US 11,936,689 B2
Transmission of data or messages on board a vehicle using a SOME/IP communication protocol
Fulvio Risso, Manta (IT); Fulvio Valenza, Turin (IT); Riccardo Sisto, Turin (IT); Marco Iorio, Villafranca Piemonte (IT); Massimo Reineri, Turin (IT); and Alberto Buttiglieri, Mappano (IT)
Assigned to POLITECNICO DI TORINO, Turin (IT); and ITALDESIGN-GIUGIARO S.P.A., Turin (IT)
Appl. No. 17/605,188
Filed by ITALDESIGN-GIUGIARO S.P.A., Turin (IT); and POLITECNICO DI TORINO, Turin (IT)
PCT Filed Apr. 23, 2020, PCT No. PCT/IB2020/053851
§ 371(c)(1), (2) Date Oct. 20, 2021,
PCT Pub. No. WO2020/217202, PCT Pub. Date Oct. 29, 2020.
Claims priority of application No. 102019000006242 (IT), filed on Apr. 23, 2019.
Prior Publication US 2022/0201039 A1, Jun. 23, 2022
Int. Cl. H04L 29/06 (2006.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/164 (2013.01) [H04L 9/3242 (2013.01); H04L 9/3247 (2013.01); H04L 9/3268 (2013.01); H04L 63/0869 (2013.01); H04L 2209/84 (2013.01)] 10 Claims
OG exemplary drawing
 
1. A method for transmitting data or messages on a communications network on board a vehicle between a requesting entity requesting a service instance and an offering entity offering a service instance using a Service Oriented Middleware over Internet Protocol (SOME/IP) communication protocol, in which said offering entity provides a response as a result of a request by said requesting entity, or in which said offering entity provides periodic notifications or notifications triggered by events as a result of a subscription to a service by said requesting entity,
wherein an authorization to said requesting entity and to said offering entity to access the service instance is predefined by a certification body external to the vehicle, which issues a pre-assigned certificate of said requesting entity and said offering entity, wherein the pre-assigned certificate of said offering entity further assigns a minimum security level to said service for the offering entity among a plurality of predetermined security levels and the pre-assigned certificate of said requesting entity assigns a minimum security level to said service for the requesting entity among said plurality of predetermined security levels, wherein said plurality of predetermined security levels comprises an authentication security level, in which a message authentication code encrypted with a predetermined encryption function is associated with each communication message of the service instance, and a confidentiality security level, in which each communication message includes a message authentication code encrypted with a predetermined encryption function and payload encrypted with said predetermined encryption function,
and wherein said method comprises a preliminary mutual authentication step between said requesting entity and said offering entity in view of a subsequent communication associated with the service instance, comprising:
verifying existence and mutual validity of said pre-assigned certificate of said requesting entity and of said offering entity,
verifying that security level of the service offered by the offering entity is not less than the minimum security level pre-assigned to said service at the requesting entity and at the offering entity, and
transmitting at least one communication message associated with the service instance from the offering entity to the requesting entity and vice versa based on successful security level verification and successful pre-assigned certificate verification.