(19)
(11)EP 3 159 204 B1

(12)EUROPEAN PATENT SPECIFICATION

(45)Mention of the grant of the patent:
11.12.2019 Bulletin 2019/50

(21)Application number: 16193887.3

(22)Date of filing:  14.10.2016
(51)International Patent Classification (IPC): 
B60L 50/60(2019.01)

(54)

SECURITY METHOD AND APPARATUS FOR ELECTRIC VEHICLE POWER TRANSFER SYSTEM

SICHERHEITSVERFAHREN UND VORRICHTUNG FÜR EIN LEISTUNGSÜBERTRAGUNGSSYSTEM EINES ELEKTROFAHRZEUGS

PROCÉDÉ ET APPAREIL DE SÉCURITÉ POUR SYSTÈME D'ÉCHANGE D'ÉNERGIE DE VÉHICULE ÉLECTRIQUE


(84)Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

(30)Priority: 20.10.2015 KR 20150145922

(43)Date of publication of application:
26.04.2017 Bulletin 2017/17

(73)Proprietor: Hyundai Motor Company
Seoul 06797 (KR)

(72)Inventors:
  • KIM, Do Hoon
    08015 Seoul (KR)
  • LEE, Kang Hoon
    05256 Seoul (KR)

(74)Representative: Viering, Jentschura & Partner mbB Patent- und Rechtsanwälte 
Am Brauhaus 8
01099 Dresden
01099 Dresden (DE)


(56)References cited: : 
WO-A1-2015/043247
CN-A- 102 800 133
JP-A- 2009 282 758
CN-A- 102 184 575
JP-A- 2003 196 755
  
  • Efacec: "On Board Controller", electromobility.efacec.com , 1 July 2015 (2015-07-01), XP002764648, Retrieved from the Internet: URL:http://electricmobility.efacec.com/wp- content/uploads/2015/07/onboard-controller .pdf [retrieved on 2015-07-01]
  
Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art. 99(1) European Patent Convention).


Description

BACKGROUND


1. Technical Field



[0001] The present disclosure relates to security technology for a vehicle, and more particularly, to a security method and apparatus for an electric vehicle (EV) power transfer system, which can prevent charging and authentication of an EV by unauthorized persons, thus protecting privacy information and financial information stored in a controller installed in the EV.

2. Description of the Related Art



[0002] Various tasks are undertaken for preparing charging and authentication in a next-generation vehicle charging system used for environment-friendly vehicles such as electric vehicles (EV), plug-in EVs, and plug-in hybrid EVs. With regard to an EV charging system, there is a possibility that privacy information and/or financial information are applied to a controller installed in a vehicle.

[0003] Meanwhile, theft or loss of a controller in the vehicle, access by unauthorized persons, or abuse of the controller in the aftermarket may result in cases in which the controller of a specific user can be used in other cars.

[0004] Thus, some vehicle makers have proposed a way in which a charging process is undertaken after an in-vehicle controller is authenticated by an external charger, and charging fees are settled after completion of the charging process. A plug and charge (PnC) proposed by the RWE and Daimler in Germany is one of the representative methods.

[0005] However, even when an in-vehicle controller is authenticated before starting a charging process between an EV and an external charger, it is impossible to identify a case in which a stolen controller is installed in a different car.

[0006] Therefore, it is desirable to develop security methods and apparatuses for the in-vehicle controller storing privacy information and/or financial information in the EV charging system.

[0007] Document WO2015043247 discloses an authentication method for a vehicle-mounted charging device and a charging column.

[0008] Document CN102184575 discloses an authentication method for an intelligent transportation system, namely for performing fee deduction at a toll station.

SUMMARY



[0009] Example embodiments of the present disclosure provide a security method and apparatus for an EV wireless power transfer system, which can identify whether an in-vehicle controller originally belongs to a vehicle or not before a charging mechanism between an EV and an external charger is started.

[0010] Example embodiments of the present disclosure also provide a security method and apparatus for an EV wireless power transfer system, which can effectively prevent a process of charging a fee and/or authentication for an EV when privacy information and/or financial information stored in an in-vehicle controller are stolen or lost.

[0011] In order to achieve the above-described objectives, an aspect of the present disclosure provides a security method for an electric vehicle (EV) power transfer system, performed by a charging controller installed in an EV. The method may comprise receiving a start signal for charging the EV from a communication controller installed in the EV or an external charger; receiving an authentication request from the communication controller; authenticating second key information included in the authentication request based on first key information by comparing the first key information and the second key information; and starting a charging process when the authentication succeeds, wherein the first key information is learned or stored beforehand in the charging controller.

[0012] Also, the method may further comprise, after the authenticating, blocking the charging process when the authentication is determined as failed.

[0013] Here, the method may further comprise, after the blocking, outputting a warning message.

[0014] Here, in the receiving the authentication request, the second key information may be received through a controller area network (CAN) communication or an Ethernet communication.

[0015] Also, the method may further comprise, after starting the charging process, performing and completing the charging process in a conductive manner or wireless power transfer manner through command and control communications with an external charger connected via the communication controller; and performing a process for charging a fee based on an amount of power supplied from the external charger to the EV by using privacy information or financial information corresponding to the first key information and second key information.

[0016] In order to achieve the above-described objective, another aspect of the present disclosure provides a security method for an electric vehicle (EV) power transfer system, performed by a charging authentication apparatus installed in an EV. The method may comprise receiving, by a charging controller of the charging authentication apparatus, an authentication request from a communication controller installed in the EV; and in response to the authentication request, transmitting third key information which is learned or stored beforehand to the charging controller installed in the EV, wherein the charging controller authenticates the third key information based on first key information which is learned or stored beforehand, and proceeds with a charging process when the authentication succeeds.

[0017] Also, the method may further comprise, before the receiving the authentication request, receiving a start signal for charging the EV from an external charger or the communication controller.

[0018] Also, the third key information may include key information identical to an identifier or a random number stored in at least one of a controller of the EV, a smart key system control part of the EV, and an engine controller of the EV, and the charging authentication apparatus may be installed in the EV as hidden and fixed by using a bracket.

[0019] Also, the method may further comprise, after proceeding with the charging process, receiving, by the communication controller, a request of charging a fee for an amount of power supplied from the charger to the EV during the charging process from the charger; and performing a process for charging a fee based on the amount of power supplied from the charger to the EV by using privacy information or financial information corresponding to the first key information and second key information.

[0020] In order to achieve the above-described objective, yet another aspect of the present disclosure provides a security method for an electric vehicle (EV) power transfer system, performed by a charging controller installed in an EV. The method may comprise receiving second key information from a communication controller installed in the EV, wherein the communication controller receives an authentication request from outside of the EV, and transmits the authentication request to a charging authentication apparatus installed in the EV; receiving third key information from the charging authentication apparatus, wherein the charging authentication apparatus transmits the third key information to the charging controller in response to the authentication request; and authenticating the third key information based on the second key information; and proceeding with a charging process when the authentication succeeds.

[0021] Also, the second key information or the third key information may include key information identical to an identifier or a random number stored in at least one of a controller of the EV, a smart key system control part of the EV, and an engine controller of the EV.

[0022] Also, the method may further comprise, after the authenticating, blocking the charging process when the authentication is determined as failed.

[0023] Also, the method may further comprise, before the receiving the second key information and the receiving the third key information, receiving a start signal for charging the EV from an external charger or the communication controller, wherein the start signal may include a beacon signal, a signal indicating start of network connection, or a wake on wireless local area network (WoWL) signal.

[0024] Also, the method may further comprise, after proceeding with the charging process, receiving, by the communication controller, a request of charging a fee for an amount of power supplied from the charger to the EV during the charging process from the charger; and performing a process for charging a fee based on the amount of power supplied from the charger to the EV by using privacy information or financial information corresponding to the first key information and second key information.

[0025] In order to achieve the above-described objective, yet another aspect of the present disclosure provides a computing apparatus performing a security method for an electric vehicle (EV) power transfer system. The apparatus may comprise a comparison part of a charging controller configured to receive a start signal for charging the EV from a communication controller installed in the EV or an external charger, receive an authentication request from the communication controller, and authenticate the second key information included in the authentication request based on first key information by comparing the first key information and the second key information; and a charging blocking part of the charging controller configured to authenticate or block a charging process based on a comparison result of the comparison part, wherein the first key information is learned or stored beforehand in the charging controller.

[0026] Also, the comparison part and the charging blocking part may be included in a charging controller equipped in the EV.

[0027] Also, the apparatus may further comprise an interface connecting with communication controller, wherein the interface uses a controller area network (CAN) communication in the EV.

[0028] Also, the apparatus may further include a storage part storing the first key information, the apparatus may be connected to the communication controller providing the second key information via the interface, or the apparatus may be connected to a charging authentication apparatus providing the third key information via the interface.

[0029] Also, the charging authentication apparatus may be installed in the EV as hidden and fixed by using a bracket.

[0030] Using the above-described security method and apparatus for an EV wireless power transfer system according to example embodiments of the present disclosure, it can be identified whether an in-vehicle controller originally belongs to an EV before a charging mechanism between the EV and an external charger is started. Through this, charging of the EV, according to abuse of privacy information or financial information in the EV wireless power transfer system, can be prevented, and reliability and stability of the privacy information and financial information stored in the in-vehicle controller can be greatly enhanced.

[0031] Also, using an additional charging authentication apparatus, even when the in-vehicle controller storing the privacy information and financial information is stolen or lost, the EV charging abusing them can be effectively prevented. Thus, abuse of the in-vehicle controller for the EV wireless power transfer system can be made difficult, and theft of controllers related to the EV charging can be suppressed.

BRIEF DESCRIPTION OF DRAWINGS



[0032] Example embodiments of the present disclosure will become more apparent by describing in detail example embodiments of the present disclosure with reference to the accompanying drawings, in which:

FIG. 1 is a block diagram to explain an electric vehicle power transfer system using a security method according to an example embodiment of the present disclosure;

FIG. 2 is a sequence chart to explain a security method of an EV power transfer system;

FIG. 3 is a block diagram of a security apparatus for an EV power transfer system;

FIG. 4 is a block diagram to explain an electric vehicle power transfer system using a security method according to another example embodiment of the present disclosure;

FIG. 5 is a sequence chart of a security method of an EV power transfer system according to another example embodiment of the present disclosure;

FIG. 6 is a sequence chart of a variation of a security method of an EV power transfer system according to another example embodiment of the present disclosure;

FIG. 7 is a view to explain a structure of a security apparatus which can be applied to an EV power transfer system; and

FIG. 8 is a block diagram to explain a structure of an EV wireless power transfer system to which embodiments according to the present disclosure can be applied, and a flow of wireless power transfer.


DETAILED DESCRIPTION OF THE EMBODIMENTS



[0033] Example embodiments of the present disclosure are disclosed herein. However, specific structural and functional details disclosed herein are merely representative for purposes of describing example embodiments of the present disclosure, however, example embodiments of the present disclosure may be embodied in many alternate forms and should not be construed as limited to example embodiments of the present disclosure set forth herein. While describing the respective drawings, like reference numerals designate like elements.

[0034] It will be understood that although the terms "first", "second", etc. may be used herein to describe various components, these components should not be limited by these terms. These terms are used merely to distinguish one element from another. For example, without departing from the scope of the present disclosure, a first component may be designated as a second component, and similarly, the second component may be designated as the first component. The term "and/or" include any and all combinations of one of the associated listed items.

[0035] It will be understood that when a component is referred to as being "connected to" another component, it can be directly or indirectly connected to the other component. That is, for example, intervening components may be present. On the contrary, when a component is referred to as being "directly connected to" another component, it will be understood that there is no intervening components.

[0036] Terms are used herein only to describe the exemplary embodiments but not to limit the present disclosure. Singular expressions, unless defined otherwise in contexts, include plural expressions. In the present specification, terms of "comprise" or "have" are used to designate features, numbers, steps, operations, elements, components or combinations thereof disclosed in the specification as being present but not to exclude possibility of the existence or the addition of one or more other features, numbers, steps, operations, elements, components, or combinations thereof.

[0037] All terms including technical or scientific terms, unless being defined otherwise, have the same meaning generally understood by a person of ordinary skill in the art. It will be understood that terms defined in dictionaries generally used are interpreted as including meanings identical to contextual meanings of the related art, unless definitely defined otherwise in the present specification, are not interpreted as being ideal or excessively formal meanings.

[0038] Terms used in the present disclosure are defined as follows.

[0039] It is understood that the term "vehicle" or "vehicular" or other similar term as used herein is inclusive of motor vehicles in general such as passenger automobiles including sports utility vehicles (SUV), buses, trucks, various commercial vehicles, watercraft including a variety of boats and ships, aircraft, and the like, and includes hybrid vehicles, electric vehicles, combustion, plug-in hybrid electric vehicles, hydrogen-powered vehicles and other alternative fuel vehicles (e.g. fuels derived from resources other than petroleum).

[0040] 'Electric Vehicle, EV' : A vehicle, e.g., an automobile, as defined in 49 CFR 523.3, intended for highway use, powered by an electric motor that draws current from an on-vehicle energy storage device, such as a battery, which is rechargeable from an off-vehicle source, such as residential or public electric service or an on-vehicle fuel powered generator. The EV may be four or more wheeled vehicle manufactured for use primarily on public streets, roads.

[0041] The EV may be referred to as an electric car, an electric automobile, an electric road vehicle (ERV), a plug-in vehicle (PV), a plug-in vehicle (xEV), etc., and the xEV may be classified into a plug-in all-electric vehicle (BEV), a battery electric vehicle, a plug-in electric vehicle (PEV), a hybrid electric vehicle (HEV), a hybrid plug-in electric vehicle (HPEV), a plug-in hybrid electric vehicle (PHEV), etc.

[0042] 'Plug-in Electric Vehicle, PEV': An Electric Vehicle that recharges the on-vehicle primary battery by connecting to the power grid.

[0043] 'Plug-in vehicle, PV': An electric vehicle rechargeable through wireless charging from an electric vehicle supply equipment (EVSE) without using a physical plug or a physical socket.

[0044] 'Heavy duty vehicle; H.D. Vehicle': Any four-or more wheeled vehicle as defined in 49 CFR 523.6 or 49 CFR 37.3 (bus).

[0045] 'Light duty plug-in electric vehicle': A three or four-wheeled vehicle propelled by an electric motor drawing current from a rechargeable storage battery or other energy devices for use primarily on public streets, roads and highways and rated at less than 4,545 kg gross vehicle weight.

[0046] 'Wireless power charging system, WCS': The system for wireless power transfer and control between the GA and VA including alignment and communications. This system, in the forward direction, transfers energy from the electric supply network to the electric vehicle electromagnetically through a two-part loosely coupled transformer.

[0047] 'Wireless power transfer, WPT': The transfer of electrical power from the AC supply network to the electric vehicle by contactless means.

[0048] 'Utility': A set of systems which supply electrical energy and include a customer information system (CIS), an advanced metering infrastructure (AMI), rates and revenue system, etc. The utility may provide the EV with energy through a rate table and discrete events. Also, the utility may provide information about certification on EVs, interval of power consumption measurements, and tariffs.

[0049] 'Smart charging': A system in which EVSE and/or PEV communicate with a power grid in order to optimize a charging ratio or discharging ratio of the EV by reflecting capacity of the power grid or expense of use.

[0050] 'Automatic charging': A procedure in which inductive charging is automatically performed after a vehicle is located in a proper position corresponding to a primary charger assembly that can transfer power. The automatic charging may be performed after obtaining a necessary authentication and right.

[0051] 'Interoperability': A state in which a component of a system interworks with corresponding components of the system in order to perform operations aimed by the system. Also, information interoperability may mean a capability that two or more networks, systems, devices, applications, or components can efficiently share and easily use information without giving inconvenience to users.

[0052] 'Inductive charging system': A system transferring energy from a power source to an EV through a two-part gapped core transformer in which the two halves of the transformer, primary and secondary coils are physically separated from one another. In the present disclosure, the inductive charging system may correspond to an EV power transfer system.

[0053] 'Inductive coupler' : The transformer formed by the coil in the GA Coil and the coil in the VA Coil that allows power to be transferred with galvanic isolation.

[0054] 'Inductive coupling': Magnetic coupling between two coils, which in the present disclosure, refers to coupling between the GA Coil and the VA Coil.

[0055] 'Ground assembly, GA' : An assembly on the infrastructure side consisting of the GA Coil, a power/frequency conversion unit and GA controller as well as the wiring from the grid and between each unit, filtering circuits, housing(s) etc., necessary to function as the power source of wireless power charging system. The GA may include the communication elements necessary for communication between the GA and the VA.

[0056] 'Vehicle assembly, VA' : An assembly on the vehicle consisting of the VA Coil, rectifier/power conversion unit and VA controller as well as the wiring to the vehicle batteries and between each unit, filtering circuits, housing(s), etc., necessary to function as the vehicle part of a wireless power charging system. The VA may include the communication elements necessary for communication between the VA and the GA.

[0057] The GA may be referred to as a primary device (PD), and the VA may be referred to as a secondary device (SD).

[0058] 'Primary device': An apparatus which provides the contactless coupling to the secondary device. That is, the primary device may be an apparatus external to an EV. When the EV is receiving power, the primary device may act as the source of the power to be transferred. The primary device may include the housing and all covers.

[0059] 'Secondary device': An apparatus mounted on the EV which provides the contactless coupling to the primary device. That is, the secondary device may be installed in the EV. When the EV is receiving power, the secondary device may transfer the power from the primary to the EV. The secondary device may include the housing and all covers.

[0060] 'GA controller': The portion of the GA which regulates the output power level to the GA Coil based on information from the vehicle.

[0061] 'VA controller': The portion of the VA that monitors specific on-vehicle parameters during charging and initiates communication with the GA to control output power level.

[0062] The GA controller may be referred to as a primary device communication controller(PDCC), and the VA controller may be referred to as an electric vehicle communication controller (EVCC).

[0063] 'Magnetic gap': The vertical distance between the plane of the higher of the top of the litz wire or the top of the magnetic material in the GA Coil to the plane of the lower of the bottom of the litz wire or the magnetic material in the VA Coil when aligned.

[0064] 'Ambient temperature': The ground-level temperature of the air measured at the subsystem under consideration and not in direct sun light.

[0065] 'Vehicle ground clearance': The vertical distance between the ground surface and the lowest part of the vehicle floor pan.

[0066] 'Vehicle magnetic ground clearance': The vertical distance between the plane of the lower of the bottom of the litz wire or the magnetic material in the VA Coil mounted on a vehicle to the ground surface.

[0067] 'VA Coil magnetic surface distance': the distance between the plane of the nearest magnetic or conducting component surface to the lower exterior surface of the VA coil when mounted. This distance includes any protective coverings and additional items that may be packaged in the VA Coil enclosure.

[0068] The VA coil may be referred to as a secondary coil, a vehicle coil, or a receive coil. Similarly, the GA coil may be referred to as a primary coil, or a transmit coil.

[0069] 'Exposed conductive component': A conductive component of electrical equipment (e.g. an electric vehicle) that may be touched and which is not normally energized but which may become energized in case of a fault.

[0070] 'Hazardous live component': A live component, which under certain conditions can give a harmful electric shock.

[0071] 'Live component': Any conductor or conductive component intended to be electrically energized in normal use.

[0072] 'Direct contact': Contact of persons with live components. (See IEC 61440)

[0073] 'Indirect contact': Contact of persons with exposed, conductive, and energized components made live by an insulation failure. (See IEC 61140)

[0074] 'Alignment': A process of finding the relative position of primary device to secondary device and/or finding the relative position of secondary device to primary device for the efficient power transfer that is specified. In the present disclosure, the alignment may direct to a fine positioning of the wireless power transfer system.

[0075] 'Pairing': A process by which a vehicle is correlated with the unique dedicated primary device, at which it is located and from which the power will be transferred. The pairing may include the process by which a VA controller and a GA controller of a charging spot are correlated. The correlation/association process may include the process of the establishment of a relationship between two peer communication entities.

[0076] 'Command and control communication': The communication between the EV supply equipment and the EV exchanges information necessary to start, control and terminate the process of WPT.

[0077] 'High level communication (HLC)': HLC is a special kind of digital communication. HLC is necessary for additional services which are not covered by command & control communication. The data link of the HLC may use a power line communication (PLC), but it is not limited.

[0078] 'Low power excitation (LPE)': LPE means a technique of activating the primary device for the fine positioning ad pairing so that the EV can detect the primary device, and vice versa.

[0079] The charging station may comprise at least one GA and at least one GA controller managing the at least one GA. The GA may comprise at least one wireless communication device. The charging station may mean a place having at least one GA, which is installed in home, office, public place, road, parking area, etc.

[0080] Further, control logic of the present disclosure may be embodied as non-transitory computer readable media on a computer readable medium containing executable program instructions executed by a processor, controller/control unit or the like. Examples of the computer readable mediums include, but are not limited to, ROM, RAM, compact disc (CD)-ROMs, magnetic tapes, floppy disks, flash drives, smart cards and optical data storage devices. The computer readable recording medium can also be distributed in network coupled computer systems so that the computer readable media is stored and executed in a distributed fashion, e.g., by a telematics server or a Controller Area Network (CAN).

[0081] Hereinafter, preferred example embodiments according to the present disclosure will be explained in detail by referring to accompanying figures.

[0082] FIG. 1 is a block diagram to explain an electric vehicle power transfer system using a security method according to an example embodiment of the present disclosure.

[0083] Referring to FIG. 1, the EV power transfer system according to the present embodiment of the present disclosure may transfer power from a charger 200 to an EV 100 via a charging cable 210. The EV 100 may include a communication controller 10 and a charging controller 20, and the charger 200 may be a conductive charger. The EV 100 and the charger 200 may perform command and control (C&C) communications with each other.

[0084] Although the EV power transfer system according to the present embodiment uses the conductive charging, the system is not restricted to the conductive charging. That is, the EV power transfer system may further include a component performing wireless power transfer. However, for convenience of explanation, it will be explained that the EV power transfer system according to the present embodiment operates in the conductive manner.

[0085] In addition to the transmission/reception function for exchanging C&C data needed for the conductive charging with the charger 200, which the communication controller 10 as an in-vehicle controller has, the communication controller 10 may convert information (i.e. information on the charger 200) received from the charger 200 via power line communication (PLC) to signals for an in-vehicle network. The communication controller 10 may include a processor, a memory, and an input/output device. Such the communication controller 10 may be a PLC controller. The conductive charging using the PLC controller may be referred to as a direct current (DC) combo charging. Here, the PLC may be a communication technology that can transmit and receive voices, messages, and data by using a power line supplying power as a medium.

[0086] Meanwhile, the charging controller 20 is an in-vehicle controller which is responsible for high-voltage charging of a high-voltage battery installed in an EV. The charging controller 20 may be referred to as a battery management system (BMS) or an on-board charger.

[0087] In the present embodiment, the communication controller 10 and the charging controller 20 may have common key information. The common key information may be stored or learned when the EV is released from a factory. However, various embodiments are not restricted to the above configuration. For example, the key information may be authenticated by an external apparatus via a user interface or a communication interface of the EV, or learned or stored in the communication controller 10 and the charging controller 20 by a user or an administrator having a right.

[0088] The conductive charging may mean a charging manner in which power is supplied via a conductive material. For example, the conductive charging may include all charging manners in which the charger 200 connected to a grid converts power of the grid and supplies the converted power to the EV 100 via a cable having at least one connector in both ends of the cable.

[0089] Here, the connector may be a connector for charging. It may be inserted into an inlet of the EV, and a part of a coupler, which is a conductive element establishing electrical connection between the charger and the EV. The coupler may indicate a set of the EV inlet and the connector.

[0090] Also, the conductive charging may require three functions which should be performed for charging an EV or PHEV from the grid, two of which are electrical functions, and one of which is a mechanical function. Here, the grid may supply an alternating current (AC) having one of various nominal voltages (Vrms) and one of frequencies (e.g. 60Hz). The battery of EV/PHEV may be a DC apparatus operating based on a variable voltage depending upon a nominal battery voltage, a charging status, and a ratio of charging and discharging. Among the above-described three functions, the first electrical function is a function for converting AC to DC, which is usually referred to as 'rectifying'. Also, the second electrical function is a function for controlling or adjusting a voltage applied to the battery according to various parameters such as charging characteristics of the battery - voltage, capacity, or electrochemistry, and other parameters, so that a charging ratio is maintained under a permitted level. The combination of the above two functions may be a usual role of the charger 200. In addition, the mechanical function is a function for physically connecting the EV/PHEV to an EVSE, and may be performed by an automatic apparatus, a driver, a manager, etc. Thus, the conductive charging system may include the charger 200 and a coupler connected to the charger 200. In the present embodiment, the coupler may include a cable 210, and a terminal (second terminal) 220.

[0091] Also, the EV 100 according to the present embodiment may further include a first communication interface 40, a terminal 42, and a second communication interface 50.

[0092] The first communication interface 40 may connect the communication controller 10 and the terminal 42, and support C&C communications and/or high-level communications between them. The first communication interface 40 may support PLC. For this, a conductive channel or an electrical wire connecting the first communication interface 40, the coupler 42 and 220, and the cable 210 may exist between the communication controller 10 and the charger 200.

[0093] The terminal 42 may be a component which selectively supports electrical connection or electrical disconnection between the EV 100 and the external charger 200. The terminal 42 may be referred to as a first terminal, and the terminal 220 may be referred to as a second terminal. That is, the first terminal 42 and the second terminal 220 may selectively connect or disconnect a power line and/or a communication line of the communication controller 10 to a power line and/or a communication line of the charger 200.

[0094] Also, as a structure for the conductive charging, the terminal 42 may have a form of plug, socket-outlet, receptacle, or a combination of them. For example, the first terminal 42 and the second terminal 220 may be coupled with each other, having a connection form of plug and socket-outlet. Such the terminal 42 may have a contact. The contact may indicate a portion of conductive material in a connector, which is coupled with a corresponding portion in the EV inlet in order to provide an electrical path.

[0095] The second communication interface 50 may connect the communication controller 10 and the charging controller 20, and support C&C communications and/or high-level communications between them. The second communication interface 50 may support a high-speed controller area network (CAN) communication. For this, the second communication interface 50 may include a communication line or a cable between the communication controller 10 and the charging controller 20. Using the CAN communication, the communication controller 10 and the charging controller 20 may communicate with other controllers in the EV via a single CAN wire or double CAN wires connected with them. In the case of the double CAN wires, one of two wires may be a redundant wire used for error checking or as a reserved wire.

[0096] The charger 200 may be an electrical apparatus which can convert AC energy to an adjusted DC current, and supply the DC current to a rechargeable energy storage apparatus (e.g. battery) as an energy needed for operating various electronic devices in the EV. Also, the charger 200 may indicate an apparatus for charging the EV by using a standard AC supply voltage under 1000V or a DC supply voltage under 1500V. The charger 200 may also be an on-board charger installed in the EV. In the present embodiment, the charger 200 having a type of off-board charger will be explained.

[0097] Also, the charger 20 may include a controller which performs C&C communications and high-level communications for the conductive charging with the communication controller 10 and/or charging controller 20. The charger 200 may perform a mode-1 charging, a mode-2 charging, a mode-3 charging, or a mode-4 charging through the C&C communications (refer to IEC 61851-1). The controller of the charger 200 may be referred to a GA controller. The composition of the charger 200 may be referred to a structure of a GA 7 explained referring to FIG. 8.

[0098] FIG. 2 is a sequence chart to explain a security method of an EV power transfer system.

[0099] Referring to FIG. 2, a security method of an EV power transfer system according to an example embodiment of the present disclosure may be started after the EV and the charger 200 are connected via a coupler.

[0100] As described above, the EV may include the communication controller 10 and the charging controller 20, and the communication controller 10 and the charging controller 20 may correspond to a VA controller 70 equipped in the VA, an electric vehicle communication controller (EVCC) equipped in the EV, or a secondary device communication controller (SDCC) equipped in the EV. However, in the present embodiment, the communication controller 10 and the charging controller 20 may be located with a predetermined distance and connected via a high-speed CAN network. That is, the communication controller 10 and the charging controller 20 may not exist as a single entity into which they are integrated.

[0101] The charger 200 may include a GA, and a GA controller in the GA. The GA controller may perform digital communications for exchanging digitally-coded information with the EV. The GA controller may correspond to a supply equipment communication controller (SECC) or a primary device communication controller (PDCC) equipped in an electric vehicle supply equipment (EVSE).

[0102] First, the communication controller 10 and the charging controller 20 may receive a start signal for conductive charging from the charger 200 (S21). The start signal may be a signal for waking up the communication controller 10 and the charging controller 20 which are related to battery charging. Also, the start signal may be a signal for transferring information on the charger 200 to the charging controller 20. Here, the information on the charger 200 may include information on the type of a power supply unit in the charger 200, power capacity, etc. Also, the information on the charger 200 may be used for authenticating establishment of proper communications. In this step, the start signal is transferred only to the communication controller 10. A start signal for the charging controller 20 may be transferred from the communication controller 10, of course, vice versa.

[0103] Then, the communication controller 10 may transmit an authentication request signal to the charging controller 20 (S22). The authentication request signal may include second key information which is learned or stored beforehand in the communication controller 10.

[0104] Then, the charging controller 20 may determine whether the authentication succeeds or not by comparing the second key information with first key information (S23). The first key information may be learned or stored in the charging controller 20 when the EV is released from a factory.

[0105] After the determination, if the authentication is determined as failed, the charging controller 20 may block a charging process (S24). Also, according to implementation, the charging controller 20 may output a predetermined warning message (S25). The warning message may be output by using a display apparatus, a speaker, etc. equipped in the EV, and transmitted to a preconfigured recipient. The warning message may include a message notifying that privacy information or financial information stored in the communication controller 10 and/or charging controller 20 are illegally used, or a message informing the preconfigured recipient (e.g. a manager of the charger, or an original owner of the controller) of that the communication controller 10 and/or charging controller 20 are illegally used.

[0106] Also, if the authentication is determined as succeeded, the charging controller 20 may start the charging process (S26). Then, the charging controller 20 may control the charging process through the C&C communications with the charger 200 (S27). Also, the charging controller 20 may perform a process of charging a fee via high-level communications with the charger 200 (S28). The process of charging a fee may be performed based on the amount of power supplied from the charger 200 to the EV by using the privacy information and/or financial information which are stored in the communication controller 10 and/or charging controller 20 and have been previously authenticated.

[0107] According to the present embodiment, even when the in-vehicle controller storing the privacy information or financial information, such as the communication controller 10 or the charging controller 20, are stolen or lost, abuse of the privacy information or financial information can be prevented by using the key information learned or stored respectively by the communication controller 10 and the charging controller 20.

[0108] Meanwhile, although the case to which the conductive charging is applied was explained as an example, various embodiments according to the present disclosure may also be applied to wireless power transfer. In the case of wireless power transfer, the EV and the charger 200 may exchange signals or messages via a point-to-point link (P2PL) including a point-to-point communication (P2PC) or a point-to-point signaling (P2PS), or a wireless local area network (referred to as WLAN or WiFi).

[0109] FIG. 3 is a block diagram of a security apparatus for an EV power transfer system.

[0110] Referring to FIG. 3, the charging controller 20 according to the present embodiment may include a processor 21 and a memory 22. The charging controller 20 may further include an input/output device, a communication device, or an interface. For convenience of illustration and description, they are omitted.

[0111] As described above, the processor 21 may perform charging authentication by comparing the second key information from the communication controller 10 with the first key information that it owns, and operate to block a charging process when the charging authentication does not succeed. The processor 21 may output a warning message when the charging process is blocked.

[0112] The processor 21 may include at least one core and a cache memory. In case that the processor 21 has a multi-core architecture, the multi-core architecture may be a single package including integrated circuits, into which two or more independent cores are integrated. Also, in case that the processor 21 has a single-core architecture, the single core may be a central processing unit (CPU). The CPU may be implemented as a system on chip (SoC) into which a micro control unit and various peripheral devices (or, integrated circuitry for external peripheral devices) are integrated. However, various embodiments are not limited to the above examples. Here, the core may include registers storing instructions to be executed, an arithmetic logical unit (ALU) performing comparison, determination, and operations, a control unit controlling the CPU for interpretation and execution of the instructions, an internal bus, etc.

[0113] The above-described processor 21 may include at least one of a data processor and an image processor, or a combination of them. Of course, the processor 21 may include at least one electronic control unit (ECU) embedded in a vehicle. In addition, the processor 21 may include a peripheral interface and a memory interface. In this case, the peripheral interface may connect the processor 21 to an input/output system and other peripheral devices (e.g. communication device, engine control unit, navigation system, in-vehicle display apparatus, in-vehicle speaker system, etc.), and the memory interface may connect the processor 21 to the memory 22.

[0114] The memory 22 may store a plurality of modules for implementing security methods of the EV wireless power transfer system. The plurality of modules may include a key information comparison module 23, a charging authentication module 24, a charging blocking module 25, and a warning message output module 26. The plurality of modules may basically include a charging control module for controlling start, continuation, and end of the charging process. Also, functions of the respective modules may be identical to those of the above-described method, and thus redundant explanation is omitted.

[0115] Meanwhile, according to the present embodiment, components of the charging controller 20 which perform a security method for the EV wireless power transfer system may be services or functions implemented by executing functional blocks or modules stored in the memory 22. However, various embodiments are not restricted to the above-described example. The above-described components may be implemented to operate in an ECU of the EV, as stored in a computer readable medium in a software form for implementing predetermined functions (at least part of the security method), or transmitted to a remote site in a carrier form. Here, the computer readable medium may be connected to a plurality of computing apparatuses or a cloud system which are connected through a network, and at least one of the plurality of computing apparatuses and the cloud system may store source code, intermediate code, or executable code for performing the security method according to the present disclosure.

[0116] The computer readable medium may include a program instruction, a data file, a data structure, or a combination thereof. The program instructions recorded on the computer readable medium may be designed and configured specifically for the present disclosure or can be publicly known and available to those who are skilled in the field of computer software. Examples of the computer readable medium may include a hardware device such as ROM, RAM, and flash memory, which are specifically configured to store and execute the program instructions. Examples of the program instructions include machine codes made by, for example, a compiler, as well as high-level language codes executable by a computer, using an interpreter. The above exemplary hardware device can be configured to operate as at least one software module in order to perform the operation of the present disclosure, and vice versa.

[0117] FIG. 4 is a block diagram to explain an electric vehicle power transfer system using a security method according to another example embodiment of the present disclosure.

[0118] Referring to FIG. 4, the EV power transfer system according to another example embodiment may prevent abuse of privacy information or financial information stored in the in-vehicle controller during the power transfer procedure or the procedure of charging a fee performed between the EV 100 and the charger 200. The in-vehicle controller may include the communication controller 10, the charging controller 20, and a charging authentication apparatus 30.

[0119] The EV 100 and the charger 200 may exchange signals and messages via WLAN or P2PL. For this, the EV 100 may include at least one antenna 60, and the charger 200 may also include at least one antenna 230. In addition, although not illustrated in FIG. 4, when the charger 200 transfers power to the EV 100 in the wireless power transfer manner, the charger 200 may include a primary coil or a GA coil (refer to 104 of FIG. 8), and the EV 100 may include a secondary coil or a VA coil (refer to 105 of FIG. 8).

[0120] In order to prevent abuse of privacy information or financial information stored in the in-vehicle controller equipped in the EV, the communication controller 10, the charging controller 20, and the charging authentication apparatus 30 of the EV 100 may be configured to inter-compare key information stored and learned in different controllers.

[0121] The communication controller 10 and the charging controller 20 may be practically identical to those explained referring to FIG. 1 ad FIG. 2 except detail functions which will be described by referring to FIG. 5.

[0122] The charging authentication apparatus 30 may be an apparatus configured to store privacy information and/or financial information of a user, learn or store third key information corresponding to the privacy information and/or the financial information, and authenticate, for the charging process, the first key information of the charging controller and the second key information of the communication controller. The apparatus 30 may be attached to the EV 100 as a removable-type apparatus or a fixed-type apparatus.

[0123] In the case that the apparatus 30 is the fixed type apparatus, the charging authentication apparatus 30 may be hidden in the EV 100 as fixed by using a bracket. Such the structure may prevent even a thief from detaching the apparatus 30 from the EV 100 during at least minimum required time (e.g. 3 minutes).

[0124] In the case that the apparatus 30 is the removable-type apparatus, the charging authentication apparatus 30 may include a first part storing the privacy information and/or financial information, and a second part fixed in the EV. In this case, the user may carry the first part which is a portable device, and combine the first part and the second part in order to perform charging authentication when the user wants to charge the battery of the EV.

[0125] The charging authentication apparatus 30 may include an authentication module having a form of a subscriber identification card or a similar card in which user's privacy information and/or financial information are stored, a slot into which the authentication module can be inserted, and a communication part connected to the slot. The subscriber identification card may include an IC card implementing a subscriber identification module (SIM). Also, the SIM may include a universal SIM (USIM). The communication part may include a CAN interface.

[0126] FIG. 5 is a sequence chart of a security method of an EV power transfer system according to another example embodiment of the present disclosure.

[0127] Referring to FIG. 5, a security method for an EV power transfer system according to the present embodiment may be started based on configuration of communications between the charger 200 and the EV wanting to charge its battery. The EV and the charger 200 may exchange signals and messages via P2PL including P2PC or P2Ps and/or WLAN.

[0128] First, the communication controller 10, the charging controller 20, and the charging authentication apparatus 30 may receive a start signal for EV charging based on wireless power transfer from the charger 200 (S51). In this step, the start signal may be transferred only to the communication controller 10, and the communication controller 10 may transfer the start signal to the charging controller 20 or the charging authentication apparatus 30, and vice versa.

[0129] Then, the communication controller 10 may transmit an authentication request signal to the charging authentication apparatus 30 (S53). In response to receipt of the start signal, the communication controller 10 may transmit the authentication request signal to the charging authentication apparatus 30. However, various embodiments are not restricted to the above description. After receipt of the start signal, the communication controller 10 may receive an authentication request signal from the charger 200 (S52), and transfer the authentication request signal to the charging authentication apparatus 30 without modifying the authentication request signal or with properly modifying the authentication request signal.

[0130] Then, in response to the authentication request signal, the charging authentication apparatus may extract the third key information from a storage part, etc. (S54). Of course, the third key information may beforehand be learned or stored in the charging authentication apparatus 30, when the EV is released from a factory. Then, the charging authentication apparatus 30 may transmit the third key information to the charging controller 20 (S55). The third key information may be transferred to the charging controller 20 as included in the authentication request signal.

[0131] Then, the charging controller 20 may determine whether the authentication succeeds or not by comparing the third key information with the first key information learned or stored beforehand in the storage part 22 (S56). The first key information may beforehand be learned or stored in the charging controller 20 when the EV is released from a factory.

[0132] Based on a result of the determination, if the authentication is determined as failed, the charging controller 20 may block a charging process (S57). Then, according to implementation, the charging controller 20 may output a predetermined warning message (S58). The warning message may be output through a display apparatus or a speaker, which is equipped in the EV, and may be transmitted to a preconfigured user.

[0133] Also, if the authentication is determined as succeeded, the charging controller 20 may start the charging process (S59). Then, the charging controller 20 may perform or complete the charging process through the C&C communications with the charger 200 (S59a). Also, the charging controller 20 may perform a process of charging a fee via high-level communications with the charger 200 (S59b). The process of charging a fee may be performed based on the amount of power supplied from the charger 200 to the EV, by using the privacy information and/or financial information which are stored in the communication controller 10 and/or charging controller 20 and have been previously authenticated.

[0134] According to the present embodiment, even when the in-vehicle controller storing privacy information or financial information, such as the charging controller 20 or the charging authentication apparatus 30, are stolen or lost, abuse of the privacy information or financial information can be prevented by using key information learned or stored respectively by the charging controller 20 and the charging authentication apparatus 30.

[0135] Meanwhile, although the case to which the wireless power transfer is applied was explained as an example, various embodiments according to the present disclosure may also be applied to the conductive charging.

[0136] FIG. 6 is a sequence chart of a variation of a security method of an EV power transfer system according to another example embodiment of the present disclosure.

[0137] Referring to FIG. 6, a security method for an EV power transfer system according to the present embodiment may be started based on configuration of communications for conductive charging or wireless power transfer between the charger 200 and the EV wanting to charge its battery.

[0138] First, at least one of the communication controller 10, charging controller 20, and the charging authentication apparatus 30 may transmit a start signal for EV charging to the charger 200 (S61). In this step, the start signal may be transmitted by the communication controller 10, and the communication controller 10 may notify transfer of the start signal to the charging controller 20 or the charging authentication apparatus 30.

[0139] Then, the communication controller 10 may transmit an authentication request signal to the charging authentication apparatus 30 (S63). The communication controller 10 may transmit the authentication request signal to the charging authentication apparatus 30 after transmitting the start signal. However, various embodiments are not restricted to the above description. After transmitting the start signal, the communication controller 10 may receive an authentication request signal from the charger 200 (S62), and transfer the identical or modified authentication request signal to the charging authentication apparatus 30 in response to the authentication request signal.

[0140] Then, the communication controller 10 may extract the second key information from a storage part, etc. (S64). The second key information may beforehand be learned or stored when the EV is released from a factory. Similarly, the charging authentication apparatus 30 may extract the third key information from a storage part, etc. in response to the authentication request signal from the communication controller 10 (S65). The third key information may beforehand be learned or stored in the charging authentication apparatus 30 when the EV is released from a factory. However, various embodiments are not restricted thereto. In a case that the charging authentication apparatus 30 has a structure having a first part which includes privacy information and/or financial information and the third key information learned or stored beforehand in correspondence to the privacy information and/or financial information, and a second part fixed in the EV with which the removable first part can be combined, the third key information may be learned or stored by issuing or downloading to the first part through a separate path.

[0141] Then, the communication controller 20 may transmit the second key information to the charging controller 20 (S66). Then, the charging authentication apparatus 30 may transmit the third key information to the charging controller 20 (S67). The second key information and the third key information may be transferred to the charging controller 20 as included in the respective authentication request signals.

[0142] Then, the charging controller 20 may authenticate the third key information based on the second key information, or authenticate the charging process by comparing the second key information with the third key information (S68). Also, according to implementation, if the charging controller 20 learned or stored the first key information beforehand, in addition to the above-description, the charging controller 20 may selectively perform authentication on the charging process by comparing the first key information with at least one of the second key information and the third key information.

[0143] Then, after the determination in the step S68, if the authentication is determined as failed, the charging controller 20 may block a charging process (S69). Also, the charging controller 20 may output a predetermined warning message (S70). The warning message may be output by using a display apparatus, a speaker, etc. equipped in the EV, and transmitted to a preconfigured recipient.

[0144] Also, after the determination in the step S68, if the authentication is determined as succeeded, the charging controller 20 may start the charging process (S71). Then, the charging controller 20 may control the charging process through the C&C communications with the charger 200 (S72). Also, the charging controller 20 may perform a process of charging a fee with the charger 200 after completion of the charging process. The process of charging a fee may be performed based on the amount of power supplied from the charger 200 to the EV, by using the privacy information and/or financial information which are stored in at least one of the communication controller 10, charging controller 20, and charging authentication apparatus 30, and correspond to the key information having been previously authenticated.

[0145] According to the present embodiment, since the charging process is authenticated by comparing the key information respectively stored in the in-vehicle controllers storing privacy information and/or financial information, such as the communication controller 10 and the charging authentication apparatus 30, abuse of the privacy information and/or financial information can effectively prevented even when the communication controller 10 and/or charging authentication apparatus 30 are stolen or lost.

[0146] FIG. 7 is a view to explain a structure of a security apparatus which can be applied to an EV power transfer system.

[0147] Referring to FIG. 7, a security apparatus for an EV power transfer system according to an example embodiment of the present disclosure may be implemented on at least one of the communication controller, charging controller, and charging authentication apparatus. Especially, in case that the charging authentication apparatus 30 is used, the charging authentication apparatus 30 may be hidden as located in an engine room of the EV.

[0148] Also, the charging authentication apparatus 30 may be attached to a body of the EV, and a housing or bracket 32 accommodating the charging authentication apparatus 30 may be fixed to the body of the EV, etc. by using a fastening means 34 such as bolts and nuts.

[0149] Of course, it may also be possible to combine the charging authentication apparatus 30 with the bracket 32, and fixing the bracket 32 to the body of the EV. However, even in this case, the charging authentication apparatus 30 and the bracket 32 which are fixed to the body of the EV may be installed as hidden in the EV, and not removable.

[0150] FIG. 8 is a block diagram to explain a structure of an EV wireless power transfer system to which embodiments according to the present disclosure can be applied, and a flow of wireless power transfer.

[0151] As illustrated in FIG. 8, an EV wireless power transfer system 300 for charging a battery of an EV, to which the security methods according to the present disclosure can be applied, may include a GA 7 corresponding to the charger, and a VA 8 equipped in the EV. After the above-described security method is performed and the authentication succeeds, start, continuation, and end of the wireless power transfer may be controlled through communications between a VA controller 20 corresponding to the charging controller equipped in the VA 8 and a GA controller 9 equipped in the GA 7.

[0152] Here, the VA controller 20 may be connected to other in-vehicle controllers 12 such as an engine electronic control unit via a CAN network. Also, after a secondary coil of the EV (i.e. VA coil 105) and a primary coil (i.e. GA coil 104) are magnetically aligned within a predetermined error range, the wireless power transfer may be started, and the battery of the EV may be charged through the wireless power transfer.

[0153] The configuration of the wireless power transfer system 300 and the flow of wireless power transfer are explained as follows. The GA 7 may include an AC-DC converter 101 having a power factor correction (PFC) function which is connected to a grid, a DC-AC converter 102, a filter/impedance matching network (IMN) 103, and a GA coil 104. The transponder 32 may be located near from the GA coil 204 of the HA 7. Also, the VA 8 may include a VA coil 105 forming a coupled circuit with the GA coil 104, an IMN/filter 106, a rectifier 107, and an impedance converter 108. The impedance converter 108 may be connected to the battery.

[0154] Also, the VA controller 20 may perform C&C communications and high-level communications with the GA controller 9 via wireless communication links in order to perform authentication on the charging process, wireless power transfer process, and process for charging a fee.

[0155] In addition, the flow of wireless power transfer may be explained as follows.

[0156] First, for the wireless power transfer procedure of the wireless charging system, a current to be charged to the battery is determined in the VA 8. Then, a power request is transferred from the VA 8 to the GA 8 via the wireless communication link.

[0157] Then, the GA 7 may recognize the power request from the VA 8, convert power supplied from a grid to high frequency AC current, and transfer it to the GA coil 104.

[0158] Then, the high frequency AC current having is transferred from the GA coil 104 to the VA coil 105 via coupling, rectified and processed in the VA 8, and finally charged to the battery.

[0159] The above-described procedure continues until the battery is fully charged and the VA transmits a signal indicating completion of charging to the GA.

[0160] According to embodiments of the present disclosure, a user or a charging controller of the user can be authenticated by an EV itself, in an EV wireless power transfer process or an EV charging process, so that theft or abuse of the charging controller in which privacy information and/or financial information are stored can be prevented.

[0161] While the example embodiments of the present disclosure and their advantages have been described in detail, it should be understood that various changes, substitutions and alterations may be made herein without departing from the scope of the disclosure.


Claims

1. A security method for an electric vehicle (EV) power transfer system, performed by a charging controller installed in an EV, the method comprising the steps of:

receiving a start signal for charging the EV from a communication controller installed in the EV or an external charger;

receiving, by the charging controller, an authentication request from the communication controller;

authenticating, by the charging controller, a second key information included in the authentication request based on a first key information by comparing the first key information and the second key information; and

starting a charging process when the authentication succeeds,

wherein the first key information is learned or stored beforehand in the charging controller.


 
2. The method according to claim 1, further comprising, after the authenticating step, blocking the charging process when the authentication is determined as failed.
 
3. The method according to claim 1 or 2, further comprising, after the blocking step, outputting a warning message.
 
4. The method according to any one of claims 1 to 3, wherein, in the step of receiving the authentication request, the second key information is received through a controller area network (CAN) communication or an Ethernet communication.
 
5. The method according to any one of claims 1 to 4, further comprising, after the step of starting the charging process, performing and completing the charging process in a conductive manner or wireless power transfer manner through command and control communications with an external charger connected via the communication controller; and performing a process for charging a fee based on an amount of power supplied from the external charger to the EV by using privacy information or financial information corresponding to the first key information and second key information.
 
6. The method according to any one of claims 1 to 5, further comprising,
receiving third key information from a charging authentication apparatus installed in the EV, wherein the charging authentication apparatus transmits the third key information to the charging controller in response to the authentication request; and
authenticating the second key information or the third key information based on the first key information in the authenticating step.
 
7. The method according to claim 6, wherein the second key information or the third key information includes key information identical to an identifier or a random number stored in at least one of a controller of the EV, a smart key system control part of the EV, and an engine controller of the EV.
 
8. The method according to any one of claims 1 to 7, further comprising, after the authenticating step, blocking the charging process when the authentication is determined as failed.
 
9. The method according to any one of claims 1 to 8, further comprising, after a step of proceeding with the charging process, performing a process for charging a fee based on the amount of power supplied from the charger to the EV by using privacy information or financial information corresponding to the second key information or the third key information.
 
10. A computing apparatus performing a security method for an electric vehicle (EV) power transfer system, the apparatus comprising:

a comparison part of a charging controller configured to receive a start signal for charging the EV from a communication controller installed in the EV or an external charger, receive an authentication request from the communication controller, and authenticate a second key information included in the authentication request based on a first key information by comparing the first key information and the second key information; and

a charging blocking part of the charging controller configured to authenticate or block a charging process based on a comparison result of the comparison part,

wherein the first key information is learned or stored beforehand in the charging controller.


 
11. The apparatus according to claim 10, wherein the comparison part and the charging blocking part are included in a charging controller equipped in the EV.
 
12. The apparatus according to claim 10 or 11, further comprising an interface connecting with communication controller, wherein the interface uses a controller area network (CAN) communication in the EV.
 
13. The apparatus according to any one of claims 10 to 12, wherein the apparatus further includes a storage part storing the first key information, the apparatus is connected to the communication controller providing the second key information via the interface, or the apparatus is connected to a charging authentication apparatus providing the third key information via the interface.
 
14. The apparatus according to claim 13, wherein the charging authentication apparatus is installed in the EV as hidden and fixed by using a bracket.
 


Ansprüche

1. Ein Sicherheitsverfahren für ein Elektrofahrzeug-(EV-)Leistungsübertragungssystem, welches durch eine in einem EV installierte Ladesteuereinrichtung durchgeführt wird, das Verfahren aufweisend die Schritte des:

Empfangens eines Startsignals zum Laden des EV von einer Kommunikationssteuereinrichtung, die in dem EV oder einem externen Ladegerät installiert ist,

Empfangens, durch die Ladesteuereinrichtung, eines Authentifizierungsanfrage von der Kommunikationssteuereinrichtung,

Authentifizierens, durch die Ladesteuereinrichtung, einer in der Authentifizierungsanfrage enthaltenen Zweiter-Schlüssel-Information basierend auf einer Erster-Schlüssel-Information durch Vergleichen der Erster-Schlüssel-Information und der Zweiter-Schlüssel-Information, und

Starten eines Ladeprozesses, wenn die Authentifizierung gelingt,

wobei die Erster-Schlüssel-Information erlernt wird oder vorab in der Ladesteuereinrichtung gespeichert wird.


 
2. Das Verfahren nach Anspruch 1, ferner aufweisend, nach dem Authentifizierungsschritt, Sperren des Ladeprozesses, wenn die Authentifizierung als fehlgeschlagen ermittelt wird.
 
3. Das Verfahren nach Anspruch 1 oder 2, ferner aufweisend, nach dem Sperren-Schritt, Ausgeben einer Warnungsnachricht.
 
4. Das Verfahren nach irgendeinem der Ansprüche 1 bis 3, wobei bei dem Schritt des Empfangens der Authentifizierungsanfrage die Zweiter-Schlüssel-Information durch eine Steuergerätebereichsnetzwerk-(CAN-)Kommunikation oder eine Ethernet-Kommunikation empfangen wird.
 
5. Das Verfahren nach irgendeinem von Ansprüchen 1 bis 4, ferner aufweisend, nach dem Schritt des Startens des Ladeprozesses, Durchführen und Abschließen des Ladeprozesses auf eine konduktive Weise oder eine Drahtlose-Energieübertragung-Weise durch Befehls- und Steuerungskommunikationen mit einem externen Ladegerät, welches mittels der Kommunikationssteuereinrichtung verbunden ist, und Durchführen eines Prozesses zum Verlangen einer Gebühr basierend auf einer Energiemenge, welche von dem externen Ladegerät an das EV geliefert wurde, durch Verwenden von Privatsphäreninformationen oder Finanzinformationen, welche mit der Erster-Schlüssel-Information und der Zweiter-Schlüssel-Information korrespondieren.
 
6. Das Verfahren nach irgendeinem von Ansprüchen 1 bis 5, ferner aufweisend
Empfangen einer Dritter-Schlüssel-Information von einer Ladeauthentifizierungsvorrichtung, welche in dem EV installiert ist, wobei die Ladeauthentifizierungsvorrichtung in Reaktion auf die Authentifizierungsanfrage die Dritter-Schlüssel-Information an die Ladesteuereinrichtung sendet, und
Authentifizieren der Zweiter-Schlüssel-Information oder der Dritter-Schlüssel-Information basierend auf der Erster-Schlüssel-Information in dem Authentifizierungsschritt.
 
7. Das Verfahren nach Anspruch 6, wobei die Zweiter-Schlüssel-Information oder die Dritter-Schlüssel-Information Schlüsselinformation enthält, welche identisch ist mit einer Kennung oder einer Zufallszahl, die in mindestens einer/einem von einer Steuereinrichtung des EV, einem Intelligenter-Schlüssel-System-Steuerteil des EV und einer Motorsteuereinrichtung des EV gespeichert ist.
 
8. Das Verfahren nach irgendeinem von Ansprüchen 1 bis 7, ferner aufweisend, nach dem Authentifizierungsschritt, Sperren des Ladeprozesses, wenn die Authentifizierung als fehlgeschlagen ermittelt wird.
 
9. Das Verfahren nach irgendeinem von Ansprüchen 1 bis 8, ferner aufweisend, nach einem Schritt des Fortfahrens mit dem Ladeprozess, Durchführen eines Prozesses zum Verlangen einer Gebühr basierend auf der Energiemenge, welche von dem externen Ladegerät an das EV geliefert wurde, durch Verwenden von Privatsphäreninformationen oder Finanzinformationen, welche mit der Zweiter-Schlüssel-Information oder der Dritter-Schlüssel-Information korrespondieren.
 
10. Eine Rechenvorrichtung, welche ein Sicherheitsverfahren für ein Elektrofahrzeug-(EV-)Energieübertragungssystem durchführt, die Vorrichtung aufweisend:

einen Vergleichsteil einer Ladesteuereinrichtung, welche dazu eingerichtet ist, ein Startsignal zum Laden des EV von einer Kommunikationssteuereinrichtung, die in dem EV oder einem externen Ladegerät installiert ist, zu empfangen, eine Authentifizierungsanfrage von der Kommunikationssteuereinrichtung zu empfangen und eine in der Authentifizierungsanfrage enthaltene Zweiter-Schlüssel-Information basierend auf einer Erster-Schlüssel-Information durch Vergleichen der Erster-Schlüssel-Information und der Zweiter-Schlüssel-Information zu authentifizieren, und

einen Ladesperrteil der Ladesteuereinrichtung, welcher dazu eingerichtet ist, einen Ladeprozess basierend auf einem Vergleichsergebnis des Vergleichsteils zu authentifizieren oder zu sperren,

wobei die Erster-Schlüssel-Information erlernt wird oder vorab in der Ladesteuereinrichtung gespeichert wird.


 
11. Die Vorrichtung nach Anspruch 10, wobei der Vergleichsteil und der Ladesperrteil in einer Ladesteuereinrichtung, welche in dem EV vorgesehen ist, enthalten sind.
 
12. Die Vorrichtung nach Anspruch 10 oder 11, ferner aufweisend eine Schnittstelle, welche sich mit der Kommunikationssteuereinrichtung verbindet, wobei die Schnittstelle eine Steuergerätebereichsnetzwerk-(CAN-)Kommunikation in dem EV nutzt.
 
13. Die Vorrichtung nach irgendeinem der Ansprüche 10 bis 12, wobei die Vorrichtung ferner einen Speicherteil aufweist, welcher die Erster-Schlüssel-Information speichert, wobei die Vorrichtung mit der Kommunikationssteuereinrichtung, welche die Zweiter-Schlüssel-Information über die Schnittstelle bereitstellt, verbunden ist oder die Vorrichtung mit einer Ladeauthentifizierungsvorrichtung, welche die Dritter-Schlüssel-Information über die Schnittstelle bereitstellt, verbunden ist.
 
14. Die Vorrichtung nach Anspruch 13, wobei die Ladeauthentifizierungsvorrichtung in dem EV als versteckt und unter Verwendung eines Befestigungsteils fixiert installiert ist.
 


Revendications

1. Procédé de sécurité pour un système de transfert de puissance d'un véhicule électrique (EV), exécuté par un contrôleur de charge installé dans un EV, ce procédé comprenant les étapes suivantes :

réception d'un signal de démarrage pour la charge de l'EV en provenance d'un contrôleur de communication installé dans l'EV ou un chargeur externe ;

réception, par le contrôleur de charge, d'une requête d'authentification en provenance du contrôleur de communication ;

authentification, par le contrôleur de charge, d'une deuxième information clé comprise dans la requête d'authentification, basée sur une première information clé en comparant la première information clé et la deuxième information clé ; et

démarrage d'un processus de charge lors l'authentification a réussi,

la première information clé ayant été apprise ou stockée auparavant dans le contrôleur de charge.


 
2. Procédé selon la revendication 1, comprenant en outre, après l'étape d'authentification, le blocage du processus de charge lorsque l'authentification est déterminée comme ayant échoué.
 
3. Procédé selon la revendication 1 ou 2, comprenant en outre, après l'étape de blocage, l'émission d'un message d'avertissement.
 
4. Procédé selon l'une des revendications 1 à 3, dans lequel, dans l'étape de réception de la requête d'authentification, la deuxième information clé est reçue par l'intermédiaire d'une communication par Bus de Données (CAN) ou d'une communication par Ethernet.
 
5. Procédé selon l'une des revendications 1 à 4, comprenant en outre, après l'étape de démarrage du processus de charge, l'exécution et la terminaison du processus de charge d'une manière conductrice ou par transfert de puissance sans fil par l'intermédiaire de communication de commande et de contrôle avec un chargeur externe connecté par l'intermédiaire du contrôleur de communication ; et l'exécution d'un processus pour la charge d'une redevance basée sur une quantité de puissance introduite par le chargeur externe dans l'EV à l'aide d'informations privées ou d'informations financières correspondant à la première information clé et à la deuxième information clé.
 
6. Procédé selon l'une des revendications 1 à 5, comprenant en outre
la réception d'une troisième information clé en provenance d'un appareil d'authentification de charge installé dans l'EV, l'appareil d'authentification de charge transmettant la troisième information clé au contrôleur de charge en réponse à la requête d'authentification ; et
l'authentification de la deuxième information clé ou de la troisième information clé sur la base de la première information clé dans l'étape d'authentification.
 
7. Procédé selon la revendication 6, dans lequel la deuxième information clé ou la troisième information clé comprend une information clé identique à un identifiant ou à un nombre aléatoire stocké dans au moins un parmi un contrôleur de l'EV, une partie de contrôle de système par clé intelligente de l'EV et un contrôleur de moteur de l'EV.
 
8. Procédé selon l'une des revendications 1 à 7, comprenant en outre, après l'étape d'authentification, le blocage du processus de charge lorsque l'authentification est déterminée comme ayant échoué.
 
9. Procédé selon l'une des revendications 1 à 8, comprenant en outre, après une étape d'exécution du processus de charge, l'exécution d'un processus pour la charge d'une redevance basée sur la quantité de puissance introduite par le chargeur dans l'EV à l'aide d'informations privées ou d'informations financières correspondant à la deuxième information clé ou à la troisième information clé.
 
10. Appareil informatique exécutant un procédé de sécurité pour un système de transfert de puissance d'un véhicule électrique (EV), cet appareil comprenant :

une partie de comparaison d'un contrôleur de charge conçue pour recevoir un signal de démarrage pour la charge de l'EV en provenance d'un contrôleur de communication installé dans l'EV ou un chargeur externe, recevoir une requête d'authentification en provenance du contrôleur de communication et authentifier une deuxième information clé comprise dans la requête d'authentification, basée sur une première information clé en comparant la première information clé et la deuxième information clé ; et

une partie de blocage de charge du contrôleur de charge conçue pour authentifier ou pour bloquer un processus de charge sur la base d'un résultat de comparaison de la partie de comparaison,

la première information clé ayant été apprise ou stockée auparavant dans le contrôleur de charge.


 
11. Appareil selon la revendication 10, dans lequel la partie de comparaison et la partie de blocage de charge sont comprises dans un contrôleur de charge équipé dans l'EV.
 
12. Appareil selon la revendication 10 ou 11, comprenant en outre une interface se connectant avec un contrôleur de communication, l'interface utilisant une communication par Bus de Données (CAN) dans l'EV.
 
13. Appareil selon l'une des revendications 10 à 12, dans lequel l'appareil comprend en outre une partie de stockage stockant la première information clé, l'appareil étant connecté au contrôleur de communication fournissant la deuxième information clé via l'interface ou l'appareil étant connecté à un appareil d'authentification de charge fournissant la troisième information clé via l'interface.
 
14. Appareil selon la revendication 13, dans lequel l'appareil d'authentification de charge est installé dans l'EV de façon à être dissimulé et fixé à l'aide d'un support.
 




Drawing























Cited references

REFERENCES CITED IN THE DESCRIPTION



This list of references cited by the applicant is for the reader's convenience only. It does not form part of the European patent document. Even though great care has been taken in compiling the references, errors or omissions cannot be excluded and the EPO disclaims all liability in this regard.

Patent documents cited in the description