CN101938331B - Data communication method, device and system - Google Patents
Data communication method, device and system Download PDFInfo
- Publication number
- CN101938331B CN101938331B CN2010102729431A CN201010272943A CN101938331B CN 101938331 B CN101938331 B CN 101938331B CN 2010102729431 A CN2010102729431 A CN 2010102729431A CN 201010272943 A CN201010272943 A CN 201010272943A CN 101938331 B CN101938331 B CN 101938331B
- Authority
- CN
- China
- Prior art keywords
- data
- application data
- check code
- communication
- subelement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 238
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000012795 verification Methods 0.000 claims description 52
- 238000012545 processing Methods 0.000 claims description 38
- 239000000203 mixture Substances 0.000 claims description 10
- 230000008569 process Effects 0.000 claims description 7
- 238000013478 data encryption standard Methods 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 3
- 238000001514 detection method Methods 0.000 description 19
- 230000035772 mutation Effects 0.000 description 11
- 230000001360 synchronised effect Effects 0.000 description 9
- 238000009434 installation Methods 0.000 description 7
- 238000013461 design Methods 0.000 description 4
- 230000000052 comparative effect Effects 0.000 description 3
- 238000005538 encapsulation Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000013524 data verification Methods 0.000 description 2
- 239000012467 final product Substances 0.000 description 2
- 238000012937 correction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Landscapes
- Detection And Prevention Of Errors In Transmission (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a data communication method, device and system. The data communication method contains uplink communication and downlink communication, wherein the uplink communication comprises the following steps: dividing the application data sent by a main-control device to first-path application data and second-path application data; selecting a check algorithm, check any path of application data, generating the check code of the path of application data; combining the check code with the other path of application data to form a data packet with the format meeting the demands of the communication protocol, to the opposite communication end. By adopting the above technical scheme, when the uplink communication is performed, the application data and check codes to be sent to the opposite communication end are separately obtained from two paths of application data. Therefore, when any path of application data has an error and the opposite communication end checks the application data, the generated check code is different from the received check code, thus the opposite communication end judges that the application data have an error and does not use the application data and the high reliability and high safety of communication can be ensured.
Description
Technical field
The present invention relates to communication technical field, more particularly, relate to a kind of data communications method, Apparatus and system.
Background technology
Data interaction between master control set and Correspondent Node is completed by data communication equipment, and namely data communication equipment is realized uplink communication and the downlink communication of data between master control set and Correspondent Node.Take the bullet train safety control system as example, mobile unit in control system is master control set, when ground installation is Correspondent Node, mobile unit is with the application data of its generation---and the car controlling curve data sends to ground installation by data communication equipment, after ground installation receives this car controlling curve data, verify whether this car controlling curve data is correct.And ground installation sends that packet---the check code of train driving data and these train driving data is to data communication equipment, and data communication equipment verifies whether these train driving data are correct, when the train driving data are correct, it is transmitted to mobile unit.
Data communication equipment in order to ensure high reliability and the high security of communication, adopts and adds special safety check algorithm when carrying out data double-way communication, realizes the detection to misdata in communication.But at uplink communication, when to be master control set send application data to Correspondent Node, when breaking down due to the hardware in data communication equipment, make the data that receive make mistakes, data communication equipment carries out checking algorithm to misdata and generates check code, after being attached to misdata and send.When Correspondent Node receives misdata, it adopts the checking algorithm identical with data communication equipment, and the misdata that receives is carried out verification, and the check code of generation is identical with the check code that receives, at this moment, Correspondent Node uses misdata as correct data.Therefore, when the hardware of data communication equipment breaks down, cause error in data, adopt special safety check algorithm can't realize the detection of misdata in communication.
Summary of the invention
In view of this, the invention provides a kind of data communications method, Apparatus and system, when breaking down with the hardware that solves the existing communication device, cause error in data, adopts special safety check algorithm can't realize problem to the detection of misdata in communicating by letter.
For achieving the above object, the invention provides following technical scheme:
a kind of data communications method, comprise uplink communication and downlink communication, described uplink communication comprises: the application data that master control set is sent is divided into first via application data and the second tunnel application data, choose checking algorithm, any one tunnel application data is carried out verification, generate the check code of this road application data, and with described check code and another road application data, composition meets communication protocol and requires the Packet Generation of form to Correspondent Node, described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set.
The present invention also provides a kind of data communication equipment, comprising:
The first communication unit is used for receiving the application data that master control set sends;
The first lock unit that is connected with described the first communication unit, described the first lock unit comprises application data distribution subelement, be used for described application data is assigned as first via application data and the second tunnel application data, described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set;
The first via data processing unit that is connected with the first lock unit, described first via data processing unit comprises first via master control set data processing subelement, described first via master control set data are processed subelement and are used for choosing checking algorithm, according to checking algorithm, one tunnel application data is carried out verification, generate the check code of this road application data;
The the second circuit-switched data processing unit that is connected with the first lock unit, described the second circuit-switched data processing unit comprise the second road master control set data processing subelement, and described the second road master control set data are processed subelement and are used for receiving and sending another road application data;
The second lock unit that is connected with described the second circuit-switched data processing unit with described first via data processing unit, described the second lock unit comprises data combination subelement, described data combination subelement is used for described check code and described the second tunnel application data, forms and meets the packet that communication protocol requires form;
The second communication unit that is connected with described the second lock unit is used for described Packet Generation to Correspondent Node.
The present invention also provides a kind of data communication system, comprises master control set, Correspondent Node and data communication equipment as described in claim 9 to 13 any one.
The applicant finds after deliberation, during uplink communication, the application data that receives in existing data communication equipment is same circuit-switched data with the application data of carrying out checking algorithm, when communicator breaks down, certain generation saltus step of the application data that receives, at this moment, data communication equipment carries out checking algorithm to misdata and generates check code, after being attached to same road misdata and send.When Correspondent Node received data, it adopted the checking algorithm identical with communicator, and same road misdata is carried out verification, and the check code of generation is identical with the check code that receives, and Correspondent Node judges that the misdata that receives is correct data.In sum, when the hardware of data communication equipment breaks down, it carries out the verification of safety check algorithm to same circuit-switched data, adopt special safety check algorithm when error in data, the detection to misdata in communication can't be realized, and then high reliability and the high security of data communication can't be guaranteed.
Use technique scheme, during uplink communication, send to application data and the check code of Correspondent Node to obtain from the two-way application data respectively, therefore, when any one tunnel application data mistake, during the verification of Correspondent Node application data, the check code of its generation is not identical with the check code that receives, Correspondent Node judgement application data mistake is not used this application data.Compared with prior art, use the technical program to realize the detection of misdata in communication is guaranteed high reliability and the high security of communicating by letter.
Description of drawings
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, the below will do to introduce simply to the accompanying drawing of required use in embodiment or description of the Prior Art, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the flow chart of the disclosed data communications method of the embodiment of the present invention;
Fig. 2 is the flow chart of S101 in data communications method shown in Figure 1;
Fig. 3 is another flow chart of the disclosed data communications method of the embodiment of the present invention;
Fig. 4 is the flow chart of S202 in data communications method shown in Figure 3;
Fig. 5 is the structural representation of the disclosed data communication equipment of the embodiment of the present invention.
Embodiment
The below is clearly and completely described the technical scheme in the embodiment of the present invention, and obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Based on the embodiment in the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that obtains under the creative work prerequisite.
An embodiment
Data communications method comprises downlink communication and uplink communication, namely comprises the two-way communication of data between master control set and Correspondent Node.For high reliability and the high security that guarantees data communication, usually add the safety check algorithm data are carried out verification, to realize the detection to misdata in communication.
But at uplink communication, when to be master control set send application data to Correspondent Node, when the hardware in data communication equipment breaks down, certain generation saltus step of the application data that receives, for example: the 11st of the application data that receives is 1 by 0 original saltus step, causes the application data mistake.At this moment, data communication equipment carries out checking algorithm to misdata and generates correct check code, after being attached to same road misdata and send.When Correspondent Node received data, it adopted the checking algorithm identical with communicator, and same road misdata is carried out verification, and the check code of its generation is identical with the check code that receives, and Correspondent Node judges that the misdata that receives is correct data.
In sum, when the hardware of data communication equipment breaks down, due to it, circuit-switched data is carried out the verification of safety check algorithm, therefore adopt special safety check algorithm when error in data, the detection to misdata in communication can't be realized, and then high reliability and the high security of data communication can't be guaranteed.
In order to address the above problem, the invention provides a kind of data communications method, realize the detection to misdata in communication, guarantee high reliability and the high security of data communication.This data communications method comprises uplink communication and downlink communication, and its flow chart comprises as shown in Figure 1:
S101: the application data that master control set is sent is divided into first via application data and the second tunnel application data, choose checking algorithm, any one tunnel application data is carried out verification, generate the check code of this road application data, and with described check code and another road application data, composition meets the Packet Generation of communication protocol requirement form to Correspondent Node, and described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set;
The flow chart of this step S101 comprises as shown in Figure 2:
S1011: receive the application data that master control set sends;
S1012: application data is assigned as first via application data and the second tunnel application data, and first via application data carries with the second tunnel application data identical information of application data that sends with master control set;
S1013: choose checking algorithm, according to checking algorithm, first via application data is carried out verification, generate the check code of this road application data;
S1014: after check code was attached to the second tunnel application data, composition met communication protocol and requires the Packet Generation of form to Correspondent Node.
Certainly, can also carry out verification to the second tunnel application data during uplink communication, generate the check code of this road application data, after this check code was attached to first via application data, composition met communication protocol and requires the Packet Generation of form to Correspondent Node.
S102: a circuit-switched data bag of received communication opposite end, this packet comprise the original checksums code of application data and this application data, choose checking algorithm the application data that receives is carried out verification, generate check code;
S103: whether the check code that relatively generates is identical with the original checksums code that receives, and if so, carries out S103, otherwise carries out S104;
S103: judge that the application data that receives is correct, send to master control set;
S104: judge the application data mistake that receives, abandon this application data, do not send to master control set.
In the present embodiment, S101 is uplink communication, and namely master control set sends application data to Correspondent Node, and S102 to S104 is downlink communication, and namely Correspondent Node sends feedback data to master control set.During uplink communication, because the check code that generates and the original checksums code that receives obtain from the two-way application data, therefore, avoided the available data communicator, when its hardware breaks down, data are undergone mutation, and cause error in data, due to only to a circuit-switched data, so adopt special safety check algorithm when error in data, can't realize the detection to misdata in communication, and then can't guarantee high reliability and the high security of data communication.
For the ease of understanding, the below describes with instantiation, and checking algorithm adopts CRC (Cyclical Redundancy Check, CRC) algorithm.
Suppose that the two-way application data is: 1011001, adopt the CRC algorithm to carry out verification to one tunnel application data, the check code of its generation is 1010, the packet that 1010 and 1011001 compositions is met the form of communication protocol requirement, such as: be attached to 1011001 back with 1010 and form packet 10110011010, send to Correspondent Node.Correspondent Node adopts identical CRC algorithms to 1011001 in 10110011010, and the check code of its generation is similarly 1010, and judge that application data is correct this moment.When any one tunnel application data is undergone mutation, for example: the second tunnel application data is undergone mutation, data become: 1001001, the check code of first via application data does not suddenly change, its check code is still: 1010, send to the new data of Correspondent Node to be this moment: 10010011010, after receiving data, Correspondent Node is to 1001001 verifications, and because application data is undergone mutation, the 3rd becomes 0 by 1, therefore, the check code of its generation becomes: 0100, and not identical with 1010, judge the application data mistake.
Equally take application data as: 1011001 as example, the available data communicator is when data sport: in the time of 1001001, it is adopted the verification of CRC algorithm, generate check code 0100, and be attached to the rear composition packet of misdata 1001001: 10010010100 send to Correspondent Node.Because data communication equipment and Correspondent Node carry out verification to same road application data, so the check code that Correspondent Node generates is identical with the check code that receives, even application data mistake, Correspondent Node will this misdata use as correct data, namely adopt the available data communicator can't realize detection to misdata in data uplink communication, and then can't guarantee high reliability and the high security of data communication.
The checking algorithm of choosing when in the present embodiment, uplink communication is with downlink communication is identical.Checking algorithm comprises: the CRC algorithm, MAC-DES (Message Authentication Code-Data Encryption Standard, the data encryption standard message authentication code) algorithm, any one in MD5 (Message Digest Algorithm MD5, Message Digest Algorithm 5) algorithm and other check code generating algorithms.The security intensity of data double-way communication depends on choosing of checking algorithm.
To the checking algorithm of some specific protocol defined, as the MAC-DES algorithm, the communication key that the prior agreement of master control set and Correspondent Node is used is to prevent invader's manipulative communications cover data in secure communications links.At this moment, checking algorithm will be selected the checking algorithm corresponding with this key.
Use technique scheme, during uplink communication, send to application data and the check code of Correspondent Node to obtain from the two-way application data respectively, therefore, when any one tunnel application data mistake, during the verification of Correspondent Node application data, the check code of its generation is not identical with the check code that receives, Correspondent Node judgement application data mistake is not used this application data.Use the technical program to realize the detection of misdata in communication is guaranteed high reliability and the high security of communicating by letter.
Another embodiment
During downlink communication, the packet that data communication equipment received communication opposite end sends, this packet comprises the check code of application data and this application data, application data is carried out verification and is generated check code, whether the check code that relatively generates is identical with the check code that receives, when not simultaneously, and judgement application data mistake, do not send this application data, realize in communication the detection to misdata.
But, when the hardware of data communication equipment breaks down, cause its correction judgement to check code to produce mistake, for example: the packet that receives is: 10010011010, wherein: 1001001 is wrong application data, and 1010 is correct check code.Data communication equipment is in application data---and during 1001001 verification, the check code of its generation is 0100, and is different from the check code 1010 that receives, and should judge the application data mistake this moment.But when hardware broke down, the check code that erroneous judgement generates was 0100 identical with the check code 1010 that receives, and thinks that application data is correct, can be sent to master control set with misdata.
Still take above-mentioned packet as example, when the hardware of data communication equipment breaks down, also there is another kind of error detection situation, when namely installing the application data verification to mistake, produced correct check code.Data communication equipment is in application data---and during 1001001 verification, the check code of its generation should be 0100, but this moment hardware fault occurs by chance, has just generated check code 1010, and identical with the check code 1010 that receives.Data communication equipment can be sent to master control set with misdata.Therefore, during existing downlink communication, when the hardware of data communication equipment breaks down, also can occur misdata is judged as correct data, in can't realizing communicating by letter to the detection of misdata.
In order to address the above problem, the present embodiment provides a kind of data communications method, during downlink communication, the application data that simultaneously two-way is carried identical information is carried out verification, when the verification while of two-way application data is correct, be check code of receiving with it of the check code of each self-generating of two-way application data when simultaneously identical, the judgement application data is correct, and then sends to master control set.The probability that the check code of two-way application data is made mistakes simultaneously is very little, therefore adopts the method for the two paths of data of verification simultaneously to solve the problems referred to above.
The flow chart of the data communications method that the present embodiment provides comprises as shown in Figure 3:
S201: the application data that master control set is sent is divided into first via application data and the second tunnel application data, choose checking algorithm, any one tunnel application data is carried out verification, generate the check code of this road application data, and with described check code and another road application data, composition meets the Packet Generation of communication protocol requirement form to Correspondent Node, and described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set;
The idiographic flow of this step is identical with S101 in above-described embodiment.This present embodiment is no longer set forth.
S202: the packet of the original checksums code that comprises application data and this application data that described Correspondent Node is sent is divided into first via packet and the second circuit-switched data bag, described first via packet carries with described the second circuit-switched data bag the identical information of packet that sends with described Correspondent Node, chooses checking algorithm and respectively the application data in described first via packet and described the second circuit-switched data bag is carried out checking algorithm generation first via check code and the second road check code;
The flow chart of step S202 comprises as shown in Figure 4:
S2021: the packet that the received communication opposite end sends, this packet comprises: the original checksums code of application data and this application data;
S2022: be first via packet and the second circuit-switched data bag with allocation of packets, first via packet carries with the second circuit-switched data bag the identical information of packet that sends with described Correspondent Node, includes the check code of application data and this application data;
S2023: choose checking algorithm, the application data in first via packet is carried out verification, generate first via check code;
S2024: choose checking algorithm, the application data in the second circuit-switched data bag is carried out verification, generate the second road check code.
S203: relatively whether first via check code is identical with the original checksums code, if so, carries out S204, otherwise, carry out S206;
S204: relatively whether the second road check code is identical with the original checksums code, if so, carries out S205, otherwise, carry out S206;
Certainly, step S203 and S204 can also be comprehensively a step, compare simultaneously first via check code, the second road check code and original checksums code in this step, when first via check code, the second road check code and original checksums code are all identical, carry out S205, otherwise, S206 carried out.
S205: judge that the application data that receives is correct, and send application data to master control set;
When the application data that receives when judgement is correct, according to the internal security bus protocol, this application data is sent to master control set.If this internal security bus protocol uses the duplex communication structure, the two-way application data is sent to respectively master control set by two communication ports.If this internal security bus protocol uses the single-channel communication structure, check code with any one tunnel application data and another road application data generation, form and meet the packet that communication protocol requires form, i.e. default data transmission modes---form packet after check code is attached to application data, be sent to master control set.
S206: judge the two-way application data mistake that receives, abandon this data, do not send to master control set.
When the below breaks down with the hardware of the data communication equipment of being set forth in the present embodiment, device is during to the application data verification of mistake, and how the instantiation that has produced correct check code is realized the detection of misdata is described when the downlink communication to data communications method provided by the invention.For the ease of contrast, still adopt the data in above-mentioned instantiation, the packet that namely receives is: 10010011010, wherein: 1001001 is wrong application data, and 1010 is correct check code.
The two paths of data bag is: 10010011010, suppose the application data in first via packet---during 1001001 verification, the check code of its generation should be: 0100, but this moment by chance data undergo mutation, just generated check code 1010.And the application data in the second circuit-switched data bag---during 1001001 verification, the check code of its generation should be: 0100, and check code is not undergone mutation.Therefore, when check code compared, the check code of the second tunnel application data was different from the check code that receives, and judged the two-way application data mistake that receives, and did not send this application data to master control set.The probability of makeing mistakes simultaneously due to the check code of two-way application data is very little, therefore adopt the method for the two paths of data of verification simultaneously to solve the available data communicator when carrying out downlink communication, when hardware breaks down, misdata is judged as correct data, in can't realizing communicating by letter to the problem of the detection of misdata.
Need to prove: the checking algorithm of choosing when in the present embodiment, uplink communication is with downlink communication is identical.Checking algorithm comprises: CRC algorithm, MAC-DES algorithm, any one in MD5 algorithm and other check code generating algorithms.
To the checking algorithm of some specific protocol defined, as the MAC-DES algorithm, the communication key that the prior agreement of master control set and Correspondent Node is used is to prevent invader's manipulative communications cover data in secure communications links.At this moment, checking algorithm will be selected the checking algorithm corresponding with this key.
In order to realize the safety of data double-way communication, between the transport layer and application layer of legacy network agreement, insert safe floor and synchronous relatively layer, form the custom-designed secure communication protocols of data communications method of the present embodiment.The safe floor of this secure communication protocols provides specific data check algorithm and corresponding data check function, two-way is carried the data of identical information and carries out the redundancy processing, and is safe and reliable to guarantee that data are transmitted when communicating by letter.Synchronously relatively layer when uplink communication, provides the data encapsulation function, forms to meet the packet that communication protocol requires form, forms packet after soon the check code of one tunnel application data is attached to another road application data, further sends to its lower floor; During downlink communication, synchronous relatively layer provides function of data distribution, and the allocation of packets that soon obtains from its lower floor is the two paths of data bag.A packet and its two paths of data that is distributed into that synchronous relatively layer receives are carried identical information, and this packet comprises application data that Correspondent Node sends and the original checksums code of this application data.This layer guarantees application data safe and reliable of the Correspondent Node that master control set obtains.Because the checking algorithm that the application data in the two paths of data bag can further provide by safe floor carries out verification, if any one road check errors is judged two-way application data mistake, abandon this application data.Equivalent layer in the function of other each layers in this secure communication protocols and implementation method and existing network protocol is identical.
Use technique scheme, during downlink communication, simultaneously two-way is carried the identical information application data and carry out verification, when the verification while of two paths of data is correct, be original checksums code of receiving with it of the check code of each self-generating of two-way application data when simultaneously identical, the judgement data are correct.Use the technical program, in the detection of uplink communication realization to misdata, can't realize the problem that misdata is detected when having solved existing downlink communication.
Corresponding with it, the present invention also provides a kind of data communication equipment, its structural representation comprises as shown in Figure 5: the first communication unit 30, the first lock unit 31, first via data processing unit 32, the second circuit-switched data processing unit 33, the second lock unit 34 and second communication unit 35.Wherein:
The first communication unit 30 is used for receiving the application data that master control set sends;
The first lock unit 31 comprises application data distribution subelement, application data distributes subelement to be used for described application data is assigned as first via application data and the second tunnel application data, and described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set;
First via data processing unit 32 comprises first via master control set data processing subelement, first via master control set data are processed subelement and are used for choosing checking algorithm, according to checking algorithm, any one tunnel application data is carried out verification, generate the check code of this road application data;
The second circuit-switched data processing unit 33 comprises the second road master control set data processing subelement, and the second road master control set data are processed subelement and are used for receiving and sending another road application data;
The second lock unit 34 comprises data combination subelement, and data combination subelement is used for described check code and described the second tunnel application data, forms and meets the packet that communication protocol requires form;
Second communication unit 35 is used for described Packet Generation to Correspondent Node.
Above-mentioned for data communication equipment when carrying out uplink communication, the function of its each several part, particularly, during uplink communication, first via master control set data are processed subelement, are used for choosing checking algorithm, according to checking algorithm, first via application data is carried out verification, generate the check code of this road application data;
The the second road master control set data are processed subelement, are used for receiving and sending the second tunnel application data;
Data combination subelement after being used for described check code is attached to the second tunnel application data, forms the packet of the form that meets the communication protocol requirement.
Setting forth data communication equipment provided by the invention when carrying out uplink communication below in conjunction with example, is how to realize misdata is detected.Checking algorithm adopts the CRC algorithm.
Suppose that the two-way application data is: 1011001, first via master control set data are processed subelement and are adopted the CRC algorithm to carry out verification to one the tunnel, and the check code of its generation is 1010, and sends to data combination subelement.The the second road master control set data are processed subelement another road application data 1011001 are sent to data combination subelement.Data combinations subelement forms the packet that meets the form that communication protocol requires with 1010 and 1011001, such as: be attached to 1011001 back with 1010 and form packet 10110011010, send to Correspondent Node.Correspondent Node adopts identical CRC algorithms to 1011001 in 10110011010, and the check code of its generation is similarly 1010, and judge that application data is correct this moment.After the application data in the second road master control set data processing subelement was undergone mutation, data became: 1001001.At this moment, the application data that first via master control set data are processed in subelement is not undergone mutation, and the check code of this application data is: 1010.Data combination this moment subelement sends to the data of Correspondent Node to be: 10010011010, after receiving data, Correspondent Node is to 1001001 verifications, because application data is undergone mutation, the 3rd becomes 0 by 1, and therefore, the check code of its generation becomes: 0100, with receive 1010 not identical, judge the application data mistake.
Equally take application data as: 1011001 as example, the available data communicator is when data sport: in the time of 1001001, it is adopted the verification of CRC algorithm, generate check code 0100, and be attached to the rear composition packet of misdata 1001001: 10010010100 send to Correspondent Node.Because data communication equipment and Correspondent Node carry out verification to same road application data, so the check code that Correspondent Node generates is identical with the check code that receives, even application data mistake, Correspondent Node will this misdata use as correct data, namely adopt the available data communicator can't realize detection to misdata in data uplink communication, and then can't guarantee high reliability and the high security of data communication.
During downlink communication, the function of data communication equipment each several part is as described below, wherein:
Second communication unit 35 also is used for the packet that the received communication opposite end sends, and described packet comprises application data that described Correspondent Node sends and the original checksums code of this application data;
The second lock unit 34 also comprises the allocation of packets subelement, it is first via packet and the second circuit-switched data bag with described allocation of packets that described allocation of packets subelement is used for, first via packet carries with the second circuit-switched data bag the identical information of packet that sends with described Correspondent Node, includes the check code of application data and this application data;
First via data processing unit 32 comprises that also first via Correspondent Node data are processed subelement and first via check code compares subelement, described first via Correspondent Node data are processed subelement and are used for choosing checking algorithm, application data in first via packet is carried out verification, generate first via check code, described first via check code is subelement relatively, is used for more described first via check code whether identical with described original checksums code;
The second circuit-switched data processing unit 33 comprises that also the second road Correspondent Node data are processed subelement and the second road check code compares subelement, described the second road Correspondent Node data are processed subelement, be used for choosing checking algorithm, application data in the second circuit-switched data bag is carried out verification, generate the second road check code, described the second road check code is subelement relatively, is used for more described the second road check code whether identical with described original checksums code;
The first lock unit 31 also comprises the data communication subelement, the data communication subelement, be used for when described first via check code, when the second road check code is identical with described original checksums code, according to the internal security bus protocol, send application data to the first communication unit 30;
The first communication unit 30 also is used for the application data that described data communication subelement sends is transmitted to master control set.
When internal security bus protocol use duplex communication structure, the data communication subelement is sent to respectively master control set with the two-way application data.If this internal security bus protocol uses the single-channel communication structure, the data communication subelement is with the check code of any one tunnel application data and another road application data generation, form and meet the packet that communication protocol requires form, i.e. default data transmission modes---after being attached to application data, check code forms packet, via the first communication unit 30, be sent to master control set by a communication port.
When first via check code or the second road check code and described original checksums code not simultaneously, data communication equipment abandons this packet, therefore first via data processing unit 32 comprises that also first via data abandon subelement, described data abandon subelement for working as described first via check code and described original checksums code not simultaneously, packet discard;
The second circuit-switched data processing unit 33 comprises that also the second circuit-switched data abandons subelement, and described data abandon subelement for working as described the second road check code and described original checksums code not simultaneously, packet discard;
The data communication subelement also is used for working as described first via check code and any one road check code of the second road check code and described original checksums code not simultaneously, does not send the two-way application data;
The first communication unit 30, also be used for when any one road check code of the second road check code of described first via check code and described original checksums code not simultaneously, do not forward the two-way application data to master control set.
For the ease of understanding, still adopt wrong application data to be equally: 1011001, correct check code is: 1010, checking algorithm adopts the CRC algorithm, sets forth data communication equipment provided by the invention and how to realize misdata is detected when downlink communication.
First via Correspondent Node data are processed the check code that subelement generates: 0100, but this moment by chance data undergo mutation, just generated check code 1010.First via check code is subelement relatively, and relatively first via Correspondent Node data are processed the subelement check code that generates and the check code that receives, and comparative result is: check code is identical, judges that the wrong application data that receives is correct.And the check code that the second road Correspondent Node data processing subelement generates is: 0100, and do not undergo mutation.The the second road check code is subelement relatively, relatively the second road Correspondent Node data are processed the subelement check code that generates and the check code that receives, comparative result is: check code is different, judges the wrong application data mistake that receives, and abandons and does not send the two-way application data.
In the present embodiment, first via master control set data are processed subelement, and the second road master control set data are processed subelement, and the first Correspondent Node data process subelement and second communication is identical to the selected checking algorithm of end data processing subelement.Checking algorithm comprises: CRC algorithm, MAC-DES algorithm, any one in MD5 algorithm and other check code generating algorithms.
The secure communication protocols that the data communication equipment that the present embodiment provides uses between the transport layer and application layer of former protocols having, inserts safe floor and synchronous relatively layer.This safe floor provides specific data check algorithm and corresponding data check function, two-way is carried the data of identical information and carries out the redundancy processing, and is safe and reliable to guarantee that data are transmitted when communicating by letter.Synchronously relatively layer when uplink communication, provides the data encapsulation function, forms to meet the packet that communication protocol requires form, forms packet after soon the check code of one tunnel application data is attached to another road application data, further sends to its lower floor; During downlink communication, synchronous relatively layer provides function of data distribution, and the allocation of packets that soon obtains from its lower floor is the two paths of data bag.A packet and its two paths of data that is distributed into that synchronous relatively layer receives are carried identical information, and this packet comprises application data that Correspondent Node sends and the original checksums code of this application data.This layer guarantees application data safe and reliable of the Correspondent Node that master control set obtains.Because the checking algorithm that the application data in the two paths of data bag can further provide by safe floor carries out verification, if any one road check errors is judged the application data mistake, abandon this application data.Equivalent layer in the function of other each layers in this secure communication protocols and implementation method and existing network protocol is identical.
Therefore, during uplink communication, first via master control set data process subelement and the second road master control set data are processed subelement, using relatively independent hardware circuit application data to carry out redundancy processes, wherein: the checking algorithm that first via master control set data are processed subelement use safe floor to be provided carries out verification to one tunnel application data, generate the check code of this road application data, and send to data combination subelement.And the second road master control set data are processed subelement and are directly sent another road application data and make up subelement to data.Data combination subelement adopts the synchronous data encapsulation that layer provides that compares to check code and the second tunnel application data of the first via application data of process different hardware processing of circuit, the packet that forms the form that meets the communication protocol requirement, be after check code is attached to the second tunnel application data, and send further.
equally, during downlink communication, the first Correspondent Node data process subelement and second communication uses relatively independent hardware circuit to process carrying out redundancy from a synchronous relatively layer application data of obtaining to end data processing subelement, use respectively the checking algorithm application data that safe floor provides to carry out verification, and respectively two-way the application data check code that generates and the original checksums code that receives are compared by the first check code comparing unit and the second check code comparing unit check code comparing unit, if any one road check code comparative result is: the check code of generation is different with the original checksums code that receives, judge two-way application data mistake, abandon the two-way application data, otherwise, application data is correct, and further send.
Use technique scheme, in the time of can realizing data double-way communication, to the detection of misdata.Simultaneously, a secure communication protocols redundant configuration safe floor, therefore, the data communication equipment that the present embodiment provides can use less hardware redundancy cost to realize the safety of data, thus the difficulty of alleviator Redundancy Design.In addition, data communication equipment provided by the invention has also avoided tradition two to get the security risk of carrying out synchronous comparison in two designs, greatly reduces design difficulty and the complexity of device.The secure communication protocols that data communication equipment provided by the invention adopts does not change the data format of existing communication agreement, so this device is when improving communications security, can be well compatible with other non-security communicators.
The present invention also provides a kind of data communication system, it is characterized in that, comprises master control set, Correspondent Node and the data communication equipment described in embodiment three.Master control set and Correspondent Node can be respectively mobile unit and the ground installation in the bullet train safety control system, also can be ground installation and ground installation, specifically can also for carrying out two equipment of data double-way communication, this no longer be limited.
In this specification, each embodiment adopts the mode of going forward one by one to describe, and what each embodiment stressed is and the difference of other embodiment that between each embodiment, identical similar part is mutually referring to getting final product.For the disclosed device of embodiment, because it is corresponding with the disclosed method of embodiment, so description is fairly simple, relevant part partly illustrates referring to method and gets final product.
The professional can also further recognize, unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein, can realize with electronic hardware, computer software or combination both, for the interchangeability of hardware and software clearly is described, composition and the step of each example described in general manner according to function in the above description.These functions are carried out with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.The professional and technical personnel can specifically should be used for realizing described function with distinct methods to each, but this realization should not thought and exceeds scope of the present invention.
To the above-mentioned explanation of the disclosed embodiments, make this area professional and technical personnel can realize or use the present invention.Multiple modification to these embodiment will be apparent concerning those skilled in the art, and General Principle as defined herein can be in the situation that do not break away from the spirit or scope of the present invention, realization in other embodiments.Therefore, the present invention will can not be restricted to these embodiment shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.
Claims (13)
1. a data communications method, comprise uplink communication and downlink communication, it is characterized in that:
Described uplink communication comprises: the application data that master control set is sent is divided into first via application data and the second tunnel application data, choose checking algorithm, any one tunnel application data is carried out verification, generate the check code of this road application data, and with described check code and another road application data, composition meets the Packet Generation of communication protocol requirement form to Correspondent Node, and described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set;
described downlink communication comprises: the packet of the original checksums code that comprises application data and this application data that described Correspondent Node is sent is divided into first via packet and the second circuit-switched data bag, described first via packet carries with described the second circuit-switched data bag the identical information of packet that sends with described Correspondent Node, choose checking algorithm and respectively the application data in described first via packet and described the second circuit-switched data bag is carried out checking algorithm generation first via check code and the second road check code, more described first via check code, whether the second road check code is identical with described original checksums code, when described first via check code identical with described original checksums code, and when described the second road check code is identical with described original checksums code, send application data to master control set.
2. data communications method according to claim 1, is characterized in that, any one road check code in described first via check code and described the second road check code and described original checksums code not simultaneously, packet discard does not send packet to master control set.
3. data communications method according to claim 2, is characterized in that, described uplink communication specifically comprises:
Receive the application data that master control set sends;
Described application data is assigned as first via application data and the second tunnel application data, and described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set;
Choose checking algorithm, according to checking algorithm, first via application data is carried out verification, generate the check code of this road application data;
After described check code is attached to the second tunnel application data, form the Packet Generation of the form that meets the communication protocol requirement to Correspondent Node.
4. data communications method according to claim 3, is characterized in that, the described checking algorithm of choosing specifically comprises: according to the key of described master control set and described Correspondent Node agreement, choose the checking algorithm corresponding with this key.
5. data communications method according to claim 1, is characterized in that, described downlink communication specifically comprises:
The packet that the received communication opposite end sends, this packet comprises: the original checksums code of application data and this application data;
Be first via packet and the second circuit-switched data bag with allocation of packets, first via packet carries with the second circuit-switched data bag the identical information of packet that sends with described Correspondent Node, includes the check code of application data and this application data;
Choose checking algorithm, the application data in first via packet is carried out verification, generate first via check code;
Choose checking algorithm, the application data in the second circuit-switched data bag is carried out verification, generate the second road check code;
Whether more described first via check code is identical with described original checksums code, when described first via check code is identical with described original checksums code, whether more described the second road check code is identical with described original checksums code, when described the second road check code whether identical with described original checksums code, according to default data transmission modes, send application data to described master control set.
6. the described data communications method of according to claim 1 to 5 any one, is characterized in that, the checking algorithm that uplink communication is chosen during with downlink communication is identical.
7. data communications method according to claim 6, is characterized in that, described checking algorithm comprises: CRC CRC algorithm, any one of data encryption standard message authentication code MAC-DES algorithm and Message Digest Algorithm 5 MD5 algorithm.
8. a data communication equipment, is characterized in that, comprising:
The first communication unit is used for receiving the application data that master control set sends;
The first lock unit that is connected with described the first communication unit, described the first lock unit comprises application data distribution subelement, be used for described application data is assigned as first via application data and the second tunnel application data, described first via application data carries with described the second tunnel application data identical information of application data that sends with described master control set;
The first via data processing unit that is connected with the first lock unit, described first via data processing unit comprises first via master control set data processing subelement, described first via master control set data are processed subelement and are used for choosing checking algorithm, according to checking algorithm, one tunnel application data is carried out verification, generate the check code of this road application data;
The the second circuit-switched data processing unit that is connected with the first lock unit, described the second circuit-switched data processing unit comprise the second road master control set data processing subelement, and described the second road master control set data are processed subelement and are used for receiving and sending another road application data;
The second lock unit that is connected with described the second circuit-switched data processing unit with described first via data processing unit, described the second lock unit comprises data combination subelement, described data combination subelement is used for described check code and described the second tunnel application data, forms and meets the packet that communication protocol requires form;
The second communication unit that is connected with described the second lock unit is used for described Packet Generation to Correspondent Node;
Described second communication unit also is used for the packet that the received communication opposite end sends, and described packet comprises application data that described Correspondent Node sends and the original checksums code of this application data;
Described the second lock unit also comprises the allocation of packets subelement, it is first via packet and the second circuit-switched data bag with described allocation of packets that described allocation of packets subelement is used for, first via packet carries with the second circuit-switched data bag the identical information of packet that sends with described Correspondent Node, includes the check code of application data and this application data;
Described first via data processing unit comprises that also first via Correspondent Node data are processed subelement and first via check code compares subelement, described first via Correspondent Node data are processed subelement and are used for choosing checking algorithm, application data in first via packet is carried out verification, generate first via check code, described first via check code is subelement relatively, is used for more described first via check code whether identical with described original checksums code;
Described the second circuit-switched data processing unit comprises that also the second road Correspondent Node data are processed subelement and the second road check code compares subelement, described the second road Correspondent Node data are processed subelement, be used for choosing checking algorithm, application data in the second circuit-switched data bag is carried out verification, generate the second road check code, described the second road check code is subelement relatively, is used for more described the second road check code whether identical with described original checksums code;
Described the first lock unit also comprises the data communication subelement, described data communication subelement, be used for working as described first via check code identical with described original checksums code, and when described the second road check code is identical with described original checksums code, according to the internal security bus protocol, send application data to the first communication unit;
Described the first communication unit also is used for the application data that described data communication subelement sends is transmitted to master control set.
9. data communication equipment according to claim 8, it is characterized in that, described first via data processing unit comprises that also first via data abandon subelement, and described data abandon subelement for working as described first via check code and described original checksums code not simultaneously, packet discard;
Described the second circuit-switched data processing unit comprises that also the second circuit-switched data abandons subelement, and described data abandon subelement for working as described the second road check code and described original checksums code not simultaneously, packet discard;
Described data communication subelement also is used for working as described first via check code and any one road check code of the second road check code and described original checksums code not simultaneously, does not send the two-way application data;
Described the first communication unit also is used for working as described first via check code and any one road check code of the second road check code and described original checksums code not simultaneously, does not forward the two-way application data to master control set.
10. data communication equipment according to claim 9, is characterized in that, described first via master control set data are processed subelement, is used for choosing checking algorithm, according to checking algorithm, first via application data carried out verification, generates the check code of this road application data;
Described the second road master control set data are processed subelement, are used for receiving and sending the second tunnel application data;
Described data combination subelement after being used for described check code is attached to the second tunnel application data, forms the packet of the form that meets the communication protocol requirement.
11. data communication equipment according to claim 10, it is characterized in that, described first via master control set data are processed subelement, described the second road master control set data are processed subelement, and described first via Correspondent Node data process subelement and described the second road selected checking algorithm of Correspondent Node data processing subelement is identical.
12. the described data communication equipment of according to claim 8 to 11 any one, it is characterized in that, described checking algorithm comprises: CRC CRC algorithm, any one in data encryption standard message authentication code MAC-DES algorithm and Message Digest Algorithm 5 MD5 algorithm.
13. a data communication system is characterized in that, comprises master control set, Correspondent Node and data communication equipment as described in claim 8 to 12 any one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102729431A CN101938331B (en) | 2010-09-03 | 2010-09-03 | Data communication method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102729431A CN101938331B (en) | 2010-09-03 | 2010-09-03 | Data communication method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101938331A CN101938331A (en) | 2011-01-05 |
| CN101938331B true CN101938331B (en) | 2013-06-26 |
Family
ID=43391483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102729431A Active CN101938331B (en) | 2010-09-03 | 2010-09-03 | Data communication method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101938331B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468034B (en) * | 2014-11-12 | 2018-12-28 | 株洲南车时代电气股份有限公司 | A kind of transponder transmission host |
| DE102015211451A1 (en) * | 2015-06-22 | 2017-01-05 | Volkswagen Aktiengesellschaft | Method for manipulation protection of user data packets to be transmitted via a bus system between system components |
| CN105262563B (en) * | 2015-09-07 | 2018-02-23 | 南京科远自动化集团股份有限公司 | A kind of redundancy check method and system for improving communication reliability |
| CN107678879A (en) * | 2016-08-01 | 2018-02-09 | 北京同方微电子有限公司 | A kind of apparatus and method verified in real time for bus and memory cell data block |
| CN110868701B (en) * | 2018-08-28 | 2021-09-21 | 比亚迪股份有限公司 | Vehicle-mounted access equipment, control method thereof and rail vehicle |
| CN110299966B (en) * | 2019-07-26 | 2020-05-19 | 华中科技大学 | Data transmission method, terminal and base station |
| DE102020105794B4 (en) * | 2020-03-04 | 2022-02-03 | Infineon Technologies Ag | Device, controller for a device and method for communication |
| CN113132060A (en) * | 2021-04-21 | 2021-07-16 | 潍柴动力股份有限公司 | Message data transmission method and device |
| CN113612574A (en) * | 2021-06-28 | 2021-11-05 | 通号城市轨道交通技术有限公司 | Data transmission method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1240067A (en) * | 1996-10-09 | 1999-12-29 | 艾利森公司 | Error correction with two block codes |
| CN101075812A (en) * | 2007-06-08 | 2007-11-21 | 中国科学技术大学 | Method for constructing system low-density code with parallel cascade |
| CN101552650A (en) * | 2009-04-29 | 2009-10-07 | 北京亿兆未来宽带网络技术有限公司 | Optical interface method with lossless switch function and system thereof |
-
2010
- 2010-09-03 CN CN2010102729431A patent/CN101938331B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1240067A (en) * | 1996-10-09 | 1999-12-29 | 艾利森公司 | Error correction with two block codes |
| CN101075812A (en) * | 2007-06-08 | 2007-11-21 | 中国科学技术大学 | Method for constructing system low-density code with parallel cascade |
| CN101552650A (en) * | 2009-04-29 | 2009-10-07 | 北京亿兆未来宽带网络技术有限公司 | Optical interface method with lossless switch function and system thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101938331A (en) | 2011-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101938331B (en) | Data communication method, device and system | |
| US7673217B2 (en) | Method of detecting data transmission errors in a CAN controller, and a CAN controller for carrying out the method | |
| US20100192051A1 (en) | Checking method and eletronic circuit for the secure serial transmission of data | |
| US10404717B2 (en) | Method and device for the protection of data integrity through an embedded system having a main processor core and a security hardware module | |
| CN102292962B (en) | Methods and apparatus related to address generation, communication and/or validation | |
| CN102137435B (en) | Method, device and system for processing data | |
| CN102281121A (en) | Method, equipment and system for transmitting and verifying data file | |
| CN101682470A (en) | Method for dynamic interpretation of transport block size | |
| KR101572935B1 (en) | Method of authenticating can packet using mac divison and appratus for implementing the same | |
| CN102857356A (en) | Methods and devices for sending data packet, hyper frame number update and maintenance, and data processing | |
| CN109379264A (en) | A kind of multi-board communication equipment based on CAN2.0, method and system | |
| JP2009182981A (en) | Method and apparatus for packet-oriented transmission of security-relevant data | |
| CN106953725A (en) | For method and system derived from asymmetrical key | |
| WO2016007477A1 (en) | System, method, and apparatus for generating vital messages on an on-board system of a vehicle | |
| CN106911428A (en) | The transmission method and device of information | |
| KR101855898B1 (en) | Wireless communication method for controlling train and safety transmission unit for executing method | |
| CN109219950B (en) | Method for exchanging messages between security-relevant devices | |
| CN109743337A (en) | The lower dress means of communication in nuclear safe level DCS system based on Transmission Control Protocol | |
| US20230156472A1 (en) | Transmitting Unit and Receiving Unit for Transmitting and Receiving Data Packets | |
| CN113722770B (en) | End-to-end protection method and system based on hierarchical data integrity | |
| CN104714761A (en) | Wireless data printing system and method of equipment with Android system | |
| Munir et al. | Design and performance analysis of secure and dependable cybercars: A steer-by-wire case study | |
| CN107852275A (en) | Data transmission device and data transmission method, reception device and method of reseptance, program and data transmission system | |
| CN107493262B (en) | Method and device for transmitting data | |
| CN112953897A (en) | Train control system edge security node implementation method based on cloud computing equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: BEIJING NATIONAL RAILWAY RESEARCH + DESIGN INSTITU Free format text: FORMER NAME: BEIJING QUANLU COMMUNICATION SIGNALS RESEARCH AND DESIGN INSTITUTE CO., LTD. |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 100073, Beijing, Fengtai District Huayuan one mile No. 18 building Patentee after: CRSC RESEARCH & DESIGN INSTITUTE GROUP Co.,Ltd. Address before: 100073, Beijing, Fengtai District Huayuan one mile No. 18 building Patentee before: BEIJING NATIONAL RAILWAY RESEARCH & DESIGN INSTITUTE OF SIGNAL & COMMUNICATION Co.,Ltd. |
|
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20110105 Assignee: BEIJING RAILWAY SIGNAL Co.,Ltd. Assignor: CRSC RESEARCH & DESIGN INSTITUTE GROUP Co.,Ltd. Contract record no.: X2023980035234 Denomination of invention: Data communication methods, devices, and systems Granted publication date: 20130626 License type: Common License Record date: 20230504 |