CN119012188B - Control method, storage medium, system and engineering machinery for performing auxiliary actions - Google Patents

Control method, storage medium, system and engineering machinery for performing auxiliary actions Download PDF

Info

Publication number
CN119012188B
CN119012188B CN202411491194.XA CN202411491194A CN119012188B CN 119012188 B CN119012188 B CN 119012188B CN 202411491194 A CN202411491194 A CN 202411491194A CN 119012188 B CN119012188 B CN 119012188B
Authority
CN
China
Prior art keywords
vehicle
control method
key
mobile client
request message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411491194.XA
Other languages
Chinese (zh)
Other versions
CN119012188A (en
Inventor
王林
罗贤智
郭纪梅
曾剑群
肖智祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zoomlion Heavy Industry Science and Technology Co Ltd
Original Assignee
Zoomlion Heavy Industry Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zoomlion Heavy Industry Science and Technology Co Ltd filed Critical Zoomlion Heavy Industry Science and Technology Co Ltd
Priority to CN202411491194.XA priority Critical patent/CN119012188B/en
Publication of CN119012188A publication Critical patent/CN119012188A/en
Application granted granted Critical
Publication of CN119012188B publication Critical patent/CN119012188B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本申请公开了一种执行辅助动作的控制方法、存储介质、系统及工程机械,属于工程机械技术领域。该控制方法包括:获取第三方平台下发的公钥,并发送利用该公钥加密的请求报文至车载端;接收来自车载端的响应于请求报文的应答报文,并利用公钥对该应答报文进行解密,以得到加密算法和密钥,其中应答报文通过车载端的私钥而被加密;基于加密算法和密钥,对控制指令进行加密;发送加密的控制指令至车载端,以控制工程机械执行对应的辅助动作。合理利用非对称加密方式和对称加密方式,以提高通信的安全性,能够同时适用于传统工程机械及新能源工程机械的网联通讯控制。

The present application discloses a control method, storage medium, system and engineering machinery for performing auxiliary actions, and belongs to the technical field of engineering machinery. The control method includes: obtaining a public key issued by a third-party platform, and sending a request message encrypted by the public key to a vehicle-mounted terminal; receiving a response message from the vehicle-mounted terminal in response to the request message, and decrypting the response message by using the public key to obtain an encryption algorithm and a key, wherein the response message is encrypted by a private key of the vehicle-mounted terminal; encrypting the control instruction based on the encryption algorithm and the key; sending the encrypted control instruction to the vehicle-mounted terminal to control the engineering machinery to perform the corresponding auxiliary action. Reasonable use of asymmetric encryption methods and symmetric encryption methods to improve the security of communication can be applied to the networked communication control of both traditional engineering machinery and new energy engineering machinery.

Description

Control method, storage medium, system and engineering machinery for executing auxiliary action
Technical Field
The present application relates to the technical field of engineering machinery, and in particular, to a control method, a storage medium, a system, and an engineering machine for executing an auxiliary action.
Background
The most common way of a traditional crane or a new energy crane is that the driver drives in a control room, and in a slightly complex place, the observer is required to follow the observation around the crane. Taking a common operation scene of a crawler crane as an example, the crawler crane usually needs to be hauled by a flat car when entering and exiting a field, and in the process of loading and unloading the flat car, the gravity center needs to be adjusted by front and back steering, so that a driver is difficult to observe by eyes, and the operation is completed in a cab. An observer usually observes whether the vehicle running track is safe or not around the crane. And the observer and the driver have deviation in communication, and delay the processing of abnormal conditions.
Therefore, the current crane can be provided with a physical remote controller for one vehicle, a driver can remotely operate around the crane through the remote controller, and information exchange is completed in a wireless radio frequency mode. However, the existing physical remote controller uses 433 radio frequency technology, the interactive instruction is easy to be attacked and decoded, and meanwhile, the cost of the physical remote controller is low, and one vehicle is easy to lose or damage.
Disclosure of Invention
The embodiment of the invention aims to provide a control method for an engineering machine to execute auxiliary actions, which is used for solving the problems that a vehicle-to-vehicle physical remote controller is required to be equipped for controlling the engineering machine, and an interactive instruction is easy to attack and decipher.
In order to achieve the above purpose, the first aspect of the present application provides a control method for an engineering machine to execute an auxiliary action, which is applied to a mobile client, and the control method includes obtaining a public key issued by a third party platform, sending a request message encrypted by the public key to a vehicle-mounted terminal, the request message being used for requesting an encryption algorithm and a secret key, receiving a response message from the vehicle-mounted terminal in response to the request message, and decrypting the response message by using the public key to obtain the encryption algorithm and the secret key, wherein the response message is encrypted by a private key of the vehicle-mounted terminal, encrypting a control instruction for executing the auxiliary action input by a user based on the encryption algorithm and the secret key, and sending the encrypted control instruction to the vehicle-mounted terminal to control the engineering machine to execute the corresponding auxiliary action.
In the embodiment of the invention, after the public key issued by the third-party platform is acquired, the control method further comprises searching the network address of the vehicle-mounted terminal, acquiring the network name and the network password input by the user after the network address is searched to form the request message, and requesting the vehicle-mounted terminal to perform authority verification by utilizing the network name and the network password input by the user.
In the embodiment of the invention, the control method further comprises the steps of encrypting the request message and the response message by adopting an asymmetric encryption mode and encrypting the control instruction by adopting a symmetric encryption mode.
The second aspect of the application provides a control method for executing auxiliary actions, which is applied to a vehicle-mounted terminal, and comprises the steps of obtaining a request message sent by a mobile client and used for requesting an encryption algorithm and a secret key, wherein the request message is encrypted through a public key of the mobile client, responding to the request message, after decrypting the request message through a private key sent by a third party platform, sending a response message which is encrypted through the private key and comprises the encryption algorithm and the secret key to the mobile client, receiving a control instruction which is encrypted by the mobile client and used for executing the auxiliary actions based on the encryption algorithm and the secret key, decrypting the encrypted control instruction based on a decryption method and the private key corresponding to the encryption method, and obtaining a decrypted control instruction so as to control the execution of the corresponding auxiliary actions.
In the embodiment of the invention, before the request message sent by the mobile client for requesting the encryption algorithm and the secret key is obtained, the control method further comprises the steps of sending a registration request to the third party platform, wherein the registration request is used for requesting the third party platform to generate the associated public key and the private key according to the equipment information of the vehicle terminal, and after the registration is successful, the private key is received.
In the embodiment of the invention, after the request message is decrypted by using the private key issued by the third party platform, the control method further comprises the steps of obtaining the network name and the network password input by the user from the request message, performing authority verification on the mobile client by using the network name and the network password input by the user, and executing the step of sending the response message which is encrypted by using the private key and comprises an encryption algorithm and a secret key to the mobile client after the authority verification is successful.
In the embodiment of the invention, the control method further comprises the steps of encrypting the request message and the response message by adopting an asymmetric encryption mode and encrypting the control instruction by adopting a symmetric encryption mode.
The third aspect of the application provides a mobile client, which comprises a memory and a processor, wherein the memory is configured to store instructions, and the processor is configured to call the instructions from the memory and can realize the control method for the engineering machinery to execute auxiliary actions when executing the instructions.
The fourth aspect of the application provides a vehicle-mounted terminal, which comprises a memory and a processor, wherein the memory is configured to store instructions, and the processor is configured to call the instructions from the memory and can realize the control method for executing auxiliary actions when executing the instructions.
A fifth aspect of the present application provides a machine-readable storage medium having stored thereon instructions for causing a machine to perform the above-described control method for performing an assist action or the above-described control method for performing an assist action.
The sixth aspect of the application provides an engineering machine, which comprises the vehicle-mounted end, wherein the engineering machine is a fuel engineering machine and/or a new energy engineering machine. The new energy engineering machinery comprises a new energy operation vehicle, and the driving mode of the new energy engineering machinery comprises pure electric, extended-range electric, hybrid power, fuel cell electric and hydrogen power.
The seventh aspect of the present application provides a control system for an engineering machine, where the control system includes the mobile client, the vehicle-mounted terminal, and the third party platform.
Through the technical scheme, when the mobile client side and the vehicle side carry out communication requests, the encryption of the request message and the response message is carried out in an asymmetric encryption mode, and when the mobile client side and the vehicle side carry out communication, the symmetric encryption mode is adopted, and the asymmetric encryption mode and the symmetric encryption mode are reasonably utilized, so that the safety of communication is improved. The two ends communicate with each other by means of symmetric encryption, and the key of the symmetric encryption is that the key and the encryption algorithm are selected by means of asymmetric encryption, which is determined by random negotiation at the two ends without exposure. Therefore, the embodiment of the invention can be safe and efficient in the transmission process of the control instruction, and can be simultaneously suitable for network communication control of the traditional engineering machinery and the new energy engineering machinery. In addition, the embodiment of the invention further improves the safety by the way that the mobile client holds the public key and the vehicle holds the private key.
Additional features and advantages of embodiments of the invention will be set forth in the detailed description which follows.
Drawings
The accompanying drawings are included to provide a further understanding of embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain, without limitation, the embodiments of the invention. In the drawings:
FIG. 1 is a schematic flow chart of a control method for an engineering machine to execute an auxiliary action according to an embodiment of the present invention;
FIG. 2 is a schematic diagram illustrating a control method for a work machine to perform an auxiliary action;
FIG. 3 is a flow chart illustrating a control method for a work machine to perform an auxiliary action;
Fig. 4 is a flowchart of a control method for performing an auxiliary action according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it should be understood that the detailed description described herein is merely for illustrating and explaining the embodiments of the present application, and is not intended to limit the embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
It should be noted that, if directional indications (such as up, down, left, right, front, and rear are referred to in the embodiments of the present invention), the directional indications are merely used to explain the relative positional relationship, movement conditions, and the like between the components in a specific posture (as shown in the drawings), and if the specific posture is changed, the directional indications are correspondingly changed.
In addition, if there is a description of "first", "second", etc. in the embodiments of the present application, the description of "first", "second", etc. is for descriptive purposes only and is not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In addition, the technical solutions of the embodiments may be combined with each other, but it is necessary to base that the technical solutions can be realized by those skilled in the art, and when the technical solutions are contradictory or cannot be realized, the combination of the technical solutions should be considered to be absent and not within the scope of protection claimed in the present application.
Fig. 1 is a flowchart of a control method for performing an auxiliary action by a construction machine according to an embodiment of the present invention, where the control method is applied to a mobile client. Referring to fig. 1, the control method may include the steps of:
step S110, a public key issued by a third party platform is obtained, and a request message encrypted by the public key is sent to a vehicle-mounted terminal, wherein the request message is used for requesting an encryption algorithm and a secret key.
Referring to the example of fig. 2, the third party platform is, for example, a device management platform. When a vehicle (e.g., a crawler crane) leaves a factory, a registration request (the request message may include device information of the vehicle) may be sent to a device management platform, the device management platform may generate an associated public key and private key according to the device information of the vehicle, and the device management platform may manage the public key and private key, issue the public key to a mobile client (e.g., an APP), and issue the private key to the vehicle (e.g., a gateway for network connection) for storage.
Preferably, after the public key issued by the third party platform is obtained, the control method further comprises searching the network address of the vehicle-mounted terminal, and after the network address is searched, obtaining the network name and the network password input by the user to form the request message. Preferably, the request message is further used for requesting the vehicle-mounted terminal to perform authority verification by using the network name and the network password input by the user.
Referring to fig. 3, for illustration, a network name (e.g., WIFI name) and a network password are set at the vehicle-mounted terminal, and a hotspot is opened, and after the hotspot is successfully opened, the vehicle-mounted terminal may automatically start a socket server program and wait for connection. After the socket is successfully started, the on-board screen may display the network address (i.e., the current IP address). The mobile client (for example, the APP end) can set up a page of WIFI through opening the system, and can connect to the corresponding WIFI through searching for initiative. And after the connection is successful, returning to the APP to input the correct IP address, clicking a connection button to initiate a connection request. The request message includes a network name and a network password input by the user, so as to provide authority verification (i.e. authentication) for the vehicle end. For example, the network name and the network password input by the user are the same as the network name and the network password set by the vehicle-mounted terminal, namely, the authentication is passed (authentication is successful), otherwise, the authentication is failed (namely, the authentication is failed).
Correspondingly, the vehicle-mounted terminal establishes temporary socket connection, issues authentication information and sends encrypted equipment identity information to the APP terminal. Comparing and authenticating the encrypted information in the APP terminal through a corresponding decryption process, if the encrypted information is consistent, maintaining connection, entering a 'safe encryption communication link', and if the encrypted information is failed to be authenticated, actively disconnecting the APP terminal, prompting to display 'connection is refused', and checking whether the connected WIFI name is consistent with a target vehicle type or not. The mobile client and the vehicle terminal in the embodiment of the invention are configured to be in one-to-one network connection, and after the vehicle terminal is connected with one mobile client, communication connection is not generated with other mobile clients.
And step S120, receiving a response message from the vehicle-mounted terminal in response to the request message, and decrypting the response message by utilizing the public key to obtain the encryption algorithm and the secret key, wherein the response message is encrypted by the private key of the vehicle-mounted terminal.
Preferably, the control method further comprises the steps of encrypting the request message and the response message in an asymmetric encryption mode and encrypting the control instruction in a symmetric encryption mode.
Referring to fig. 2, when a mobile client requests to communicate with a vehicle, encryption of a request message and a response message is performed by an asymmetric encryption method, and when communication with the vehicle is performed, a symmetric encryption method is adopted. Therefore, the embodiment of the invention can reasonably utilize the asymmetric encryption mode and the symmetric encryption mode so as to improve the safety of communication.
Referring to fig. 2, after the vehicle end verifies the mobile client, the mobile client receives a response message, which is encrypted by the private key of the vehicle end, and decrypts the response message by using the public key. That is, the encryption of the request message and the response message is an asymmetric encryption method, and the algorithm of the asymmetric encryption method includes, for example, algorithms such as RSA, DSA, and ECC. After decrypting the response message, an encryption algorithm and a secret key can be obtained, and the algorithm of the symmetrical encryption mode comprises, for example, algorithms such as DES, 3DES, AES and the like. At this time, the mobile client may obtain the encryption algorithm and the key selected by the vehicle side, and establish encrypted communication between the vehicle side and the mobile client.
And step S130, encrypting the control instruction which is input by the user and used for executing the auxiliary action based on the encryption algorithm and the secret key.
Wherein the control command may include setting one or more of a rotational speed of the engine, a speed of left and right walking, and a direction. For example, when the user sets full-speed forward, the engine speed is set to 1600rpm, the left traveling speed is set to 100%, the direction is forward, the right traveling speed is set to 100%, the direction is forward, the engine speed is set to 1600rpm, the left traveling speed is set to 100%, the direction is backward, the right traveling speed is set to 100%, the direction is backward, the engine speed is set to 1200rpm, the left traveling speed is set to 80%, the direction is forward, the right traveling speed 0, the direction is not, the full-speed steering (for example, the engine speed is set to 1600rpm, the left traveling speed is set to 100%, the direction is forward, the right traveling speed is set to 100%, the direction is backward, the engine speed is set to 800rpm, the left traveling speed is set to 30%, the direction is forward, the right traveling speed is set to 0%, the direction is not, the engine speed is set to 750rpm (idle state) when the vehicle is in normal steering (for example, the left traveling speed is set to 80%, the direction is forward, the right traveling speed 0%, the direction is not set to 0%, and the direction is not set to idle).
Referring to the examples of fig. 2 and 3, one or more of the control instructions described above are encrypted based on a resulting encryption algorithm (e.g., one of DES, 3DES, and AES algorithm encryption) and a key. Wherein each communication with the vehicle end may send one or more control instructions encrypted.
Further preferably, when the control instruction for executing the auxiliary action input by the user is encrypted, the random signatures are different, so that the communication security is further improved.
And step 140, sending an encrypted control instruction to the vehicle-mounted end to control the engineering machinery to execute corresponding auxiliary actions.
In the above example, the mobile client sends the encrypted control command to the vehicle-mounted terminal, and the vehicle-mounted terminal receives the encrypted control command, decrypts the encrypted control command through a decryption algorithm and a secret key corresponding to the confidential algorithm, and controls the engineering machinery (for example, a crawler crane) to execute corresponding auxiliary actions after obtaining the decrypted control command. For example, the vehicle-mounted terminal converts the decrypted control instruction into a CAN signal, and transmits the corresponding parameter to a master controller of the engineering machinery through a CAN bus, and the master controller respectively controls the corresponding action controllers to execute corresponding auxiliary actions.
Referring to fig. 2 and 3, after the mobile client and the vehicle end complete the encryption pass, the mobile client may send communication end information to disconnect the network from the vehicle end, and the vehicle end may end the socket server program.
Therefore, when the mobile client side and the vehicle side carry out communication requests, the encryption of the request message and the response message is carried out in an asymmetric encryption mode, and when the mobile client side and the vehicle side carry out communication, the symmetric encryption mode is adopted, and the asymmetric encryption mode and the symmetric encryption mode are reasonably utilized, so that the safety of communication is improved. The two ends communicate by encrypting control instructions in a symmetrical encryption mode, and the key of the symmetrical encryption mode is that the key and the encryption algorithm are selected in an asymmetrical encryption mode, and the two ends are randomly negotiated and determined without exposure. Therefore, the embodiment of the invention can be safe and efficient in the transmission process of the control instruction. In addition, the embodiment of the invention further improves the safety by the mode that the mobile client holds the public key and the vehicle holds the private key, and is simultaneously applicable to network communication control of the traditional engineering machinery and the new energy engineering machinery.
Further, the embodiment of the invention realizes the dynamic encryption of the communication between the mobile client and the vehicle-mounted terminal based on one-to-one network connection with authority verification, random signature and variable encryption algorithm. The embodiment of the invention abandons a mode of depending on time stamp encryption, has wider application scene, does not need to consider a time synchronization mechanism, and is more suitable for equipment with inaccurate time and failure to frequently check the time in a networking way. Meanwhile, the dynamic encryption mode is also a good choice for equipment with time proofreading due to the strict logic, high security degree and no other limitation of the encrypted communication. Compared with the method that a driver directly controls the crawler crane to walk in a cab, the method has the advantages that the driver needs to be equipped with the observer to guarantee safety sideways, the driver directly stands around beside the vehicle to observe, the control can be more direct and efficient at any time, and the observer does not need to be cultivated. Compared with the traditional physical remote controller, the mobile client can be used with APP software at any time, so that the software can be updated at any time, and the later maintenance cost is greatly reduced. And the mobile client improves the space in the aspect of using convenience and has higher iteration speed through continuous optimization and updating of interaction on the interface. Meanwhile, compared with 443 radio frequency technology, the WIFI technology has more advantages in the aspect of safety.
Fig. 4 is a flowchart of a control method for executing an auxiliary action according to an embodiment of the present invention, where the control method is applied to a vehicle-mounted terminal. Referring to fig. 4, the control method may include the steps of:
step S210, a request message sent by a mobile client for requesting an encryption algorithm and a secret key is obtained, wherein the request message is encrypted through a public key of the mobile client.
Preferably, before step S210, the control method may further include sending a registration request to the third party platform, where the registration request is used to request the third party platform to generate the public key and the private key associated with each other according to the device information of the vehicle end, and after the registration is successful, receiving the private key.
Referring to the example of fig. 2, the third party platform is, for example, a device management platform. When a vehicle (e.g., a crawler crane) leaves a factory, a registration request (the request message may include device information of the vehicle) may be sent to a device management platform, the device management platform may generate an associated public key and private key according to the device information of the vehicle, and the device management platform may manage the public key and private key, issue the public key to a mobile client (e.g., an APP), and issue the private key to the vehicle (e.g., a gateway for network connection) for storage.
Referring to fig. 3, for illustration, a network name (e.g., WIFI name) and a network password are set at the vehicle-mounted terminal, and a hotspot is opened, and after the hotspot is successfully opened, the vehicle-mounted terminal may automatically start a socket server program and wait for connection. After the socket is successfully started, the on-board screen may display the network address (i.e., the current IP address). The mobile client (for example, the APP end) can set up a page of WIFI through opening the system, and can connect to the corresponding WIFI through searching for initiative. And after the connection is successful, returning to the APP to input the correct IP address, clicking a connection button to initiate a connection request. The request message includes a network name and a network password input by the user, so as to provide authority verification (i.e. authentication) for the vehicle end.
And step S220, responding to the request message, and after decrypting the request message by utilizing a private key issued by a third-party platform, sending a response message which is encrypted by utilizing the private key and comprises an encryption algorithm and a secret key to the mobile client.
Preferably, after the request message is decrypted by using the private key issued by the third party platform, the control method further comprises the steps of obtaining a network name and a network password input by a user from the request message, performing authority verification on the mobile client by using the network name and the network password input by the user, and executing the step of sending the response message encrypted by using the private key and comprising an encryption algorithm and a secret key to the mobile client after the authority verification is successful.
With the above example, the network name and the network password input by the user are the same as the network name and the network password set by the vehicle-mounted terminal, i.e. the authentication is passed (authentication is successful), otherwise, the authentication is failed (i.e. authentication is failed). Correspondingly, the vehicle-mounted terminal establishes temporary socket connection, issues authentication information and sends encrypted equipment identity information to the APP terminal. Comparing and authenticating the encrypted information in the APP terminal through a corresponding decryption process, if the encrypted information is consistent, maintaining connection, entering a 'safe encryption communication link', and if the encrypted information is failed to be authenticated, actively disconnecting the APP terminal, prompting to display 'connection is refused', and checking whether the connected WIFI name is consistent with a target vehicle type or not. The mobile client and the vehicle terminal in the embodiment of the invention are configured to be in one-to-one network connection, and after the vehicle terminal is connected with one mobile client, communication connection is not generated with other mobile clients.
Preferably, the control method further comprises the steps of encrypting the request message and the response message in an asymmetric encryption mode and encrypting the control instruction in a symmetric encryption mode.
Referring to fig. 2, when a mobile client requests to communicate with a vehicle, encryption of a request message and a response message is performed by an asymmetric encryption method, and when communication with the vehicle is performed, a symmetric encryption method is adopted. Therefore, the embodiment of the invention can reasonably utilize the asymmetric encryption mode and the symmetric encryption mode so as to improve the safety of communication.
Referring to fig. 2, after the vehicle end verifies the mobile client, the vehicle end may randomly select an encryption algorithm and a key, encrypt the key to form a response message, send the response message to the mobile client, where the response message is encrypted by a private key of the vehicle end, and decrypt the response message by using a public key. That is, the encryption of the request message and the response message is an asymmetric encryption method, and the algorithm of the asymmetric encryption method includes, for example, algorithms such as RSA, DSA, and ECC. After decrypting the response message, the mobile client may obtain an encryption algorithm and a key, where the algorithm in the symmetric encryption mode includes, for example, DES, 3DES, AES, and other algorithms. At this time, the mobile client may obtain the encryption algorithm and the key selected by the vehicle side, and establish encrypted communication between the vehicle side and the mobile client.
And step S230, receiving a control instruction of the mobile client for executing auxiliary actions based on the encryption algorithm and the key encryption.
The control command may include one or more of setting a rotation speed of the engine, a speed of left and right walking, and a direction, as described above, which will not be repeated here.
Referring to the examples of fig. 2 and 3, the mobile client may encrypt one or more control instructions based on a resulting encryption algorithm (e.g., one of DES, 3DES, and AES algorithm encryption) and a key. Wherein each communication of the mobile client with the vehicle may send one or more control instructions encrypted.
Further preferably, when the control instruction for executing the auxiliary action input by the user is encrypted, the random signatures are different, so that the communication security is further improved.
And step S240, decrypting the encrypted control instruction based on a decryption method corresponding to the encryption method and the private key to obtain a decrypted control instruction so as to control the execution of the corresponding auxiliary action.
In the above example, the vehicle-mounted terminal receives the encrypted control command and decrypts the encrypted control command by a decryption algorithm and a secret key corresponding to the confidential algorithm, after the decrypted control command is obtained, the engineering machine (for example, a crawler crane) is controlled to execute corresponding auxiliary actions. For example, the vehicle-mounted terminal converts the decrypted control instruction into a CAN signal, and transmits the corresponding parameter to a master controller of the engineering machinery through a CAN bus, and the master controller respectively controls the corresponding action controllers to execute corresponding auxiliary actions.
Referring to fig. 2 and 3, after the mobile client and the vehicle end complete the encryption pass, the mobile client may send communication end information to disconnect the network from the vehicle end, and the vehicle end may end the socket server program.
Therefore, when the mobile client side and the vehicle side carry out communication requests, the encryption of the request message and the response message is carried out in an asymmetric encryption mode, and when the mobile client side and the vehicle side carry out communication, the symmetric encryption mode is adopted, and the asymmetric encryption mode and the symmetric encryption mode are reasonably utilized, so that the safety of communication is improved. The two ends communicate by encrypting control instructions in a symmetrical encryption mode, and the key of the symmetrical encryption mode is that the key and the encryption algorithm are selected in an asymmetrical encryption mode, and the two ends are randomly negotiated and determined without exposure. Therefore, the embodiment of the invention can be safe and efficient in the transmission process of the control instruction. In addition, the embodiment of the invention further improves the safety by the mode that the mobile client holds the public key and the vehicle holds the private key, and is simultaneously applicable to network communication control of the traditional engineering machinery and the new energy engineering machinery.
Further, the embodiment of the invention realizes the dynamic encryption of the communication between the mobile client and the vehicle-mounted terminal based on one-to-one network connection with authority verification, random signature and variable encryption algorithm. The embodiment of the invention abandons a mode of depending on time stamp encryption, has wider application scene, does not need to consider a time synchronization mechanism, and is more suitable for equipment with inaccurate time and failure to frequently check the time in a networking way. Meanwhile, the dynamic encryption mode is also a good choice for equipment with time proofreading due to the strict logic, high security degree and no other limitation of the encrypted communication. Compared with the method that a driver directly controls the crawler crane to walk in a cab, the method has the advantages that the driver needs to be equipped with the observer to guarantee safety sideways, the driver directly stands around beside the vehicle to observe, the control can be more direct and efficient at any time, and the observer does not need to be cultivated. Compared with the traditional physical remote controller, the mobile client can be used with APP software at any time, so that the software can be updated at any time, and the later maintenance cost is greatly reduced. And the mobile client improves the space in the aspect of using convenience and has higher iteration speed through continuous optimization and updating of interaction on the interface. Meanwhile, compared with 443 radio frequency technology, the WIFI technology has more advantages in the aspect of safety.
The embodiment of the invention also provides a mobile client, which can comprise a memory and a processor, wherein the memory is configured to store instructions, and the processor is configured to call the instructions from the memory and can realize the control method for executing auxiliary actions of the engineering machinery according to the instructions when executing the instructions.
The embodiment of the invention also provides a vehicle-mounted terminal which comprises a memory and a processor, wherein the memory is configured to store instructions, and the processor is configured to call the instructions from the memory and can realize the control method for executing auxiliary actions when executing the instructions.
The embodiment of the invention also provides a machine-readable storage medium, which stores instructions for causing a machine to execute the control method for performing the auxiliary action or the control method for performing the auxiliary action.
The embodiment of the invention also provides the engineering machine, which comprises the vehicle-mounted end and can be a fuel engineering machine and/or a new energy engineering machine. The new energy engineering machinery can comprise a new energy operation vehicle, a new energy passenger car and the like, and the driving mode of the new energy engineering machinery can comprise pure electric, extended-range electric, hybrid power, fuel cell electric and hydrogen power.
The new energy engineering machinery is an intelligent networking combined operation vehicle, can be provided with devices such as a vehicle-mounted sensor, a controller and an actuator, integrates modern communication and network technology, and realizes intelligent information exchange sharing of vehicles, people, vehicles, roads, background and the like. The new energy engineering machine may include a full electric work vehicle, an extended range electric work vehicle, a hybrid work vehicle, a fuel cell electric work vehicle, a hydrogen engine work vehicle, and the like.
The embodiment of the invention also provides a control system of the engineering machinery, which comprises the mobile client, the vehicle-mounted terminal and the third-party platform.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, etc., such as Read Only Memory (ROM) or flash RAM. Memory is an example of a computer-readable medium.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and variations of the present application will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the application are to be included in the scope of the claims of the present application.

Claims (10)

1.一种用于工程机械执行辅助动作的控制方法,其特征在于,应用于移动客户端,所述控制方法包括:1. A control method for engineering machinery to perform auxiliary actions, characterized in that it is applied to a mobile client, and the control method comprises: 获取第三方平台下发的公钥,并发送利用该公钥加密的请求报文至车载端,该请求报文用于请求加密算法和密钥;Obtain the public key issued by the third-party platform, and send a request message encrypted with the public key to the vehicle-mounted terminal, where the request message is used to request the encryption algorithm and key; 接收来自所述车载端的响应于所述请求报文的应答报文,并利用所述公钥对该应答报文进行解密,以得到所述加密算法和密钥,其中所述应答报文通过所述车载端获取的第三方平台下发的私钥而被加密;receiving a response message from the vehicle-mounted terminal in response to the request message, and decrypting the response message using the public key to obtain the encryption algorithm and key, wherein the response message is encrypted by a private key issued by a third-party platform obtained by the vehicle-mounted terminal; 基于所述加密算法和密钥,对用户输入的执行辅助动作的控制指令进行加密;Based on the encryption algorithm and the key, encrypting the control instruction for executing the auxiliary action input by the user; 发送加密的控制指令至所述车载端,以控制所述工程机械执行对应的辅助动作;Sending encrypted control instructions to the vehicle-mounted terminal to control the engineering machinery to perform corresponding auxiliary actions; 在所述获取第三方平台下发的公钥之后,所述控制方法还包括:After obtaining the public key issued by the third-party platform, the control method further includes: 搜索所述车载端的网络地址;Searching for the network address of the vehicle-mounted terminal; 在搜索到所述网络地址之后,获取用户输入的网络名称和网络密码,形成所述请求报文,After searching the network address, the network name and network password input by the user are obtained to form the request message. 所述请求报文还用于请求所述车载端利用所述用户输入的网络名称和网络密码,进行权限验证。The request message is also used to request the vehicle-mounted terminal to perform authority verification using the network name and network password input by the user. 2.根据权利要求1所述的控制方法,其特征在于,所述控制方法还包括:2. The control method according to claim 1, characterized in that the control method further comprises: 采用非对称加密方式,加密所述请求报文;Encrypting the request message using an asymmetric encryption method; 采用对称加密方式,加密所述控制指令。The control instruction is encrypted by using a symmetric encryption method. 3.一种执行辅助动作的控制方法,其特征在于,应用于车载端,所述控制方法包括:3. A control method for performing an auxiliary action, characterized in that it is applied to a vehicle-mounted terminal, and the control method comprises: 获取移动客户端发送的用于请求加密算法和密钥的请求报文,其中所述请求报文通过所述移动客户端获取的第三方平台下发的公钥而被加密;Obtaining a request message sent by a mobile client for requesting an encryption algorithm and a key, wherein the request message is encrypted by a public key issued by a third-party platform obtained by the mobile client; 响应于所述请求报文,在利用第三方平台下发的私钥对所述请求报文进行解密之后,发送利用所述私钥加密的包括加密算法和密钥的应答报文至所述移动客户端;In response to the request message, after decrypting the request message using the private key issued by the third-party platform, a response message including an encryption algorithm and a key encrypted using the private key is sent to the mobile client; 接收所述移动客户端基于所述加密算法和密钥加密的执行辅助动作的控制指令;Receiving a control instruction of the mobile client to perform an auxiliary action based on the encryption algorithm and key encryption; 基于所述加密算法对应的解密算法和所述密钥,对加密的控制指令进行解密,得到解密的控制指令,以控制工程机械执行对应的辅助动作;以及Decrypting the encrypted control instruction based on the decryption algorithm corresponding to the encryption algorithm and the key to obtain the decrypted control instruction to control the engineering machinery to perform the corresponding auxiliary action; and 在所述在利用第三方平台下发的私钥对所述请求报文进行解密之后,所述控制方法还包括:After decrypting the request message using the private key issued by the third-party platform, the control method further includes: 从所述请求报文得到用户输入的网络名称和网络密码;Obtaining a network name and a network password input by a user from the request message; 利用所述用户输入的网络名称和网络密码,对所述移动客户端进行权限验证;Using the network name and network password input by the user, performing authority verification on the mobile client; 在权限验证成功之后,执行所述发送利用所述私钥加密的包括加密算法和密钥的应答报文至所述移动客户端的步骤。After the authority verification is successful, the step of sending a response message encrypted by the private key and including an encryption algorithm and a key to the mobile client is performed. 4.根据权利要求3所述的控制方法,其特征在于,在所述获取移动客户端发送的用于请求加密算法和密钥的请求报文之前,所述控制方法还包括:4. The control method according to claim 3, characterized in that before obtaining the request message sent by the mobile client for requesting the encryption algorithm and the key, the control method further comprises: 向所述第三方平台发送注册请求,该注册请求用于请求所述第三方平台根据车辆端的设备信息生成相关联的所述公钥和所述私钥;Sending a registration request to the third-party platform, the registration request is used to request the third-party platform to generate the associated public key and the private key according to the device information of the vehicle end; 在注册成功之后,接收所述私钥。After successful registration, the private key is received. 5.根据权利要求3所述的控制方法,其特征在于,所述控制方法还包括:5. The control method according to claim 3, characterized in that the control method further comprises: 采用非对称加密方式,加密所述应答报文。The response message is encrypted using an asymmetric encryption method. 6.一种移动客户端,其特征在于,所述移动客户端包括:6. A mobile client, characterized in that the mobile client comprises: 存储器,被配置成存储指令;a memory configured to store instructions; 处理器,被配置成从所述存储器调用所述指令以及在执行所述指令时能够实现根据权利要求1至2中任一项所述的控制方法。A processor is configured to call the instructions from the memory and implement the control method according to any one of claims 1 to 2 when executing the instructions. 7.一种车载端,其特征在于,所述车载端包括:7. A vehicle-mounted terminal, characterized in that the vehicle-mounted terminal comprises: 存储器,被配置成存储指令;a memory configured to store instructions; 处理器,被配置成从所述存储器调用所述指令以及在执行所述指令时能够实现根据权利要求3至5中任一项所述的控制方法。A processor is configured to call the instructions from the memory and implement the control method according to any one of claims 3 to 5 when executing the instructions. 8.一种机器可读存储介质,其特征在于,该机器可读存储介质上存储有指令,该指令用于使得机器执行根据权利要求1至2中任一项所述的控制方法或权利要求3至5中任一项所述的控制方法。8. A machine-readable storage medium, characterized in that instructions are stored on the machine-readable storage medium, and the instructions are used to enable a machine to execute the control method according to any one of claims 1 to 2 or the control method according to any one of claims 3 to 5. 9.一种工程机械,其特征在于,所述工程机械包括权利要求7所述的车载端,9. An engineering machine, characterized in that the engineering machine comprises the vehicle-mounted terminal according to claim 7, 所述工程机械为燃油工程机械和/或新能源工程机械,The engineering machinery is a fuel engineering machinery and/or a new energy engineering machinery, 所述新能源工程机械包括新能源作业车辆,The new energy engineering machinery includes new energy working vehicles, 所述新能源工程机械的驱动方式包括纯电动、增程式电动、混合动力、燃料电池电动及氢动力。The driving modes of the new energy engineering machinery include pure electric, extended-range electric, hybrid power, fuel cell electric and hydrogen power. 10.一种工程机械的控制系统,其特征在于,所述控制系统包括权利要求6所述的移动客户端、权利要求7所述的车载端和第三方平台。10. A control system for engineering machinery, characterized in that the control system comprises the mobile client according to claim 6, the vehicle-mounted terminal according to claim 7 and a third-party platform.
CN202411491194.XA 2024-10-24 2024-10-24 Control method, storage medium, system and engineering machinery for performing auxiliary actions Active CN119012188B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411491194.XA CN119012188B (en) 2024-10-24 2024-10-24 Control method, storage medium, system and engineering machinery for performing auxiliary actions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411491194.XA CN119012188B (en) 2024-10-24 2024-10-24 Control method, storage medium, system and engineering machinery for performing auxiliary actions

Publications (2)

Publication Number Publication Date
CN119012188A CN119012188A (en) 2024-11-22
CN119012188B true CN119012188B (en) 2025-02-14

Family

ID=93494195

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411491194.XA Active CN119012188B (en) 2024-10-24 2024-10-24 Control method, storage medium, system and engineering machinery for performing auxiliary actions

Country Status (1)

Country Link
CN (1) CN119012188B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119892890A (en) * 2024-12-12 2025-04-25 中联重科股份有限公司 Control method, communication module, storage medium and system for engineering machinery

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117750336A (en) * 2023-11-15 2024-03-22 上海洛轲智能科技有限公司 Control method, device and control system of vehicle-mounted equipment

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3846382B8 (en) * 2019-08-16 2025-01-01 Shenzhen Yinwang Intelligent Technologies Co., Ltd. Method and device for data transmission between internet of vehicles devices
CN212050221U (en) * 2020-02-25 2020-12-01 徐州合卓机械科技有限公司 Lorry-mounted crane operating device based on mobile phone wifi
CN111862565A (en) * 2020-06-29 2020-10-30 广州小鹏车联网科技有限公司 Vehicle remote control method and system and vehicle
US11824972B2 (en) * 2021-10-14 2023-11-21 Motorola Solutions, Inc. Method and system for onboarding client devices to a key management server
CN114928491A (en) * 2022-05-20 2022-08-19 国网江苏省电力有限公司信息通信分公司 Internet of things security authentication method, device and system based on identification cryptographic algorithm
CN115396153A (en) * 2022-07-27 2022-11-25 广东金宇恒软件科技有限公司 Data communication method, computer equipment and storage medium
CN218240716U (en) * 2022-09-29 2023-01-06 湖南三一中型起重机械有限公司 Control system and working machine
CN118611961A (en) * 2024-06-25 2024-09-06 中国联合网络通信集团有限公司 Encrypted data communication method, device, equipment, and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117750336A (en) * 2023-11-15 2024-03-22 上海洛轲智能科技有限公司 Control method, device and control system of vehicle-mounted equipment

Also Published As

Publication number Publication date
CN119012188A (en) 2024-11-22

Similar Documents

Publication Publication Date Title
US11985238B2 (en) Vehicle-mounted device upgrade method and related device
EP3926500B1 (en) Device upgrade method and related device
EP3883212B1 (en) Device upgrade method and related device
JP7159328B2 (en) Secure communication between in-vehicle electronic control units
CN113781678B (en) Vehicle Bluetooth key generation and authentication method and system in networking-free environment
CN108430060B (en) Secure session communication between a mobile device and a base station
US9688244B2 (en) Autonomous vehicle theft prevention
US20210132955A1 (en) Secure Start System for an Autonomous Vehicle
US11924353B2 (en) Control interface for autonomous vehicle
JP7497438B2 (en) Certificate application method and device
CN113556710B (en) Vehicle Bluetooth key method and device and vehicle
CN112513844A (en) Secure element for processing and authenticating digital keys and method of operation thereof
CN119012188B (en) Control method, storage medium, system and engineering machinery for performing auxiliary actions
US12500775B2 (en) Managing communications between a vehicle and a user device
CN108377184B (en) Distributed authentication encryption method for internal network of intelligent automobile
US12476829B2 (en) Secure startup method, controller, and control system
WO2023279283A1 (en) Method for establishing secure vehicle communication, and vehicle, terminal and system
JP2018055566A (en) Maintenance device, maintenance method, and computer program
CN109286595A (en) Automobile and its control method and control device and computer equipment
US11488404B2 (en) Session unique access token for communications with a vehicle
CN115665739B (en) Vehicle control method, device and system based on Bluetooth key, and computer storage medium
CN112187459B (en) Credible authentication method and system among modules in intelligent network networking
CN117294437B (en) Communication encryption and decryption methods, devices, terminal equipment and storage media
KR102025808B1 (en) Driving assistance Apparatus for Vehicle and Control method thereof
CN117040724A (en) Digital key authorization method, device, electronic equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant