Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. It will be apparent that the described embodiments are only some, but not all, embodiments of the application. All other embodiments, which can be made by a person skilled in the art without any inventive effort, are intended to be within the scope of the present application based on the embodiments of the present application.
In order to facilitate understanding of the implementation manner provided by the embodiment of the present application, a description will be given of a related application background of the data communication method provided by the embodiment of the present application.
Currently, with the rapid development of intelligent internet-connected automobiles and automatic driving technologies, the data exchange demands in the interior of vehicles and between vehicles are increasing. The related art employs a data distribution service (Data Distribution Service, DDS) communication, which defines a data Topic (Topic), allowing different devices (e.g., sensors, ECU, etc.) to participate in data exchange with the identity of a publisher (Publisher) or Subscriber (Subscriber). Publishers publish data to specific topics, and subscribers can subscribe to interested topics according to own needs, so that efficient distribution and reception of the data are achieved, and real-time transmission of various sensor data, control instructions and state information among different electronic control units (Electronic Control Unit, ECU) or between vehicles and external systems is ensured. However, in related DDS communications, only the collected data is encrypted, or the encryption algorithm (e.g., the symmetric encryption algorithm ae) is single, or a certain serialization and deserialization (e.g., boost or cdr) are fixed, so that the security is low.
In view of this, some embodiments of the present specification provide a data communication method for enhancing security by encrypting identification information corresponding to transmission data. And different data sources are distinguished, and different encryption modes are adopted, so that the communication efficiency is improved. And the main thread is used for subscribing data and acquiring data, and the sub thread is used for decrypting data and landing data in a multithreading operation mode, so that the resource preemption of subscribing data and acquiring data in the process of decrypting the data and landing data is reduced, and the occurrence of frame loss is reduced.
Fig. 1 is an application scenario diagram of a data communication method according to some embodiments of the present description.
The data communication method provided by the embodiment of the application can be applied to various application scenes. Such as autopilot, intelligent transportation, industrial automation, etc.
The execution body of the technical scheme of the embodiment of the application can be an electronic device which can be deployed on a movable device or connected with the movable device in a wired or wireless mode, and the electronic device can be the movable device. The removable device may have any appearance, such as an intelligent vehicle or the like.
In some embodiments, the electronic device may be an on-board terminal integrated in the vehicle, such as an electronic control unit (ECU, electronic Control Unit), a vehicle control unit (VCU, vehicle Control Unit), a microcontroller (Micro Control Unit, MCU), or the like, or a device that performs data interaction with the vehicle. The embodiment of the application does not limit the specific type of the electronic equipment.
When the electronic device is connected to a removable device, the electronic device may be a terminal device such as a smart phone, a tablet computer, a notebook computer, a desktop computer, or the like, but is not limited thereto.
In some embodiments, the application scenario may also include, for example, a network, a storage device, and the like. The network may include any suitable wired or wireless network that may facilitate the exchange of information and/or data. The storage devices are used to store data, instructions, and/or any other information. It should be noted that, the information (including but not limited to device information, user information, etc.), data (including but not limited to data for analysis, stored data, presented data, etc.), and signals related to the present application are all authorized by the user or sufficiently authorized by the parties, and the collection, use, and processing of the related data is required to comply with the relevant regulations and standards. For example, the transmission data and the like involved in the embodiment of the present application are acquired under the condition of sufficient authorization.
The following description will take an example in which the mobile device is an intelligent vehicle (simply referred to as a vehicle). It should be noted that the application scenario of the data communication method is provided for illustrative purposes only and is not intended to limit the scope of the present description. Various changes and modifications may be made by one of ordinary skill in the art in light of the description herein. For example, the application scenario may also include databases, information sources, and the like. As another example, application scenarios may be implemented on other devices to implement similar or different functionality. However, such changes and modifications do not depart from the scope of the present specification.
Fig. 2 is an exemplary flow chart of a method of data communication according to some embodiments of the present description. In some embodiments, the process may be performed based on the first terminal. As shown in fig. 2, the flow includes the following steps.
Step 210, encrypting the transmission data and the identification information corresponding to the transmission data.
In some embodiments, the first terminal is a publisher and the second terminal is a subscriber, i.e., data communication is performed between the first terminal and the second terminal based on DDS. In some embodiments, the publisher and the subscriber may be in the same terminal, i.e., the first terminal and the second terminal may be the same terminal, and in more cases, the publisher and the subscriber are not in the same terminal, i.e., the first terminal and the second terminal may be different terminals, and in embodiments of the present application, the first terminal and the second terminal are illustrated as different terminals. The first terminal may be an internet of things device, a vehicle-mounted terminal (e.g., a domain controller), a mobile phone or a tablet computer, and the second terminal may also be an internet of things device, a vehicle-mounted terminal (e.g., an upper computer), a mobile phone or a tablet computer.
In some embodiments, the first terminal includes a first application program and a first middleware, and the second terminal includes a second application program and a second middleware, where the first application program is a publisher, that is, the first application program publishes transmission data that needs to be transmitted. For example, one sensor node may generate temperature data, or one control system may generate control instructions. The first middleware is used for packaging transmission data generated by the first application program into data samples in DDS communication and issuing the data samples into a network, and the first middleware is also used for managing data transmission, including serialization, encryption, deserialization, decryption and the like. And the second middleware is used for receiving the data samples from the network and transmitting the data samples to the second application program, and the second middleware is used for managing the data receiving, including deserialization, data caching, data distribution and the like. And the first DDS middleware and the second DDS middleware are in data communication, so that the first application program and the second application program share the transmission data.
The transmission data is specific data that needs to be transmitted to the second terminal. For example, the transmission data may be sensor data, control instructions, and the like.
In some embodiments, the transmission data is data collected by a vehicle.
In some embodiments, each domain controller in the vehicle may be a first terminal, the vehicle control unit or host computer, etc. may be a second terminal, and the transmission data includes sensor data, status information, and control instructions that each domain controller in the vehicle (e.g., body domain, cabin domain, driving domain, etc.) would send to the vehicle control unit (Vehicle Control Unit, VCU) of the vehicle. For another example, the vehicle control unit receives the transmission data from each domain controller and makes centralized decisions and controls based on the transmission data, and the VCU not only processes the data from each domain controller, but also sends control commands, status updates, and other related information back to each domain controller and other devices.
By way of example, the transmission data may include, but is not limited to, door status of a vehicle body domain, air conditioning system status, sensor data inside and outside the vehicle, etc., driver information of a cabin domain, navigation system data, voice assistant commands, etc., and vehicle dynamics data of a driving domain, engine status, brake system status data, camera data, etc.
By way of example, the transmission data may also include, but is not limited to, door control commands, window control commands, etc., sent to the body domain, navigation system commands, entertainment system control commands, etc., sent to the cabin domain, and engine control commands, brake system control commands, etc., sent to the driving domain.
The transmission data may also include data collected by a sensor, which sends CAN data to the domain controller via a CAN (Controller Area Network, serial communication protocol) bus, and the domain controller encapsulates the CAN data to DDS communication data according to a certain mapping rule.
The identification information is key information for identifying and describing transmission data. For example, the identification information is additional information associated with the transmitted data for identifying or distinguishing the data source (e.g., sensor ID, device name, etc.), data type (e.g., image data, text data, etc.), use (e.g., control, logging, perception, etc.), or other attribute of the transmitted data, etc.
And 220, transmitting the encrypted identification information and the encrypted transmission data to the second terminal.
In some embodiments, the encrypted identification information and the encrypted transmission data may be spliced and packaged and transmitted to the second terminal.
In some embodiments, the identification information includes first identification information indicating a data type of the transmission data and/or second identification information indicating a data source of the transmission data.
The data source may be device information related to a generating end of the transmission data or a transmitting end of the transmission data.
In some embodiments, the first identification information may be a string or enumerated value, or the first identification information may also be a Topic (Topic), where the Topic is a logical channel of data transmission, and the publisher publishes the data to a corresponding Topic, and the subscriber subscribes to the data from the required Topic. Different topics correspond to different data types and data structures.
In some embodiments, the second identification information may include a device ID or location information of the first terminal, etc., or the second identification information may also be a globally unique identifier (GUID, global Unique Identifier) which is an identifier for uniquely identifying the data source or entity in the DDS communication.
In some embodiments of the present disclosure, by encrypting the identification information and transmitting the data, not only the security of the transmitted data can be improved, but also the security of the identification information in the transmission process can be ensured, and meanwhile, the integrity of the data type and the source information is maintained.
In some embodiments, encrypting the identification information corresponding to the transmission data includes:
Encrypting the first identification information based on a first encryption mode to obtain encrypted first identification information;
And encrypting the second identification information based on the second encryption mode to obtain encrypted second identification information.
The first encryption mode refers to an encryption algorithm for encrypting the first identification information. For example, the first encryption mode may be symmetric encryption (e.g., AES (Advanced Encryption Standard)) or asymmetric encryption (e.g., RSA (Rivest Shamir Adleman)), etc.
The second encryption mode refers to an encryption algorithm for encrypting the second identification information. For example, the second encryption mode may be the same as the first encryption mode or may be different depending on security requirements and practical applications.
In some embodiments of the present disclosure, by encrypting the first identification information and the second identification information separately, an appropriate encryption algorithm and key management policy may be selected according to different security requirements. For example, the first identification information may require a higher encryption strength, while the second identification information may require a faster encryption speed to accommodate different application scenarios and security requirements. For example, in some scenarios, the data type may need to be kept strictly secret, while in other scenarios, the data source may need to be more secure.
The first encryption scheme may be implemented in a variety of ways, for example, the first encryption scheme may include any one or combination of confusion processing, rearrangement, exclusive-or processing.
The confusion process is an encryption method by changing the representation of data. For example, the confusion process may be implemented by character substitution, code conversion, and a preset mapping relationship, where the character substitution may be to replace some characters in the data with other characters, the code conversion may be to convert the data from one code to another, for example, from ASCII to Base64, and the preset mapping relationship may be to map the information of the target data unit to other forms of associated information using a preset mapping table.
The rearrangement may be a method of changing the order of the data units, and the exclusive-or process may be a logical operation such as exclusive-or.
In some embodiments, the first identification information includes a plurality of data units, and the encrypting the first identification information based on the first encryption mode to obtain encrypted first identification information includes:
Obtaining association information associated with the target data unit based on the target data unit in the first identification information and a preset mapping relation to determine encrypted first identification information,
The preset mapping relation comprises a mapping relation between a preset data unit and associated information.
The data unit refers to an integral part of the first identification information. For example, the data units may be each specific element in the first identification information, and illustratively, each data unit may be a bit, a character, a byte, an integer, a floating point number, or any other basic data type.
In some embodiments, the first identification information may include a plurality of fields, where a field is composed of at least one character (e.g., a field may be a complete string, etc.), and a complete field may be used as a data unit. For example, the field is a data unit, or a character or a byte corresponding to a character in the field is used as a data unit. For example, the data units are "t", "m", etc. The fields may include, but are not limited to, a data type data_type (e.g., numeric, character, boolean, etc.), a data format (e.g., text format, binary format, etc.), a data unit (e.g., temperature unit, length unit, time unit, etc.), and the like.
The target data unit is a specific data unit selected from the first identification information. The target data unit may be a set of one or more data units, depending on the application scenario.
The preset mapping relationship is a predefined mapping table, and is used for indicating the corresponding relationship between the preset data unit (such as data_type, format, etc.) and the associated information. For example, the preset mapping relationship may be a dictionary or a table.
The association information is a field or a character string derived from the information of the target data unit according to a preset mapping relationship. The association field may be an encrypted value, a substitute value, or other related information. In some embodiments, the information of the target data unit may be replaced with corresponding association information.
The encrypted first identification information contains the associated information, but does not contain the information of the original target data unit, so that the safety of the first identification information in the transmission process is ensured.
In some embodiments, the target data unit comprises a data unit corresponding to at least one of a service name, a sensor type, a sensor location.
The service name is a name or identifier associated with the service or application transmitting the data.
The sensor type is used to identify the type of sensor that collects the transmitted data, e.g., temperature sensor, pressure sensor, etc.
The sensor location is used to identify the physical location or mounting location of the sensor that acquired the transmitted data.
Illustratively, the first identifying information is a topic, the topic is composed of a plurality of fields, each field is divided by a separator, the topic is in the format of/idc/lidar/left/detection, wherein the first separator/following field is used for indicating the service name of the relevant department, the second separator/following field is used for indicating the sensor type, the third separator following field is used for indicating the sensor location, and the fourth separator following field is used for indicating the application scenario, e.g. detection is perception.
And based on a preset mapping relation, performing confusion processing on the fields after the first three separators as target data units, and obtaining a confusion value irrelevant to the theme by confusion. Illustratively, idc- > is confused as opc, lidar is confused as camera, left is confused as right.
In some embodiments, the confusion values (association information) associated with each field may be formed into a confusion matrix, where each row of the confusion matrix corresponds to a target data unit, and each column corresponds to a possible confusion value as a preset mapping relationship. The same confusion matrix is stored in local caches of both subscribers and publishers as a preset mapping relationship, so that both sides can be ensured to consistently carry out confusion and confusion removal processing.
In some embodiments of the present disclosure, key fields in the first identification information may be hidden or protected during transmission by way of confusion processing, while retaining the necessary information for data parsing and processing.
In some embodiments, encrypting the first identification information based on the first encryption manner, to obtain encrypted first identification information, includes:
rearranging the plurality of data units in the first identification information to obtain encrypted first identification information.
In some embodiments, a field may be used as a data unit, and a random sequence is generated, where the sequence represents an arrangement manner of each data unit in the first identification information, a length of the sequence is the same as a number of data units, an element value of each element in the sequence represents a position index value of a corresponding data unit in the first identification information, and each position index value is not repeated, and each data unit is moved to a new position according to the sequence, so as to generate the encrypted first identification information. For example, for 4 data units, the sequential sequence may be [2,0,3,1], and the plurality of data units may be rearranged according to the sequential sequence. For example, according to the sequential sequence [2,0,3,1], [ "idc", "lidar", "left", "detection" ] may be rearranged as [ "left", "idc", "detection", "lidar" ], and the rearranged data units are combined into encrypted first identification information, e.g., [ "left", "idc", "detection", "lidar" ] are combined as/left/idc/detection/lidar.
In some embodiments, the first identification information may be converted into a byte sequence, such as converting each character in the first identification information into a corresponding binary representation (e.g., an ASCII code value), resulting in a byte sequence of the first identification information. Each byte in the byte sequence represents an independent data unit, and each byte can be rearranged according to the generated sequence to generate encrypted first identification information.
It will be appreciated that the rearranged plurality of data units may be in the same form or in a different form than the obfuscated plurality of data units, e.g., the target data unit in the first identification information of the obfuscation may refer to a field following the separator, and the rearranged plurality of data units in the first identification information may be in the form of bytes. The present specification does not limit this.
In the present specification, the rearrangement is illustrated for convenience of explanation, but the present invention is not limited thereto, and may be performed by other means, for example, rearrangement of only a part of the first identification information, or the like.
In some embodiments of the present disclosure, encryption or confusion of the first identification information may be achieved by rearranging the data units in the first identification information, while the parsing difficulty is not increased, and the method may be applicable to an application scenario requiring lightweight security encryption.
In some embodiments, encrypting the first identification information based on the first encryption manner, to obtain encrypted first identification information, includes:
and performing exclusive-or processing on the plurality of data units in the first identification information based on the key with the preset length to obtain encrypted first identification information.
The preset length key is a preset key of a predefined fixed length, and the preset key may be composed of randomly generated characters, numbers or bytes. The preset length may be the same as the first identification information or the length of a certain data unit, or may be other lengths. For example, when the length of the preset key is shorter than the first identification information, the entire first identification information may be covered by recycling the preset key.
In some embodiments, a field or separator/later field of the preset data bit is used as a data unit, a corresponding key may be configured for each data unit, or a total key may be configured for the first identification information, and the exclusive or processing may be performed on the plurality of data units or the first identification information of the first identification information based on the plurality of keys or the total key.
In some embodiments, the length of the byte sequence corresponding to the first identification information is the same as that of the byte sequence corresponding to the first identification information, the binary representation of the key with the preset length and the byte sequence corresponding to the first identification information can be subjected to exclusive-or operation bit by bit, and the binary result after the exclusive-or operation is converted back into a character form to form the encrypted first identification information. The exclusive-or operation is illustratively performed using a selected key based on the byte sequence of the first identification information, and the exclusive-or result is converted back into a character form to form encrypted first identification information.
It will be appreciated that the plurality of data units of the exclusive or process and the plurality of data units of the obfuscation process and the rearrangement may be in the same form or in different forms, for example, the target data unit in the first identification information of the obfuscation process may refer to a field after the separator, and the plurality of data units in the first identification information of the exclusive or process may be in the form of bytes. The present specification does not limit this.
In some embodiments of the present disclosure, the exclusive-or operation is easy to implement, and does not require a complex algorithm and a large amount of computing resources, so as to effectively conceal the content of the first identification information, and ensure that the first identification information is protected during the transmission process.
Fig. 3 is an exemplary flow chart of obtaining encrypted first identification information according to some embodiments of the present description. In some embodiments, the process may be performed based on the first terminal. As shown in fig. 3, the flow includes the following steps.
In some embodiments, encrypting the first identification information based on the first encryption mode, to obtain encrypted first identification information includes:
Step 310, obtaining association information associated with the target data unit based on the target data unit in the first identification information and a preset mapping relation to obtain first encryption information;
Step 320, rearranging a plurality of data units in the first encryption information to obtain second encryption information;
And 330, performing exclusive-or processing on the plurality of data units in the second encrypted information based on the key with the preset length to obtain third encrypted information so as to obtain encrypted first identification information.
The first encryption information is the confused first identification information. The second encryption information is the first identification information after being arranged. The third encryption information is the first identification information after exclusive or.
In some embodiments, any one of the above encryption methods may be used alone, or multiple encryption methods may be used in combination to enhance the encryption effect. The first encryption method includes confusion processing and rearrangement, for example, obtaining/opc/camera/right/detection as first encryption information of first identification information through a preset mapping relation, and rearranging the first encryption information of the first identification information, namely, obtaining/right/detection/opc/camera as second encryption information. Further exemplary, the first encryption method includes rearrangement and exclusive-or processing, where the theme/idc/iidar/left/detection is rearranged to obtain/left/detection/idc/iidar as second encryption information, and exclusive-or operation is performed on/left/detection/idc/iidar and a key with a preset length to obtain third encryption information as encrypted first identification information.
In some embodiments, the first encryption mode includes a confusion process, a rearrangement, and an exclusive-or process. The method includes the steps of obtaining first encrypted information by replacing information (such as fields indicating service names, sensor types and sensor positions) of target data units in first identification information with corresponding associated information by using a preset mapping relation, obtaining second encrypted information by rearranging a plurality of data units in the first encrypted information through a sequence generated randomly for the first encrypted information, and obtaining third encrypted information as encrypted first identification information by performing bitwise exclusive OR operation on each byte in a byte sequence corresponding to the second encrypted information by using a key with a preset length.
In some embodiments of the present disclosure, by using the confusion process, the rearrangement process, and the exclusive-or process in combination, the security of the data may be increased at different levels, and the security of the first identification information may be further improved.
It is understood that the second encryption mode may be the same as the first encryption mode, that is, the second identification information may also be encrypted based on the first encryption mode, to obtain encrypted second identification information.
In some embodiments, the second identification information is encrypted based on a second encryption mode, so as to obtain encrypted second identification information:
and encrypting the second identification information based on the first symmetric key to obtain encrypted second identification information.
In some embodiments, the second encryption scheme may be different from the first encryption scheme, e.g., the second encryption scheme is a symmetric encryption algorithm.
The first symmetric key may be a key of a symmetric encryption algorithm, and the key length of the first symmetric key may be 128 bits, 192 bits or 256 bits, which may be determined according to practical situations, or may be padded or truncated, etc.
In some embodiments, a random symmetric key may be generated by using a random number generator as the first symmetric key, and the second identification information is encrypted by a symmetric encryption algorithm based on the first symmetric key, to obtain encrypted second identification information. Symmetric encryption algorithms include, but are not limited to AES (Advanced Encryption Standard), DES (Data Encryption Standard), 3DES (Triple DES), RC4, and the like.
It should be noted that, different encryption modes are adopted to encrypt different identification information, even if one identification information is decrypted by an attacker, the other identification information cannot be acquired by the attacker in the same decryption mode, so that the communication security is improved.
In some embodiments of the present disclosure, the content of the second identification information may be hidden or protected during the transmission process by encrypting based on the first symmetric key in different encryption manners, so as to further improve the security of the identification information.
In some embodiments, the method further comprises:
carrying out hash processing on the identification information to obtain a first abstract value corresponding to the identification information;
And transmitting the first abstract value, the encrypted identification information and the encrypted transmission data to the second terminal.
The first digest value is a character string obtained by hashing the identification information.
The hash processing is an operation process of converting data of an arbitrary length into a value of a fixed length.
In some embodiments, the hash process may be implemented based on a hash algorithm, e.g., SHA-256, MD5, etc.
In some embodiments, the first digest value corresponding to the identification information, the encrypted identification information, and the encrypted transmission data may be spliced, so as to obtain spliced encrypted data, and the spliced encrypted data is sent to the second terminal.
In some embodiments, when transmitting transmission data, the first terminal may generate a data digest from the transmission data using a hash algorithm, then encrypt the data digest using a private key of the first terminal, send the encrypted data digest together with the encrypted transmission data as a digital signature of the transmission data and a first digest value corresponding to the identification information and the encrypted identification information to the second terminal, the second terminal may decrypt the encrypted transmission data first, calculate the data digest from the decrypted transmission data using a hash algorithm corresponding to the first terminal, decrypt the additional digital signature using a public key, obtain a decrypted data digest, and determine that the transmission is successful if the decrypted data digest and the calculated data digest are identical, so as to obtain the transmission data of the first terminal.
In some embodiments of the present disclosure, the digest value generated by the hash operation may be used to verify whether the identification information is tampered with during the transmission process, where the second terminal needs to recalculate the digest value and compare with the digest value provided by the sender, and if not, indicate that the data has been tampered with, which is helpful for verifying the source and integrity of the data.
In some embodiments, the method further comprises:
And carrying out serialization processing on the transmission data to obtain serialized transmission data so as to determine encrypted transmission data.
The serialization process converts the data samples into a serialization format (e.g., byte stream, etc.) to facilitate the transmission and storage process. For example, the serialization format may include one or a combination of a raw binary format, a cross-platform binary format (External Data Representation, XDR), a JSON text format, an XML markup language, and the like.
In some embodiments, the serialized data includes various data in the DDS. For example, the transmission data may be subjected to serialization processing to obtain serialized transmission data, and the identification information may be subjected to serialization processing to obtain serialized identification information. The serialized transmission data and the serialized identification information can be used for encryption to obtain encrypted identification information and encrypted transmission data.
In some embodiments of the present description, by serializing various data in the DDS, the data can be efficiently converted into a byte stream for transmission and storage in the network.
In some embodiments, the transmission data includes multiple types of sub data, and the serializing processing is performed on the transmission data to obtain serialized transmission data, including:
And carrying out serialization processing on the sub-data based on a strategy corresponding to the type of the sub-data so as to obtain serialized transmission data based on the serialized sub-data.
The corresponding strategy is a preset method and rule for serialization processing.
Sub-data is a portion of the transmission data, each sub-data corresponding to a particular data type. The data types may include descriptive information, point data, and the like.
In some embodiments, different types of sub-data correspond to different serialization processes. The serialization process may include Boost serialization, cdr serialization, etc., where Boost serialization is used for serialization of complex data and custom type data, and supports serialization in text, binary, and XML formats.
Boost serialization supports multiple formats of data, is time consuming, may be slow when serializing complex data, and is suitable for use in situations where the data of complex c++ objects need to be serialized, where performance or memory occupation requirements are low, or where compatibility of applications of different versions needs to be considered.
Cdr serialization adopts a static structure design, eliminates the process of data copying and buffer area reassignment, and is suitable for scenes with higher requirements on performance, such as real-time communication systems and application programs which need to process a large amount of data, and application prospects with higher requirements on transmission speed.
In some embodiments, the manner of serialization processing may also be selected according to the actual circumstances. For example, cdr serialization may be selected when high performance, low latency is considered, and the data structure is relatively fixed. Boost serialization may be selected when ease of use is considered.
In some embodiments, serializing the child data based on a policy corresponding to a type of child data includes:
And carrying out first serialization processing on the first type of sub data to obtain serialized first type of sub data.
In some embodiments, the importance of the first type of sub-data exceeds a preset importance threshold and/or the data amount of the first type of sub-data does not exceed a preset data amount threshold, the first serialization process being used for the serialization process of the complex data.
The importance level is the importance used to characterize the sub-data. In some embodiments, the importance level may be represented as a numerical value (e.g., importance value, etc.) or a ranking (e.g., importance ranking).
The preset importance threshold is a threshold condition for judging the importance of the sub-data. The preset data amount threshold may be a system default value, an empirical value, an artificial preset value, or any combination thereof, and may be set according to actual requirements, which is not limited in this specification.
The data amount is used to characterize the size or number of sub-data. The data amount may be expressed in units of Bytes (Bytes), kilobytes (KB), megabytes (MB), gigabytes (GB), and the like.
The preset data amount threshold is a threshold condition for judging the data amount size of the sub data. The preset data amount threshold may be a system default value, an empirical value, an artificial preset value, or any combination thereof, and may be set according to actual requirements, which is not limited in this specification.
In some embodiments, the first serialization process is Boost serialization.
In some embodiments, the first type of sub-data includes descriptive information of the transmission data.
The descriptive information is used to provide instructions or notes about the transmitted data. For example, the descriptive information may include the source of the data (e.g., sensor ID), the time of generation of the data (e.g., timestamp), the use of the data (e.g., descriptive field), etc.
In some embodiments of the present description, the description information generally does not occupy too much space, and more complex serialization methods can be employed without affecting performance to ensure data security and efficient transmission.
In some embodiments, serializing the child data based on a policy corresponding to a type of child data includes:
And carrying out second serialization processing on the sub data of the second type to obtain the serialized sub data of the second type.
In some embodiments, the importance of the sub-data of the second type does not exceed a preset importance threshold and/or the data amount of the sub-data of the second type exceeds a preset data amount threshold, the second serialization process being a binary serialization process.
In some embodiments, the first serialization process is cdr serialization.
In some embodiments, the second type of sub-data includes a plurality of point data of the transmission data.
Point data refers to numerical or status information associated with a measurement point or data point. The plurality of point data may exist in the form of an array or list, each element of the array or list representing one point data. Each point data may be a structured object containing multiple fields (e.g., location ID and value, etc.).
In some embodiments of the present disclosure, the amount of dot data is large, and efficient serialization processing is required to ensure compactness and transmission efficiency of the data.
In some embodiments, the serialized transmission data may be derived based on the serialized first type of sub-data and the serialized second type of sub-data.
In the DDS communication of the vehicle, the upper computer is a subscriber, and the lower computer (such as a domain controller) is used as a publisher to collect data and place the data, and each frame of transmission data contains a time stamp, a speed, an angular speed and other description information describing the transmission data of each frame, each frame of transmission data can correspond to one piece of description information, the importance of the description information is higher, and the description information can be serialized by adopting the boost serialization.
And for the point data of each frame transmission data in the radar point cloud and the image data, the data volume is larger, and a large amount of point data of the landing disc has a certain pressure on software and hardware, and cdr serialization can be adopted to carry out serialization processing on a plurality of point data.
The risk of a single attack path can be reduced by adopting two or more ways of serialization processing. An attacker needs to understand and crack various serialization formats and combination modes thereof, so that the attack difficulty is increased. For the types of sub-data such as Lei Dadian cloud data, image point data and the like, a serialization processing mode different from the description information is adopted. By combining cdr and Boost serialization processes, the transmitted data can be prevented from being tampered in the serialization process and the deserialization process, even if the description information of one frame of transmitted data is decrypted and deserialized by an attacker, compared with radar point cloud data and image point data which cannot be deserialized by the attacker in the same serialization mode, the communication safety is improved.
In some embodiments, the method further comprises:
and encrypting the transmission data based on an encryption algorithm corresponding to the first residence time of the transmission data to obtain encrypted transmission data.
The first dwell time refers to the time that the transmission data stays in a certain phase. For example, the first dwell time is the time when the transmission data is queued in the transmission queue, or the first dwell time is the processing time of the transmission queue to which the transmission data corresponds.
And selecting a different encryption algorithm to encrypt the transmission data according to the different first stay time. For example, if the transmission data remains in the transmission queue for a longer time, a faster encryption algorithm may be selected, and if the transmission data remains in the transmission queue for a shorter time, a safer but slower encryption algorithm may be selected.
In some embodiments, the first dwell time may be determined in a variety of ways, for example, the first dwell time may be determined based on a priori knowledge or historical data.
In some embodiments, encrypting the transmission data based on an encryption algorithm corresponding to a first dwell time of the transmission data to obtain encrypted transmission data includes:
And under the condition that the first stay time is smaller than or equal to a first preset time threshold value, encrypting the transmission data based on a first encryption algorithm to obtain encrypted transmission data, wherein the processing time required by the first encryption algorithm is larger than or equal to a second preset time threshold value.
In some embodiments, encrypting the transmission data based on an encryption algorithm corresponding to a first dwell time of the transmission data to obtain encrypted transmission data includes:
and under the condition that the first stay time is larger than a first preset time threshold value, encrypting the transmission data based on a second encryption algorithm to obtain encrypted transmission data, wherein the processing time required by the second encryption algorithm is smaller than the second preset time threshold value.
The first preset time threshold is a predefined threshold condition that determines the magnitude of the first dwell time. The first preset time threshold may be a system default value, an empirical value, an artificial preset value, or any combination thereof, and may be set according to an actual requirement, which is not limited in this specification.
In some embodiments, the first preset time threshold may be determined according to the processing capabilities of the second terminal. For example, the first preset time threshold may be a reception processing time of the second terminal, wherein the reception processing time=an average processing time of the second terminal multiplied by a reception frame rate.
The average processing time of the second terminal refers to the time required by the second terminal to process each frame of transmission data. The average processing time of the second terminal reflects the processing capability of the second terminal, which may be in milliseconds (ms) or seconds(s).
The reception frame rate refers to the number of frames of transmission data received by the second terminal in a unit time, and may be in frames per second (fps).
The second preset time threshold is a threshold condition for evaluating the magnitude of the processing time required for the encryption algorithm. The second preset time threshold may be a system default value, an empirical value, an artificial preset value, or any combination thereof, and may be set according to an actual requirement, which is not limited in this specification.
The first encryption algorithm may provide higher security but may require more processing time and computing resources. The second encryption algorithm may provide faster processing speed but may be less secure than the first encryption algorithm.
In some embodiments, the first dwell time is determined based on a data source from which the data is transmitted.
The different data sources, corresponding to the different first residence times, may be determined based on experimentation or experience.
In some embodiments, the method further comprises:
And obtaining the first residence time according to the average processing time, the preset coefficient corresponding to the data source and the length of the queue where the transmission data are located.
The average processing time for calculating the first residence time is the average processing time of the first terminal.
The average processing time refers to the time required for the first terminal to transmit data per frame in an average manner when processing and encrypting. In some embodiments, the average processing time may be obtained through historical data statistics, or may be dynamically adjusted through real-time monitoring.
The preset coefficient is a preset value for adjusting the calculation result of the first dwell time. The preset coefficients can be determined based on factors such as the data source of the transmitted data, or can be set according to actual requirements and experience.
In some embodiments, the preset coefficients corresponding to different data sources (such as radar sensors, image acquisition devices, etc.) are different, and the corresponding relationship can be determined based on experiments or experience, and the preset coefficients reflect the complexity of encryption of the transmission data of the different data sources.
The length of the transmission data queue indicates the number of transmission data queued for transmission in the current transmission queue.
Illustratively, the radar data and the image data are determined based on a first dwell time and a reception processing time of transmission data of different data sources:
For radar data, when the first dwell time of the radar data is less than or equal to the receive processing time, which indicates that the DDS communication can handle the encryption task of the radar data, the system load is lower and the possibility of blocking is lower, then a more complex encryption algorithm (e.g., serpent) is selected, and when the first dwell time of the radar data is greater than the receive processing time, which indicates that the system load is higher or the transmit queue is too long, then a lighter encryption algorithm (e.g., XTEA) is selected.
For image data, when the first dwell time of the image data is less than or equal to the receive processing time, which indicates that the DDS communication can handle the encryption task of the image data, the system load is lower and the possibility of blocking is lower, then a more complex encryption algorithm (such as Serpent) is selected, and when the first dwell time of the image data is greater than the receive processing time, which indicates that the system load is higher or the transmit queue is too long, then a lighter encryption algorithm (such as XTEA) is selected.
In some embodiments of the present disclosure, by determining and differentiating queue lengths of different data sources and average processing time of a first terminal, and multiplying the average processing time by different preset coefficients, a first residence time of transmission data of different data sources is calculated, so that queuing time of transmission data of different sources can be accurately estimated, and according to residence time and receiving processing time, an appropriate encryption algorithm is dynamically selected, so that a situation that no frame is blocked or lost is ensured, and smooth processing of real-time data can be ensured.
Fig. 4 is an exemplary flow chart of yet another data communication method according to some embodiments of the present description. In some embodiments, the process may be performed based on the second terminal. As shown in fig. 4, the flow includes the following steps.
Step 410, decrypting the identification field in the encrypted data transmitted by the first terminal, to obtain decrypted identification information.
Step 420, decrypt the data field in the encrypted data to obtain decrypted transmission data.
The encrypted data refers to encrypted transmission data transmitted by the first terminal. The identification field indicates encrypted identification information in the encrypted data. The data field indicates encrypted transmission data among the encrypted data.
In some embodiments, the second terminal may extract the identification field and the data field of the encrypted data according to a flag bit in the encrypted data or according to a preset byte length. For example, the first 32 bytes may be used as the identification field, and all bytes of content later may be used as the data field.
In some embodiments, the second terminal may decrypt the identification field and the data field using a corresponding decryption algorithm, resulting in decrypted identification information and decrypted transmission data.
In some embodiments of the present description, the security of data in DDS communications is increased by decrypting the identification field and the data field separately. Even if an attacker can decrypt the identification field containing meta-information about the transmitted data, such as data type, data source, etc., no access to the actual data content is possible. By encrypting the identification field, meta information can be hidden, reducing the chance of an attacker obtaining useful information.
In some embodiments, the identification field includes a first identification field and a second identification field, resulting in decrypted identification information, including:
decrypting the first identification field based on a first decryption mode corresponding to the first encryption mode to obtain decrypted first identification information;
and decrypting the second identification field based on a second decryption mode corresponding to the second encryption mode to obtain decrypted second identification information.
The first identification field is a part of the identification field for indicating a data type of the encrypted data.
The second identification field is a portion of the identification field that indicates the source of the encrypted data.
In some embodiments, the first decryption means may be implemented in a variety of ways, e.g. the first decryption means may comprise any one or a combination of a defrobation process, a rearrangement, an exclusive-or process, depending on the first encryption means.
In some embodiments, the first encryption mode includes a confusion process, a rearrangement process, and an exclusive-or process, and decrypting the first identification field based on a first decryption mode corresponding to the first encryption mode to obtain decrypted first identification information, including:
performing exclusive-or processing on a plurality of data units in a first identification field based on a key with a preset length to obtain first decryption information;
Rearranging the plurality of data units in the first decryption information to obtain second decryption information;
And obtaining a target data unit associated with the associated information based on the associated information in the second decryption information and a preset mapping relation to obtain third decryption information serving as first decrypted identification information.
The first decryption information is the first identification field after exclusive-or. The second decryption information is the rearranged first identification field. The third decryption information is the first identification field after confusion.
For example, in encrypting, the confused first identification information is set as [ D_0, D_1, & gt, D_ { n-1} ], wherein D_0, D_1, & gt, D_ { n-1} are respectively data units, the order of the data units of the confused first identification information is rearranged according to the sequence, the arranged first identification information [ P_0, P_1, & gt, P_ { n-1} ], a key which is equal to the data length of the arranged first identification information is created, the key can be a byte array which is generated randomly, and exclusive OR operation is carried out on each data unit and the corresponding key part in the ordered first identification information one by one to realize encryption. Specifically, the first identification information [ p_0, p_1, ], p_ { n-1} ] and the key [ k_0, k_1, ], k_ { n-1} ], which are arranged, are exclusive-ored one by one, and the generated exclusive-ored first identification information is [ p_0 ζ_0, p_1 ζ_1, ], p_ { n-1} { k_ { n-1} ].
The sequence of original data units is disturbed by using index replacement and exclusive-or operation, and each data unit is encrypted based on a secret key, so that the safety of identification information is further ensured, the calculated amount during decryption is not increased, and the decryption efficiency is improved.
When encrypting, each data unit performs exclusive-or operation with the corresponding value in the key, and when decrypting, the same exclusive-or operation is required to be performed again, so as to obtain the original identification information.
For the first identification field [ e_0, e_1, ], e_ { n-1} ] and the key [ k_0, k_1, ], performing byte-by-byte exclusive-or operation to obtain the first identification field [ e_0 ζ_0, e_1 ζ k_1, ], e_ { n-1} { k_ { n-1} ], after exclusive-or. Due to the nature of the exclusive-or operation, e_i k_i k_i=e_i, the exclusive-ored first identification field may theoretically be identical to the arranged first identification information.
And restoring the first identification field after exclusive or to the sequence corresponding to the original first identification information, namely the confused first identification information, by using the same sequence. For example, the first identification field after re-exclusive or may be [ p_0, p_1, p_ { n-1} ], and then, when decrypting, it is restored to the original order according to the corresponding order sequence, and the first identification field after re-arrangement may be [ d_0, d_1, d_ { n-1} ].
The second terminal may further decrypt based on the rearranged first identification field [ d_0, d_1, ], d_ { n-1} ] and the locally stored confusion matrix to obtain a defrobulated first identification field as decrypted first identification information.
It will be appreciated that the key of the preset length used by the second terminal corresponds to the key of the preset length used by the first terminal.
In some embodiments, decrypting the data field in the encrypted data results in decrypted transmitted data, including:
Carrying out hash processing on the decrypted identification information to obtain a second abstract value corresponding to the decrypted identification information;
and determining whether the second digest value is consistent with the digest field in the encrypted data so as to decrypt the data field in the encrypted data, thereby obtaining decrypted transmission data.
The second digest value is used for representing a character string obtained by hashing the decrypted identification information.
The abstract field is used for representing a character string obtained after the first terminal hashes the identification information.
In some embodiments, the hash process may be implemented based on a hash algorithm, e.g., SHA-256, MD5, etc.
For example, to ensure that the identification information is not tampered, an integrity checking mechanism may be used in the encryption process, such as performing a hash operation on the original identification information, and comparing again using the hash operation in decryption, where if the integrity check is passed, it indicates that the identification information is successfully decrypted, and otherwise, it indicates that the identification information has an error in the transmission or storage process.
The identification field is exemplified by/xxx/xxx/xxx-000000, wherein 000000 may represent a digest field corresponding to the identification information, the subscriber may decrypt the identification field to obtain decrypted identification information, hash the decrypted identification information to obtain a second digest value, and determine whether the second digest value is consistent with the digest field in the encrypted data. The description of the identification field above is for illustrative purposes only and is not intended to be limiting of the identification field.
In some embodiments, the second terminal may establish a secure communication link with the first terminal, obtain the first symmetric key, and decrypt the second identification field through a symmetric decryption algorithm based on the first symmetric key, to obtain decrypted second identification information. The symmetric decryption algorithm corresponds to a symmetric encryption algorithm in which the first terminal encrypts the second identification information.
In some embodiments of the present description, the integrity of the encrypted transmission data is facilitated by comparing the digest field to the second digest value.
In some embodiments, decrypting the data field in the encrypted data to obtain decrypted transmitted data includes:
And when the second digest value is consistent with the digest field in the encrypted data, decrypting the data field in the encrypted data to obtain decrypted transmission data.
In some embodiments, when the second digest value is consistent with the digest field in the encrypted data, determining that the encrypted data is the data of the subject required by the second terminal, decrypting the data field in the encrypted data, and obtaining the decrypted transmission data.
In some embodiments of the present description, the determination of whether the encrypted data is data of the subject matter required by the second terminal is facilitated by analyzing the second digest value with a digest field in the encrypted data.
In some embodiments, decrypting the data field in the encrypted data results in decrypted transmitted data, including:
and decrypting the data field in the encrypted data based on a decryption algorithm corresponding to the encryption algorithm used by the first terminal to obtain decrypted transmission data.
In some embodiments, the first terminal (publisher) may record information about the encryption algorithm used in the encrypted data and communicate the information of the encryption algorithm to the second terminal (subscriber), which may determine the encryption algorithm used by the first terminal by parsing the encrypted data. For example, the first terminal may configure information of the encryption algorithm in an identification field of the encrypted data. The first terminal may determine the encryption algorithm corresponding to the transmission data based on the first dwell time, and for more content on determining the corresponding encryption algorithm based on the first dwell time, reference may be made to the relevant description above.
In the DDS communication process, the related technology adopts a method of uniformly encrypting the serialized transmission data by using a common encryption algorithm (such as a symmetric encryption algorithm ae) without distinguishing different data sources. However, when a certain encryption algorithm is fixed in an application program and the data volume of the transmission data at a certain moment is too large, the problems of reduced transmission rate, transmission blockage, excessive time consumption of the upper computer for receiving, decrypting and deserializing the data, frame loss and the like may be caused. Or when the data volume of the transmission data is not very large, if the current hardware configuration is very good, namely, the bandwidth, the domain controller and the upper computer are all good, the problem of insufficient utilization of hardware resources exists. The embodiment of the application adopts the stay time in the queue problem to estimate the time consumption and the probability of frame loss possibly caused by encryption or decryption, and dynamically adjusts the related encryption algorithm so as to balance encryption and ensure the balance between no frame loss.
In some embodiments, the decrypted transmitted data comprises a plurality of types of sub-data, the method further comprising:
And performing deserialization processing on the sub-data based on a strategy corresponding to the type of the sub-data so as to obtain deserialized transmission data based on the deserialized sub-data.
For example, the first type of sub-data in the decrypted transmission data is subjected to a first deserialization process, the first deserialization process corresponds to the first serialization process to obtain the deserialized first type of sub-data, and the second type of sub-data is subjected to a second deserialization process, the second deserialization process corresponds to the second serialization process to obtain the deserialized second type of sub-data.
Illustratively, performing operation on the description information by adopting boost deserialization to obtain deserialized first-type sub-data, and performing operation on the plurality of point data by adopting cdr deserialization to obtain deserialized second-type sub-data; and obtaining the deserialized transmission data based on the deserialized first type of sub-data and the deserialized second type of sub-data.
In some embodiments, the original transmission data sent by the first terminal may be obtained according to the deserialized transmission data, for example, the deserialized transmission data may be used as the original transmission data sent by the first terminal. Different sub-data can use the serialization/anti-serialization mode which is most suitable for the content of the sub-data, so that the communication efficiency is improved.
In some embodiments of the present disclosure, a subscriber performs deserialization processing on sub-data using a corresponding policy according to the type of the sub-data, so as to recover original transmission data, and performs deserialization based on the type of the sub-data, so that the subscriber can more efficiently, flexibly and reliably process received encrypted data, ensure security and integrity of the data, and improve overall performance and maintainability of a system.
In some embodiments, the method further comprises:
Creating a corresponding thread based on the relation between the second residence time of the encrypted data and a third preset time threshold value, so as to decrypt the identification field in the encrypted data transmitted by the first terminal based on the thread, obtain decrypted identification information, and decrypt the data field in the encrypted data to obtain decrypted transmission data.
The second dwell time refers to the time that the encrypted data stays in a certain stage (e.g., in a queue or in a processing buffer).
The third predetermined time threshold is a predetermined time value for determining whether a new thread needs to be created to process the encrypted data. The third preset time threshold may be preset according to parameters such as average processing capability, frame rate, quality of service (QoS) requirements of the second terminal, and the like. The third preset time threshold may also be dynamically adjusted, for example, based on historical data or real-time monitoring results.
In some embodiments, the second terminal may calculate the second residence time based on a similar manner as the determination of the first residence time. For more on the first dwell time, see the relevant description above.
In some embodiments, creating the corresponding thread based on the relationship of the second dwell time of the encrypted data to the third preset time threshold comprises:
Creating a first thread and a second thread when the second dwell time is greater than or equal to a third preset time threshold,
The first thread is used for receiving encrypted data transmitted by the first terminal;
the second thread is used for executing the step of decrypting the identification field in the encrypted data transmitted by the first terminal to obtain decrypted identification information so as to decrypt the data field in the encrypted data to obtain decrypted transmission data.
Aiming at the problem that the time consumption for decrypting the data-disc-falling data is long in the DDS communication process, when a processor is in an occupied state, new data cannot be subscribed and released in time, and especially when a complex encryption algorithm (or decryption algorithm) is used for processing data with large data quantity, the problem of frame loss can be caused. According to the embodiment of the application, a reasonable third preset time threshold is set through the residence time in the queue problem, and under the condition that the second residence time of certain frame data is too high, four steps of subscribing data, acquiring data, decrypting data and landing data of an upper computer are divided into two multi-thread operation modes, namely main thread subscribing data, acquiring data, sub-thread decrypting data and landing data, so that resource preemption of subscribing data-acquiring data in the process of decrypting the data-landing data is reduced, and the occurrence of frame loss is reduced.
In some embodiments, the DDS communication environment in the second terminal may be initialized prior to performing the DDS communication, e.g., a base environment such as a participant, theme, and data reader configuring the DDS communication.
The first thread may act as a main thread for subscribing to the data for transmission of a particular topic. The subscriber, after receiving the encrypted data of the specific topic, places the encrypted data into a queue of the second thread for processing by the second thread.
The second terminal obtains the encrypted transmission data (i.e. the encrypted data), formats or packages the encrypted transmission data into a proper intermediate format, and stores the encrypted transmission data in a queue. Each time new encrypted data is written into the queue, the queue informs the sub-thread that the new encrypted data needs to be processed, and the high efficiency and the continuity of the encrypted data acquisition are ensured.
The second thread can be used as a sub-thread for decrypting encrypted data and dropping, for example, the sub-thread takes data from the queue to perform decryption operation. In order to ensure that the decryption processing time is short, a high-efficiency decryption algorithm is used, and integrity verification is carried out on the decrypted data, the second thread can also convert the decrypted transmission data into a format suitable for writing in a database, and the decrypted transmission data is written in a database file. For example, batch or transactional write approaches may be used to reduce the impact of I/O operations on performance.
In some embodiments, asynchronous I/O methods may be used when data is dropped in order to better utilize system resources. If the data amount is large, it is considered to process a plurality of data in batch to reduce the number of operations. The sub-thread notifies the main thread after the operation is completed to prevent task accumulation, and implements an error handling mechanism such as logging and retry when decryption or landing fails.
In some embodiments, qoS (Quality of Service ) policies may be configured to tailor behavior in DDS communications to application requirements, such as reliability, persistence, history, etc. attributes. Different application scenarios may require different QoS policies to be set to optimize performance or to meet specific functional requirements.
In some embodiments, a DDS event handling mechanism may be used, for example, to achieve more efficient data arrival processing through callback functions. Data structures of blocking queues or other threads may also be used to manage data transfer across threads.
In some embodiments, the system load may be evaluated, dynamically adjusting the number of threads in the publisher-subscriber pattern, ensuring optimal utilization of system resources.
It should be noted that the above description of the flow is only for the purpose of illustration and description, and does not limit the application scope of the present specification. Various modifications and changes to the flow may be made by those skilled in the art under the guidance of this specification. However, such modifications and variations are still within the scope of the present description.
Fig. 5 is a schematic diagram of a data communication system according to some embodiments of the present description.
As shown in fig. 5, in one or more embodiments of the present disclosure, a schematic structural diagram of a data communication system is also provided. The data communication system may include a first terminal and a second terminal. The first terminal and the second terminal may communicate through the DDS.
DDS communication is data-centric, with a theme (topic) being an identifier that uniquely identifies certain data. Messages of a particular topic have a certain data type, which is defined by a base type char, byte, int or the like. By way of example, the topic may be "TEXT" and the message of the topic may be of the data type char. The DDS provides a message interface for defining a message format and a data type of a received message, and the DDS provides a message interface including a write (write) interface, a read (read) interface, and the like.
The communication mode of DDS is a publisher-subscriber model that divides the system into logically independent domains (domains), each domain containing entities (entities) that complete the publishing, subscribing and other interaction tasks of data. The entities include domain participants (domain participant), publishers (publishers), subscribers (subscribers), topics, data writers (DATA WRITER), and data readers (DATA READER).
A domain is a scope concept that is uniquely identified by a domain number (domain ID), and typically, entities within the same domain can only communicate, and there is typically no logical relationship between entities within different domains. The domain participant serves as an entry for the DDS for creating a theme and registering a data type. Managing publishers, subscribers, and other entities.
The publisher is responsible for managing (e.g., creating, deleting) the data writers. The publisher may declare the type of data, the topic of the data it produces and describe the registration declaration information such as QoS provided when registering the publisher declared as data in the DDS. Subscribers are responsible for managing (e.g., creating, deleting) data readers. The subscriber can declare the required data type, topic, qoS and other registration declaration information when registering the subscriber declared as data in the DDS.
Topics are topics agreed upon when a first terminal (publisher) and a second terminal (subscriber) communicate with each other, each of which can be bound to one topic. The topics between the publishers and subscribers in communication with each other are the same. When the message communication mode is a topic mode, the topic includes a topic identifier. When the message communication mode is a method mode, the topic includes a method identifier. When the message communication mode is a parameter mode, the theme includes a parameter identifier.
The first terminal and the second terminal may be respectively configured to execute the steps in the embodiments corresponding to the data communication method, and specific implementation manners of these terminals and more details may refer to corresponding method portions, which are not described herein in detail.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
Fig. 6 is a schematic structural diagram of an electronic device according to some embodiments of the present description. As shown in fig. 6, the electronic device 600 may include a processor 601, a memory 602. The electronic device 600 may also include one or more of a multimedia component 603, an input/output (I/O) component 604, and a communication component 605. In this embodiment, the electronic device 600 may be a device for implementing the data communication method provided in this embodiment.
Wherein the processor 601 is configured to control the overall operation of the electronic device 600 to perform all or part of the steps of the data communication method described above. The memory 602 is used to store various types of data to support operations at the electronic device 600, which may include, for example, instructions for any application or method operating on the electronic device 600, as well as application-related data, such as contact data, transceived messages, pictures, audio, video, and the like. The Memory 602 may be implemented by any type or combination of volatile or non-volatile Memory devices, such as static random access Memory (Static Random Access Memory, SRAM), electrically erasable programmable Read-Only Memory (ELECTRICALLY ERASABLE PROGRAMMABLE READ ONLY MEMORY, EEPROM), erasable programmable Read-Only Memory (Erasable Programmable Read Only Memory, EPROM), programmable Read-Only Memory (Programmable Read Only Memory, PROM), read Only Memory (ROM), magnetic Memory, flash Memory, magnetic disk, or optical disk. The multimedia component 603 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen, the audio component being for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signals may be further stored in the memory 602 or transmitted through the communication component 605. The audio assembly further comprises at least one speaker for outputting audio signals. The I/O component 604 provides an interface between the processor 601 and other interface modules, which may be a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 605 is used for wired or wireless communication between the electronic device 600 and other devices. Wireless communications, such as Wi-Fi, bluetooth, near Field Communication (NFC), 2G, 3G, 4G, narrowband internet of things (Narrow Band Internet of Things, NB-IOT), enhanced narrowband internet of things (eMTC), or other 5G, etc., or one or a combination of more of these, are not limited herein.
In an exemplary embodiment, the electronic device 600 may be implemented by one or more Application-specific integrated circuits (ASICs), digital signal processors (DIGITAL SIGNAL processors, DSPs), digital signal processing devices (DIGITAL SIGNAL Processing Device, DSPDs), programmable logic devices (Programmable Logic Device, PLDs), field programmable gate arrays (Field Programmable GATE ARRAY, FPGA), controllers, microcontrollers, microprocessors, or other electronic elements for performing the data communication methods described above.
In another exemplary embodiment, there is also provided a computer-readable storage medium having stored thereon a computer program of instructions which, when executed by a processor, implement the steps of the data communication method described above. For example, the computer readable storage medium may be the memory 602 including program instructions executable by the processor 601 of the electronic device 600 to implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present application;
Or, the instructions, when executed by a computer, implement or perform the methods, steps, and logical blocks disclosed in embodiments of the present application.
In another exemplary embodiment, a computer program product is also provided, comprising a computer program or instructions which, when executed by a processor, implement the steps of the data communication method described above. For example, the computer program product may be a memory 602 including a computer program as described above, which is executable by the processor 601 of the electronic device 600 to implement or perform the methods, steps and logic blocks disclosed in embodiments of the present application;
Or, the instructions, when executed by a computer, implement or perform the methods, steps, and logical blocks disclosed in embodiments of the present application.
Fig. 7 is an exemplary schematic diagram of a vehicle according to some embodiments of the present disclosure.
As shown in fig. 7, the present application further provides a vehicle, where an electronic device, or a data communication system, or a terminal provided in any of the foregoing embodiments is provided, where the electronic device is configured to perform the steps of the data communication method provided in any of the foregoing embodiments. The vehicle may be a fuel-oil vehicle, a plug-in hybrid vehicle, a new energy vehicle, or the like, which is not particularly limited in this specification.
In one embodiment, the vehicle may be configured in a fully or partially autonomous mode. For example, the vehicle may control itself while in the automatic driving mode, and the current state of the vehicle and its surrounding environment may be determined by human operation, the possible behavior of at least one other vehicle in the surrounding environment may be determined, and a confidence level corresponding to the likelihood that the other vehicle performs the possible behavior may be determined, and the vehicle may be controlled based on the determined information. When the vehicle is in the autonomous mode, the vehicle may be placed into operation without interaction with a person.
In the description of the present application, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more features. In the description of the present application, the meaning of "a plurality" is two or more, unless explicitly defined otherwise.
The embodiments, the implementation modes and the related technical features of the application can be mutually combined and replaced under the condition of no conflict.
Although the embodiments of the present application are described with emphasis on each embodiment, and the details of some embodiments may be referred to the related embodiments of other embodiments, any simple modification, equivalent variation and modification of the above embodiments according to the technical principles of the present application will still fall within the scope of the technical solutions of the present application.