CN111148070B - V2X communication method and device and vehicle - Google Patents

V2X communication method and device and vehicle Download PDF

Info

Publication number
CN111148070B
CN111148070B CN201911403731.XA CN201911403731A CN111148070B CN 111148070 B CN111148070 B CN 111148070B CN 201911403731 A CN201911403731 A CN 201911403731A CN 111148070 B CN111148070 B CN 111148070B
Authority
CN
China
Prior art keywords
data
application
execution environment
processor
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911403731.XA
Other languages
Chinese (zh)
Other versions
CN111148070A (en
Inventor
虞靖靓
戴仕全
张�浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201911403731.XA priority Critical patent/CN111148070B/en
Publication of CN111148070A publication Critical patent/CN111148070A/en
Priority to PCT/CN2020/137935 priority patent/WO2021135999A1/en
Application granted granted Critical
Publication of CN111148070B publication Critical patent/CN111148070B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application provides a V2X communication method, a device and a vehicle, wherein a TEE and a REE are simultaneously operated in an AP processor of a V2X communication device, a V2X application program for V2X communication in the AP processor is all operated in the TEE, so that the V2X application program is isolated from other application programs, the V2X application program can independently process V2X data in the TEE, the TEE ensures that the V2X application program is not influenced or attacked by other application programs when processing V2X data, the safety of the V2X application program operated in the TEE for transceiving V2X data is ensured, the safety performance of the V2X application program for V2X communication can be improved due to the TEE which can be operated on one AP processor, a separate processor is not required, the structure of the V2X communication device is simplified, and the hardware cost can be reduced.

Description

V2X communication method and device and vehicle
Technical Field
The application relates to the technical field of vehicle networks, in particular to a vehicle to all (V2X) communication method, a device and a vehicle.
Background
With the development of network technology and intelligent vehicle technology, the internet of vehicles is receiving more and more attention. Currently, in an internet of vehicles communication system, a vehicle to all (V2X) communication device (or called as an internet of vehicles terminal) is disposed inside a vehicle, and the interaction between V (vehicle) and X (vehicle, person, traffic roadside infrastructure and network) intelligent information is realized through a vehicle wireless communication technology.
Since the V2X communication data is closely related to the safety of the vehicle, it is also necessary to ensure the safety of the data when the V2X communication device performs V2X communication. In one technique, a V2X communication device transmitting data can encrypt V2X data by using a key and transmit the data, and accordingly, a V2X communication device receiving the data can decrypt V2X data by using the key and process the data, but in this technique, due to the low security performance of the V2X communication device, other applications inside the V2X communication device may provide access to applications threatening the V2X communication device to perform V2X communication, thereby reducing the security of V2X communication. In another technique, two different processors can be disposed in the V2X communication device, one processor processes V2X communication-related applications and the other processor processes other applications, to physically isolate V2X communication, but this technique greatly increases the hardware cost of the V2X communication device.
Therefore, how to reduce the hardware cost of the V2X communication device and improve the security performance is a technical problem to be solved in the field.
Disclosure of Invention
The application provides a V2X communication method, a device and a vehicle, which aim to solve the technical problem that the safety performance of a V2X communication device cannot be improved while the hardware cost is reduced in the prior art.
A first aspect of the present application provides a V2X communication device, comprising: the AP system comprises an AP processor and a first communication module and a second communication module which are respectively connected with the AP processor, wherein a trusted execution environment and an untrusted execution environment are operated on the AP processor, the trusted execution environment is used for operating a V2X application program, and the untrusted execution environment is used for operating other application programs except the V2X application program. Specifically, the V2X application running in the trusted execution environment of the AP processor may send or receive the V2X application by calling the first communication module; and other application programs running in the untrusted execution environment of the AP processor can send or receive data of the other application programs by calling the second communication module.
Therefore, the V2X communication apparatus provided in this embodiment runs TEE and REE simultaneously in the AP processor, and the V2X applications in the AP processor for V2X communication all run in the TEE, so the V2X application is isolated from other applications, so that the V2X application can independently process V2X data in the TEE, and the TEE ensures that the V2X application is not affected or attacked by other applications when processing V2X data; meanwhile, the V2X application program running in the TEE can call the first communication module which is also independently arranged to realize the receiving or sending of the V2X data, so that the data receiving and sending module used by the V2X application program can only be called by the application program in the TEE, thereby being isolated from the second communication module which can be called by other application programs in the REE, and further ensuring the safety when the V2X application program running in the TEE receives and sends the V2X data. In summary, the V2X communication device provided in this embodiment can improve the security performance of the V2X application program in V2X communication by the TEE running on one AP processor, and does not need to provide a separate processor, thereby simplifying the structure of the V2X communication device and reducing the hardware cost.
In the first embodiment of the first aspect of the present application, in addition to the V2X application receiving or sending the V2X application, the V2X application may perform security check on the first V2X data of the V2X application received by the first communication module in the trusted execution environment; when the safety check is passed, the V2X application program processes the first V2X data; when the security check fails, the V2X application will not continue to process the first V2X data. Optionally, at the same time, the V2X application program may also encrypt the second V2X data to be transmitted in the trusted execution environment, and transmit the encrypted second V2X data through the first communication module.
Therefore, the V2X communication device provided in this embodiment can further encrypt and sign the data in the TEE or decrypt and perform security check on the data in the TEE when the V2X application performs data reception or transmission in the TEE, and can further ensure the security of the V2X data processed by the V2X application.
In an embodiment of the first aspect of the present application, the V2X communication apparatus further includes: the HSM is connected with the AP processor and is used for carrying out security verification on the first V2X data of the V2X application program received by the first communication module; that is, the V2X communicator may invoke the AP processor-connected HSM to perform security check on the received first V2X data; when the safety check is passed, the V2X application program processes the first V2X data; when the security check fails, the V2X application will not continue to process the first V2X data. Optionally, at the same time, the V2X application may also invoke the HSM to encrypt the second V2X data to be transmitted in the trusted execution environment, and transmit the encrypted second V2X data through the first communication module.
In summary, the V2X communication apparatus provided in this embodiment can set an independent HSM outside the AP processor according to the actual usage situation, and perform security operations such as encryption, decryption, signature, and verification of V2X data, thereby reducing the computation amount of the AP processor, and the HSM is configured to be only able to be called by the application in the TEE, and can further ensure the security performance of the V2X application when performing security operations on V2X data.
In the first embodiment of the first aspect of the present application, the HSM provided in the V2X communication device is connected to the V2X baseband processing unit in the first communication module and is invoked when the V2X baseband processing unit processes V2X data; that is, after receiving the first V2X data, the V2X baseband processing unit invokes the HSM to perform security check on the received first V2X data; when the safety check is passed, the V2X baseband processing unit sends the first V2X data to the V2X application program for processing; when the security check fails, the V2X application will not send the first V2X data to the V2X application. Optionally, at the same time, the V2X baseband processing unit may further encrypt second V2X data to be sent by the V2X application program, and send the encrypted second V2X data through the first communication module.
In summary, according to the V2X communication apparatus provided in this embodiment, an independent HSM may also be provided in the V2X communication baseband processing unit outside the AP processor according to the actual usage situation, so that the V2X communication baseband processing unit can perform security operations such as encryption, decryption, signature, and verification on the V2X data during transmission or reception of the V2X data, thereby reducing the amount of computation of the AP processor, and the HSM is connected only to the V2X communication baseband processing unit in the first communication module, and the first communication module is configured to be called only by the application in the TEE, which can further ensure the security performance of the V2X application when performing security operations on the V2X data.
In an embodiment of the first aspect of the present application, the V2X communication device further includes: a first external interface and a second external interface respectively connected with the AP processor; wherein, when the first external interface is called by the V2X application in the TEE, the V2X application may transfer data with the first external device through the first external interface. When the second external interface is called by other applications in the REE, the other applications may transfer data with the second external device through the second external interface.
In summary, in the V2X communication apparatus provided in this embodiment, the external interface that can be called by the V2X application running in the TEE is different from the external interface that can be called by the application running in the REE, so that the external interfaces used when the applications running in the TEE and the REE send data to the external device are physically isolated, the physical interface that can be called by the V2X application is itself secure, and the security of the V2X application when sending V2X data to the outside is further ensured.
In an embodiment of the first aspect of the present application, the V2X communication device further includes: and the data acquisition unit can be called by the trusted execution environment and is used for acquiring the state data representing the vehicle state.
In summary, the V2X communication apparatus provided in this embodiment enables the V2X application running in the TEE environment to individually call the security-guaranteed data obtaining unit to obtain the status data, and the data obtaining unit is not called by the application in the REE, so that the TEE guarantees the security of the status data obtained by the V2X application, and further guarantees the security when the V2X application processes the V2X data.
In the first embodiment of the first aspect of the present application, the V2X application is specifically configured to generate a processing result according to the state data and the first V2X data, and send the processing result through the first external interface.
In summary, in this embodiment, the V2X data received by the V2X communication device needs V2X application processing, so that the V2X application can acquire the vehicle status data when the TEE guarantees the security of the status data acquired by the V2X application, and can generate a processing result when the TEE guarantees the security of the first V2X data, so that the V2X application can further call the first external interface capable of guaranteeing the security to send the processing result, so that the V2X application is protected by the TEE in the whole process of processing the V2X data, and the security of the V2X application when processing the V2X data is further guaranteed.
In the first embodiment of the first aspect of the present application, the V2X application is specifically configured to send the first V2X data through the first external interface, and the V2X application is specifically configured to send the first V2X data through the first external interface.
In summary, in this embodiment, for the first V2X data received by the V2X communication device, the V2X application is not required to process the data, but the data is directly forwarded, so that the V2X application can directly call the first external interface capable of ensuring security to forward the received first V2X data, thereby ensuring the security of the V2X application when forwarding the V2X data.
In the first embodiment of the first aspect of the present application, the V2X application is specifically used, and the V2X application is specifically used, for generating the second V2X data by using the status data.
In summary, the present embodiment is directed to a process in which the V2X communicator itself generates the second V2X data to be transmitted according to the status data of the vehicle, wherein, since the V2X application can acquire the status data of the vehicle while the status data acquired by the V2X application is secured by the TEE, the second V2X data can also be generated in the TEE and then transmitted. Therefore, the whole process of generating and sending V2X data by the V2X application program is protected by the TEE, and the safety of the V2X application program in processing the V2X data is further ensured.
A second aspect of the present application provides a V2X communication method, which is applicable to an AP processor in the V2X communication device provided in the first aspect of the present application, wherein the method includes: the AP processor calls the first communication module to send or receive data of the V2X application program through the V2X application program running in the trusted execution environment; and/or the AP processor calls the second communication module to send or receive data of other application programs through other application programs running in the non-trusted execution environment.
In an embodiment of the second aspect of the present application, the method further includes: the AP processor performs a security check on the first V2X data of the V2X application received by the first communication module through the trusted execution environment.
In an embodiment of the second aspect of the present application, the method further includes: the AP processor calls the hardware security module HSM through the trusted execution environment to perform security check on the first V2X data of the V2X application program received by the first communication module.
In an embodiment of the second aspect of the present application, the method further includes: the AP processor encrypts, via the trusted execution environment, the second V2X data generated by the V2X application.
In an embodiment of the second aspect of the present application, the method further includes: the AP processor invokes the hardware security module HSM through the trusted execution environment to encrypt the second V2X data generated by the V2X application.
In an embodiment of the second aspect of the present application, the V2X communication device further includes: a first external interface and a second external interface respectively connected with the AP processor; the method further comprises the following steps: the AP processor calls the first external interface through the V2X application program running in the trusted execution environment, and transmits data of the V2X application program to an external device connected with the first external interface; and/or the AP processor calls the second external interface through other application programs running in the untrusted execution environment, and transmits data of the other application programs to the external equipment connected with the second external interface.
In an embodiment of the second aspect of the present application, the V2X communication device further includes: a data acquisition unit connected to the AP processor for acquiring status data identifying a status of the vehicle; the method further comprises the following steps: and the AP processor generates a processing result according to the state data and the first V2X data through a V2X application program running in the trusted execution environment, and calls the first external interface to send the processing result.
In an embodiment of the second aspect of the present application, the method further includes: the AP processor sends the first V2X data through the V2X application running in the trusted execution environment, the first external interface.
In an embodiment of the second aspect of the present application, the method further includes: the AP processor generates second V2X data from the state data through a V2X application running in the trusted execution environment.
For specific implementation and beneficial effects of the V2X communication method provided in the second aspect, reference may be made to the description of the V2X communication apparatus in the first aspect of the present application, and details are not repeated.
The third aspect of the present application provides a V2X communication device, the V2X communication device being configured to implement the functions in the above-described method. The functions can be realized by hardware, and the functions can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the above-described functions.
A fourth aspect of the present application provides a computer program product comprising instructions which, when run, cause a V2X communication device to perform the method of the second aspect or its various possible implementations.
A fifth aspect of the present application provides a computer-readable storage medium having stored therein instructions that, when executed, cause a V2X communication device to perform the above-described first aspect or the methods in the various possible implementations of the first aspect.
A sixth aspect of the present application provides a chip system, which includes a processor and may further include a memory, and is configured to implement the function of the V2X communication apparatus in the foregoing method. The chip system may be formed by a chip, and may also include a chip and other discrete devices.
A seventh aspect of the present application provides a vehicle comprising a V2X communication device as in any embodiment of the first aspect of the present application.
In summary, the present application provides a V2X communication method, apparatus and vehicle, wherein a TEE and a REE run simultaneously in an AP processor, and V2X applications for V2X communication in the AP processor run in the TEE, so that the V2X application is isolated from other applications, so that the V2X application can process V2X data independently in the TEE, and the TEE ensures that the V2X application is not affected or attacked by other applications when processing V2X data; meanwhile, the V2X application program running in the TEE can call the first communication module which is also independently arranged to realize the receiving or sending of the V2X data, so that the data receiving and sending module used by the V2X application program can only be called by the application program in the TEE, thereby being isolated from the second communication module which can be called by other application programs in the REE, and further ensuring the safety when the V2X application program running in the TEE receives and sends the V2X data. In summary, the V2X communication device provided in this embodiment can improve the security performance of the V2X application program in V2X communication by the TEE running on one AP processor, and does not need to provide a separate processor, thereby simplifying the structure of the V2X communication device and reducing the hardware cost.
Drawings
FIG. 1 is a schematic diagram of an application scenario of the present application;
FIG. 2 is a schematic diagram of a V2X communication device;
FIG. 3 is a schematic structural diagram of another V2X communication device;
fig. 4 is a schematic structural diagram of an embodiment of a V2X communication device provided in the present application;
FIG. 5 is a diagram illustrating a software architecture of an application processor provided herein;
fig. 6 is a schematic structural diagram of an embodiment of a V2X communication device provided in the present application;
fig. 7 is a schematic structural diagram of an embodiment of a V2X communication device provided in the present application;
FIG. 8 is a schematic diagram of a software architecture in the TEE provided herein;
fig. 9 shows a flow of a V2X data reception process;
fig. 10 shows a flow of a transmission process of V2X data;
fig. 11 is a schematic structural diagram of an embodiment of a V2X communication device provided in the present application;
FIG. 12 is a schematic diagram of a software architecture in the TEE provided herein;
fig. 13 shows a flow of a V2X data reception process;
fig. 14 shows a flow of a transmission process of V2X data.
Detailed Description
Before describing the embodiments of the present application, the following description will be made with reference to the accompanying drawings.
Fig. 1 is a schematic diagram of an application scenario of the present application, and as shown in fig. 1, the present application may be applied to an application scenario of vehicle network communication, where, for communication, a vehicle shown in fig. 1 may be provided with a V2X communication device (or referred to as a vehicle network terminal), and through the V2X communication device, the vehicle in the figure may communicate with another vehicle to vehicle (V2V), communicate with another pedestrian to pedestrian (V2P), communicate with another roadside infrastructure (V2I), or communicate with a vehicle to network (V2N). The V2X communication can realize the all-round connection and high-efficient information interaction between vehicles and pedestrians, other vehicles, roadside equipment and networks, and realize the functions of information service, traffic safety, traffic efficiency and the like.
With the development of network technology and intelligent vehicle technology, the functions that the vehicle can realize through the V2X communication device are becoming more and more abundant, for example, the V2X communication device can obtain various information services through V2I and V2N communication, including traffic light information, nearby area vehicle information, vehicle navigation information, emergency rescue information, entertainment service information, etc.; the V2X communication device can acquire information such as speed, position, driving condition, pedestrian activity and the like of surrounding vehicles in real time through V2V and V2P communication, and a collision early warning function is realized through an intelligent algorithm, so that traffic accidents of the vehicles are avoided; the V2X communication device can implement functions such as vehicle speed guidance and the like through V2I communication to improve traffic efficiency.
Since the service provided by the V2X communication device through V2X communication is closely related to the safety performance, once the data transmitted by the V2X communication device used by the vehicle in the communication process is illegally tampered or counterfeited, or the V2X application and algorithm process running on the V2X communication device is attacked, the normal driving of the vehicle can be seriously affected, and even the safety of other vehicles and pedestrians on the road is threatened, so that the V2X communication device needs to ensure the data safety when performing V2X communication and providing related services.
In some techniques, the V2X communication device may encrypt the transmitted data to ensure data security while performing V2X communications. For example, fig. 2 is a schematic structural diagram of a V2X communication device, as shown in fig. 2, a V2X application capable of V2X communication may run on an application processor in a V2X communication device, and when the V2X communication device is used as a sender to send V2X data, the V2X application signs and encrypts the V2X data through a key and then sends the data through a communication module; when the V2X communication device serves as a receiver to receive V2X data, the V2X application program needs to obtain a symmetric key to decrypt the V2X data through the authentication server after receiving the V2X data through the communication module. Therefore, the V2X data is protected from being tampered by a security mechanism of signature and encryption in the whole transmission process of sending and receiving the V2X data.
However, in the technique shown in fig. 2, since the application processor in the V2X communication device may run other applications, such as application a and application B illustrated in the figure, in addition to the V2X application, the applications a and B may also call the communication module to send or receive a data and B data, respectively. Therefore, the V2X application program running on the application processor is vulnerable to attacks from other application programs during the calculation process, and the V2X application program is abnormal to threaten the safety of the vehicle.
In other technologies, different application processors may be disposed in the V2X communication device, so that the V2X application and other applications run in different application processors, thereby implementing isolation of the V2X application. For example, fig. 3 is a schematic structural diagram of another V2X communication device, and as shown in fig. 3, at least two application processors, namely an application processor 1 and an application processor 2, are arranged in a V2X communication device, a V2X application capable of V2X communication is run in the application processor 1, and other applications except the V2X application are run in the application processor 2. The V2X application transmits or receives V2X data by calling the communication module 1 when the V2X communication device transmits or receives V2X data, and the communication module 1 may be integrated in the application processor 1 or separately provided. Accordingly, the applications a and B in the application processor 2 may call the communication module to transmit or receive a data and B data.
However, in the technique shown in fig. 3, in order to ensure independent operation of the V2X application, at least two application processors need to be arranged in the V2X communication device to realize hardware isolation between the applications, and due to the high cost of the existing processors, the cost of the whole V2X communication device is greatly increased by the plurality of processors arranged in the V2X communication device.
In summary, the V2X communication device has poor safety performance in the technology shown in fig. 2, but has high hardware cost in the technology shown in fig. 3, and both technologies have respective disadvantages, and how to reduce the device cost and improve the safety performance of the V2X communication device is a technical problem to be solved in the art.
Therefore, in order to solve the above technical problems, the present application provides a V2X communication method and device to solve the technical problem that the V2X communication device in the prior art cannot reduce the hardware cost and improve the security performance. The technical solution of the present application will be described in detail with specific embodiments in conjunction with the accompanying drawings. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
Fig. 4 is a schematic structural diagram of an embodiment of a V2X communication device provided in the present application, and as shown in fig. 4, the V2X communication device provided in the present application may be disposed on a vehicle shown in fig. 1, and is used for V2X communication by the vehicle shown in fig. 1. The V2X communication device includes: an Application (AP) processor on which a Trusted Execution Environment (TEE) and an untrusted execution environment (REE) run.
The TEE is based on the ARM Trustzone security technology, an operating system is isolated into two worlds, namely a secure world and a non-secure world, security isolation is achieved through hardware, isolation of peripheral devices is included, the TEE is a software running environment of the secure world, a security isolation mechanism similar to a hardware level is arranged between a software running environment REE of the non-secure world, and an application program running in the REE cannot directly access the application program running in the TEE. In this embodiment, the TEE running in the AP processor is used to run V2X applications for V2X communication, and at the same time, one or more V2X applications may be included in the AP processor, and all V2X applications in the AP processor run in the TEE, which is exemplified by the V2X application in fig. 4. The REE running in the AP processor is used to run applications in the AP processor except for the V2X application, that is, applications not performing V2X communication, in this embodiment, the applications except for the V2X application are denoted as other applications, and in fig. 4, the other applications include: application a, application B … … are examples.
The V2X communication device further includes: a first communication module and a second communication module, wherein the first communication module is connected to the AP processor and is configured to be able to be called only by the V2X application running in the TEE, not by other applications running in the REE, and to transmit or receive V2X data of the V2X application when called; the second communication module is also connected to the AP processor and is configured to be able to be called only by other applications running in the REE, but not by the V2X application running in the TEE, and to send or receive data of the other applications when called.
Optionally, the first communication module may include: the V2X communication baseband processing unit and the V2X communication radio frequency unit, wherein the V2X communication baseband processing unit supports the baseband processing function of the V2X communication technology, and the V2X communication radio frequency unit supports the radio frequency signal processing function of the V2X communication technology. When the first communication module is used for transmitting or receiving V2X data, the supported technical standard may be a DSRC standard based on a WAVE technology (also called IEEE 802.11p), or a cellular (cellular) C-V2X standard. The second communication module may include: cellular communication baseband processing unit and cellular communication radio frequency unit, wherein, cellular communication baseband processing unit: the base band processing function of the cellular communication technology (2G/3G/4G/5G) is supported, and the cellular communication radio frequency unit: and the radio frequency signal processing function of cellular communication technology (2G/3G/4G/5G) is supported.
Further optionally, the AP processor and the cellular baseband processor unit in the second communication module may be integrated on a same chip, where the chip may be a system on chip (SoC) or a baseband chip; alternatively, the cellular baseband processor unit and the AP processor may be provided on separate chips. Or, the AP processor, the cellular baseband processing unit in the second communication module, and the V2X baseband processing unit in the first communication module may be integrated on a same chip, where the chip may be an SoC or a baseband chip; alternatively, the cellular baseband processor unit, the V2X baseband processor unit, and the AP processor may be provided on separate chips. The V2X communication radio frequency unit can be arranged on a separate chip and is connected with the V2X communication baseband processing unit; or, the V2X communication rf unit may also be disposed on the same chip as the cellular communication rf unit, where the chip may be an SoC or a cellular communication rf chip.
More specifically, fig. 5 is a schematic diagram of a software architecture of the application processor provided in the present application, wherein for a V2X application running in a TEE, the V2X application at an application layer, or a V2X algorithm may further invoke the first communication module to send or receive V2X data through a V2X protocol stack and a security service. For the application program running in the REE, running in a separate OS, the application program at the application layer may also call the second communication module to send or receive data through the middleware.
As can be seen from fig. 4 and fig. 5, the V2X communication apparatus provided in this embodiment may be provided with one AP processor, and run TEE and REE simultaneously in the AP processor, and the V2X application for V2X communication in the AP processor is all run in the TEE, so that the V2X application is isolated from other applications, so that the V2X application can independently process V2X data in the TEE, and the TEE ensures that the V2X application is not affected or attacked by other applications when processing V2X data; meanwhile, the V2X application program running in the TEE can call the first communication module which is also independently arranged to realize the receiving or sending of the V2X data, so that the data receiving and sending module used by the V2X application program can only be called by the application program in the TEE, thereby being isolated from the second communication module which can be called by other application programs in the REE, and further ensuring the safety when the V2X application program running in the TEE receives and sends the V2X data. Therefore, the V2X communication device provided by the application can improve the safety performance of V2X application programs in V2X communication by using the TEE running on one AP processor, and does not need to be provided with a separate processor, thereby simplifying the structure of the V2X communication device and reducing the hardware cost.
Further, in the above embodiment, the V2X application running in the TEE of the V2X communication device may also perform encryption or security check processing on the V2X data while the V2X application is being processed. When the V2X application running in the TEE serves as a data receiver, the V2X application calls the data received by the first communication module to be the first V2X data, the V2X application firstly performs security check and decryption on the first V2X data, and then the V2X application further performs security check and decryption on the first V2X data; when the V2X application running in the TEE is used as a data sender, the V2X application may determine that data to be sent is second V2X data, and then the V2X application first encrypts and signs the second V2X data, and then the V2X application calls the first communication module to send the encrypted and signed second V2X data.
In summary, the V2X communication device provided in this embodiment can further encrypt and sign data in the TEE or decrypt and perform security check operations on data in the TEE when the V2X application performs data reception or transmission in the TEE, and can further ensure the security of the V2X data processed by the V2X application.
Alternatively, in another possible implementation manner, a Hardware Security Module (HSM) may be further disposed in the V2X communication device, and the V2X application may check the received V2X data by calling the HSM. Wherein the HSM supports secure algorithmic processing, secure storage of keys and data. For example, fig. 6 is a schematic structural diagram of an embodiment of the V2X communication device provided in the present application, and the V2X communication device shown in fig. 6 further includes, on the basis of the embodiment shown in fig. 4, an HSM connected to the AP processor, where the HSM is configured to be able to be called by an application in the TEE but not by an application in the REE. For the V2X communication apparatus shown in fig. 6, after receiving the first V2X data, as a data receiver, the HSM is invoked to perform security check and decryption processing on the first V2X data, the HSM sends the processed first V2X data to the V2X application, and the V2X application in the TEE does not need to decrypt and perform security check on the first V2X data, and can directly process the first V2X data; similarly, after the V2X communication apparatus shown in fig. 6 is used as a data sender to generate second V2X data to be sent, the HSM is invoked to encrypt and sign the second V2X data, the HSM sends the processed second V2X data to the V2X application program, and the V2X application program in the TEE does not need to encrypt and sign the second V2X data, and can directly invoke the first communication module to send the second V2X data.
In summary, the V2X communication apparatus provided in this embodiment can set an independent HSM outside the AP processor according to the actual usage situation, and perform security operations such as encryption, decryption, signature, and verification of V2X data, thereby reducing the computation amount of the AP processor, and the HSM is configured to be only able to be called by the application in the TEE, and can further ensure the security performance of the V2X application when performing security operations on V2X data.
Alternatively, in yet another possible implementation, the HSM provided in the V2X communication device is connected to the V2X baseband processing unit in the first communication module and invoked when the V2X baseband processing unit processes V2X data. For example, when the V2X communication apparatus is used as a data receiver, after the V2X baseband processing unit receives the first V2X data, the HSM is invoked to perform security check and decryption processing on the first V2X data, the HSM sends the processed first V2X data to the V2X baseband processing unit, and then the V2X baseband processing unit sends the first V2X data to the V2X application program in the TEE for processing; when the V2X communication device is used as a data sender, the V2X application generates second V2X data to be sent, and invokes the V2X baseband processing unit to send, the V2X baseband processing unit first invokes the HSM to encrypt and sign the second V2X data, the HSM sends the processed second V2X data to the V2X baseband processing unit, and the V2X baseband processing unit sends the processed second V2X data to the V2X radio frequency unit to send.
In summary, according to the V2X communication apparatus provided in this embodiment, an independent HSM may also be provided in the V2X communication baseband processing unit outside the AP processor according to the actual usage situation, so that the V2X communication baseband processing unit can perform security operations such as encryption, decryption, signature, and verification on the V2X data during transmission or reception of the V2X data, thereby reducing the amount of computation of the AP processor, and the HSM is connected only to the V2X communication baseband processing unit in the first communication module, and the first communication module is configured to be called only by the application in the TEE, which can further ensure the security performance of the V2X application when performing security operations on the V2X data.
Further, the above embodiments are directed to the V2X communication device, and are directed to the processes of running the V2X application in the TEE to receive, transmit V2X data, and process V2X data, so as to ensure the safety of the V2X application in V2X communication. When the V2X application needs to further transmit data to a device other than the V2X communication apparatus, or needs to receive data transmitted by a device other than the V2X communication apparatus, since the V2X application is set in the TEE, the physical interface or the communication interface of other devices also needs to be configured accordingly, so as to further ensure the security of the V2X application in processing the V2X data.
For example, fig. 7 is a schematic structural diagram of an embodiment of a V2X communication device provided in the present application, and based on the embodiment shown in fig. 6, the V2X communication device shown in fig. 7 further divides a plurality of external physical interfaces of the V2X communication device into a first external interface and a second external interface. The specific implementation form of the external physical interface includes but is not limited to: an ethernet (ethernet) interface, a wireless fidelity (Wi-Fi) interface, and a Universal Serial Bus (USB) interface.
Recording an external device connected with a first external interface as a first external device, wherein the first external interface is configured to be called by an application program in a TEE but not called by the application program in a REE; when the first external interface is called by the V2X application in the TEE, the V2X application may transfer data with the first external device through the first external interface. Recording the external device connected with the second external interface as the second external device, wherein the second external interface is configured to be called by an application program in the REE but not called by the application program in the TEE; when the second external interface is called by other applications in the REE, the other applications may transfer data with the second external device through the second external interface. That is, in the embodiment of the present application, the external interface of the V2X communication device is divided into TEE and REE calls, so that the external interfaces used when the application programs running in the TEE and REE send data to the external device are physically isolated.
The V2X communication unit as shown in fig. 7 may further include: a data acquisition unit configured to be able to be called only by an application in the TEE and not by an application in the REE; when the data acquisition unit is called by the V2X application in the TEE, the V2X application may acquire the state data representing the state of the vehicle through the data acquisition unit.
Alternatively, in the example shown in fig. 7, the data acquisition unit that the V2X application program in the TEE can call may include: a Controller Area Network (CAN) data unit, a Global Navigation Satellite System (GNSS) data unit, and a sensor unit. The CAN data unit comprises a CAN data unit consisting of a Micro Controller Unit (MCU) supporting the CAN and a CAN transceiver, and is used for acquiring the driving data of a vehicle in which the V2X communication device is positioned, such as the speed, the steering and the braking; the GNSS data unit supports a GNSS positioning function, and can be an independent chip or can be integrated in a chip where the application processor is located; sensor data units, which may include, for example: the system comprises a gyroscope, an acceleration sensor and the like, and is used for acquiring real-time state data of a vehicle, wherein the sensor data unit can be an independent chip, or can be integrated in a chip where an application processor is located, or is connected with a GNSS chip.
In summary, in the V2X communication apparatus provided in this embodiment, the external interface that can be called by the V2X application running in the TEE is different from the external interface that can be called by the application running in the REE, so that the external interfaces used when the applications running in the TEE and the REE send data to the external device are physically isolated, the physical interface that can be called by the V2X application is itself secure, and the security of the V2X application when sending V2X data to the outside is further ensured.
More specifically, fig. 8 is a schematic diagram of a software structure in the TEE provided by the present application, where a relationship between software modules in the V2X communication device shown in fig. 7 is shown, where a V2X application running in the TEE calls a relevant module to perform data transmission. The V2X application processing module is used for running a V2X application program, the V2X network transmission protocol processing module is used for processing V2X data, the V2X network transmission protocol processing module can call a safety server module (HSM) through a V2X safety module to perform safety operation on the V2X data, the V2X access layer protocol processing module is used for sending or receiving the V2X data, and the V2X algorithm processing module is used for acquiring the state data of the vehicle through a vehicle data module, a vehicle position module and other data acquisition units.
A specific application of the software structure shown in fig. 8 is a process of receiving first V2X data, for example, fig. 9 shows a process flow of receiving V2X data, where after the process flow starts, the V2X access layer protocol processing module receives first V2X data, and sends the received first V2X data to the V2X network transport protocol processing module operating in the TEE through a physical interface or an inter-core communication interface. The V2X network transport protocol processing module sends the first V2X data to the V2X security module for signature verification and decryption, specifically, the V2X security module may invoke the security server block to perform signature verification and decryption on the first V2X data, wherein when the first V2X data signature verification fails, the process is ended; and when the signature verification of the first V2X data passes, sending the first V2X data which passes the signature verification and is decrypted to the V2X application processing module for further processing.
After receiving the first V2X data, the V2X application processing module needs to determine whether the first V2X data needs to be processed locally. For example, for some notification information data requiring the V2X communicator to directly forward to other vehicles or devices, if the V2X application processing module determines that no calculation processing is required locally, the received first V2X data is directly sent to the external device by calling the external interface. For some data which needs to be processed by the V2X communication device in combination with the state of the vehicle, after judging that the local needs to be calculated, the V2X application processing module sends the received first V2X data to the V2X algorithm processing module, and after the V2X algorithm processing module calculates in combination with the vehicle speed, steering, braking, position and other data of the vehicle obtained from the vehicle data module and the position data module, the calculated processing result, such as collision warning information, is obtained, and the result returns to the V2X application processing module. Finally, the V2X application processing module sends the obtained processing result to the external device through the external communication interface, thereby ending the flow.
Another specific application of the software structure shown in fig. 8 is a transmission process of second V2X data, for example, fig. 10 shows a transmission processing flow of V2X data, wherein after the flow starts, the V2X application processing module may generate second V2X data to be transmitted according to a certain period, and specifically, after the V2X algorithm processing module obtains data of vehicle speed, position, and the like from the vehicle data module and the position data module, a piece of second V2X data to be transmitted is generated. Subsequently, the V2X application processing module sends the second V2X data to the V2X network transport protocol processing module for sending, and after the V2X network transport protocol processing module calls the security service module through the V2X security module to sign and encrypt the second V2X data, the V2X network transport protocol module sends the processed second V2X data to the V2X access layer protocol processing module through a physical interface or an inter-core communication interface. Finally, the V2X access layer protocol processing module sends the second V2X data over the air interface, thereby ending the flow.
Alternatively, the HSM provided by the V2X communication device provided in the embodiments shown in fig. 8-10 is connected to the TEE of the AP processor and can be called by the V2X application running in the TEE, and in other possible implementations of the present application, the HSM provided by the V2X communication device may be connected to the V2X baseband processing unit in the first communication module and can be called by the V2X baseband processing unit. For example, fig. 11 is a schematic structural diagram of an embodiment of the V2X communication device provided in the present application, and the V2X communication device shown in fig. 11 differs from the V2X communication device shown in fig. 7 in that the HSM is connected to the V2X baseband processing unit in the first communication module.
Specifically, fig. 12 is a schematic diagram of a software structure in the TEE provided by the present application, where a software module relationship is shown in which, in the V2X communication device shown in fig. 11, a V2X application running in the TEE calls a relevant module to perform data transmission. The V2X application processing module is configured to run a V2X application, the V2X network transport protocol processing module is configured to process V2X data, the V2X access layer protocol processing module is configured to send or receive V2X data, the V2X access layer protocol processing module may call a V2X security module (HSM) to perform security operation on the V2X data, and the V2X algorithm processing module is configured to obtain status data of the vehicle through data obtaining units such as a vehicle data module and a vehicle location module.
One specific application of the software structure shown in fig. 12 is a process for receiving first V2X data, for example, fig. 13 shows a process flow for receiving V2X data, wherein, when the process flow starts, the V2X access layer protocol processing module receives first V2X data, and calls the received first V2X data to the V2X security module for decryption and signature verification. When the first V2X data signature verification fails, the process is ended; and after the signature verification of the first V2X data passes, sending the first V2X data which passes the signature verification and is decrypted to a V2X network transmission protocol processing module running in the TEE through a physical interface or an inter-core communication interface. The V2X network transport protocol processing module further sends the first V2X data to the V2X application processing module for further processing. Likewise, after receiving the first V2X data, the V2X application processing module needs to determine whether the first V2X data needs to be processed locally. For the processing of the first V2X data by the V2X application processing module, reference may be made to the embodiment shown in fig. 9, and details thereof are not repeated.
Another specific application of the software structure shown in fig. 12 is a transmission process of second V2X data, for example, fig. 14 shows a transmission processing flow of V2X data, wherein after the flow starts, the V2X application processing module may generate second V2X data to be transmitted according to a certain period, and specifically, after the V2X algorithm processing module obtains data of vehicle speed, position, and the like from the vehicle data module and the position data module, a piece of second V2X data to be transmitted is generated. Subsequently, the V2X application processing module sends the second V2X data to the V2X network transport protocol processing module for sending, and the V2X network transport protocol processing module sends the second V2X data to the V2X access layer protocol processing module through a physical interface or an inter-core communication interface. The V2X access layer protocol processing module can call the security service module through the V2X security module to sign and encrypt the second V2X data, and then send the second V2X data over the air interface, thereby ending the flow.
Further, the present application also provides a V2X communication method, which may be executed by the AP processor in any of the above embodiments, for example, the V2X communication method may include: the AP processor calls the first communication module to send or receive data of the V2X application program through the V2X application program running in the trusted execution environment; and/or the AP processor calls the second communication module to send or receive data of other application programs through other application programs running in the non-trusted execution environment.
Or, optionally, the method further comprises: the AP processor performs a security check on the first V2X data of the V2X application received by the first communication module through the trusted execution environment.
Optionally, the method further comprises: the AP processor calls the hardware security module HSM through the trusted execution environment to perform security check on the first V2X data of the V2X application program received by the first communication module.
Optionally, the method further comprises: the AP processor encrypts, via the trusted execution environment, the second V2X data generated by the V2X application.
Optionally, the method further comprises: the AP processor invokes the hardware security module HSM through the trusted execution environment to encrypt the second V2X data generated by the V2X application.
Optionally, the method may further include: the AP processor calls the first external interface through the V2X application program running in the trusted execution environment, and transmits data of the V2X application program to an external device connected with the first external interface; and/or the AP processor calls the second external interface through other application programs running in the untrusted execution environment, and transmits data of the other application programs to the external equipment connected with the second external interface.
Optionally, the method further comprises: the method further comprises the following steps: and the AP processor generates a processing result according to the state data and the first V2X data through a V2X application program running in the trusted execution environment, and calls the first external interface to send the processing result.
Optionally, the method further comprises: the AP processor sends the first V2X data through the V2X application running in the trusted execution environment, the first external interface.
Optionally, the method further comprises: the AP processor generates second V2X data from the state data through a V2X application running in the trusted execution environment.
It should be noted that, in the method executed by the AP processor, the execution subject may also be a corresponding V2X application program in the AP processor, or a corresponding other application program in the AP processor.
The implementation manner and principle of the V2X communication method provided in the foregoing embodiments may refer to the description of the V2X communication apparatus in the embodiments of the present application, and are not described again.
To implement the V2X communication method provided in the embodiments of the present application, in the memory of the AP processor, a computer-executable program code may be stored, the program code including instructions; when the AP processor executes the instruction, the instruction causes the AP processor to execute the processing action of the AP processor in the foregoing embodiment or the optional embodiment, which has similar implementation principles and technical effects, and is not described herein again. Alternatively, in order to implement the V2X communication method in the embodiment of the present application, each module in the V2X communication apparatus other than the AP processor may also store computer-executable program code, for example, as shown in fig. 11, the V2X communication baseband processing unit may store program code including instructions, and when the V2X communication baseband processing unit executes the instructions, it may be caused to perform related actions such as invoking HSM performed by the V2X communication baseband processing unit.
Those skilled in the art will readily appreciate that the algorithm steps of the various embodiments described in connection with the embodiments disclosed herein may be implemented in hardware or a combination of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiment of the present application, when the modules in the V2X communication apparatus are divided according to the above example, each functional module may be divided according to each function, or two or more functions may be integrated into one processing module. For example, the first communication module and the second communication module may be two different modules or integrated in one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation.
The term "plurality" herein means two or more. The term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship; in the formula, the character "/" indicates that the preceding and following related objects are in a relationship of "division".
It should be understood that, in the embodiment of the present application, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiment of the present application.
It is understood that, in the embodiment of the present application, the memory may be a non-volatile memory, such as a Hard Disk Drive (HDD) or a solid-state drive (SSD), and may also be a volatile memory (RAM), for example. The memory is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory in the embodiments of the present application may also be circuitry or any other device capable of performing a storage function for storing program instructions and/or data.
Through the above description of the embodiments, it is clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be completed by different functional modules according to needs, that is, the internal structure of the device may be divided into different functional modules to complete all or part of the above described functions.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, and for example, the division of the modules or units is only one logical functional division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another device, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may be one physical unit or a plurality of physical units, that is, may be located in one place, or may be distributed in a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The method provided by the embodiment of the present application may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, a network appliance, a terminal, or other programmable apparatus. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., Digital Video Disk (DVD)), or a semiconductor medium (e.g., SSD), among others.
The above description is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (20)

1. A vehicle-to-all V2X communication device provided on a vehicle, the device comprising:
an AP processor having a trusted execution environment and an untrusted execution environment running thereon, the trusted execution environment for running a V2X application and the untrusted execution environment for running applications other than the V2X application;
a first communication module for transmitting or receiving data of the V2X application when called by the V2X application running in the trusted execution environment;
and the second communication module is used for sending or receiving data of other application programs when the second communication module is called by the other application programs running in the non-trusted execution environment.
2. The apparatus of claim 1,
the trusted execution environment is further configured to perform a security check on first V2X data of the V2X application received by the first communication module;
and if the safety check is passed, the V2X application program processes the first V2X data.
3. The apparatus of claim 1, further comprising:
a hardware security module HSM connected to the AP processor for performing security check on the first V2X data of the V2X application received by the first communication module;
and if the safety check is passed, the V2X application program processes the first V2X data.
4. The apparatus of claim 1, further comprising:
a hardware security module HSM connected to the first communication module, for performing security check on the first V2X data of the V2X application program received by the first communication module;
if the security check is passed, the first communication module sends the first V2X data to the trusted execution environment.
5. The apparatus of claim 2,
the trusted execution environment is further configured to encrypt second V2X data generated by the V2X application;
the first communication module is specifically configured to send the encrypted second V2X data.
6. The apparatus of claim 3,
the HSM is further configured to encrypt second V2X data generated by the V2X application;
the first communication module is specifically configured to send the encrypted second V2X data.
7. The apparatus of claim 4,
the HSM is further configured to encrypt second V2X data generated by the V2X application;
the first communication module is specifically configured to send the encrypted second V2X data.
8. The apparatus of any one of claims 1-7, further comprising: a first external interface and a second external interface;
the first external interface is used for transmitting data of the V2X application program to a connected external device when being called by the trusted execution environment;
the second external interface is used for transmitting data of the other application program to the connected external equipment when being called by the non-trusted execution environment.
9. The apparatus of claim 8, further comprising:
a data acquisition unit, invokable by the trusted execution environment, for acquiring status data representative of the vehicle status.
10. The apparatus of claim 9,
the V2X application is specifically configured to generate a processing result according to the status data and the first V2X data, and send the processing result through the first external interface.
11. The apparatus of claim 8,
the V2X application is specifically configured to send first V2X data via the first external interface.
12. The apparatus of claim 9,
the V2X application is specifically configured to generate secondary V2X data from the state data.
13. A vehicle-to-all V2X communication method applied to an AP processor in a V2X communication device, wherein the V2X communication device comprises: the AP processor is respectively connected with a first communication module and a second communication module, a trusted execution environment and an untrusted execution environment are operated on the AP processor, the trusted execution environment is used for operating a V2X application program, and the untrusted execution environment is used for operating other application programs except the V2X application program; the method comprises the following steps:
the AP processor calls the first communication module to send or receive data of the V2X application program through a V2X application program running in the trusted execution environment; and/or the presence of a gas in the gas,
and the AP processor calls the second communication module to send or receive data of other application programs through the other application programs running in the untrusted execution environment.
14. The method of claim 13, further comprising:
the AP processor securely checks, by the trusted execution environment, first V2X data of the V2X application received by the first communication module.
15. The method of claim 13, further comprising:
and the AP processor calls a Hardware Security Module (HSM) through the trusted execution environment to perform security check on the first V2X data of the V2X application program received by the first communication module.
16. The method of claim 14, further comprising:
the AP processor encrypts, via the trusted execution environment, second V2X data generated by the V2X application.
17. The method of claim 15, further comprising:
and the AP processor calls a Hardware Security Module (HSM) through the trusted execution environment to encrypt second V2X data generated by the V2X application program.
18. The method of any of claims 13-17, wherein the V2X communication device further comprises: a first external interface and a second external interface respectively connected with the AP processor; the method further comprises the following steps:
the AP processor calls the first external interface through the V2X application program running in the trusted execution environment, and transmits data of the V2X application program to an external device connected with the first external interface; and/or the presence of a gas in the gas,
and the AP processor calls the second external interface through the other application programs running in the untrusted execution environment, and transmits data of the other application programs to external equipment connected with the second external interface.
19. The method of claim 18, wherein the V2X communication device further comprises: a data acquisition unit connected to the AP processor for acquiring status data identifying the vehicle status; the method further comprises the following steps:
and the AP processor generates a processing result according to the state data and the first V2X data through the V2X application program running in the trusted execution environment, and calls the first external interface to send the processing result.
20. A vehicle comprising the vehicle-to-all V2X communication device of any one of claims 1-12.
CN201911403731.XA 2019-12-31 2019-12-31 V2X communication method and device and vehicle Active CN111148070B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201911403731.XA CN111148070B (en) 2019-12-31 2019-12-31 V2X communication method and device and vehicle
PCT/CN2020/137935 WO2021135999A1 (en) 2019-12-31 2020-12-21 V2x communication method and device, and vehicle

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911403731.XA CN111148070B (en) 2019-12-31 2019-12-31 V2X communication method and device and vehicle

Publications (2)

Publication Number Publication Date
CN111148070A CN111148070A (en) 2020-05-12
CN111148070B true CN111148070B (en) 2021-06-15

Family

ID=70522395

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911403731.XA Active CN111148070B (en) 2019-12-31 2019-12-31 V2X communication method and device and vehicle

Country Status (2)

Country Link
CN (1) CN111148070B (en)
WO (1) WO2021135999A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111148070B (en) * 2019-12-31 2021-06-15 华为技术有限公司 V2X communication method and device and vehicle
CN111726784A (en) * 2020-06-10 2020-09-29 桑德科技(重庆)有限公司 V2X-based vehicle driving safety management method
CN112953909B (en) * 2021-01-28 2023-03-14 北京豆荚科技有限公司 Method for realizing vehicle-mounted internal and external network safety isolation based on TEE

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105791284A (en) * 2016-02-29 2016-07-20 华为技术有限公司 Secure data transmission device and method
CN106845279A (en) * 2017-02-17 2017-06-13 宇龙计算机通信科技(深圳)有限公司 The method of calibration and device of security service management entity SSME modules
CN107392055A (en) * 2017-07-20 2017-11-24 深圳市金立通信设备有限公司 A kind of dual system safety chip control method, terminal, computer-readable recording medium and the dual system framework based on safety chip
EP3293656A1 (en) * 2016-09-13 2018-03-14 Gemalto Sa Method for controlling access to a trusted application in a terminal
CN108881486A (en) * 2018-08-01 2018-11-23 北京航空航天大学 Intelligent network connection vehicle remote communication means and system based on trusted technology
CN109348509A (en) * 2018-09-21 2019-02-15 斑马网络技术有限公司 Communication means and device, electronic equipment and storage medium
CN109714344A (en) * 2018-12-28 2019-05-03 国汽(北京)智能网联汽车研究院有限公司 Intelligent network based on " end-pipe-cloud " joins automobile information security platform
CN110366130A (en) * 2018-04-09 2019-10-22 华为技术有限公司 A kind of V2X business authorization method, device and equipment
CN110532766A (en) * 2018-05-25 2019-12-03 华为技术有限公司 A kind of processing method and relevant device of the trusted application based on more containers

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9871821B2 (en) * 2014-11-11 2018-01-16 Oracle International Corporation Securely operating a process using user-specific and device-specific security constraints
CN105590201B (en) * 2015-04-23 2019-05-10 ***股份有限公司 Mobile payment device and mobile-payment system
CN106200891B (en) * 2015-05-08 2019-09-06 阿里巴巴集团控股有限公司 Show the method, apparatus and system of user interface
US9842065B2 (en) * 2015-06-15 2017-12-12 Intel Corporation Virtualization-based platform protection technology
CN105260663B (en) * 2015-09-15 2017-12-01 中国科学院信息工程研究所 A kind of safe storage service system and method based on TrustZone technologies
CN105447406B (en) * 2015-11-10 2018-10-19 华为技术有限公司 A kind of method and apparatus for accessing memory space
CN105678191B (en) * 2016-03-02 2018-11-13 上海瓶钵信息科技有限公司 Method, terminal and the system of security of system are improved using SoC storage insides
CN109787943B (en) * 2017-11-14 2022-02-22 华为技术有限公司 Method and equipment for resisting denial of service attack
US11157635B2 (en) * 2018-04-08 2021-10-26 Qualcomm Incorporated Secure interface disablement
CN110618847A (en) * 2018-06-20 2019-12-27 华为技术有限公司 User interface display method and terminal equipment
CN109522754B (en) * 2018-11-28 2021-11-19 中国科学院信息工程研究所 Core control method for trusted isolation environment of mobile terminal
CN111148070B (en) * 2019-12-31 2021-06-15 华为技术有限公司 V2X communication method and device and vehicle

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105791284A (en) * 2016-02-29 2016-07-20 华为技术有限公司 Secure data transmission device and method
EP3293656A1 (en) * 2016-09-13 2018-03-14 Gemalto Sa Method for controlling access to a trusted application in a terminal
CN106845279A (en) * 2017-02-17 2017-06-13 宇龙计算机通信科技(深圳)有限公司 The method of calibration and device of security service management entity SSME modules
CN107392055A (en) * 2017-07-20 2017-11-24 深圳市金立通信设备有限公司 A kind of dual system safety chip control method, terminal, computer-readable recording medium and the dual system framework based on safety chip
CN110366130A (en) * 2018-04-09 2019-10-22 华为技术有限公司 A kind of V2X business authorization method, device and equipment
CN110532766A (en) * 2018-05-25 2019-12-03 华为技术有限公司 A kind of processing method and relevant device of the trusted application based on more containers
CN108881486A (en) * 2018-08-01 2018-11-23 北京航空航天大学 Intelligent network connection vehicle remote communication means and system based on trusted technology
CN109348509A (en) * 2018-09-21 2019-02-15 斑马网络技术有限公司 Communication means and device, electronic equipment and storage medium
CN109714344A (en) * 2018-12-28 2019-05-03 国汽(北京)智能网联汽车研究院有限公司 Intelligent network based on " end-pipe-cloud " joins automobile information security platform

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于机器学习的车联网入侵检测技术的研究与实现;李宁宁;《中国优秀硕士学位论文全文数据库工程科技Ⅱ辑》;20191215;全文 *

Also Published As

Publication number Publication date
WO2021135999A1 (en) 2021-07-08
CN111148070A (en) 2020-05-12

Similar Documents

Publication Publication Date Title
CN111148070B (en) V2X communication method and device and vehicle
US11088997B2 (en) Secure communication method and apparatus for vehicle, multimedia system for vehicle, and vehicle
US10372656B2 (en) System, apparatus and method for providing trusted input/output communications
CN110378097B (en) Ensuring sensor data security
CN110149611B (en) Identity verification method, equipment, system and computer readable medium
JP2023517247A (en) COMMUNICATION METHOD, APPARATUS, AND SYSTEM
US11769402B2 (en) Augmenting mobile device operation with intelligent external sensors
US20190089681A1 (en) Secure communication method and apparatus for vehicle, vehicle multimedia system, and vehicle
CN113170291B (en) Method and device for secure communication
Chen et al. Towards secure intra-vehicle communications in 5G advanced and beyond: Vulnerabilities, attacks and countermeasures
US20190026478A1 (en) Vehicle secure communication method and apparatus, vehicle multimedia system, and vehicle
CN109691075A (en) A kind of anti-theft method for mobile terminal and device
Dakroub et al. Connected car architecture and virtualization
US20230095543A1 (en) Cross platform credential sharing
CN109543452A (en) Data transmission method, device, electronic equipment and computer readable storage medium
Pirker et al. Global and secured uav authentication system based on hardware-security
CN108090376B (en) CAN bus data protection method and system based on TrustZone
CN113453223A (en) Key updating method, system, device, storage medium and terminal
CN114584287A (en) Method and device for key management
CN115767519A (en) Unmanned aerial vehicle data link encryption and decryption method, medium and equipment based on FPGA
CN112399370A (en) Internet of vehicles safety communication method
CN106534602B (en) A kind of terminal and information processing method
CN115004634B (en) Information processing method, device, equipment and storage medium
CN113455032B (en) Communication method, communication device, and computer-readable medium
CN115918112A (en) Method for transmitting elevation information in C-V2x

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant