|
(11) | EP 2 362 355 A1 |
| (12) | EUROPEAN PATENT APPLICATION |
|
|
|
|
||||||||||||||||||||
| (54) | Customizable tachograph |
| (57) It is presented a tachograph (1) for use in a vehicle, which tachograph comprises
a user identification device (8) that can receive user identification data from user
identification units (17) such as for instance smart cards. The tachograph (1) also
has a memory (17; 19) which can store a plurality of user profiles. A user profile
is accessible to a user that via a user identification unit (17) can present matching
user identification data. When the data has been verified to match a user profile,
the tachograph (1) adapts its functions in accordance with the settings in the user
profile.
|
Field of the invention
[0001] The invention generally relates to tachographs. In particular, the invention relates to a customizable digital tachograph and an associated method thereof.
Background
[0002] A digital tachograph is a recording and control device for road transport. The digital tachograph is generally composed of a Vehicle Unit (VU) containing a printer, two slots for smart cards and a display. The VU is connected to a gearbox of a vehicle it is installed in, and the number of revolutions per minute is measured by a secure motion sensor and sent to the VU encrypted.
[0003] The VU is arranged to continuously record and store data about vehicle related activities and violations of a driver of the vehicle in a VU memory and on the driver's personal smart card. Examples of vehicle related data stored are driver activities, durations, speeding, warnings of suspected tampering and other technical data. The driver's current activity is recorded at regular intervals, and the activity of driving is automatically recorded. When the vehicle is stationary, it is possible for the driver to select among non-driving activities.
[0004] Drivers are prompted, at smart card insertion into the VU, to do manual inputs of activities that happened between the last smart card withdrawal and current insertion, with start and end time for each activity and daily working period. If no manual input of activities is entered this period is registered as unknown.
[0005] Vehicle related data is upon request unloaded from the tachograph to an unload equipment, or unloading device, which unload equipment selects which days of vehicle related data are to be unloaded. When the request for unloading of the respective days of vehicle related data are received by the tachograph, the tachograph starts to digitally sign the respective days. Each respective day is today by law required to be a digitally signed binary file. The vehicle related data signed by the tachograph is thereafter unloaded to the unload equipment. The purpose of the digitally signed vehicle related data is for law enforcement or other controlling authority to check if the vehicle related data is manipulated or not.
Summary of the invention
[0007] Today drivers are prompted to perform a plurality of manual input operations to the tachograph when inserting their smart cards into the tachograph.
[0008] In view of the above, a general object of the invention is to provide a tachograph that simplifies user interaction.
[0009] Hereto, in accordance with a first aspect of the present invention there is provided a tachograph comprising: at least one user identification device adapted to read user identification data from user identification units; a memory adapted to store a plurality of user profiles, each relating to a specific user; and processing means operatively connected to the memory, the processing means being adapted to verify the user identification data that matches a user profile, wherein access to the user profile is permitted upon verification of the matching user identification data, and wherein the processing means is arranged to adapt functions of the tachograph based on the accessed user profile.
[0010] An effect that may be achievable by providing access to a previously stored user profile is that the interaction between a user and the tachograph may be simplified. In particular, since the accessed profile may contain previously stored functions such as preferred user settings for that user, less user interaction may be needed with the tachograph once the functions have been set.
[0011] The processing means may be adapted to permit at least one user to access more than one user profile. By allowing some users access to several user profiles, these users may be able to modify the several user profiles to which they are provided access. Thereby, general user functions associated with several user profiles may easily be modified by the user having access to the several user profiles.
[0012] The tachograph may further comprise control signal means to generate a control signal according to at least one setting of at least one user profile. The control signal may comprise information relating to a limitation of movement of a vehicle associated with the tachograph to a specific geographic region. Thereby, the positioning of the vehicle may be monitored and/or controlled.
[0013] Hereto, the tachograph may comprise a user interface adapted to indicate when a geographic location of the tachograph exceeds a boundary of the specific geographic region.
[0014] One embodiment may further comprise data receiving means adapted to receive Global Positioning System data to thereby receive information relating to the positioning of the tachograph.
[0015] In order to provide a more tamper safe tachograph the processing means may be adapted to encrypt data written to the memory.
[0016] One embodiment may further comprise means to wirelessly communicate with a communication device external to the tachograph, wherein the means to wirelessly communicate with the communication device is adapted to transmit current user profile data to the communication device. The communication device external to the tachograph may for instance be located at a gate of a warehouse. By transmitting data to the communication device when the tachograph is close to the communication device, a freight forwarder company may achieve a higher security at for instance their warehouses by receiving information regarding which of their vehicles and drivers enter the warehouse area.
[0017] The means to wirelessly communicate with the communication device may be adapted to receive access data from the communication device in response to having transmitted current user profile data. Current user profile data is herein defined as user profile data pertaining to a currently accessed user profile. The access data may for instance pertain to the time when the tachograph transmitted the user profile data, as well as other data such as the location of cargo to be loaded to the vehicle associated with the tachograph or that of an unloading location. Hereto, the tachograph may further comprise a printer adapted to print information contained in the access data, which information relates to cargo location in a delimited geographic region.
[0018] According to a second aspect of the present invention, there is provided a method for user customization of a tachograph, the method comprising: receiving user identification data from a user identification device, the user identification data being associated with a user of the tachograph; verifying user identification data that matches a user profile; providing access to the matched user profile; and adapting functions of the tachograph in accordance with the matched user profile.
[0019] Further features and advantages of the present invention will be evident from the following description.
Brief description of the drawings
[0020] The invention and further advantages thereof will now be described by non-limiting examples of embodiments with reference to the accompanying drawings.
Fig. 1 shows a schematic view of a tachograph according to one embodiment of the invention.
Fig. 2 shows a process for accessing a user profile in the tachograph shown in Fig. 1.
Fig. 3 shows an example of an application of the tachograph in Fig. 1.
Detailed description of embodiments
[0021] In the following description, for purpose of explanation and not limitation, specific details are set forth, such as particular techniques and applications in order to provide a thorough understanding of the present invention. However, it will be apparent for a person skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed description of well-known methods and apparatuses are omitted so as not to obscure the description of the present invention with unnecessary details.
[0022] A digital tachograph 1, in the following referred to as "tachograph", for recording of vehicle related data will now be described with reference to Figs 1-3.
[0023] The tachograph 1 comprises processing means 3, a user interface 5, a printer 7, a user identification device 8, a first connection port 9, and a second connection port 11. Generally, the user identification device 8 is for use with user identification units 17 such as smart cards, or other suitable portable devices that may carry user identification information, such as mobile phones and PDAs.
[0024] In the present example of the tachograph 1, the user identification unit 8 will be constituted of card readers, such as smart card readers, and the user identification units 17 will be exemplified by user identification cards. The card readers form part of an interface for transferring vehicle related data: a first card reader 13 for a current driver and a second card reader 15 for a possible secondary driver, a so called co-driver. The card readers 13 and 15 are configured to receive a user identification card 17, such as a smart card, identifying a driver and co-driver, respectively, which user identification card 17 is used to verify the identity of the driver currently responsible for generating vehicle related data on the tachograph 1.
[0025] The processing means 3 has a secure processing unit e.g. for reliable handling of driver identification, storing of authenticity certificates, storing of driving data (revolutions per minute) received from a gear box of a vehicle the tachograph 1 is installed into, via a secure motion sensor, and for digital signing of vehicle related data, i.e. functioning as a signing processor for signing vehicle related data. The vehicle related data includes inter alia driving data and driver activities.
[0026] The tachograph 1 also comprises a vehicle related data memory 19 for storing vehicle related data, which memory 19 the secure processing unit utilizes for secure storing of data. However, due to a high security level the secure processing unit has limited processing resources and the processing means 3 preferably also comprises a second processing unit relieving the secure processing unit of non-secure processing, such as user interface communication, printing, etc. The second processing unit preferably also communicates directly with the secure motion sensor, and forwards driving data from the secure motion sensor to the secure processing unit, in this way removing the need for a separate connector on the secure processing unit for connection to the secure motion sensor.
[0027] The user interface 5 comprises input means for e.g. manual entry of data and a small display for display of e.g. driver activity.
[0028] The printer 7 is e.g. used for printouts of registered driver activity, verification of manually input driver activity, or other vehicle related data.
[0029] The first connection port 9, also a part of the interface for transferring vehicle related data to the tachograph 1, is configured for connection to a CAN-bus of the vehicle the tachograph is installed in, through which CAN-bus driving data is procured from the secure motion sensor.
[0030] The second connection port 11 is configured for connection to i.a. unloading equipment for unloading of vehicle related data, i.e functioning as an interface for unloading vehicle related data from the tachograph 1. An unloading equipment is usually a portable device, preferably a so called unloading device, which is used for unloading of signed vehicle related data, typically for unloading of a plurality of days at each unloading occasion. The days that are to be unloaded from the digital tachograph are selected by the unloading device, and they are not known beforehand of the tachograph 1. Unloading of data is traditionally performed through the second connection port 11, being a serial front port of the tachograph 1. It is alternatively also possible to unload signed vehicle related data through the first connection port 9, i.e. through the CAN-bus, or yet alternatively through e.g. a wireless connection such as a Bluetooth or IR connection.
[0031] In order to facilitate the interaction between the tachograph 1 and a user, a plurality of encrypted user profiles can be stored in the memory 19. Alternatively, a second memory 21 can be provided for storing encrypted user profiles. The second memory 21 may then be in communication with the memory 19 via processing means 3. Thereby the user profiles may be associated with corresponding vehicle related data.
[0032] When a user inserts a user identification card 17 into the first card reader 13 or the second card reader 15, the tachograph 1 reads the user identification data stored on the user identification card 17. The user identification data serves to identify a user with which the user identification card 17 is associated. The user identification data is compared to the user profiles in the memory. If no matching user profile is found, a new user profile can be created based on the data of that particular user identification card. However, if there is a match, an encrypted memory area of the memory 19, associated with the identified user identification card is read by the tachograph 1. The encrypted memory area associated with the user identification card can hold various customisable data and parameters for the driver as will be further elaborated herebelow. The tachograph 1 hence allows a plurality of users to store and access personal encrypted data in a secure and simple way and allows users to create customised user profiles.
[0033] A user is herein defined as any entity that uses the tachograph 1. Such an entity may for instance be a user identification card 17 or the vehicle itself.
[0034] With reference to Fig. 2, an example of a process in the tachograph 1 when a user interacts therewith will now be described.
[0035] Before tachograph 1 can start to record data and associate it to a user, the user will have to identify himself, whether it concerns the user being a driver card, a company card or the vehicle.
[0036] The below example will illustrate interaction between a user identification card 17 and the first card reader 13. However, interaction between a user identification card 17 and the second card reader 15 functions analogously.
[0037] Hence, in a step S1, the first card reader 13 receives a user identification card 17, such as for instance a driver card or a company card.
[0038] In a step S2, the first card reader 13 reads data stored on the user identification card 17 inserted into the first card reader 13.
[0039] In a step S3, processing means 3 receives user identification data read from the user identification card 17 by the card reader 13.
[0040] In a step S4, the processing means 3 compares the user identification data with a plurality of user profiles in the memory 17. Each user profile comprises data that identifies that user profile to which data the user identification data read from the user identification card 17 can be compared.
[0041] If the user identification data matches a user profile in the memory 7, the tachograph 1 via the processing means 3 verifies the user identification data in a step S5. Thereafter, the processing means provides access to that user profile in a step S6. It is to be noted that the step S5 may also be construed in a broader sense, i.e. to contain the step of comparing S4 and matching the user identification data with the stored user profiles. To this end, the step of comparing S4 may be seen as a substep of the step of verifying S5.
[0042] On the other hand, if no user profile matches the user identification data, a new profile may be created in a step S7. The new profile is then associated with the user identification data. Hence, if the same user would like to identify himself at a later time, the newly created profile will be accessible to that user upon identification with the correct user identification card.
[0043] In an embodiment, the step S4 of comparing continues after a first match has been found. The comparing however typically only continues for some users that have a higher access level to the encrypted memory area that contains the user profiles. Beneficially, such a user will then be able to access several user profiles. Such a user may be a super user, e.g. a company card, of the tachograph, which user may want to be able to modify settings of several user profiles.
[0044] In a step S8, the processing means 3 adapts functions of the tachograph 1 in accordance with the matched user profile.
[0045] In a variation of this embodiment, the super user or the like may get access to certain portions of other users' profiles, however not the complete profiles. Thereby, a user may store private data only accessible to that user, whereas a super user may be able to access non-private data of the user profile.
[0046] A first class of functions that can be loaded to the processing means 3 upon successful identification may broadly be defined as personal settings relating to the appearance of the tachograph 1. The first class of functions may involve personal settings such as for instance favourite colour of the display of the user interface, sound, size of display text, and so on. In some variations of the tachograph 1, further advanced user profile related functions may be implemented. Such functions constitute a second class of functions and may broadly be defined as preferred vehicle specific settings for the user and general information regarding the tachograph, and can for instance relate to seat settings, mirror settings, light settings, user specified speed limitation, personal messages for the user, reminders for the user, manuals and settings guidance. A third class of functions may relate to information regarding the vehicle, such as secret information concerning the cargo, and driving routes. A fourth class of functions may involve control functions of the vehicle, such as locking of doors, access to trailer, brakes and access to certain areas of the vehicle, such as fluid tanks. Further, some functions may also involve speed limitation for the specific user profile, or geographic limitation of the vehicle to be allowed to move within a specified geographic area. Further, other functions are also possible within the scope of the invention.
[0047] For clarification, it is to be noted that a plurality of functions may be enabled upon matching of user identification data and a user profile.
[0048] In the following example the interaction between a driver and the tachograph 1 will be described.
[0049] For the purpose of example, it is assumed that a super user of the tachograph 1 has previously entered data for one user profile in the tachograph 1 that limits the maximal allowed speed to 80 km/h for that driver. The speed limit command may for instance be entered to the tachograph 1 via the user interface 5 by means of keys provided on a front side of the tachograph 1.
[0050] When a driver subject to this limitation has inserted his user identification card 17 and his user identification data has been verified by the processing means 3, the tachograph 1 will indicate to the driver when the vehicle speed exceeds 80 km/h. An indication may be provided by means of control signal means 23, which may be located in the processing unit 3 as shown in Fig. 1, which control signal means 23 can generate a control signal that can be transmitted to e.g. the user interface 5. The user interface will then be able to warn the driver regarding the speed exceeding the set limit by for instance flashing light on the user interface display. Alternatively or additionally, the tachograph 1 may provide an alarm sound to indicate to the driver that the speed limit has been exceeded. Such indication will in the following be referred to as passive control.
[0051] It is also envisaged that in one variation of the tachograph 1, the control signal provided by the control signal means 23 will be able to control the vehicle. Control of the vehicle may be achieved by e.g. by the tachograph 1 sending the control signal via for instance the first connection port 13 to the vehicle and further relaying control signals to the brakes, thereby controlling a brake operation of the vehicle. Hence, user profile settings may actively control the state of a vehicle.
[0052] With reference to Fig 3, an example of an application of the tachograph 1 is provided to illustrate the interaction between a vehicle 25 and the tachograph 1 when the vehicle 25 acts as a user of the tachograph 1. In this case, it should be noted that also a user identification card 17 used with the tachograph 1 is a user of the tachograph 1.
[0053] In this example, the tachograph 1 is in communication with a wireless communication device 27 located in the vehicle 25. The wireless communication device 27 may be external to the tachograph 1 as shown in Fig. 3. Alternatively the tachograph 1 may comprise the wireless communication device 27.
[0054] For the purpose of the present example, it is assumed that a super user uses a company user identification card 17 with the tachograph 1 to receive access to all of the stored user profiles to modify all the user profiles. Alternatively, the super user may be able to write to an encrypted portion of the memory that all current user profiles have access to and to which that any future user profiles have access to. In the current example, the super user performs a modification that limits the allowed movement of the vehicle 25 used with tachograph 1 to a specific geographic region 29, such as for instance a construction site.
[0055] Any driver using the tachograph 1 with their user identification card will hereafter be restricted to the specific geographic region as specified by the super user. To indicate to the driver that the geographic boundaries have been exceeded the tachograph 1 can provide a warning. The warning may be in the form of passive control of the vehicle's 25 positioning. Alternatively, or additionally, the tachograph 1 may provide active control of the vehicle 25.
[0056] In order for the tachograph 1 to be able to know the vehicle's 25 geographic coordinates, a Global Positioning System (GPS) device may be connected via a data receiving means to the tachograph 1. Alternatively the GPS may be comprised in the tachograph 1.
[0057] Additionally, the tachograph 1 may be able to record the driver's route via the GPS, so that any exceeding of the boundaries of the specified geographical region 29 will be registered.
[0058] Beneficially, by means of tachograph 1 it will become more difficult to remove construction material 31 from the construction site for the purpose of stealing said material 31.
[0059] To further enhance control of the vehicle 25 it is envisaged a system comprising the tachograph 1, at least one communication device 33 located outside the vehicle 25, and means to wirelessly communicate with the communication device 33. The means for wirelessly communicate with the communication device 33 may either refer to the wireless communication device 27 as such or to an interface of the tachograph 1 being operatively connected to the wireless communication device 27. In cases when it is construed to mean the latter, the system also comprises the wireless communication device 27.
[0060] The communication device 33 is preferably located e.g. in the vicinity of a gate 35, a portal, a door or the like. When the tachograph 1 approaches the communication device 33, a secure wireless communication session is set up via the wireless communication device 27 between the tachograph 1 and the communication device 33. A GPS signal from a GPS in communication with the tachograph 1 can for instance indicate to the tachograph 1 that the communication device 33 is close thereto, so that the tachograph 1 can initiate the secure wireless communication session and transmit signals comprising identification data that identifies the tachograph 1 to the communication device 33. If the identification data comprises authorisation to access the area secured by the gate 35, the gate 35 will open for a user of the tachograph 1 and provide access to the geographic region delimited by the gate 35. Hence, the wireless communication device 27 may be able to control the opening of the gate 35.
[0061] Further, such operation can also be registered by the tachograph 1 so that the freight forwarder company will have knowledge of when one of their vehicles has passed a specific gate, a door, or a portal, and who the driver and/or co-driver is. Such data may for instance be accessed by a super user by means of a company card and may for instance be printed out by the printer 7.
[0062] In order to provide additional security when the vehicle 25 is about to enter through the gate 35, in one embodiment a driver will also have to enter a security code e.g. via keys on the front panel of the tachograph 1 before access can be permitted.
[0063] The driver or the co-driver may be able to receive information regarding the cargo position for loading cargo or loading off cargo in the delimited geographic region, via the printer 7, which may be adapted to print information regarding this matter. The tachograph 1 may receive the cargo information from the communication device 33 upon the vehicle 25 having been permitted access to the delimited geographic region.
[0064] As an alternative to GPS communication, it is also possible to utilize other Global Navigation Satellite Systems (GNSS) such as for instance the Galileo positioning system.
[0065] It will be obvious that the present invention may be varied in a plurality of ways. Such variations are not to be regarded as departure from the scope of the present invention as defined by the appended claims. All such variations as would be obvious for a person skilled in the art are intended to be included within the scope of the present invention as defined by the appended claims.
1. A tachograph (1) comprising:
at least one user identification device (8, 13, 15) adapted to read user identification data from user identification units (17),
a memory (17; 19) adapted to store a plurality of user profiles, each relating to a specific user, and
processing means (3) operatively connected to the memory (17; 19), the processing means (3) being adapted to verify the user identification data that matches a user profile,
wherein access to the user profile is permitted upon verification of the matching user identification data, and wherein the processing means (3) is arranged to adapt functions of the tachograph (1) based on the accessed user profile.
2. The tachograph (1) as claimed in claim 1, wherein the at least one user identification
device (8, 13, 15) comprises a card reader (13, 15).
3. The tachograph (1) as claimed in any of the preceding claims, wherein the processing
means (3) is adapted to permit at least one user to access more than one user profile.
4. The tachograph (1) as claimed in any of the preceding claims, further comprising control
signal means (23) to generate a control signal according to at least one setting of
at least one user profile.
5. The tachograph (1) as claimed in claim 4, wherein the control signal comprises information
relating to a limitation of movement of a vehicle (25) associated with the tachograph
(1) to a specific geographic region (29).
6. The tachograph (1) as claimed in any of the preceding claims, further comprising a
user interface (5) adapted to receive user commands from a current user and thereby
modify the corresponding user profile in the memory (17; 19).
7. The tachograph (1) as claimed in claim 5, wherein the user interface (5) is adapted
to indicate when a geographic location of the tachograph (1) exceeds a boundary of
the specific geographic region (29).
8. The tachograph (1) as claimed in any of the preceding claims, wherein the memory (17;
19) comprises at least one user profile with data pertaining to at least one of the
group of:
permitted travel in a specific geographical area,
driving routes,
the handling of vehicle cargo,
personal setting, and
information about vehicle cargo.
9. The tachograph (1) as claimed in any of the preceding claims, further comprising data
receiving means adapted to receive Global Positioning System data to thereby receive
information relating to the positioning of the tachograph (1).
10. The tachograph (1) as claimed in any of the preceding claims, wherein the processing
means (3) is adapted to encrypt data written to the memory (17; 19).
11. The tachograph (1) as claimed in any of the preceding claims, further comprising means
to wirelessly communicate with a communication device (33) external to the tachograph
(1), wherein the means to wirelessly communicate with the communication device (33)
is adapted to transmit current user profile data to the communication device (33).
12. The tachograph (1) as claimed in claim 11, wherein the means to wirelessly communicate
with the communication device (33) is adapted to receive access data from the communication
device (33) in response to having transmitted current user profile data.
13. The tachograph (1) as claimed in claim 12, further comprising a printer (7) adapted
to print information contained in the access data, which information relates to cargo
location in a delimited geographic region.
14. A method for user customization of a tachograph (1), the method comprising:
receiving (S3) user identification data from a user identification device (8, 13, 15), the user identification data being associated with a user of the tachograph (1),
verifying (S5) user identification data that matches a user profile,
providing access (S6) to the matched user profile, and
adapting (S8) functions of the tachograph (1) in accordance with the matched user profile.