CN118822057A - Intelligent vehicle sensing management system and operation method - Google Patents

Abstract

The present invention relates to the technical field of intelligent vehicle sensing management system, and discloses an intelligent vehicle sensing management system and an operation method, including hardware equipment preparation: selecting and configuring hardware components suitable for intelligent driving applications; data collection: using various sensors and devices to collect data around the vehicle; data preprocessing and perception: preprocessing the collected raw data; advanced decision-making and planning: based on the perception results, using advanced algorithms and models to make decisions and plan the path and action of the vehicle, and encrypting data by using the RSA public key to ensure that only the entity holding the RSA private key can decrypt the data. At the same time, the AES algorithm is used for symmetric encryption, and nonlinear obfuscation technology is introduced before encryption, so that it is difficult for the cracker to restore the original data or obtain effective information. The introduction of obfuscation technology increases the difficulty of analysis and cracking for attackers and improves the security of data.

Description

Intelligent vehicle induction management system and operation method

Technical Field

The invention relates to the technical field of intelligent vehicle induction management systems, in particular to an intelligent vehicle induction management system and an operation method.

Background

The intelligent vehicle induction management system is an intelligent system combining advanced information technology, data communication transmission technology, electronic tag technology, control technology, computer technology and other technologies, and mainly aims to improve the intelligent and automatic level of road traffic management, reduce traffic jam, improve vehicle running efficiency and enhance traffic safety, but when the conventional intelligent vehicle induction management system is used, a large amount of generated data needs to be effectively processed and managed so as to ensure the safety and privacy of the data, because the management system can collect various data inside and outside the vehicle, such as position information, driving tracks and the like, certain risks of data leakage and abuse exist, and the data is easy to tamper with or be transmitted in error, so that the vehicle control system is caused to make unreliable decisions and execute functions which are not in line with expectations, the vehicle can not respond to road conditions correctly, the accident risk is increased, and meanwhile, if personal privacy information is transmitted in error or obtained in an unauthorized mode in perceived data, the risks of leakage and abuse can be caused to the privacy of a user.

Disclosure of Invention

This section is intended to outline some aspects of embodiments of the application and to briefly introduce some preferred embodiments. Some simplifications or omissions may be made in this section as well as in the description of the application and in the title of the application, which may not be used to limit the scope of the application.

In order to achieve the above purpose, the present invention provides the following technical solutions:

An intelligent vehicle induction management system and an operation method thereof, the operation steps are as follows:

s1, preparing hardware equipment: selecting and configuring a hardware component suitable for intelligent driving application;

S2, data acquisition: collecting data around the vehicle using various sensors and devices;

s3, data preprocessing and sensing: preprocessing the collected original data;

s4, advanced decision and planning: based on the perceived result, using advanced algorithms and models to make decisions and plan paths and actions of the vehicle;

S5, control and execution: converting the planned path and action into corresponding control signals;

S6, data security management: and an end-to-end encryption scheme is adopted, including encryption in the transmission process and storage, so that confidentiality and integrity of data are ensured.

As still further aspects of the invention: the hardware components to be prepared in step S1 include sensors, computer vision equipment, a positioning system, a data storage device, a communication device, and a control unit.

As still further aspects of the invention: the sensors used in the steps 1 and S2 comprise a camera, a laser radar, a millimeter wave radar and an ultrasonic sensor, the computer vision equipment comprises a processor, a graphic processing unit and a special computer vision chip, and the positioning system consists of a global positioning system, an inertial navigation system and a ground identifier detection.

As still further aspects of the invention: the data storage device comprises a controller, a memory chip, a data interface, firmware, a cache component, a control circuit and a power supply module, wherein the communication device comprises a communication module, a processor, a memory, a power management module, an interface, a security module and an embedded operating system, the communication module further comprises a radio frequency regulator and an antenna component, and the control unit comprises an electronic control unit and an on-board computer.

As still further aspects of the invention: the AES and RSA combined encryption algorithm is added in the step S1-6, and the implementation mode is as follows:

s1, preparing hardware equipment: implementing a physical security measure, protecting a key encryption key and sensitive data by using a Trusted Platform Module (TPM), and carrying out hardware-level encryption on the data stored on the hardware equipment to ensure the security of the data on the equipment;

s2, data acquisition: the original data collected by the sensor is encrypted by adopting an end-to-end encryption scheme. The data can be encrypted by using a symmetric encryption Algorithm (AES) or an asymmetric encryption algorithm (RSA), and meanwhile, the data transmission process is safely managed by using an RAS technology, so that only legal users or systems can access and receive the encrypted data;

s3, data preprocessing and sensing: in the data preprocessing process, ASE encryption is carried out on the used algorithm and parameters so as to prevent sensitive information leakage or algorithm tampering, RAS technology is used for limiting remote access rights to preprocessed data and perception results, and only authorized nodes or systems can access and use the data;

S4, advanced decision and planning: ASE encryption is carried out on the advanced decision and planning algorithm to ensure confidentiality of the algorithm and prevent unauthorized analysis, RAS technology is utilized to limit access rights of advanced decision and planning results, and only authorized systems or entities are allowed to acquire and use the data;

S5, control and execution: before generating the control signal, encrypting the generated path and action by using an ASE encryption algorithm, ensuring confidentiality of the control signal by adopting a symmetric encryption Algorithm (AES), and performing identity authentication and authorization on a receiving end of the control signal by using an RAS technology, wherein only a legal receiving end is allowed to decrypt and execute the control signal;

S6, data security management: in the data transmission process, an end-to-end encryption scheme is adopted, a network protocol and a secure transport layer (TLS/SSL) are used for encrypting and protecting data, ASE technology is used for encrypting sensitive data in the data storage process, the security of the data is ensured on a storage medium, RAS technology is used for limiting the access right to the data, and only authorized users or systems are ensured to access and process the decrypted data.

As still further aspects of the invention: the step 4 also needs to introduce a confusion technique, which comprises the following specific steps:

Generating RSA public-private key pairs: firstly, an RSA public-private key pair is generated, the public key is used for encryption, the private key is used for decryption, and the security of the generated key pair is ensured;

encryption of data using RSA public key: encrypting the data to be encrypted by using the RSA public key to ensure that only an entity with the RSA private key can decrypt the data;

Obfuscating the encrypted data: adding a nonlinear aliasing technique to increase the security of the data;

Symmetric encryption using AES algorithm: symmetrically encrypting the confused data, selecting a proper AES key, taking the confused data and the key as input, and encrypting by an AES algorithm;

storing or transmitting the encrypted data: storing the encrypted data in a storage medium or transmitting the encrypted data through a network, so as to ensure confidentiality and integrity of the data in the storage and transmission processes;

the algorithm formula required in the process is as follows:

RSA encryption algorithm:

And (3) key generation: selecting two large prime numbers p and q, calculating n=p×q, selecting a positive integer e which is compatible with (n) as a public key exponent, and calculating a private key exponent d to satisfy (e×d) ≡1 (mod (p-1) ×q-1);

Encryption: converting the plaintext M into an integer M, and encrypting by calculating a ciphertext C=m≡e (mod n);

AES encryption algorithm:

And (3) key generation: selecting an appropriate key K;

Encryption: the plaintext data is grouped into fixed lengths (such as 128 bits), each data block is subjected to iterative operations, also called rounds, each round including byte substitution, row shifting, column confusion and round key addition operations, and finally encrypted ciphertext data is obtained;

A confusion technique is introduced:

Custom S-box: a custom non-linear substitution table (S-box) may be used instead of the default S-box in the AES algorithm, the custom S-box may increase the degree of confusion by introducing more complex substitutions, substitutions and non-linear transformations, and furthermore, different S-boxes may be used at each encryption or at different rounds according to specific rules to increase the unpredictability and non-linear characteristics;

Number of expansion wheels: the number of rounds of the AES algorithm is increased, namely more iterative operations are performed, and in general, 10 rounds, 12 rounds or 14 rounds are used in the AES standard, so that the number of rounds can be properly increased according to actual requirements, and the complexity and the nonlinear characteristics of the algorithm are enhanced;

Mixing operation: other nonlinear operations such as displacement, rotation, replacement and the like are introduced into the round function of the AES algorithm, and the complexity of the algorithm can be increased and the confusion of data can be improved by embedding more nonlinear transformations into the round function;

Random permutation: when each encryption is performed, the data is randomly permuted, a permutation sequence consistent with the data length can be generated by using a pseudo-random number generator, and the data is rearranged according to the sequence, so that the randomness of the data can be increased, and a cracker cannot acquire effective information.

As still further aspects of the invention: in the process of data security management, the specific implementation method of end-to-end encryption is as follows:

key generation and exchange: the sender and the receiver respectively generate keys for encryption and decryption, and the keys can be shared keys used in symmetric encryption or public keys and private keys used in public key encryption;

encrypting a message: the sender encrypts a message to be sent using the public key (or shared key) of the receiver;

and (3) data transmission: the encrypted data is transmitted through a secure transmission channel (TLS/SSL), so that the data cannot be eavesdropped, tampered or forged in the transmission process;

Decryption by the receiving party: the receiver decrypts the received data by using the private key (or the shared key) to recover the original plaintext message;

Data integrity verification: after decryption, the receiver uses a hash function algorithm to perform integrity verification on the decrypted data so as to ensure that the data is not tampered or damaged in the transmission process.

As still further aspects of the invention: in step S6, the data security management further includes an encryption algorithm module, a key management module, a data encryption module, a data decryption module, a public key encryption module, a private key decryption module, a confusion technology component, a security policy and access control component, an audit and log component, and an emergency response and disaster recovery component.

As still further aspects of the invention: in step S4, after the confusion technique is introduced, a hash function algorithm (SHA-256) is required to be used for data verification, and the verification process is as follows:

preparing confusing data: ensuring that the data has completed the confusion technical processing and is stored in a variable or a memory for calculating a check value;

Calculating a hash value: calculating the mixed data by using a selected hash function algorithm to generate a hash value with a fixed length, wherein the hash function takes the data as input, and the hash value is obtained by calculation through the algorithm;

Verifying data integrity: comparing the calculated hash value with a pre-stored correct hash value, and if the calculated hash value and the correct hash value are matched, indicating that the data is not tampered, and considering that the data is complete;

the specific operation codes are as follows:

import hash l i b

Data after # confusion

obfuscated_data＝"Th i s i s obfuscated data"

Creation of SHA-256 hash object #

hash_object＝hash l i b.sha256()

# Update hash object, add obfuscated data

hash_object.update(obfuscated_data.encode('utf-8'))

# Calculate hash value

hash_va l ue＝hash_object.hexd i gest()

# Pre-stored correct hash value

stored_hash_va l ue＝

"f4e487d7a0142fb92b36c8bd8e2b3b7a6cd813028fe72086d0ee27eb034174be"

# Comparing the calculated hash value with a pre-stored hash value

i f hash_va l ue＝＝stored_hash_va l ue:

Pri nt (data integrity verification pass)

e l se:

Pr i nt ("the data may have been tampered with").

An operation method of an intelligent vehicle induction management system comprises the following steps:

S1, preparing hardware equipment: selecting a hardware component: selecting a sensor (camera, laser radar, millimeter wave radar, ultrasonic sensor), a computer vision device (including a processor, GPU and a special computer vision chip), a positioning system (GPS, inertial navigation system, ground marker detection), a data storage device, a communication device, and a control unit (electronic control unit and on-board computer) for an intelligent driving application;

S2, data acquisition: the sensors collect data: collecting environment and vehicle state data in real time through various sensors on the vehicle, and providing original input for subsequent processing;

s3, data preprocessing and sensing: data preprocessing: the collected original data is subjected to pretreatment operations such as cleaning, filtering and the like, so that noise is reduced, and useful information is extracted;

perceived environment: sending the preprocessed data into an algorithm model, and analyzing the surrounding environment and the recognition and positioning of objects such as vehicles, pedestrians and obstacles;

s4, advanced decision and planning

Using advanced algorithms: according to the perceived result, the security of the data and the model is increased by combining the confusion technology, and a hash function (SHA-256) is introduced to carry out data integrity check;

route planning: calculating an optimal driving path and an action strategy;

S5, controlling and executing

Conversion control signal: converting the calculated driving path and action strategy into control signals, and executing corresponding actions such as steering, accelerating and braking through a control unit;

S6, data security management

Key generation and exchange: automatically generating a secret key and exchanging safely by using an AES and RSA combined encryption algorithm;

Encryption and decryption: encrypting a message to be sent and transmitting the message through a TLS/SSL secure channel; the receiver decrypts the message using the corresponding key;

Integrity verification: carrying out integrity check on the received data by using hash function algorithms such as SHA-256 and the like to ensure that the data is not tampered;

The security architecture: the method comprises the steps of establishing a comprehensive safety management system comprising an encryption algorithm module, a key management module, a data encryption and decryption module, a public and private key encryption and decryption module, a confusion technology component, a safety strategy and access control component, an audit and log component and an emergency response and disaster recovery component.

Compared with the prior art, the invention has the beneficial effects that:

The system fuses and applies a plurality of sensing technologies (cameras, laser radars, millimeter wave radars and ultrasonic sensors) to the intelligent vehicle, the multi-sensor integration scheme can provide richer and more reliable environmental data, is beneficial to improving the sensing precision of the vehicle, introduces a confusion technology and uses an advanced encryption algorithm (combination of AES and RSA) to conduct data security management, enhances the confidentiality and security of the data, reduces the risk of data cracking and tampering, improves the autonomous driving capability of the intelligent vehicle under the condition of changeable roads by adding a complex decision and planning algorithm, and simultaneously builds a radio frequency regulator and an antenna assembly in communication equipment, enhances the capability of a communication module to send and receive signals, and expands the communication range and stability of the intelligent vehicle under different environments.

Drawings

FIG. 1 is a flow chart of a method of an intelligent vehicle induction management system and method of operation.

Detailed Description

The foregoing objects, features and advantages of the invention will be more readily apparent from the following detailed description of the embodiments of the invention taken in conjunction with the accompanying drawings.

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, but the present invention may be practiced in other ways other than those described herein, and persons skilled in the art will readily appreciate that the present invention is not limited to the specific embodiments disclosed below.

Further, reference herein to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic can be included in at least one implementation of the invention. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments.

Example 1

Referring to fig. 1, a first embodiment of the present invention provides an intelligent vehicle induction management system and an operation method thereof, which comprises the following steps:

s1, preparing hardware equipment: selecting and configuring a hardware component suitable for intelligent driving application;

S2, data acquisition: collecting data around the vehicle using various sensors and devices;

s3, data preprocessing and sensing: preprocessing the collected original data;

s4, advanced decision and planning: based on the perceived result, using advanced algorithms and models to make decisions and plan paths and actions of the vehicle;

S5, control and execution: converting the planned path and action into corresponding control signals;

S6, data security management: and an end-to-end encryption scheme is adopted, including encryption in the transmission process and storage, so that confidentiality and integrity of data are ensured.

Specifically, in step S1, the hardware components to be prepared include a sensor, a computer vision device, a positioning system, a data storage device, a communication device, and a control unit.

Specifically, in steps 1 and S2, the sensors used include cameras, lidar, millimeter wave radar and ultrasonic sensor, the computer vision device includes a processor, a graphics processing unit and a special computer vision chip, and the positioning system is composed of a global positioning system, an inertial navigation system and a ground identifier detection.

Further, the camera is a sensor for collecting visual information of the surrounding environment of the vehicle, it can provide image data of objects such as road surface condition, road sign, traffic signal lamp, pedestrian and other vehicles, the laser radar is a sensor for sensing the surrounding environment by emitting laser beam and receiving echo, it can provide distance, speed and direction information with high precision, and draw a three-dimensional point cloud map with high resolution, the millimeter wave radar is a sensor for detecting and measuring static and moving obstacle by millimeter wave frequency band, and providing distance, speed and angle information of the objects, the ultrasonic sensor can measure distance by emitting ultrasonic pulse and receiving echo thereof, it is generally used for low speed, close distance obstacle detection and distance measurement task, the graphic processing unit and computer vision chip are responsible for processing raw data acquired by the sensor, the processor can execute data processing, decision and control algorithm, while the graphic processing unit can accelerate the image processing and depth learning algorithm, the global positioning system can provide current position and speed information of the vehicle, and implement positioning and navigation function by matching with the data, the acceleration sensor can obtain the position and navigation information by measuring the acceleration, the gyroscope and the vehicle can obtain the vehicle's current position and speed information by measuring the acceleration, and the navigation system can obtain the vehicle's visual information by measuring the acceleration signal lamp and the road signal lamp and the other vehicles, the road signal lamp and the road signal and the other vehicles, the road signal and the vehicle is detected and the road signal is the ground is the information is detected by the road signal.

Specifically, the data storage device comprises a controller, a memory chip, a data interface, firmware, a cache component, a control circuit and a power supply module, the communication device comprises a communication module, a processor, a memory, a power management module, an interface, a security module and an embedded operating system, the communication module further comprises a radio frequency regulator and an antenna component, and the control unit comprises an electronic control unit and an on-board computer.

Specifically, an AES and RSA combined encryption algorithm is added in step S1-6, and the implementation manner is as follows:

s1, preparing hardware equipment: implementing a physical security measure, protecting a key encryption key and sensitive data by using a Trusted Platform Module (TPM), and carrying out hardware-level encryption on the data stored on the hardware equipment to ensure the security of the data on the equipment;

s2, data acquisition: the original data collected by the sensor is encrypted by adopting an end-to-end encryption scheme. The data can be encrypted by using a symmetric encryption Algorithm (AES) or an asymmetric encryption algorithm (RSA), and meanwhile, the data transmission process is safely managed by using an RAS technology, so that only legal users or systems can access and receive the encrypted data;

s3, data preprocessing and sensing: in the data preprocessing process, ASE encryption is carried out on the used algorithm and parameters so as to prevent sensitive information leakage or algorithm tampering, RAS technology is used for limiting remote access rights to preprocessed data and perception results, and only authorized nodes or systems can access and use the data;

S4, advanced decision and planning: ASE encryption is carried out on the advanced decision and planning algorithm to ensure confidentiality of the algorithm and prevent unauthorized analysis, RAS technology is utilized to limit access rights of advanced decision and planning results, and only authorized systems or entities are allowed to acquire and use the data;

S5, control and execution: before generating the control signal, encrypting the generated path and action by using an ASE encryption algorithm, ensuring confidentiality of the control signal by adopting a symmetric encryption Algorithm (AES), and performing identity authentication and authorization on a receiving end of the control signal by using an RAS technology, wherein only a legal receiving end is allowed to decrypt and execute the control signal;

S6, data security management: in the data transmission process, an end-to-end encryption scheme is adopted, a network protocol and a secure transport layer (TLS/SSL) are used for encrypting and protecting data, ASE technology is used for encrypting sensitive data in the data storage process, the security of the data is ensured on a storage medium, RAS technology is used for limiting the access right to the data, and only authorized users or systems are ensured to access and process the decrypted data.

Specifically, in step 4, a combined AES and RSA encryption algorithm is required, and a aliasing technique is introduced, which specifically includes the following steps:

Generating RSA public-private key pairs: firstly, an RSA public-private key pair is generated, the public key is used for encryption, the private key is used for decryption, and the security of the generated key pair is ensured;

encryption of data using RSA public key: encrypting the data to be encrypted by using the RSA public key to ensure that only an entity with the RSA private key can decrypt the data;

Obfuscating the encrypted data: adding a nonlinear aliasing technique to increase the security of the data;

Symmetric encryption using AES algorithm: symmetrically encrypting the confused data, selecting a proper AES key, taking the confused data and the key as input, and encrypting by an AES algorithm;

storing or transmitting the encrypted data: storing the encrypted data in a storage medium or transmitting the encrypted data through a network, so as to ensure confidentiality and integrity of the data in the storage and transmission processes;

the algorithm formula required in the process is as follows:

RSA encryption algorithm:

And (3) key generation: selecting two large prime numbers p and q, calculating n=p×q, selecting a positive integer e which is compatible with (n) as a public key exponent, and calculating a private key exponent d to satisfy (e×d) ≡1 (mod (p-1) ×q-1);

Encryption: converting the plaintext M into an integer M, and encrypting by calculating a ciphertext C=m≡e (mod n);

AES encryption algorithm:

And (3) key generation: selecting an appropriate key K;

Encryption: the plaintext data is grouped into fixed lengths (such as 128 bits), each data block is subjected to iterative operations, also called rounds, each round including byte substitution, row shifting, column confusion and round key addition operations, and finally encrypted ciphertext data is obtained;

A confusion technique is introduced:

Custom S-box: a custom non-linear substitution table (S-box) may be used instead of the default S-box in the AES algorithm, the custom S-box may increase the degree of confusion by introducing more complex substitutions, substitutions and non-linear transformations, and furthermore, different S-boxes may be used at each encryption or at different rounds according to specific rules to increase the unpredictability and non-linear characteristics;

Number of expansion wheels: the number of rounds of the AES algorithm is increased, namely more iterative operations are performed, and in general, 10 rounds, 12 rounds or 14 rounds are used in the AES standard, so that the number of rounds can be properly increased according to actual requirements, and the complexity and the nonlinear characteristics of the algorithm are enhanced;

Mixing operation: other nonlinear operations such as displacement, rotation, replacement and the like are introduced into the round function of the AES algorithm, and the complexity of the algorithm can be increased and the confusion of data can be improved by embedding more nonlinear transformations into the round function;

Random permutation: when each encryption is performed, the data is randomly permuted, a permutation sequence consistent with the data length can be generated by using a pseudo-random number generator, and the data is rearranged according to the sequence, so that the randomness of the data can be increased, and a cracker cannot acquire effective information.

Furthermore, by using the RSA public key to encrypt data, it is ensured that only an entity with the RSA private key can decrypt the data, meanwhile, an AES algorithm is used to encrypt symmetrically, and a nonlinear confusion technology is introduced before encryption, so that a cracker is difficult to restore original data or obtain effective information, the difficulty of analysis and cracking of an attacker is increased due to the introduction of the confusion technology, the safety of the data is improved, nonlinear characteristics and complexity are increased in the AES algorithm through the addition of the nonlinear confusion technology, such as self-defining S-box, expanding round number and mixed operation, so that encrypted data has higher confusion, the difficulty of cracking can be increased, and the attacker cannot easily infer effective information.

Specifically, in the process of data security management, the specific implementation method of end-to-end encryption is as follows:

key generation and exchange: the sender and the receiver respectively generate keys for encryption and decryption, and the keys can be shared keys used in symmetric encryption or public keys and private keys used in public key encryption;

encrypting a message: the sender encrypts a message to be sent using the public key (or shared key) of the receiver;

and (3) data transmission: the encrypted data is transmitted through a secure transmission channel (TLS/SSL), so that the data cannot be eavesdropped, tampered or forged in the transmission process;

Decryption by the receiving party: the receiver decrypts the received data by using the private key (or the shared key) to recover the original plaintext message;

Data integrity verification: after decryption, the receiver uses a hash function algorithm to perform integrity verification on the decrypted data so as to ensure that the data is not tampered or damaged in the transmission process.

Furthermore, through the steps, confidentiality and integrity of data can be effectively protected, the data is prevented from being eavesdropped, tampered or forged, the security of data transmission can be increased by adopting an end-to-end encryption scheme, only authorized receivers can decrypt and read the data, and therefore the data security and the trust degree of the system are improved.

Specifically, in step S6, the data security management further includes an encryption algorithm module, a key management module, a data encryption module, a data decryption module, a public key encryption module, a private key decryption module, a confusion technology component, a security policy and access control component, an audit and log component, and an emergency response and disaster recovery component.

Specifically, in step S4, after the confusion technique is introduced, a hash function algorithm (SHA-256) is required to be used for data verification, and the verification process is as follows:

preparing confusing data: ensuring that the data has completed the confusion technical processing and is stored in a variable or a memory for calculating a check value;

Calculating a hash value: calculating the mixed data by using a selected hash function algorithm to generate a hash value with a fixed length, wherein the hash function takes the data as input, and the hash value is obtained by calculation through the algorithm;

Verifying data integrity: comparing the calculated hash value with a pre-stored correct hash value, and if the calculated hash value and the correct hash value are matched, indicating that the data is not tampered, and considering that the data is complete;

the specific operation codes are as follows:

import hash l i b

Data after # confusion

obfuscated_data＝"Th i s i s obfuscated data"

Creation of SHA-256 hash object #

hash_object＝hash l i b.sha256()

# Update hash object, add obfuscated data

hash_object.update(obfuscated_data.encode('utf-8'))

# Calculate hash value

hash_va l ue＝hash_object.hexd i gest()

# Pre-stored correct hash value

stored_hash_va l ue＝

"f4e487d7a0142fb92b36c8bd8e2b3b7a6cd813028fe72086d0ee27eb034174be"

# Comparing the calculated hash value with a pre-stored hash value

i f hash_va l ue＝＝stored_hash_va l ue:

Pri nt (data integrity verification pass)

e l se:

Pr i nt ("the data may have been tampered with").

Furthermore, by introducing the confusion technology and using the hash function algorithm to perform data verification, the integrity of the data can be effectively protected, the data is prevented from being tampered, and the system has the characteristics of high efficiency and convenience, so that the verification capability of the system on the integrity of the data is improved, and the safety and the accuracy of the data are ensured.

When the system is used, a hardware component suitable for intelligent driving application is selected and configured, and a physical-layer security measure is implemented, a Trusted Platform Module (TPM) is used for protecting key encryption keys and sensitive data, hardware-level encryption is carried out on data stored on hardware equipment, safety of the data on the equipment is ensured, various sensors and equipment are used for collecting data around a vehicle, an end-to-end encryption scheme is adopted, the original data collected by the sensors are encrypted, an AES encryption algorithm is used for encrypting the data, confidentiality of the data is ensured, an RSA algorithm is used for carrying out key exchange and identity verification, safety and validity of data transmission are ensured, operations such as filtering, denoising and calibration are carried out on the collected original data, so as to improve data quality, an algorithm and parameters for preprocessing are carried out for AES encryption, so as to prevent sensitive information leakage or algorithm from being tampered, an RSA technology is used for limiting remote access authority on the preprocessed data and a perception result, only authorized nodes or systems can access and use the data, a high-level algorithm and a vehicle path and a vehicle are used for encrypting the data based on the perception result, a high-level algorithm and a vehicle path and a high-level algorithm and an AES encryption algorithm are used for converting the path and a high-level algorithm into a corresponding path and an encryption algorithm are used for protecting the encryption algorithm, an encryption-level and an encryption algorithm is used for protecting a signal by a corresponding path control system by the encryption system and an encryption system is used for protecting the encryption algorithm and a control algorithm by the encryption system by the encryption algorithm is used for protecting the protection and a control of the encryption algorithm and a control algorithm through the encryption algorithm is used for planning and the protection of the protection and the encryption algorithm is used for protection of the encryption key and the protection, only the legal receiving end is allowed to decrypt and execute the control signal, an end-to-end encryption scheme is adopted, including encryption in the transmission process and storage, in the data transmission process, the network protocol and a security transmission layer (TLS/SSL) are used for encrypting and protecting the data, the AES technology is used for encrypting the sensitive data on the storage medium, the security of the data is ensured in the storage process, the RSA technology is used for limiting the access right to the data, and only authorized users or systems are ensured to access and process the decrypted data.

In summary, through using RSA public key to encrypt data, ensure that only the entity with RSA private key can decrypt data, and at the same time, use AES algorithm to encrypt symmetrically, and introduce nonlinear confusion technology before encryption, make the cracker difficult to restore original data or obtain effective information, the introduction of confusion technology increases the difficulty of attacker analysis and cracking, and improves the security of data, through adding nonlinear confusion technology such as custom S-box, expansion round number and mixed operation, increase nonlinear characteristic and complexity in AES algorithm, make encrypted data have more confusion degree, so can increase difficulty of cracking, make attacker unable to infer effective information easily, through applying hash function algorithm on data after introducing the confusion technology, can generate corresponding hash value as check value, after receiving data, the receiver also calculates the hash value of received data, and compares with hash value transmitted by sender, determine whether data is tampered, if the value does not match, indicate that data is modified or damaged, can improve effectively, can prevent the integrity of data from being tampered with data by the hash value, and can prevent the end-to-end encryption process from being carried out by the data, and can not guarantee the end-to-end encryption process by the data, and can not be tampered with the data by the sender, and can be encrypted by the vehicle, and the end-to-end encryption process can be prevented.

It is important to note that the construction and arrangement of the application as shown in the various exemplary embodiments is illustrative only. Although only a few embodiments have been described in detail in this disclosure, those skilled in the art who review this disclosure will readily appreciate that many modifications are possible (e.g., variations in sizes, dimensions, structures, shapes and proportions of the various elements, values of parameters (e.g., temperature, pressure, etc.), mounting arrangements, use of materials, colors, orientations, etc.) without materially departing from the novel teachings and advantages of the subject matter described in this application. For example, elements shown as integrally formed may be constructed of multiple parts or elements, the position of elements may be reversed or otherwise varied, and the nature or number of discrete elements or positions may be altered or varied. Accordingly, all such modifications are intended to be included within the scope of present application. The order or sequence of any process or method steps may be varied or re-sequenced according to alternative embodiments. In the claims, any means-plus-function clause is intended to cover the structures described herein as performing the recited function and not only structural equivalents but also equivalent structures. Other substitutions, modifications, changes and omissions may be made in the design, operating conditions and arrangement of the exemplary embodiments without departing from the scope of the present applications. Therefore, the application is not limited to the specific embodiments, but extends to various modifications that nevertheless fall within the scope of the appended claims.

Furthermore, in order to provide a concise description of the exemplary embodiments, all features of an actual implementation may not be described (i.e., those not associated with the best mode presently contemplated for carrying out the invention, or those not associated with practicing the invention).

It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions may be made. Such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.

It should be noted that the above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that the technical solution of the present invention may be modified or substituted without departing from the spirit and scope of the technical solution of the present invention, which is intended to be covered in the scope of the claims of the present invention.

Claims (10)

1. An intelligent vehicle sensing management system, characterized in that: its operating steps are as follows: S1. Hardware equipment preparation: Select and configure hardware components suitable for intelligent driving applications; S2, data collection: using various sensors and devices to collect data around the vehicle; S3, data preprocessing and perception: preprocess the collected raw data; S4, Advanced Decision-making and Planning: Based on the perception results, use advanced algorithms and models to make decisions and plan the vehicle's path and actions; S5, control and execution: convert the planned paths and actions into corresponding control signals; S6. Data security management: Adopt end-to-end encryption scheme, including encryption during transmission and storage, to ensure the confidentiality and integrity of data. 2. An intelligent vehicle sensing management system according to claim 1, characterized in that: in step S1, the hardware components that need to be prepared include sensors, computer vision equipment, positioning systems, data storage equipment, communication equipment and control units. 3. An intelligent vehicle sensing management system according to claim 2, characterized in that: in steps 1 and S2, the sensors used include cameras, lidar, millimeter wave radar and ultrasonic sensors, the computer vision device includes a processor, a graphics processing unit and a dedicated computer vision chip, and the positioning system is composed of a global positioning system, an inertial navigation system and ground marker detection. 4. An intelligent vehicle sensing management system according to claim 2, characterized in that: the data storage device includes a controller, a storage chip, a data interface, firmware, a cache component, a control circuit and a power supply module; the communication device includes a communication module, a processor, a memory, a power management module, an interface, a security module and an embedded operating system; the communication module also includes a radio frequency regulator and an antenna component; the control unit includes an electronic control unit and an on-board computer. 5. An intelligent vehicle sensing management system according to claim 1, characterized in that: the AES and RSA combined encryption algorithm is added in step S1-6, and its implementation method is as follows: S1. Hardware equipment preparation: Implement physical security measures, use the Trusted Platform Module (TPM) to protect key encryption keys and sensitive data, perform hardware-level encryption on data stored on hardware devices, and ensure the security of data on the device; S2. Data collection: Use an end-to-end encryption solution to encrypt the raw data collected by the sensor. Symmetric encryption algorithms (AES) or asymmetric encryption algorithms (RSA) can be used to encrypt the data. At the same time, RAS technology is used to securely manage the data transmission process to ensure that only legitimate users or systems can access and receive encrypted data; S3, Data preprocessing and perception: During data preprocessing, the algorithms and parameters used are encrypted with ASE to prevent sensitive information leakage or algorithm tampering. RAS technology is used to limit remote access rights to preprocessed data and perception results to ensure that only authorized nodes or systems can access and use these data. S4, Advanced Decision-making and Planning: ASE encryption is performed on advanced decision-making and planning algorithms to ensure the confidentiality of the algorithms and prevent unauthorized analysis. RAS technology is used to limit access rights to advanced decision-making and planning results, allowing only authorized systems or entities to obtain and use these data. S5, Control and Execution: Before generating the control signal, the generated path and action are encrypted using the ASE encryption algorithm. The symmetric encryption algorithm (AES) can be used to ensure the confidentiality of the control signal, and the RAS technology is used to authenticate and authorize the receiving end of the control signal, allowing only the legitimate receiving end to decrypt and execute the control signal; S6. Data security management: During the data transmission process, an end-to-end encryption solution is adopted, and network protocols and secure transport layers (TLS/SSL) are used to encrypt and protect data. ASE technology is used to encrypt sensitive data during data storage, and data security is ensured on the storage medium. RAS technology is used to limit access rights to data to ensure that only authorized users or systems can access and process decrypted data. 6. The intelligent vehicle sensing management system according to claim 1 is characterized in that: in step 4, it is also necessary to introduce obfuscation technology, and the specific steps are as follows: Generate an RSA public-private key pair: First, generate an RSA public-private key pair. The public key is used for encryption, and the private key is used for decryption to ensure the security of the generated key pair. Data encryption using RSA public key: Encrypt the data to be encrypted using RSA public key to ensure that only the entity holding the RSA private key can decrypt the data; Obfuscate the encrypted data: Add non-linear obfuscation technology to increase data security; Symmetric encryption using the AES algorithm: Symmetrically encrypt the obfuscated data, select a suitable AES key, and use the obfuscated data and the key as input to encrypt using the AES algorithm; Storing or transmitting encrypted data: Storing encrypted data in storage media or transmitting it over a network to ensure the confidentiality and integrity of the data during storage and transmission; The algorithm formula required in the process is as follows: RSA encryption algorithm: Key generation: Select two large prime numbers p and q, and calculate n = p*q, select a positive integer e that is relatively prime to (n) as the public key exponent, and calculate the private key exponent d to satisfy (e*d)≡1(mod(p-1)*(q-1)); Encryption: Convert the plaintext M to an integer m and encrypt it by calculating the ciphertext C = m^e(modn); AES encryption algorithm: Key generation: select a suitable key K; Encryption: Group the plaintext data into fixed lengths (such as 128 bits), perform iterative operations on each data block, also known as rounds. Each round includes byte substitution, row shift, column confusion, and round key addition operations, and finally obtains the encrypted ciphertext data; Introducing obfuscation technology: Custom S-box: You can use a custom nonlinear substitution table (S-box) to replace the default S-box in the AES algorithm. Custom S-box can increase the degree of obfuscation by introducing more complex permutations, substitutions, and nonlinear transformations. In addition, you can use a different S-box for each encryption, or use different S-boxes in different rounds according to specific rules to increase unpredictability and nonlinearity. Extended rounds: Increase the number of rounds of the AES algorithm, that is, perform more iterative operations. Generally, the AES standard uses 10, 12 or 14 rounds. The number of rounds can be appropriately increased according to actual needs to enhance the complexity and nonlinear characteristics of the algorithm. Mixed operations: Introducing other nonlinear operations into the round function of the AES algorithm, such as displacement, rotation, and permutation. By embedding more nonlinear transformations into the round function, the complexity of the algorithm can be increased and the degree of data obfuscation can be improved. Random permutation: The data is randomly permuted each time it is encrypted. A pseudo-random number generator can be used to generate a permutation sequence that is consistent with the length of the data, and the data is rearranged according to the sequence. This can increase the randomness of the data and prevent crackers from obtaining valid information. 7. The intelligent vehicle sensing management system according to claim 5 is characterized in that: in the data security management process, the specific implementation method of end-to-end encryption is as follows: Key generation and exchange: The sender and receiver each generate keys for encryption and decryption. These keys can be shared keys used in symmetric encryption or public and private keys used in public key encryption. Encrypted message: The sender uses the receiver's public key (or shared key) to encrypt the message to be sent; Data transmission: Encrypted data is sent through a secure transmission channel (TLS/SSL) to ensure that the data will not be eavesdropped, tampered with or forged during transmission; Decryption by the receiver: The receiver uses the private key (or shared key) to decrypt the received data and restore the original plaintext message; Data integrity verification: After decryption, the receiver uses a hash function algorithm to verify the integrity of the decrypted data to ensure that the data has not been tampered with or damaged during transmission. 8. The intelligent vehicle sensing management system according to claim 1 is characterized in that: in step S6, the data security management also includes an encryption algorithm module, a key management module, a data encryption module, a data decryption module, a public key encryption module, a private key decryption module, an obfuscation technology component, Security policy and access control components, audit and logging components, and emergency response and disaster recovery components. 9. The intelligent vehicle sensing management system according to claim 1, characterized in that: in step S4, after the obfuscation technology is introduced, a hash function algorithm (SHA-256) is required to perform data verification, and the verification process is as follows: Prepare obfuscated data: Ensure that the data has been processed with obfuscation techniques and saved in variables or memory for use in calculating checksums; Calculate hash value: Use the selected hash function algorithm to calculate the obfuscated data and generate a hash value of fixed length. The hash function takes the data as input and calculates the hash value through the algorithm; Verify data integrity: Compare the calculated hash value with the pre-stored correct hash value. If the two match, the data has not been tampered with and can be considered complete. The specific operation code is as follows: 10. An operating method of an intelligent vehicle sensing management system, characterized in that: S1. Hardware equipment preparation: Select hardware components: For intelligent driving applications, select sensors (cameras, lidar, millimeter-wave radar, ultrasonic sensors), computer vision equipment (including processors, GPUs and dedicated computer vision chips), positioning systems (GPS, inertial navigation systems, ground marker detection), data storage devices, communication equipment and control units (electronic control units and on-board computers); S2. Data collection: Sensors collect data: Various sensors on the vehicle collect environmental and vehicle status data in real time to provide raw input for subsequent processing; S3. Data preprocessing and perception: Data preprocessing: Perform preprocessing operations such as cleaning and filtering on the collected raw data to reduce noise and extract useful information; Perceiving the environment: feeding the preprocessed data into the algorithm model to analyze the surrounding environment and objects, such as the identification and positioning of vehicles, pedestrians, and obstacles; S4. Advanced Decision-making and Planning Use advanced algorithms: Based on the perceived results, combine obfuscation technology to increase the security of data and models, and introduce hash functions (SHA-256) for data integrity verification; Route planning: calculate the optimal driving path and action strategy; S5. Control and Execution Conversion of control signals: The calculated driving path and action strategy are converted into control signals, and the control unit performs corresponding actions, such as steering, acceleration and braking; S6. Data security management Key generation and exchange: Use AES and RSA combined encryption algorithms to automatically generate keys and exchange them securely; Encryption and decryption: Encrypt the message to be sent and transmit it through the TLS/SSL secure channel; the receiver uses the corresponding key to decrypt the message; Integrity verification: Use hash function algorithms such as SHA-256 to perform integrity checks on received data to ensure that the data has not been tampered with; Security architecture: Establish a comprehensive security management system that includes encryption algorithm modules, key management modules, data encryption and decryption modules, public and private key encryption and decryption modules, obfuscation technology components, security policies and access control components, audit and log components, emergency response and disaster recovery components.