Vehicle network access control method and deviceTechnical field
The present invention relates to telematics field more particularly to a kind of vehicle network access control methods and device.
Background technique
Currently, in order to pay close attention to the state and fault message of vehicle in real time to car owner, the vehicle that is filled after gradually carrying out on the marketMetadata acquisition tool.And these tools acquisition data are by car diagnostic interface (On-Board Diagnostic, abbreviation OBDInterface) vehicle bus and diagnostic data are obtained, and real-time display is on sound equipment screen.Since only discharge is a small amount of outward for OBD interfaceInformation, covering surface is very narrow, and the system informations such as bodywork system, instrument, air-conditioning, sound equipment, door module on vehicle are not discharged outward.In order to improve the compatibility and competitiveness of sampling instrument, these Worktools Inc., which can try every possible means, cracks the communications protocol of former depot,Vehicle network is accessed, obtains more data, for example such as car door car window state, door lock state, seat belt status, key statusEtc..
The bus of former depot and the normal work of diagnostic data definition format and its former vehicle are not known due to Hou Zhuan companyMake logic, only goes to crack certain signals and diagnosis message by rule of thumb.While in order to display in real time data, the acquisition of Hou Zhuan companyTool can constantly be sent on bus message and diagnosis message to vehicle network, and the access of high frequency time will necessarily be caused to in-vehicle networkCertain pressure causes automotive networking unstable, increases vehicle network load, also will have a direct impact on vehicle normal work when situation is seriousMake.
Summary of the invention
The many aspects of the embodiment of the present invention propose a kind of vehicle network access control method and device, can prevent from illegally settingStandby access vehicle network, reduces a possibility that illegality equipment cracks genuine agreement.
In a first aspect, the embodiment of the present invention provides a kind of vehicle network access control method, comprising:
Receive the access request that external equipment is sent;
Whether judgement currently needs to establish connection according to Handshake Protocol and the external equipment, and the Handshake Protocol includes outerThe identification of portion's equipment and vehicle network activate;
If it is judged that then identifying the identity of the external equipment according to the Handshake Protocol to need;
When the identity for identifying the external equipment is legitimate device, the external equipment is activated according to the Handshake ProtocolThe vehicle network requested access to, so that the vehicle network after activation receives the access operation of the external equipment.
With reference to first aspect, described that institute is identified according to the Handshake Protocol under the first implementation of first aspectState the identity of external equipment, comprising:
The first service information that the external equipment is sent is received, the first service information includes the external equipmentIdentification code;
According to the identification code of the external equipment, inquiry is prestored with the presence or absence of identical identification code in code database, if deposited, it is determined that the identity of the external equipment is otherwise legitimate device refuses the access request of the external equipment.
With reference to first aspect, described when the body for identifying the external equipment under second of implementation of first aspectWhen part being legitimate device, the vehicle network that activates the external equipment to be requested access to according to the Handshake Protocol, comprising:
The second service information that the external equipment is sent is received, the second service information includes the external equipment instituteThe vehicle network information requested access to;
According to the vehicle network information, the vehicle network for activating the external equipment to be requested access to.
With reference to first aspect or the first or second kind implementation of first aspect, in the third realization side of first aspectUnder formula, whether the judgement currently needs to establish connection according to Handshake Protocol and the external equipment, comprising:
Judge whether the current value of counter is zero;The counter is provided with initial value in advance;
It needs to establish connection according to Handshake Protocol and the external equipment if so, determining;
If it is not, activated vehicle network is then made to receive the access operation of the external equipment, and work as the counterPreceding value subtracts 1.The third implementation with reference to first aspect, under the 4th kind of implementation of first aspect, it is describedThe vehicle network of activation receives after the access operation of the external equipment, further includes:
Start timing, records the access time of the external equipment;
When the access time being more than preset time threshold, the vehicle network is shielded, and according to the association of shaking handsView re-recognizes the identity of the external equipment;
When the identity for identifying the external equipment is legitimate device, the external equipment is activated according to the Handshake ProtocolThe vehicle network requested access to, so that the vehicle network after activation receives the access operation of the external equipment;
When the identity for identifying the external equipment is illegality equipment, refuse the access request of the external equipment.
The third implementation with reference to first aspect has swashed under the 5th kind of implementation of first aspect describedVehicle network living receives after the access operation of the external equipment, further includes:
Judge whether the external equipment is completed to access, if so, shielding the vehicle network.
Second aspect, the embodiment of the invention provides a kind of vehicle network access control apparatus, comprising:
Receiving module, for receiving the access request of external equipment transmission;
Judgment module, it is described for judging currently whether need to establish connection according to Handshake Protocol and the external equipmentHandshake Protocol includes that the identification of external equipment and vehicle network activate;
Identification module needs to be established according to the Handshake Protocol and the external equipment for determining in the judgment moduleWhen connection, the identity of the external equipment is identified according to the Handshake Protocol;With,
Network activation module, when for identifying that the identity of the external equipment is legitimate device in the identification module, rootAccording to the vehicle network that the Handshake Protocol activates the external equipment to be requested access to, so that the vehicle network after activation receives instituteState the access operation of external equipment.
In conjunction with second aspect, under the first implementation, the identification module includes:
First receiving unit is needed for determining in the judgment module according to the Handshake Protocol and the external equipmentWhen establishing connection, the first service information that the external equipment is sent is received, the first service information includes that the outside is setStandby identification code;With,
Identity recognizing unit, for the identification code according to the external equipment, inquiry is prestored in code database with the presence or absence of phaseSame identification code, if it is present determining that the identity of the external equipment is otherwise legitimate device refuses the external equipmentAccess request.
In conjunction with second aspect, under second of implementation, the network activation module includes:
Second receiving unit, the second service information sent for receiving the external equipment, the second service informationThe vehicle network information requested access to comprising the external equipment;With,
Network activation unit is used for according to the vehicle network information, the vehicle for activating the external equipment to be requested access toNetwork.
In conjunction with the first or second kind implementation of second aspect or second aspect, in the third realization side of second aspectUnder formula, the judgment module includes:
Judging unit is counted, for judging whether the current value of counter is zero;The counter is provided in advance initiallyValue;
Determination unit is counted, for determining when the counting judging unit determines that the current value of the counter is zeroIt needs to establish connection according to Handshake Protocol and the external equipment;With,
Operation acceptance unit, for making when the counting judging unit determines that the current value of the counter is not zeroActivated vehicle network receives the access operation of the external equipment, and the value for keeping the counter current subtracts 1.
In conjunction with the third implementation of second aspect, under the 4th kind of implementation, the vehicle network access controlDevice further include:
Timer, for starting after the activated vehicle network receives the access operation of the external equipmentTiming records the access time of the external equipment;With,
First network screen unit, for shielding the vehicle when the access time being more than preset time thresholdNetwork, and re-recognize according to the Handshake Protocol identity of the external equipment;
The first network screen unit includes:
First activation unit, for being held according to described when the identity for re-recognizing the external equipment is legitimate deviceThe vehicle network that external equipment described in hand protocol activating is requested access to is set so that the vehicle network after activation receives the outsideStandby access operation;With,
First request refusal unit when the identity for the external equipment described in equipment is illegality equipment, is refused described outerThe access request of portion's equipment.
In conjunction with the third implementation of second aspect, under the 5th kind of implementation, the vehicle network access controlDevice further include:
Judgment module is accessed, for judging whether the external equipment is completed to access;With,
Second net mask unit, for shielding after the access judgment module determines that the external equipment completes accessState vehicle network in covert.
Therefore the implementation of the embodiments of the present invention has the following beneficial effects:
A kind of vehicle network access control method provided in an embodiment of the present invention is asked in the access for receiving external equipment transmissionWhen asking, whether judgement currently needs to establish connection according to Handshake Protocol and the external equipment, which sets including outsideStandby identification and vehicle network activates.If necessary according to Handshake Protocol to external equipment progress identification, andWhen the identity for determining external equipment is legitimate device, the vehicle network that is requested access to of external equipment is activated according to Handshake Protocol,So that the vehicle network after activation receives the access operation of external equipment.External equipment is after allowing to access vehicle network, with vehicleIt is communicated, obtains vehicle data and realize diagnosis or other function.Message is diagnosed using constantly transmission compared with the prior artFormer depot's agreement is cracked to obtain more acquisition data, technical solution of the present invention can prevent illegality equipment from accessing vehicle network, preventOnly illegality equipment accesses the related diagnostic data that do not discharge, and reduces the interference to former depot's network.
It further, whether is zero according to the value of counter when judging whether to need to establish connection according to Handshake ProtocolTo be judged.Calculator is provided with initial value in advance.When vehicle does not dispatch from the factory also, initial value 0xFF, all external equipmentsVehicle network can be directly accessed, but every access is primary, the value of counter subtracts 1, needs according to Handshake Protocol again after reducing to 0It establishes connection just and can be carried out communication.And the value of counter is reset after dispatching from the factory, it is ensured that after factory, external equipment one train of every accessNetwork is required to establish connection according to Handshake Protocol, is not only avoided that before factory that access is both needed to the case where establishing connection every time,Access time is reduced, the efficiency of access is improved, and illegality equipment is further prevented to access vehicle network.
Further, after activated vehicle network receives the access operation of external equipment, the record access time is being visitedWhen asking that the time is more than preset time threshold, vehicle network is shielded, the identity of external equipment is re-recognized according to Handshake Protocol, andWhen the identity for redefining external equipment is legitimate device, the requested vehicle of external equipment is reactivated according to Handshake ProtocolNetwork can access for a long time vehicle network to avoid external equipment, prevent the illegality equipment operating time too long.
Further, after external equipment completes access, the activation vehicle network of the external equipment is shielded, is needing to visitIt is activated when asking further according to Handshake Protocol, further decreases illegality equipment access vehicle network possibility.
On the other hand, the embodiment of the invention provides a kind of vehicle network access control apparatus, external equipment is in counterValue when being zero, after needing to establish connection according to Handshake Protocol with access control apparatus, vehicle network could be accessed, make illegally to setIt is standby that vehicle network can not directly be accessed by OBD interface.And except all diagnostic messages that OBD is independently discharged outward, other are examinedDisconnected information requires to obtain by access control apparatus, shields vehicle bus signals, prevents from illegally cracking network data.It comparesVehicle network can be directly accessed by OBD interface in prior art external equipment, more acquisition data are obtained, using the present inventionThe access control apparatus of embodiment can prevent illegality equipment from accessing vehicle network, and the correlation for preventing illegality equipment access from not discharging is examinedDisconnected data, reduce the interference to former depot's network.
Detailed description of the invention
Fig. 1 is the flow diagram of one embodiment of vehicle network access control method provided in an embodiment of the present invention;
Fig. 2 is the process signal of another embodiment of vehicle network access control method provided in an embodiment of the present inventionFigure;
Fig. 3 is the process signal of another embodiment of vehicle network access control method provided in an embodiment of the present inventionFigure;
Fig. 4 is the process signal of the still another embodiment of vehicle network access control method provided in an embodiment of the present inventionFigure;
Fig. 5 is a kind of structural schematic diagram of vehicle network access control apparatus provided in an embodiment of the present invention;
Fig. 6 is the structural schematic diagram of one embodiment of identification module provided in an embodiment of the present invention;
Fig. 7 is the structural schematic diagram of one embodiment of network activation module provided in an embodiment of the present invention;
Fig. 8 is the structural representation of another embodiment of vehicle network access control apparatus provided in an embodiment of the present inventionFigure;
Fig. 9 is the structural representation of another embodiment of vehicle network access control apparatus provided in an embodiment of the present inventionFigure;
Figure 10 is the structural schematic diagram of one embodiment of first network screen unit provided in an embodiment of the present invention;
Figure 11 is that the structure of the still another embodiment of vehicle network access control apparatus provided in an embodiment of the present invention is shownIt is intended to.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, completeSite preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based onEmbodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every otherEmbodiment shall fall within the protection scope of the present invention.
Embodiment 1
It is the process of one embodiment of vehicle network access control method provided in an embodiment of the present invention referring to Fig. 1, Fig. 1Schematic diagram, method includes the following steps:
Step 101: receiving the access request that external equipment is sent.
In the present embodiment, external equipment sends access request to vehicle, vehicle network is requested access to, to be diagnosedOr other access operations.
Step 102: whether judgement currently needs to establish connection according to Handshake Protocol and external equipment, which includesThe identification of external equipment and vehicle network activate.If so, 103 are thened follow the steps, it is no to then follow the steps 105.
In the present embodiment, it is checked on by the access operation to external equipment, in the visit for receiving external equipment transmissionWhen asking request, whether judgement currently needs to establish connection according to Handshake Protocol and external equipment, performs the next step if necessarySuddenly, otherwise, activated vehicle network is made to receive the access operation of external equipment.
Step 103: the identity of external equipment is identified according to Handshake Protocol.
In the present embodiment, Handshake Protocol can be, but not limited to the identification for including: external equipment and vehicle network swashsIt is living.
In the present embodiment, the identification of external equipment specifically: the first service information that external equipment is sent is received,The first service information includes the identification code of external equipment.A code database is stored in advance in vehicle, which defines oftenIt is a to identify corresponding identification code.For example define 0xAA are as follows: Guangzhou Automobile Workshop's off-line test equipment;0xBB are as follows: Guangzhou Automobile Workshop's diagnostic equipment after sale;0xCCAre as follows: Guangzhou Automobile Workshop develops testing tool;0xDD are as follows: the other equipment of Guangzhou Automobile Workshop;Other are encoded to illegality equipment.Vehicle is believed according to first serviceIdentification code in breath inquires and whether there is identical identification code in predictive coding library, if it is present determining the external equipmentIdentity is legitimate device, otherwise, it determines the identity of the external equipment is illegality equipment, refuses the access request of the external equipment.
Step 104: when the identity for identifying external equipment is legitimate device, activating external equipment to be asked according to Handshake ProtocolSeek the vehicle network of access.
In the present embodiment, when identifying external equipment is legitimate device, external equipment is activated to be asked according to Handshake ProtocolThe vehicle network of access is sought, specifically: the second service information that external equipment is sent is received, which includes outsideThe vehicle network information that equipment is requested access to.External equipment can request to activate some network or all-network, vehicle according toThe vehicle network information, the vehicle network that activation external equipment requests access to.Vehicle interior can be, but not limited to each network intoRow definition makes the corresponding coding of each network, when requesting activation, according to the corresponding network of ciphering activation.For example: definition0x00,0x06-0xff are as follows: All channel Disabled;Define 0x01 are as follows: PCAN channel Enabled;Definition0x02 are as follows: ACAN channel Enabled;Define 0x03 are as follows: SCAN channel Enabled;Define 0x04 are as follows: BCANchannel Enabled;Define 0x05 are as follows: Diag routing Enabled.By default, the access of all-network is allIt is shielding, avoids the unauthorized access of external equipment.
In the present embodiment, the first service information and second service information that external equipment is sent can synthesize sameInformation on services improves working efficiency without sending twice.
Step 105: the vehicle network after making activation receives the access operation of external equipment.
In the present embodiment, after external equipment is by identification and network activation, external equipment can visit vehicleIt asks operation, obtains vehicle data, realize diagnosis or other function.External equipment carries out vehicle to be diagnosed as the prior art, hereinIt repeats no more.
Therefore a kind of vehicle network access control method provided in an embodiment of the present invention, receiving external equipment hairWhen the access request sent, whether judgement currently needs to establish connection according to Handshake Protocol and external equipment, which includesThe identification of external equipment and vehicle network activate.Identity knowledge is carried out to external equipment according to Handshake Protocol if necessaryNot, and when the identity for determining external equipment is legitimate device, the vehicle that is requested access to of external equipment is activated according to Handshake ProtocolNetwork, so that the vehicle network after activation receives the access operation of external equipment.External equipment is allowing to access vehicle networkAfterwards, it is communicated with vehicle, obtains vehicle data and realize diagnosis or other function.It is examined compared with the prior art using constantly transmissionDisconnected message cracks former depot's agreement to obtain more acquisition data, and technical solution of the present invention can prevent illegality equipment from accessing vehicle netNetwork prevents illegality equipment from accessing non-discharge related diagnostic data, reduces the interference to former depot's network.
Embodiment 2
Referring to fig. 2, Fig. 2 is the stream of another embodiment of vehicle network access control method provided in an embodiment of the present inventionJourney schematic diagram.As shown in Fig. 2, the present embodiment the difference from embodiment 1 is that, step 202: whether judging the current value of counterIt is zero, counter is provided with initial value in advance, it needs to establish connection according to Handshake Protocol and external equipment if it is, determining,Step 103 is executed, otherwise, it determines not needing to establish connection according to Handshake Protocol and external equipment, step 206 is executed: making to have swashedVehicle network living receives the access operation of external equipment, and the value for keeping counter current subtracts 1.
In the present embodiment, counter: Counter is defined, counter preset configuration has initial value.Counter is setIt can prevent illegality equipment from accessing vehicle network, but bring simultaneously to the off-line test equipment of genuine and test development equipment tiredIt disturbs.Because diagnosis requires once to be shaken hands every time, the time is expended, diagnosis efficiency is influenced.Solution are as follows: supplier send partWhen to main engine plants, counter Counter can be set to 0xFF, all access informations, which all do not need Handshake Protocol, to visitIt asks, but the every access of counter is primary, numerical value will subtract 1, and when the value of counter is 0, external equipment is needed according to association of shaking handsView is established after connection with vehicle network and can just be accessed.And in the offline vehicle release of production line, if Counter is not equal to0, then it needs to be reset Counter with off-line test equipment, all external device access vehicle datas hereafter require basisHandshake Protocol carries out identification and network activation.Working efficiency was not influenced when not only can guarantee genuine detection in this way, but also can be in vehicleThe access of illegality equipment is prevented after factory.
It whether is zero according to the value of counter therefore when judging whether to need to establish connection according to Handshake ProtocolTo be judged.Calculator is provided with initial value in advance.When vehicle does not dispatch from the factory also, initial value 0xFF, all external equipmentsVehicle network can be directly accessed, but every access is primary, the value of counter subtracts 1, needs according to Handshake Protocol again after reducing to 0It establishes connection just and can be carried out communication.And the value of counter is reset after dispatching from the factory, it is ensured that after factory, external equipment one train of every accessNetwork is required to be connected according to Handshake Protocol, is not only avoided that before factory that access is both needed to the case where establishing connection every time, is reducedAccess time, the efficiency of access is improved, and illegality equipment is further prevented to access vehicle network.
Embodiment 3
Referring to Fig. 3, Fig. 3 is the stream of another embodiment of vehicle network access control method provided in an embodiment of the present inventionJourney schematic diagram.As shown in figure 3, the present embodiment the difference from example 2 is that, further include after step 105 and step 206Step 301: starting timing, record the access time of external equipment;It executes step 302: being more than the preset time in access timeWhen threshold value, vehicle network is shielded, and re-recognizes the identity of external equipment according to Handshake Protocol, step 303: judging to set outside thisWhether standby identity is legitimate device, however, it is determined that is legitimate device, thens follow the steps 304: activation external equipment is requested access toVehicle network so that the vehicle network after activation receives the access operation of external equipment.If it is determined that being illegality equipment, then executeStep 305: refusing the access request of external equipment.
In the present embodiment, if access time is not above time threshold, vehicle network continues to receive external equipmentAccess operation.
In the present embodiment, in order to avoid external equipment accesses vehicle network for a long time, vehicle network load excessive is caused,An access time can be being defined, limit external equipment admissible access time.Receive external equipment and access operationAfterwards, start timing, and record the access time.If access time is greater than preset time threshold, external equipment needs basisHandshake Protocol re-establishes connection, that is, re-recognizes identity and reactivate vehicle network.When illegality equipment successful access vehicleWhen network, timer is avoided that illegality equipment access vehicle network for a long time, and re-recognizes so that illegality equipment need to be known againOther identity refuses the access request of the equipment if identifying that the equipment is illegality equipment.
In the present embodiment, in order to guarantee that the timing reasonability of timer, the value of access time can pass through diagnostic commandIt is adjusted, when there is specific demand in the either former depot of exploitation test phase, the value can be arranged by the equipment of former depotFor infinity, almost without the operating time of limitation external equipment.After diagnosis, then the value is restored to default value.Both it protectedThe actual demand of Zheng Yuan depot, and the illegality equipment operating time can be prevented too long.
Therefore after activated vehicle network receives the access operation of external equipment, the record access time is being visitedWhen asking that the time is more than preset time threshold, vehicle network is shielded, the identity of external equipment is re-recognized according to Handshake Protocol, andWhen the identity for redefining external equipment is legitimate device, the requested vehicle of external equipment is reactivated according to Handshake ProtocolNetwork can access for a long time vehicle network to avoid external equipment, prevent the illegality equipment operating time too long.
Embodiment 4
Referring to fig. 4, Fig. 4 is the still another embodiment of vehicle network access control method provided in an embodiment of the present inventionFlow diagram.As shown in figure 4, the difference of Fig. 4 and Fig. 2 is, further include step 401 after step 105 and step 206:Judge whether external equipment is completed to access, if so, then follow the steps 402, otherwise return step 105.
Step 402: shielding vehicle network.
Therefore after external equipment completes access, the activation vehicle network of the external equipment is shielded, is needing to visitIt is activated when asking further according to Handshake Protocol, further decreases illegality equipment access vehicle network possibility, avoid illegality equipmentDiagnosis message is constantly sent, vehicle network is interfered, influences vehicle normal work.
Embodiment 5
Referring to Fig. 5, Fig. 5 is a kind of structural schematic diagram of vehicle network access control apparatus provided in an embodiment of the present invention.The access control apparatus can mask vehicle bus signals, prevent from illegally cracking network data, at the same for diagnosis request intoCapable operation of checking on.The access control apparatus includes:
Receiving module 501, for receiving the access request of external equipment transmission.
Judgment module 502 is electrically connected with receiving module 501, for judging currently whether need according to Handshake Protocol and instituteIt states external equipment and establishes connection, the Handshake Protocol includes that the identification of external equipment and vehicle network activate.
Identification module 503 is electrically connected with judgment module 502, is needed for determining in judgment module 502 according to Handshake ProtocolWhen establishing connection with external equipment, the identity of external equipment is identified according to Handshake Protocol.
Network activation module 504 is electrically connected with judgment module 502, for determining the body of external equipment in identification module 503When part is legitimate device, according to the vehicle network that Handshake Protocol activates external equipment to be requested access to, so that the vehicle after activationNetwork receives the access operation of external equipment.
It is the structural schematic diagram of one embodiment of identification module referring to Fig. 6, Fig. 6 as a kind of citing of the present embodiment,Identification module 503 includes: the first receiving unit 601 and identity recognizing unit 602.First receiving unit 601 is for judging mouldWhen block 502 determines that needs establish connection according to Handshake Protocol and external equipment, the first service information that external equipment is sent is received,The first service information includes the identification code of external equipment.Identity recognizing unit 602 is electrically connected with the first receiving unit 601, is usedIn the identification code according to external equipment, inquiry is prestored with the presence or absence of identical identification code in code database, if it is present determining outerThe identity of portion's equipment is otherwise legitimate device refuses the access request of external equipment.
As a kind of citing of the present embodiment, referring to Fig. 7, Fig. 7 is that the structure of one embodiment of network activation module is shownIt is intended to.Network activation module 504 includes: the second receiving unit 701 and network activation unit 702.Second receiving unit 701 is used forThe second service information that external equipment is sent is received, which includes the vehicle network that external equipment is requested access toInformation.Network activation unit 702 is electrically connected with the second receiving unit 701, for according to vehicle network information, activation is external to be setThe standby vehicle network requested access to.
The working principle of the present embodiment can be, but not limited to the related record referring to embodiment 1 to steps flow chart.
Therefore the embodiment of the invention provides a kind of vehicle network access control apparatus, external equipment needs basisAfter Handshake Protocol and access control apparatus establish connection, vehicle network could be accessed, makes illegality equipment can not be straight by OBD interfaceVehicle network is asked in receiving.And except all diagnostic messages that OBD is independently discharged outward, other diagnostic messages require to pass through accessControl device obtains, and shields vehicle bus signals, prevents from illegally cracking network data.External equipment energy compared with the prior artVehicle network is directly accessed by OBD interface, more acquisition data are obtained, using the access control apparatus energy of the embodiment of the present inventionIt prevents illegality equipment from accessing vehicle network, prevents illegality equipment from accessing the related diagnostic data that do not discharge, reduce to former depot's netThe interference of network
Embodiment 6
Referring to Fig. 8, Fig. 8 is the knot of another embodiment of vehicle network access control apparatus provided in an embodiment of the present inventionStructure schematic diagram.The present embodiment and the difference of embodiment 5 be, access control apparatus further include: counter 801, judgment module 502Including counting judging unit 802, counting determination unit 803 and operation acceptance unit 804.
Judging unit 802 is counted to be electrically connected with counter 801, it, should for judging whether the current value of counter 801 is zeroCounter 801 is provided with initial value in advance.
It counts determination unit 803 and is electrically connected with judging unit 802 is counted, counted for being determined in counting judging unit 802When the current value of device 801 is zero, determines and need to establish connection according to Handshake Protocol and the external equipment.
Operation acceptance unit 804 is electrically connected with judging unit 802 is counted, for counting the determining counting of judging unit 802When the current value of device 801 is not zero, activated vehicle network is made to receive the access operation of external equipment, and makes counter 801Current value subtracts 1.
The more detailed working principle of the present embodiment can be, but not limited to the related record referring to embodiment 2 to steps flow chart.
Therefore using this implementation technical solution, counter 801 is provided in vehicle network access control apparatus,When judging whether to need to establish connection according to Handshake Protocol, judged according to whether the value of counter 801 is zero.It countsDevice 801 is provided with initial value in advance.When vehicle does not dispatch from the factory also, initial value 0xFF, all external equipments can be visited directlyAsk vehicle network, but every access is primary, the value of counter subtracts 1, and external equipment needs are built again according to Handshake Protocol after reducing to 0Vertical connection just can be carried out communication.And the value of counter is reset after dispatching from the factory, it is ensured that after factory, an external equipment vehicle of every accessNetwork is required to establish connection according to Handshake Protocol, is not only avoided that before factory that access is both needed to the case where establishing connection every time, subtractsFew access time, the efficiency of access is improved, and illegality equipment is further prevented to access vehicle network.
Embodiment 7
Referring to Fig. 9, Fig. 9 is the knot of another embodiment of vehicle network access control apparatus provided in an embodiment of the present inventionStructure schematic diagram.The present embodiment and the difference of embodiment 6 be, access control apparatus further include: timer 901 and first network screenCover unit 902.Timer 901 is electrically connected with network activation module 504, first network screen unit 902, for activatedAfter vehicle network receives the access operation of external equipment, starts timing, record the access time of external equipment.
First network screen unit 902 is used for when access time being more than preset time threshold, shields vehicle network, andThe identity of external equipment is re-recognized according to Handshake Protocol.
It is the structural schematic diagram of one embodiment of first network screen unit referring to Figure 10, Figure 10.First network shieldingUnit 902 includes: the first activation unit 9021 and the first request refusal unit 9022.First activation unit 9021 is used for againWhen the identity for identifying external equipment is legitimate device, the vehicle network that is requested access to of external equipment is activated according to Handshake Protocol,So that the vehicle network after activation receives the access operation of external equipment;
First request refusal unit 9022 is used to refuse external equipment when the identity for identifying external equipment is illegality equipmentAccess request.
The more detailed working principle of the present embodiment can be, but not limited to the related record referring to embodiment 3 to steps flow chart.
Therefore access control apparatus passes through after activated vehicle network receives the access operation of external equipmentThe 901 record access time of timer, when access time being more than preset time threshold, first network screen unit 902 is shieldedVehicle network re-recognizes the identity of external equipment, and when the identity for redefining external equipment is legitimate device, swashs againThe requested vehicle network of external equipment living receives external device access operation, can access for a long time vehicle to avoid external equipmentNetwork prevents the illegality equipment operating time too long.
Embodiment 8
Referring to Figure 11, Figure 11 is the still another embodiment of vehicle network access control apparatus provided in an embodiment of the present inventionStructural schematic diagram.The present embodiment and the difference of embodiment 7 be, vehicle network access control apparatus further include: access judgementModule 1101 and the second net mask unit 1102.Access judgment module 1101 is electrically connected with network activation module 504, is used forJudge whether external equipment is completed to access.Second net mask unit 1102 is electrically connected with access judgment module 1001, is used forIt accesses judgment module 1101 and determines that external equipment is completed after accessing, shield vehicle network.
The more detailed working principle of the present embodiment and process step can be, but not limited to referring to embodiment 3 and embodiment 4Correlation is recorded.
Therefore vehicle network access control apparatus has shielded the external equipment after external equipment completes accessVehicle network is activated, is activated again when needing to access, illegality equipment access vehicle network possibility is further decreased.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be withRelevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage mediumIn, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magneticDish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random AccessMemory, RAM) etc..
The above is a preferred embodiment of the present invention, it is noted that for those skilled in the artFor, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also considered asProtection scope of the present invention.