured to receive a hash value to be verified returned by the target device, compare the target hash value with the hash value to be verified, and determine a comparison result, where the hash value to be verified is determined by performing hash calculation on the data to be verified by the target device;
and a communication module 66 for establishing a communication connection between the target device and the vehicle battery management system based on the comparison result.
Here, the generating module 60, the determining module 62, the receiving module 64, and the communication module 66 correspond to steps S102 to S108 in embodiment 1, and the four modules are the same as the examples and application scenarios implemented by the corresponding steps, but are not limited to those disclosed in embodiment 1.
It should be noted that, the preferred implementation manner of this embodiment may be referred to the related description in embodiment 1, and will not be repeated here.
According to an embodiment of the present application, there is also provided an embodiment of a computer-readable storage medium. Alternatively, in the present embodiment, the above-described computer-readable storage medium may be used to store the program code executed by the vehicle battery management system communication method provided in the above-described embodiment 1.
Alternatively, in this embodiment, the above-mentioned computer readable storage medium may be located in any one of the computer terminals in the computer terminal group in the computer network, or in any one of the mobile terminals in the mobile terminal group.
Optionally, in the present embodiment, the computer readable storage medium is configured to store program code for performing the steps of: generating data to be verified in response to a communication request, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system; carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device; receiving a hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target device; and establishing communication connection between the target device and the vehicle battery management system based on the comparison result.
Optionally, the above computer readable storage medium is configured to store program code for performing the steps of: receiving a communication request sent by the target device, wherein the communication request comprises: message communication request, software update request and system off-line request; generating a random number string with the data length of a first byte length and taking the random number string as first data to be verified under the condition that the communication request is the message communication request; and under the condition that the communication request is the software updating request, carrying out hash calculation on a software updating package, determining a first initial hash value, carrying out signature processing on the first initial hash value by adopting a first private key to obtain a signature value, and determining second data to be verified based on the first initial hash value and the signature value, wherein a public-private key pair is generated by adopting a signature algorithm, and the public-private key pair comprises: the first private key and the first public key; and generating hash data with a data length of a second byte length under the condition that the communication request is the system offline request, and determining third data to be verified based on the hash data, wherein the second byte length is larger than the first byte length.
Optionally, the above computer readable storage medium is configured to store program code for performing the steps of: when the communication request is the message communication request, performing hash calculation on the random number string in the first data to be verified, determining a first target hash value, and taking the first target hash value as the target hash value; when the communication request is the software update request, determining the software update package from the second data to be verified, performing hash calculation on the software update package, determining a second target hash value, and taking the second target hash value as the target hash value; and under the condition that the communication request is the system offline request, carrying out hash calculation on data with a third byte length in the third data to be verified, determining a third target hash value, and taking the third target hash value as the target hash value, wherein the third byte length is smaller than the second byte length.
Optionally, the above computer readable storage medium is configured to store program code for performing the steps of: receiving a first hash value to be verified returned by the target device when the communication request is the message communication request, and determining that the comparison result is passing if the first hash value to be verified is consistent with the first target hash value, wherein the first hash value to be verified is obtained by performing hash calculation on the random number string by the target device; receiving a second hash value to be verified returned by the target device when the communication request is the software update request, and determining that the comparison result is passing if the second hash value to be verified is consistent with the second target hash value, wherein the second hash value to be verified is obtained by signing the first initial hash value by the target device by using the first public key; and receiving a third hash value to be verified returned by the target device when the communication request is the system offline request, and determining that the comparison result is passing if the third hash value to be verified is consistent with the third target hash value, wherein the third hash value to be verified is obtained by performing hash calculation on the data with the third byte length in the third data to be verified by the target device.
Optionally, the above computer readable storage medium is configured to store program code for performing the steps of: and establishing communication connection between the target device and the vehicle battery management system under the condition that the comparison result of the target hash value and the hash value to be verified is that the comparison result is passed.
According to an embodiment of the present application, there is also provided an embodiment of a processor. Alternatively, in the present embodiment, the above-described computer-readable storage medium may be used to store the program code executed by the vehicle battery management system communication method provided in the above-described embodiment 1.
The embodiment of the application provides an electronic device, which comprises a processor, a memory and a program stored on the memory and capable of running on the processor, wherein the processor realizes the following steps when executing the program: generating data to be verified in response to a communication request, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system; carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device; receiving a hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target device; and establishing communication connection between the target device and the vehicle battery management system based on the comparison result.
The application also provides a computer program product adapted to perform, when executed on a data processing device, a program initialized with the method steps of: generating data to be verified in response to a communication request, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system; carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device; receiving a hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target device; and establishing communication connection between the target device and the vehicle battery management system based on the comparison result.
The foregoing embodiment numbers of the present application are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
In the foregoing embodiments of the present application, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood that the disclosed technology may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, for example, may be a logic function division, and may be implemented in another manner, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a Read-only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely a preferred embodiment of the present application and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present application, which are intended to be comprehended within the scope of the present application.

Claims (9)

1. A vehicle battery management system communication method, comprising:
generating data to be verified in response to a communication request, wherein the communication request is sent by a target device, and the data to be verified is generated by a vehicle battery management system;
carrying out hash calculation on the data to be verified, determining a target hash value, and sending the data to be verified to the target device;
receiving a hash value to be verified returned by the target equipment, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target equipment;
and establishing communication connection between the target equipment and the vehicle battery management system based on the comparison result.
2. The method of claim 1, wherein generating data to be verified in response to a communication request comprises:
receiving a communication request sent by the target device, wherein the communication request comprises: message communication request, software update request and system off-line request;
generating a random number string with the data length of a first byte length and taking the random number string as first data to be verified under the condition that the communication request is the message communication request;
under the condition that the communication request is the software updating request, carrying out hash calculation on a software updating package, determining a first initial hash value, carrying out signature processing on the first initial hash value by adopting a first private key to obtain a signature value, and determining second data to be verified based on the first initial hash value and the signature value, wherein a public-private key pair is generated by adopting a signature algorithm, and the public-private key pair comprises: the first private key and the first public key;
and generating hash data with a data length of a second byte length under the condition that the communication request is the system offline request, and determining third data to be verified based on the hash data, wherein the second byte length is larger than the first byte length.
3. The method of claim 2, wherein the hashing the data to be verified to determine a target hash value comprises at least one of:
under the condition that the communication request is the message communication request, carrying out hash calculation on the random number string in the first data to be verified, determining a first target hash value, and taking the first target hash value as the target hash value;
when the communication request is the software update request, determining the software update package from the second data to be verified, performing hash calculation on the software update package, determining a second target hash value, and taking the second target hash value as the target hash value;
and under the condition that the communication request is the system offline request, carrying out hash calculation on data with a third byte length in the third data to be verified, determining a third target hash value, and taking the third target hash value as the target hash value, wherein the third byte length is smaller than the second byte length.
4. The method of claim 3, wherein the receiving the hash value to be verified returned by the target device, comparing the target hash value with the hash value to be verified, and determining the comparison result includes:
receiving a first hash value to be verified returned by the target device under the condition that the communication request is the message communication request, and determining that the comparison result is passing by comparison if the first hash value to be verified is consistent with the first target hash value, wherein the first hash value to be verified is obtained by carrying out hash calculation on the random number string by the target device;
receiving a second hash value to be verified returned by the target device under the condition that the communication request is the software updating request, and if the second hash value to be verified is consistent with the second target hash value, determining that the comparison result is passing the comparison, wherein the second hash value to be verified is obtained by signing the first initial hash value by the target device by adopting the first public key;
and receiving a third hash value to be verified returned by the target device under the condition that the communication request is the system offline request, and if the third hash value to be verified is consistent with the third target hash value, determining that the comparison result is passing the comparison, wherein the third hash value to be verified is obtained by carrying out hash calculation on the data with the third byte length in the third data to be verified by the target device.
5. The method according to any one of claims 1 to 4, wherein establishing a communication connection of the target device and the vehicle battery management system based on the comparison result includes:
and under the condition that the comparison result of the target hash value and the hash value to be verified is that the comparison is passed, establishing communication connection between the target device and the vehicle battery management system.
6. A vehicle battery management system communication device, characterized by comprising:
the generation module is used for responding to a communication request and generating data to be verified, wherein the communication request is sent by target equipment, and the data to be verified is generated by a vehicle battery management system;
the determining module is used for carrying out hash calculation on the data to be verified, determining a target hash value and sending the data to be verified to the target device;
the receiving module is used for receiving a hash value to be verified returned by the target equipment, comparing the target hash value with the hash value to be verified, and determining a comparison result, wherein the hash value to be verified is determined by carrying out hash calculation on the data to be verified through the target equipment;
and the communication module is used for establishing communication connection between the target equipment and the vehicle battery management system based on the comparison result.
7. A non-volatile storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform the vehicle battery management system communication method of any one of claims 1 to 5.
8. A processor, characterized in that the processor is configured to run a program, wherein the program is arranged to execute the vehicle battery management system communication method of any one of claims 1 to 5 at run time.
9. An electronic device comprising a memory and a processor, wherein the memory has stored therein a computer program, the processor being arranged to run the computer program to perform the vehicle battery management system communication method of any one of claims 1 to 5.
CN202310855980.2A 2023-07-12 2023-07-12 Vehicle battery management system communication method, device, storage medium and equipment Pending CN116865948A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310855980.2A CN116865948A (en) 2023-07-12 2023-07-12 Vehicle battery management system communication method, device, storage medium and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310855980.2A CN116865948A (en) 2023-07-12 2023-07-12 Vehicle battery management system communication method, device, storage medium and equipment

Publications (1)

Publication Number Publication Date
CN116865948A true CN116865948A (en) 2023-10-10

Family

ID=88235530

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310855980.2A Pending CN116865948A (en) 2023-07-12 2023-07-12 Vehicle battery management system communication method, device, storage medium and equipment

Country Status (1)

Country Link
CN (1) CN116865948A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2025137220A1 (en) * 2023-12-19 2025-06-26 Sensata Technologies Inc. Calibrating a battery management system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2025137220A1 (en) * 2023-12-19 2025-06-26 Sensata Technologies Inc. Calibrating a battery management system

Similar Documents

Publication Publication Date Title
US20150180662A1 (en) Software key updating method and device
JP6190404B2 (en) Receiving node, message receiving method and computer program
CN110381075B (en) Block chain-based equipment identity authentication method and device
CN113138775B (en) Firmware protection method and system for vehicle-mounted diagnosis system
TW201735578A (en) Controlled security code authentication
CN113849777B (en) Application publishing, usage method, AI model publishing method and device
CN103269271A (en) Method and system for back-upping private key in electronic signature token
CN111800262B (en) Digital asset processing method and device and electronic equipment
CN110191415A (en) A kind of encryption method of information of vehicles, mobile unit and server
CN102833745B (en) Method, communication equipment and communication system that a kind of software security is upgraded
CN112241527B (en) Secret key generation method and system of terminal equipment of Internet of things and electronic equipment
US20230205887A1 (en) Secure automotive system
CN107026729B (en) Method and device for transmitting software
CN114143198A (en) Firmware upgrading method
CN112437068A (en) Authentication and key agreement method, device and system
CN116865948A (en) Vehicle battery management system communication method, device, storage medium and equipment
CN107979579B (en) Security authentication method and security authentication equipment
CN117176472B (en) Data tamper-proof method, device and system based on intelligent password security equipment
CN108242997B (en) Method and apparatus for secure communication
CN116866093B (en) Identity authentication method, identity authentication device, and readable storage medium
CN116305092B (en) Method and system for realizing trusted virtualization system
CN107948140B (en) Portable equipment verification method and system
CN112449143B (en) Implementation method and implementation system of secure video
CN115761954A (en) Bluetooth key connection method and device for vehicle
CN107846390B (en) Authentication method and device for application program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination