WO2022171409A1 - Procédé et dispositif de préparation de ravitaillement en carburant - Google Patents

Procédé et dispositif de préparation de ravitaillement en carburant Download PDF

Info

Publication number
WO2022171409A1
WO2022171409A1 PCT/EP2022/051115 EP2022051115W WO2022171409A1 WO 2022171409 A1 WO2022171409 A1 WO 2022171409A1 EP 2022051115 W EP2022051115 W EP 2022051115W WO 2022171409 A1 WO2022171409 A1 WO 2022171409A1
Authority
WO
WIPO (PCT)
Prior art keywords
refueling
participant
acceptance
following features
participants
Prior art date
Application number
PCT/EP2022/051115
Other languages
German (de)
English (en)
Inventor
Stephan Ludwig
Original Assignee
Robert Bosch Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Robert Bosch Gmbh filed Critical Robert Bosch Gmbh
Publication of WO2022171409A1 publication Critical patent/WO2022171409A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60KARRANGEMENT OR MOUNTING OF PROPULSION UNITS OR OF TRANSMISSIONS IN VEHICLES; ARRANGEMENT OR MOUNTING OF PLURAL DIVERSE PRIME-MOVERS IN VEHICLES; AUXILIARY DRIVES FOR VEHICLES; INSTRUMENTATION OR DASHBOARDS FOR VEHICLES; ARRANGEMENTS IN CONNECTION WITH COOLING, AIR INTAKE, GAS EXHAUST OR FUEL SUPPLY OF PROPULSION UNITS IN VEHICLES
    • B60K15/00Arrangement in connection with fuel supply of combustion engines or other fuel consuming energy converters, e.g. fuel cells; Mounting or construction of fuel tanks
    • B60K15/03Fuel tanks
    • B60K2015/0319Fuel tanks with electronic systems, e.g. for controlling fuelling or venting
    • B60K2015/03197Systems for exchanging data
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60KARRANGEMENT OR MOUNTING OF PROPULSION UNITS OR OF TRANSMISSIONS IN VEHICLES; ARRANGEMENT OR MOUNTING OF PLURAL DIVERSE PRIME-MOVERS IN VEHICLES; AUXILIARY DRIVES FOR VEHICLES; INSTRUMENTATION OR DASHBOARDS FOR VEHICLES; ARRANGEMENTS IN CONNECTION WITH COOLING, AIR INTAKE, GAS EXHAUST OR FUEL SUPPLY OF PROPULSION UNITS IN VEHICLES
    • B60K15/00Arrangement in connection with fuel supply of combustion engines or other fuel consuming energy converters, e.g. fuel cells; Mounting or construction of fuel tanks
    • B60K15/03Fuel tanks
    • B60K2015/0319Fuel tanks with electronic systems, e.g. for controlling fuelling or venting
    • B60K2015/03197Systems for exchanging data
    • B60K2015/03203Systems for exchanging data during refueling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/023Services making use of location information using mutual or relative location information between multiple location based services [LBS] targets or of distance thresholds

Definitions

  • US2020276909A1, US10800281B2 and US2020346554A1 describe further communication systems and methods for hydrogen refueling and charging of electric vehicles.
  • the method proposed in US20130091042A1 and the security system based on it provides security based on geographic location with different levels of access and allows the user to select entities to be protected, geographic locations, geographic boundaries, permissions and access levels for specific geographic locations and geographic boundaries, and security alerts to configure. They make decisions to grant, deny, or assign a specific level of access based on the user's current geographic location and their own configuration for that geographic location or boundary, and send out security alerts.
  • US2018213376A1 discloses a method for configuring so-called V2X communication.
  • the invention provides a method for preparing a refueling, a corresponding device, a corresponding computer program and a corresponding machine-readable storage medium according to the independent claims.
  • a conventional unidirectional infrared connection between the vehicle and the fuel pump is severely impaired by scratches on the transmitting or receiving optics and by ice formation around the fuel nozzle or nozzle and is therefore affected by failures in practice, which makes accelerated refueling impossible.
  • the connection does not provide for a return channel from the fuel pump to the vehicle, so that the supported fueling process cannot be called up and therefore no agreement can be reached on a process that is optimal for the given combination of vehicle and fuel pump.
  • radio due to the unimpeded propagation of the radio waves, the use of radio involves special challenges that are overcome according to the invention.
  • a triggering event is required to activate the overall process.
  • the radio link must transmit data so reliably that the functional and general safety of the refueling can be guaranteed.
  • third parties who are within radio range of the vehicle or fuel pump should not be able to interfere with or manipulate the process, for example through jamming or overload attacks (denial of service, DoS).
  • DoS denial of service
  • the radio connection must be information and operationally secure before refueling.
  • the procedure described below achieves this goal regardless of the radio technology, tank station infrastructure and hardware used. It is also independent of the technology used for location determination and can be used for refueling any fuel (gaseous or liquid) as well as charging electric vehicles.
  • a basic idea of the proposed solution is that the participants determine their own or each other's position and possibly other parameters. If this is within certain predefined ranges, then defined actions are permitted. Conversely, exclusion zones can be defined in which defined actions are never permitted, i.e. are forbidden, so to speak.
  • the vehicle and fuel pump secure their radio communication - for example by exchanging a cryptographic key - with regard to possible tapping or manipulation attempts and other attacks by third parties, despite a jamming or denial of service attack can continue to communicate with each other in a rudimentary manner and maintain makeshift system operation or transmit a signal to meet functional security requirements, e.g. B. a dead man or so-called keepalive signal.
  • functional security requirements e.g. B. a dead man or so-called keepalive signal.
  • FIG. 2 shows the flow chart of a method according to a first embodiment.
  • FIG. 3 schematically shows a control device according to a second embodiment.
  • characteristics of security features are transmitted via radio technology before, during or after the refueling process. Conceivable is that at least part of this data transmission must meet increased requirements for IT security and functional safety.
  • FIG. 1 shows the preparation (10) according to the invention for operating such a radio connection.
  • the proposed method can be used in various steps, particularly when secrets are to be transmitted via radio.
  • the own position e.g. of the vehicle within the gas station
  • the position of the partner is determined with any technology.
  • Individual requirements can be logically linked to more complex requirements, e.g. B. with regard to the simultaneous stay of the vehicle in a first area and the fuel pump in a second area.
  • security features see below transmitted by radio in plain text are accepted and used. However, if the subscriber in question is outside of this area, the transmitted data or security features are discarded or ignored because they are considered insecure.
  • the procedure can be carried out in two variants.
  • the position is determined first and the security feature is only sent at all if the position matches.
  • the security feature - expediently in a variable form - can be sent at any point in time and only accepted if the position allows it.
  • the definition of the relevant areas can e.g. B. done centrally and stored in a trustworthy database, so that the fuel pump and vehicle can call up this information.
  • the areas stored in this way can relate to your own position or that of the other person.
  • the vehicle may only accept the security feature "fuel pump identification number" if it is actually at a fuel station. Conversely, it is conceivable that the fuel pump only accepts a cryptographic key as a security feature when the vehicle is at the fuel station.
  • the method (1-7) used for this is shown in FIG. 2 and is as follows in one embodiment:
  • a partner or a central control unit sends configuration information to at least one of the participants, e.g. B. regarding the backup procedure to be used.
  • a second step at least one of the partners receives this information.
  • a fourth step the partner in question compares their own position with a digital map, possibly represented by a table or database, which shows whether at least one transmitted security feature is generically accepted at the determined location.
  • said location can be represented by reference values of the sensors used (internal or external, see above).
  • this partner evaluates the received data and uses the known expression of the security feature to prepare (10-FIG. 1) for refueling (process 5). Otherwise, it discards or caches them until the position meets a given requirement for acceptance (process 6).
  • This method (1-7) makes it possible for the vehicle and the filling station to exchange information openly by radio communication while still guaranteeing a certain level of IT security.
  • the following use cases come into consideration:
  • the fuel pump can use the location (process 3) of a vehicle at its fuel station as a triggering event (11, 12 - Figure 1). The method can also be carried out with reversed roles.
  • the vehicle and fuel pump exchange a mutual identification number (ID) on the radio channel, by means of which they can couple to one another (16 - FIG. 1) and clearly identify radio signals to the respective counterpart. Because a vehicle can only send a new ID to the filling station if it has just driven to a filling station (all vehicles already filling up have already exchanged an ID), the ID can optionally be linked to the time of location (process 3).
  • ID mutual identification number
  • a cryptographic feature is transmitted during radio transmission, e.g. B. a public key of an asymmetric Encryption process, the parties can then authenticate each other wirelessly and authorize specific actions.
  • the partners can e.g. B. mutually prove by querying another trustworthy central database that they have certain knowledge necessary for the refueling process, without revealing the latter themselves.
  • a keepalive mechanism can be implemented by repeated location determination (process 3), in that at least one side periodically transmits location signals with the same or varying period duration and the other side transmits these signals in each case - e.g. e.g. using a simple technology-specific energy detector - and in the event of their absence or deviation from a given reference signal, transitions to a safe state.
  • the identification or other status information about the process can be shown on a display in the vehicle or on a display on the fuel pump.
  • parameters of other types of sensors can also be included in the safety conditions, e.g. B. the orientation in a compass direction defined by the earth's magnetic field.
  • B the orientation in a compass direction defined by the earth's magnetic field.
  • certain security features would only be accepted by a vehicle facing south at the correct refueling point, but not by a vehicle facing north at the same refueling point.
  • other sensors measured variables and physical phenomena such as light, humidity, acoustics, air pressure, vibration, linear acceleration, rotation, moving or still images, ultrasonic, radar or lidar signatures or their time profile can be used as parameters.
  • This method (1-7) can be implemented, for example, in software or hardware or in a mixed form of software and hardware, for example in a control unit (30), as the schematic illustration in FIG. 3 illustrates.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Loading And Unloading Of Fuel Tanks Or Ships (AREA)

Abstract

L'invention se rapporte à un procédé (1-7) de préparation de ravitaillement en carburant, caractérisé par les caractéristiques suivantes : un emplacement est déterminé (3) par le premier abonné ; sur la base de l'emplacement, le premier abonné vérifie une acceptation générale d'une caractéristique de sécurité (4) qui présuppose une forme connue au niveau de l'extrémité du second abonné ; et, si acceptation il y a, le premier abonné utilise la forme connue de la caractéristique de sécurité pour préparer le ravitaillement en carburant (5).
PCT/EP2022/051115 2021-02-09 2022-01-19 Procédé et dispositif de préparation de ravitaillement en carburant WO2022171409A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102021201204.3 2021-02-09
DE102021201204.3A DE102021201204A1 (de) 2021-02-09 2021-02-09 Verfahren und Vorrichtung zum Vorbereiten einer Betankung

Publications (1)

Publication Number Publication Date
WO2022171409A1 true WO2022171409A1 (fr) 2022-08-18

Family

ID=80122933

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2022/051115 WO2022171409A1 (fr) 2021-02-09 2022-01-19 Procédé et dispositif de préparation de ravitaillement en carburant

Country Status (2)

Country Link
DE (1) DE102021201204A1 (fr)
WO (1) WO2022171409A1 (fr)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130091042A1 (en) 2011-10-06 2013-04-11 Dhavalkumar M. Shah Method for providing geographical location-based security, restrict, permit access of varying level to individual's any kind of data, information, credit, finances, services obtained(online and or offline)
US20130139897A1 (en) 2011-12-01 2013-06-06 Kia Motors Corporation Real-time system for monitoring hydrogen tank expansion and a method for using same
US20140263628A1 (en) * 2013-03-15 2014-09-18 Zonar Systems, Inc. Method and apparatus for fuel island authorization for trucking industry using proximity sensors
DE102013008462A1 (de) * 2013-05-21 2014-11-27 Schmid Mobility Solutions GmbH Vorrichtung, verfahren und verwendung zur mautermittlung
US20160221816A1 (en) * 2015-02-03 2016-08-04 Stephen F Pollock Vehicle Data and Fuel Management System
US20180213376A1 (en) 2015-07-13 2018-07-26 Intel Corporation Techniques to configure vehicle to anything communications
WO2020172100A1 (fr) * 2019-02-18 2020-08-27 Nikola Corporation Systèmes et procédés de raccordement pour ravitaillement en hydrogène et charge électrique

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130091042A1 (en) 2011-10-06 2013-04-11 Dhavalkumar M. Shah Method for providing geographical location-based security, restrict, permit access of varying level to individual's any kind of data, information, credit, finances, services obtained(online and or offline)
US20130139897A1 (en) 2011-12-01 2013-06-06 Kia Motors Corporation Real-time system for monitoring hydrogen tank expansion and a method for using same
US20140263628A1 (en) * 2013-03-15 2014-09-18 Zonar Systems, Inc. Method and apparatus for fuel island authorization for trucking industry using proximity sensors
DE102013008462A1 (de) * 2013-05-21 2014-11-27 Schmid Mobility Solutions GmbH Vorrichtung, verfahren und verwendung zur mautermittlung
US20160221816A1 (en) * 2015-02-03 2016-08-04 Stephen F Pollock Vehicle Data and Fuel Management System
US20180213376A1 (en) 2015-07-13 2018-07-26 Intel Corporation Techniques to configure vehicle to anything communications
WO2020172100A1 (fr) * 2019-02-18 2020-08-27 Nikola Corporation Systèmes et procédés de raccordement pour ravitaillement en hydrogène et charge électrique
US20200276909A1 (en) 2019-02-18 2020-09-03 Nikola Corporation Communications systems and methods for hydrogen fueling and electric charging
US10800281B2 (en) 2019-02-18 2020-10-13 Nikola Corporation Communications systems and methods for hydrogen fueling and electric charging
US20200346554A1 (en) 2019-02-18 2020-11-05 Nikola Corporation Communication systems and methods for hydrogen fueling and electric charging

Also Published As

Publication number Publication date
DE102021201204A1 (de) 2022-08-11

Similar Documents

Publication Publication Date Title
EP3157281B1 (fr) Procédé de communication protégée dans un véhicule
EP3615371B1 (fr) Procédé permettant d'autoriser en deux étapes une opération de charge au niveau d'une colonne de charge
DE102013225742B4 (de) Verfahren und system für eine geschützte und autorisierte kommunikation zwischen einem fahrzeug und drahtlosen kommunikationsgeräten oder schlüsselanhängern
EP1326470B1 (fr) Méthode et appareil pour l'authentification d'un souscripteur dans un réseau de communications
DE102016201603A1 (de) Verfahren und Vorrichtungen zum Entriegeln eines Kraftfahrzeugs mit einem Motorstart- und/oder Fahrzeugzugangssystem
DE102014107242A1 (de) System und Verfahren zur Zugriffskontrolle
DE102014224481A1 (de) Fernsteuerung von Fahrzeugfunktionalitäten mittels eines mobilen Endgeräts
WO2013181682A1 (fr) Procédé et dispositif pour commander un mécanisme de verrouillage au moyen d'un terminal mobile
DE60319514T2 (de) Verfahren und anordnung zur zugangssteuerung
WO2022171409A1 (fr) Procédé et dispositif de préparation de ravitaillement en carburant
DE102019211453A1 (de) Verfahren zur Steuerung einer fernsteuerbaren Funktion mittels eines Kraftfahrzeugs und System zum Steuern einer fernsteuerbaren Funktion mittels eines Kraftfahrzeugs
EP3135546B1 (fr) Clé d'automobile, système de communication et procédé associé
WO2022171433A1 (fr) Procédé et dispositif de préparation d'un ravitaillement en carburant
DE102017115064A1 (de) Sicheres ermitteln von zeitwerten bei angeschlossenen vorrichtungen
DE102019111686A1 (de) Verfahren zur Verwendung der Telematik zum Authentifizieren einer mobilen Vorrichtung an einem Fahrzeug für den Zugang und Betrieb des Fahrzeugs
DE102018001558A1 (de) Fahrberechtigungssystem
DE102021203533A1 (de) Verfahren und Vorrichtung zum Vorbereiten einer Betankung
DE102021203532A1 (de) Verfahren und Vorrichtung zum Vorbereiten einer Betankung
WO2023016746A1 (fr) Procédé et dispositif de préparation d'une opération de ravitaillement en carburant
DE102021203528A1 (de) Verfahren und Vorrichtung zum Vorbereiten einer Betankung
WO2021099561A1 (fr) Procédé de communication de données sécurisé dans un réseau informatique
DE102020205933A1 (de) Verfahren zur Kopplung eines Authentifizierungsmittels mit einem Fahrzeug
EP3526949B1 (fr) Procédé et dispositif de fourniture d'au moins un service, en particulier dans un environnement automobile
WO2022214353A1 (fr) Procédé et dispositif de préparation de ravitaillement en carburant
DE102021203531A1 (de) Verfahren und Vorrichtung zum Vorbereiten einer Betankung

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22701363

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 22701363

Country of ref document: EP

Kind code of ref document: A1